Java

Java RSS

encryption

•

Join Date: Sep 2005

Posts: 16

Reputation: bondito is an unknown quantity at this point

Solved Threads: 1

bondito

Offline

Newbie Poster

encryption

Apr 23rd, 2006

Hi everyone, i am trying to use some java code to encrypt passwords entering a database on the system i am building, please could someone explain what the code below is doing and if it would be useful for encrypting passwords. Thanks

 Help with Code Tags 
 Java Syntax (Toggle Plain Text) 
import java.util.StringTokenizer;
 
public class Encryption {
 
 
    public static String encrypt(String password) {
        StringBuffer sb = new StringBuffer();
 
        for (int i = 0; i<password.length(); i++) {
 
            char c = password.charAt(i);
            int j = c;
            sb.append(String.valueOf(j) + " ");
        }
        return sb.toString().trim();
    }
 
 
    public static String decrypt(String encryptedPassword) {
        StringTokenizer st = new StringTokenizer(encryptedPassword, " ");
        //A StringTokenizer takes a string as input and breaks it upto tokens, seperated by " "
        StringBuffer sb = new StringBuffer();
        while (st.hasMoreTokens()) {
            int c = Integer.parseInt(st.nextToken());
            char chr = (char) c;
            sb.append(chr);
        }
        return sb.toString();
    }
}
import java.util.StringTokenizer;
 
public class Encryption {
 
 
    public static String encrypt(String password) {
        StringBuffer sb = new StringBuffer();
 
        for (int i = 0; i<password.length(); i++) {
 
            char c = password.charAt(i);
            int j = c;
            sb.append(String.valueOf(j) + " ");
        }
        return sb.toString().trim();
    }
 
 
    public static String decrypt(String encryptedPassword) {
        StringTokenizer st = new StringTokenizer(encryptedPassword, " ");
        //A StringTokenizer takes a string as input and breaks it upto tokens, seperated by " "
        StringBuffer sb = new StringBuffer();
        while (st.hasMoreTokens()) {
            int c = Integer.parseInt(st.nextToken());
            char chr = (char) c;
            sb.append(chr);
        }
        return sb.toString();
    }
}

Last edited by cscgal; Apr 24th, 2006 at 11:46 am.

•

Join Date: Jun 2004

Posts: 2,108

Reputation: server_crash is on a distinguished road

Solved Threads: 18

server_crash server_crash is offline

Offline

Postaholic

Re: encryption

Apr 24th, 2006

I don't see where you're encrypting it... You get the char value from the int value, which is from the same char value, so you're really doing nothing there. You need to get the ascii value and add least add something to it.

•

Join Date: Aug 2005

Posts: 5,264

Reputation: iamthwee is a splendid one to behold

Solved Threads: 377

iamthwee

Offline

Posting Expert

Re: encryption

Apr 24th, 2006

>if it would be useful for encrypting passwords?

What, for real databases? Probably not, the encryption system looks weak.

Isn't there some java API for this anyway?

http://img476.imageshack.us/img476/5171/cut20ln.png
Piworld ™
[Tis simple as Pie]

•

Join Date: Sep 2005

Posts: 16

Reputation: bondito is an unknown quantity at this point

Solved Threads: 1

bondito

Offline

Newbie Poster

Re: encryption

Apr 24th, 2006

•

Originally Posted by server_crash

I don't see where you're encrypting it... You get the char value from the int value, which is from the same char value, so you're really doing nothing there. You need to get the ascii value and add least add something to it.

Do you know any kind of java class i can use to encrypt passwords goin into a Mysql database.

•

Join Date: Aug 2005

Posts: 5,264

Reputation: iamthwee is a splendid one to behold

Solved Threads: 377

iamthwee

Offline

Posting Expert

Re: encryption

Apr 24th, 2006

Perhaps this?

http://java.sun.com/j2se/1.4.2/docs/...ryptoSpec.html

If you're going to do this yourself, I'd plump for xor encryption. So long as the key is sufficiently long and randomised.

http://img476.imageshack.us/img476/5171/cut20ln.png
Piworld ™
[Tis simple as Pie]

•

Join Date: Mar 2004

Posts: 763

Reputation: Phaelax is on a distinguished road

Solved Threads: 38

Phaelax

Offline

Master Poster

Re: encryption

Apr 24th, 2006

There's always MD5, if you never have to recover the readable password again.

•

Join Date: Jun 2004

Posts: 2,108

Reputation: server_crash is on a distinguished road

Solved Threads: 18

server_crash server_crash is offline

Offline

Postaholic

Re: encryption

Apr 24th, 2006

Java has a crypto and security package. It will do everything for you, but probably the same amount of time will be taken because you'll need to learn it.

•

Join Date: Dec 2004

Posts: 4,191

Reputation: peter_budo has much to be proud of

Solved Threads: 485

peter_budo peter_budo is offline

Offline

Code tags enforcer

Re: encryption

Apr 30th, 2006

Here is alink to 1.5 version if you want http://java.sun.com/j2se/1.5.0/docs/...ryptoSpec.html

Learn to see in another's calamity the ills which you should avoid.
Publilius Syrus
(~100 BC)
LJC - London Java Community, Graduate & Undergraduate Software Development Community, JAVAWUG (Java Web User Group), The London Android Group

•

Join Date: Aug 2005

Posts: 216

Reputation: hooknc is an unknown quantity at this point

Solved Threads: 8

hooknc

Offline

Posting Whiz in Training

Re: encryption

Apr 30th, 2006

I wouldn't recommend using java to do any encryption to the database. DBs have their own encryption built in. Just add the DBs encryption on your jdbc call.

UPDATE users SET password = AES_ENCRYPT(`users password`, `your encryption key` WHERE id=`101`;

This makes it so you don't have to have encryption in each and every java application that touches the database. Much nicer in my opinion.

The above example is for a mysql database.