Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

JSP simple password encryption decryption

Tags:

java

jsp

encryption

i need to encrypt password to insert in a database.Also when i need that password i need to decrypt this value.What is the simple way to do this?

Note : This operation have not to be very safe.

like image 387
mekafe Avatar asked Dec 15 '22 03:12

mekafe

1 Answers

Please don't implement your current plans, instead you should use a MessageDigest to accomplish this. Apply a one way cryptographic hash function to the user's password (e.g. one of SHA-256, SHA-384, and SHA-512 [and there are others]) and a SALT to prevent rainbow table based attacks. Finally, for password resets, just replace the current password hash.

As an example,

// We need a bytesToHex method first. So, from -
// http://stackoverflow.com/a/9855338/2970947
final protected static char[] hexArray = "0123456789ABCDEF"
    .toCharArray();

public static String bytesToHex(byte[] bytes) {
  char[] hexChars = new char[bytes.length * 2];
  int v;
  for (int j = 0; j < bytes.length; j++) {
    v = bytes[j] & 0xFF;
    hexChars[j * 2] = hexArray[v >>> 4];
    hexChars[j * 2 + 1] = hexArray[v & 0x0F];
  }
  return new String(hexChars);
}

// Change this to something else.
private static String SALT = "123456";

// A password hashing method.
public static String hashPassword(String in) {
  try {
    MessageDigest md = MessageDigest
        .getInstance("SHA-256");
    md.update(SALT.getBytes());        // <-- Prepend SALT.
    md.update(in.getBytes());
    // md.update(SALT.getBytes());     // <-- Or, append SALT.

    byte[] out = md.digest();
    return bytesToHex(out);            // <-- Return the Hex Hash.
  } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
  }
  return "";
}

public static void main(String[] args) {
  System.out.println(hashPassword("Hello"));
  System.out.println(hashPassword("Hello"));
  System.out.println(hashPassword("Hello1"));
  System.out.println(hashPassword("Hello2"));
}

Which should output

60C1E22D18D022F01EEF0CAF999E52FD44C0C8EFD2161E9F4D24120AB0AFC84D
60C1E22D18D022F01EEF0CAF999E52FD44C0C8EFD2161E9F4D24120AB0AFC84D
CAAC2288692DD57BADFAE0225A42E59E1979E0116D009EEF01912E8C75529515
E0A3963BFAF209A17422918CB1FC950A62858993CA9A7BA6F760B8D4688306FD

Demonstrating how tremendously different one character makes the resulting hash.

like image 136
Elliott Frisch Avatar answered Jan 01 '23 16:01

Elliott Frisch
Sign in to Comment

Related questions

Mock Spring's MessageSource.getMessage method
Scope of variable declared inside a for loop
JavaFX: Binding Timeline's duration to a property
Is it worth keeping constants for primitives in Java?
How to call a method when an Android app is closed or loses focus?
How to create a Class with multiple constructors that use the same parameter type
How to find power of power of a number like 2^(10^9) in java [duplicate]
java.util.concurrent.ExecutionException: java.lang.OutOfMemoryError: PermGen space
How can I call function with different combinations
Variables in Constructor?
java slow : entropy related issue
comparing Dates in java when used as keys in HashMap
Comparison of String and StringBuilder manipulation in terms of memory usage
Closed Connection: next in java
GC in Java Setter
How does Arrays work in the ByteCode of Java [duplicate]
Where Boxing can be used [closed]
Struts 2 framework demo
Reusing code in switch statement (Java)
Resize JavaFX table

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!