What happens if I setup only network encryption or network integrity in oracle net manager?

Question

I am doing some POCs related to the oracle's network security and integrity feature.

My sample program works just fine and returns me a valid connection even though I change the configuration to support either encryption or integrity.

        ```
        Properties prop = new Properties();
        OracleDataSource dataSource = new OracleDataSource();

        prop.put("oracle.net.encryption_client", "REQUIRED");
        prop.put("oracle.net.encryption_types_client", "AES256");
        prop.put("oracle.net.crypto_checksum_client", "REQUIRED");
        prop.put("oracle.net.crypto_checksum_types_client", "MD5");
        dataSource.setServerName("DT01070611");
        dataSource.setPortNumber(1521);
        dataSource.setDriverType("thin");
        dataSource.setDatabaseName("orcl");
        dataSource.setUser("system");
        dataSource.setPassword("dkpune");
        dataSource.setConnectionProperties(prop);
        Connection conn = dataSource.getConnection();
        System.out.println("Connected to the oracle database successfully!" + conn);
        ```

How and why oracle is still returning a valid connection instance? Does Oracle enable both the features if either integrity or encryption is configured?

Answer 1

Encryption and integrity are neither dependent nor exclusive. You can use one or the other or both. Incidentally, MD5 has been cracked for a while now; SHA1, while also compromised, is stronger. See here for details on implementation, if you haven't already: https://docs.oracle.com/database/121/DBSEG/asojbdc.htm#DBSEG9611