Package oracle.jdbc

Interface SecurityInformation

  • public interface SecurityInformation
    Interface to retrieve security details of the underlying network connection.

    • Method Detail

      • getDNMatchStatus

        SecurityInformation.DNMatchStatus getDNMatchStatus()

        After connection establishment, calling this method returns the server DN verification status. Returns null if underlying protocol does not support DN verification.

        If DN is configured (through SSL_SERVER_CERT_DN), then the DN of the server's certificate must match the configured DN for the connection to be successful. In this case DNMatchStatus.VERIFIED_MATCHING_CONFIG is returned.

        If DN is not configured, standard DN verification will occur if the EZConnect+ URL format is used or if the property OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_DN_MATCH is set to true or if SSL_SERVER_DN_MATCH is set to TRUE in the URL. If no DN verification is done then this method will return DNMatchStatus.NOT_VERIFIED.

        Standard DN verification is done using the host name or service name specified in the URL in the following order:

        1. If the host name from the URL is matched with one of the SANs (Subject Alternative Name) or the CN value from the server's certificate then DNMatchStatus.VERIFIED_MATCHING_HOSTNAME is returned.
        2. If the service name from the URL is matched with one of the SANs (Subject Alternative Name) or the CN value from the server's certificate then DNMatchStatus.VERIFIED_MATCHING_SERVICENAME is returned.

        Returns:
        dnMatchStatus
        See Also:
        OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_CERT_DN, OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_DN_MATCH

      • getServerDN

        String getServerDN()
        Returns the DN received from the TLS certificate of the server.
        Returns:
        The server certificate DN, or null if TLS is not enabled.

      • isNativeEncryptionEnabled

        boolean isNativeEncryptionEnabled()
        Returns true if the underlying network connection is protected by Native Network Encryption, otherwise returns false.
        Returns:
        true if Native Network Encryption is enabled, otherwise false

      • getEncryptionAlgorithm

        String getEncryptionAlgorithm()
        Returns the encryption algorithm which is used for encrypting the data packets transferred over the network with Native Network Encryption.
        Returns:
        The encryption algorithm name, or null if Native Network Encryption is not enabled.
        See Also:
        OracleConnection.CONNECTION_PROPERTY_THIN_NET_ENCRYPTION_TYPES

      • getChecksummingAlgorithm

        String getChecksummingAlgorithm()
        Returns the checksumming algorithm name used for protecting the data packets transferred over the network with Native Network Encryption.
        Returns:
        The checksumming algorithm name, or null if Native Network Encryption is not enabled.
        See Also:
        OracleConnection.CONNECTION_PROPERTY_THIN_NET_CHECKSUM_TYPES

      • isStrongCryptoUsed

        boolean isStrongCryptoUsed()
        Returns true if strong key and IV are used to protect the data packets transferred over the network with Native Network Encryption.
        Returns:
        true if strong crypto is enabled, or false if it is disabled or if Native Network Encryption is not enabled.
        See Also:
        OracleConnection.CONNECTION_PROPERTY_THIN_NET_ALLOW_WEAK_CRYPTO