Raftor
asked on
encrypt password
Is it possibe to encrypt a password before sending it to a mysql database. If so how would u do so? Would it be possible to use assembler or what would work with jsp?
Cheers, Raftor
Cheers, Raftor
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thats very good ill try that and come back to you with any questions later.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That site looks Objects very good but i can get a java file with the example that uses the class to compile. i am importing the
javax.crypto classes but what am i leaving out?
javax.crypto classes but what am i leaving out?
ASKER
Its says to generate a temporary key. How do i do this?
what errors are you getting?
ASKER
C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
These are the errors but the other file DesEncrypter compiles fine!
ASKER
import javax.crypto.*;
public class EncDec{
public static void main (String[] args) {
try{
SecretKey key = KeyGenerator.getInstance("
DesEncrypter encrypter = new DesEncrypter(key);
String encrypted = encrypter.encrypt("Don't tell anybody!");
String decrypted = encrypter.decrypt(encrypte
} catch (Exception e) { }
}
}
this is EncDec.java
public class EncDec{
public static void main (String[] args) {
try{
SecretKey key = KeyGenerator.getInstance("
DesEncrypter encrypter = new DesEncrypter(key);
String encrypted = encrypter.encrypt("Don't tell anybody!");
String decrypted = encrypter.decrypt(encrypte
} catch (Exception e) { }
}
}
this is EncDec.java
Add the DesEncrypter class to your Project package.
ASKER
Damn that still didnt work. This is the exact code i am using. Any more suggestions?
//////////////////////////
package Project;
import javax.crypto.*;
public class EncDec{
public static void main (String args[]) {
try {
SecretKey key = KeyGenerator.getInstance("
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter(key);
// Encrypt
String encrypted = encrypter.encrypt("Don't tell anybody!");
// Decrypt
String decrypted = encrypter.decrypt(encrypte
} catch (Exception e) { }
}
}
//////////////////////////
package Project;
import javax.crypto.*;
public class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
DesEncrypter(SecretKey key) {
try {
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYP
dcipher.init(Cipher.DECRYP
} catch (javax.crypto.NoSuchPaddin
} catch (java.security.NoSuchAlgor
} catch (java.security.InvalidKeyE
}
}
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().e
} catch (javax.crypto.BadPaddingEx
} catch (IllegalBlockSizeException
} catch (java.io.IOException e) {
}
return null;
}
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().d
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingEx
} catch (IllegalBlockSizeException
} catch (java.io.IOException e) {
}
return null;
}
}
//////////////////////////
package Project;
import javax.crypto.*;
public class EncDec{
public static void main (String args[]) {
try {
SecretKey key = KeyGenerator.getInstance("
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter(key);
// Encrypt
String encrypted = encrypter.encrypt("Don't tell anybody!");
// Decrypt
String decrypted = encrypter.decrypt(encrypte
} catch (Exception e) { }
}
}
//////////////////////////
package Project;
import javax.crypto.*;
public class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
DesEncrypter(SecretKey key) {
try {
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYP
dcipher.init(Cipher.DECRYP
} catch (javax.crypto.NoSuchPaddin
} catch (java.security.NoSuchAlgor
} catch (java.security.InvalidKeyE
}
}
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().e
} catch (javax.crypto.BadPaddingEx
} catch (IllegalBlockSizeException
} catch (java.io.IOException e) {
}
return null;
}
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().d
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingEx
} catch (IllegalBlockSizeException
} catch (java.io.IOException e) {
}
return null;
}
}
are both java files in same directory (Project)
what errors now?
what errors now?
ASKER
Ya they are in the same directory and im still getting the same errors,
C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
EncDec.java:15: cannot resolve symbol
symbol : class DesEncrypter
location: class Project.EncDec
DesEncrypter encrypter = new DesEncrypter(key);
^
is the parent directory of Project in your classpath?
ASKER
Uhh ohhh
ASKER
Thats it alright, sometimes when i spend too long looking at a problem i cant see the wood from the trees.
Thanks Experts!!
Raftor.
Thanks Experts!!
Raftor.
Just to ask why you are using DES? That would mean that passwords can be decrypted, which isn't usually what you want...
That's why I suggested MD5
*shrug*
Oh well :)
Glad you got it sorted :)
That's why I suggested MD5
*shrug*
Oh well :)
Glad you got it sorted :)
Also, nishit4all's Assisted answer would mean the encryption method is in the HTML source for the page!!?! And it is not a recognised secure method of encryption...
glad u got the sol'n Raftor,
would like to tell TimYates, that javascript code can be converted to java code and then can be implemented. But still it wouln't have been that secured, well that was just a small encryption tech in which cracking password wont be that easy.
thanks,
nishit
would like to tell TimYates, that javascript code can be converted to java code and then can be implemented. But still it wouln't have been that secured, well that was just a small encryption tech in which cracking password wont be that easy.
thanks,
nishit
http://java.sun.com/webservices/docs/1.0/tutorial/doc/WebAppSecurity6.html
Then the browser will encrypt anything sent to the server, and the server will encrypt responses...
If you are just looking to encrypt the password in the database, then MD5 is what you want:
http://javaalmanac.com/egs/java.security/Digest.html