Oracle Cryptographic Toolkit Programmer's Guide
Release 2.0.3

A54082-01

Library

Product

Contents

Index

Prev Next


Glossary

API

See Application Programming Interface.

Application Programming Interface

A set of functions that allow applications written in C or C++ to communicate with an operating system and issue SQL statements to one or more Oracle servers.

Certificate

A document that uses the signature of a trusted party to attest to the validity of its information.

Ciphertext

The result of encrypting data into an apparently random and meaningless format. Ciphertext must be decrypted to be converted into a readable format.

Decrypt

To restore an encrypted message to its original form, so the original message is readable.

Digital Signature

A cryptographic checksum of data encrypted using an entity's private key. The result authenticates the signature as having been generated by an entity, and it protects the data from tampering, since the signature can be verified.

A digital signature is an example of a message. If the message is a PKCS#7 message, the message is then considered to be in PKCS format.

Encrypt

The transformation of data into an apparently random and meaningless format (called ciphertext). The ciphertext is unreadable by anyone without the correct decryption key.

Entity

A person (physical, imaginary, or otherwise) or a process.

Handle

A pointer to a storage area allocated by the API library.

Identity

The binding of a public key and other information to an entity. It is possible to have more than one identity bound to an entity. Every identity has a type. Some better known identity types are X.509 certificates and PGP certificates.

MD5

A message-digest hashing alogorithm that compresses a message of arbitrary length into a 128-bit digest.

Message Format

The message format describes the layout and the contents of a message such as a digital signature.

OCI

See Oracle Call Interface.

Oracle Call Interface

An application programming interface that allows applications written in C to interact with one or more Oracle servers. See Programmer's Guide to the Oracle Call Interface.

Persona

An instance of your electronic personality. Each instance contains one or more elements such as an identity, the private key associated with the identity, and other cipher keys. An entity may have more than one persona. A persona implies a set of actions that can be used and a set of message formats that can be generated.

PL/SQL

PL/SQL is Oracle Corporation's procedural language extension to Structured Query Language (SQL).

RC4

An encryption algorithm.

Repository IO

An abstraction from the various repositories (e.g., file, database, hardware) used by the wallet interface.

RIO

See Repository IO.

Sign

Data is signed using a persona from a wallet. The result may be formatted in a number of ways and may contain only the digital signature. The signed data may also contain the original data, possibly encrypted, along with information about the identity used for the signature.

SQL

See Structured Query Language.

Structured Query Language

A language used to query and manipulate databases.

TDU

See Toolkit Data Unit.

Toolkit Data Unit

An encoding of possibly formatted and/or cryptographically altered data that is created by an application via the Oracle Security Server Toolkit. The toolkit data unit is usually transferred to another application that uses the Oracle Security Server Toolkit to decode the toolkit data unit back into data.

A toolkit data unit is the message granularity of the Oracle Security Server Toolkit, and it is transport independent.

Trustpoint

One or more identities that are considered trustworthy and can be used to validate other identities.

Verify

A formatted message that results from signing is verified using the identity that signed the message. Verifying the signature does not mean that the data can be trusted. The identity associated with the message should be validated using a trustpoint.

Wallet

A facility that acts as a container for credentials (identities, personas, and trustpoints). Each entity has one or more wallets, and each wallet, while logically identical, may exist on a file system or on a hardware device. The wallet may be password protected.

A wallet may be shared (read only) across a network. In this case, the wallet should only contain public information (i.e., identities and trust points).

Wallet Resource Locator

Specifies the wallet location.

WRL

See Wallet Resource Locator.




Prev

Next
Oracle
Copyright © 1997 Oracle Corporation.

All Rights Reserved.

Library

Product

Contents

Index