Package oracle.jdbc
Interface SecurityInformation
public interface SecurityInformation
Interface to retrieve security details of the underlying
network connection.
- Since:
- 23ai
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic enumThe type of authentication used to access Oracle Databasestatic enumThe status of server DN matching used for TLS connections. -
Method Summary
Modifier and TypeMethodDescriptionReturns the type of the authentication mechanism used for authenticating the user to the Oracle Database Server.Returns the checksumming level configured to negotiate Native Network Encryption with the server.Returns the checksumming algorithm name used for protecting the data packets transferred over the network with Native Network Encryption.After connection establishment, calling this method returns the server DN verification status.Returns the encryption algorithm which is used for encrypting the data packets transferred over the network with Native Network Encryption.Returns the encryption level configured to negotiate Native Network Encryption with the server.Returns the DN received from the TLS certificate of the server.getSNI()Returns the Server Name Indication (SNI) value used while TLS handshake.Returns the name of theCipherSuiteused for securing the underlyingTCPSconnection.Returns the TLS version negotiated with the server.booleanReturns true if the underlying network connection is protected by Native Network Encryption, otherwise returns false.booleanReturns true if strong key and IV are used to protect the data packets transferred over the network with Native Network Encryption.
-
Method Details
-
getDNMatchStatus
SecurityInformation.DNMatchStatus getDNMatchStatus()After connection establishment, calling this method returns the server DN verification status. Returns
nullif underlying protocol does not support DN verification.If DN is configured (through
SSL_SERVER_CERT_DN), then the DN of the server's certificate must match the configured DN for the connection to be successful. In this caseDNMatchStatus.VERIFIED_MATCHING_CONFIGis returned.If DN is not configured, standard DN verification will occur if the EZConnect+ URL format is used or if the property
OracleConnection.CONNECTION_PROPERTY_THIN_SSL_SERVER_DN_MATCHis set totrueor ifSSL_SERVER_DN_MATCHis set toTRUEin the URL. If no DN verification is done then this method will returnDNMatchStatus.NOT_VERIFIED.Standard DN verification is done using the host name or service name specified in the URL in the following order:
- If the host name from the URL is matched with one of the SANs
(Subject Alternative Name) or the CN value from the server's certificate
then
DNMatchStatus.VERIFIED_MATCHING_HOSTNAMEis returned. - If the service name from the URL is matched with one of the SANs
(Subject Alternative Name) or the CN value from the server's certificate
then
DNMatchStatus.VERIFIED_MATCHING_SERVICENAMEis returned.
- Returns:
- dnMatchStatus
- See Also:
- If the host name from the URL is matched with one of the SANs
(Subject Alternative Name) or the CN value from the server's certificate
then
-
getServerDN
String getServerDN()Returns the DN received from the TLS certificate of the server.- Returns:
- The server certificate DN, or
nullif TLS is not enabled.
-
getTLSCipherSuite
String getTLSCipherSuite()Returns the name of theCipherSuiteused for securing the underlyingTCPSconnection.- Returns:
- The cipher suite name, or
nullif TLS is not enabled. - See Also:
-
getTLSVersion
String getTLSVersion()Returns the TLS version negotiated with the server.- Returns:
- The TLS version, or
nullif TLS is not enabled. - See Also:
-
isNativeEncryptionEnabled
boolean isNativeEncryptionEnabled()Returns true if the underlying network connection is protected by Native Network Encryption, otherwise returns false.- Returns:
trueif Native Network Encryption is enabled, otherwisefalse
-
getEncryptionAlgorithm
String getEncryptionAlgorithm()Returns the encryption algorithm which is used for encrypting the data packets transferred over the network with Native Network Encryption.- Returns:
- The encryption algorithm name, or
nullif Native Network Encryption is not enabled. - See Also:
-
getChecksummingAlgorithm
String getChecksummingAlgorithm()Returns the checksumming algorithm name used for protecting the data packets transferred over the network with Native Network Encryption.- Returns:
- The checksumming algorithm name, or
nullif Native Network Encryption is not enabled. - See Also:
-
getEncryptionLevel
String getEncryptionLevel()Returns the encryption level configured to negotiate Native Network Encryption with the server. Default value isACCEPTED.- Returns:
- The encryption level, or
nullif Native Network Encryption is not enabled. - See Also:
-
getChecksumLevel
String getChecksumLevel()Returns the checksumming level configured to negotiate Native Network Encryption with the server. Default value isACCEPTED.- Returns:
- The checksumming level, or
nullif Native Network Encryption is not enabled. - See Also:
-
isStrongCryptoUsed
boolean isStrongCryptoUsed()Returns true if strong key and IV are used to protect the data packets transferred over the network with Native Network Encryption.- Returns:
trueif strong crypto is enabled, orfalseif it is disabled or if Native Network Encryption is not enabled.- See Also:
-
getAuthenticationAdaptor
SecurityInformation.AuthenticationAdaptorType getAuthenticationAdaptor()Returns the type of the authentication mechanism used for authenticating the user to the Oracle Database Server. Default authentication mechanism isSecurityInformation.AuthenticationAdaptorType.O5LOGON.- Returns:
- The authentication type. Not null.
-
getSNI
String getSNI()Returns the Server Name Indication (SNI) value used while TLS handshake. ReturnsnullIf no SNI is used.
-