We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

encrypt password

Raftor
Raftor asked
on
Medium Priority
1,280 Views
Last Modified: 2012-06-21
Is it possibe to encrypt a password before sending it to a mysql database. If so how would u do so?  Would it be possible to use assembler or what would work with jsp?
Cheers, Raftor
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2004

Commented:
I would use SSL

http://java.sun.com/webservices/docs/1.0/tutorial/doc/WebAppSecurity6.html

Then the browser will encrypt anything sent to the server, and the server will encrypt responses...

If you are just looking to encrypt the password in the database, then MD5 is what you want:

http://javaalmanac.com/egs/java.security/Digest.html
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Thats very good ill try that and come back to you with any questions later.
Java Developer
CERTIFIED EXPERT
Top Expert 2010
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
That site looks Objects very good but i can get a java file with the example that uses the class to compile. i am importing the
javax.crypto classes but what am i leaving out?

Author

Commented:
Its says to generate a temporary key.  How do i do this?
Mick BarryJava Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
what errors are you getting?

Author

Commented:

C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                ^
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                                                            ^
These are the errors but the other file DesEncrypter compiles fine!

Author

Commented:
import javax.crypto.*;

public class EncDec{
      public static void main (String[] args)      {
            try{
              SecretKey key = KeyGenerator.getInstance("DES").generateKey();
              DesEncrypter encrypter = new DesEncrypter(key);
              String encrypted = encrypter.encrypt("Don't tell anybody!");
              String decrypted = encrypter.decrypt(encrypted);
          } catch (Exception e) {        }
    }
}
this is EncDec.java
Mick BarryJava Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
Add the DesEncrypter class to your Project package.

Author

Commented:
Damn that still didnt work. This is the exact code i am using. Any more suggestions?

////////////////////////////////////EncDec.java/////////////////////////
package Project;
import javax.crypto.*;

public class EncDec{
      public static void main (String args[])      {
            try      {
              SecretKey key = KeyGenerator.getInstance("DES").generateKey();
              // Create encrypter/decrypter class
              DesEncrypter encrypter = new DesEncrypter(key);

              // Encrypt
              String encrypted = encrypter.encrypt("Don't tell anybody!");

              // Decrypt
              String decrypted = encrypter.decrypt(encrypted);
          } catch (Exception e) {        }
    }
}

////////////////////////////////////////////DesEncrypter.java/////////////////////
package Project;
import javax.crypto.*;

public class DesEncrypter {
        Cipher ecipher;
        Cipher dcipher;
   
        DesEncrypter(SecretKey key) {
            try {
                ecipher = Cipher.getInstance("DES");
                dcipher = Cipher.getInstance("DES");
                ecipher.init(Cipher.ENCRYPT_MODE, key);
                dcipher.init(Cipher.DECRYPT_MODE, key);
   
            } catch (javax.crypto.NoSuchPaddingException e) {
            } catch (java.security.NoSuchAlgorithmException e) {
            } catch (java.security.InvalidKeyException e) {
            }
        }
   
        public String encrypt(String str) {
            try {
                // Encode the string into bytes using utf-8
                byte[] utf8 = str.getBytes("UTF8");
   
                // Encrypt
                byte[] enc = ecipher.doFinal(utf8);
   
                // Encode bytes to base64 to get a string
                return new sun.misc.BASE64Encoder().encode(enc);
            } catch (javax.crypto.BadPaddingException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (java.io.IOException e) {
            }
            return null;
        }
   
        public String decrypt(String str) {
            try {
                // Decode base64 to get bytes
                byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
   
                // Decrypt
                byte[] utf8 = dcipher.doFinal(dec);
   
                // Decode using utf-8
                return new String(utf8, "UTF8");
            } catch (javax.crypto.BadPaddingException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (java.io.IOException e) {
            }
            return null;
        }
    }
Mick BarryJava Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
are both java files in same directory (Project)
what errors now?

Author

Commented:
Ya they are in the same directory and im still getting the same errors,

C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                ^
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                                                              ^
Mick BarryJava Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
is the parent directory of Project in your classpath?

Author

Commented:
Uhh ohhh

Author

Commented:
Thats it alright, sometimes when i spend too long looking at a problem i cant see the wood from the trees.
Thanks Experts!!
Raftor.
Mick BarryJava Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
CERTIFIED EXPERT
Top Expert 2004

Commented:
Just to ask why you are using DES?  That would mean that passwords can be decrypted, which isn't usually what you want...

That's why I suggested MD5

*shrug*

Oh well :)

Glad you got it sorted :)
CERTIFIED EXPERT
Top Expert 2004

Commented:
Also,  nishit4all's Assisted answer would mean the encryption method is in the HTML source for the page!!?!  And it is not a recognised secure method of encryption...
glad u got the sol'n Raftor,
    would like to tell TimYates, that javascript code can be converted to java code and then can be implemented. But still it wouln't have been that secured, well that was just a small encryption tech in which cracking password wont be that easy.
thanks,
nishit
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.