encryption

Hi everyone, i am trying to use some java code to encrypt passwords entering a database on the system i am building, please could someone explain what the code below is doing and if it would be useful for encrypting passwords. Thanks

import java.util.StringTokenizer;
 
public class Encryption {
 
 
    public static String encrypt(String password) {
        StringBuffer sb = new StringBuffer();
 
        for (int i = 0; i<password.length(); i++) {
 
            char c = password.charAt(i);
            int j = c;
            sb.append(String.valueOf(j) + " ");
        }
        return sb.toString().trim();
    }
 
 
    public static String decrypt(String encryptedPassword) {
        StringTokenizer st = new StringTokenizer(encryptedPassword, " ");
        //A StringTokenizer takes a string as input and breaks it upto tokens, seperated by " "
        StringBuffer sb = new StringBuffer();
        while (st.hasMoreTokens()) {
            int c = Integer.parseInt(st.nextToken());
            char chr = (char) c;
            sb.append(chr);
        }
        return sb.toString();
    }
}

bondito

Newbie Poster

17 posts since Sep 2005

Reputation Points: 10

Solved Threads: 1

6 Years Ago

0

I don't see where you're encrypting it... You get the char value from the int value, which is from the same char value, so you're really doing nothing there. You need to get the ascii value and add least add something to it.

server_crash

Postaholic

2,111 posts since Jun 2004

Reputation Points: 113

Solved Threads: 20

6 Years Ago

0

>if it would be useful for encrypting passwords?

What, for real databases? Probably not, the encryption system looks weak.

Isn't there some java API for this anyway?

[IMG]http://img476.imageshack.us/img476/5171/cut20ln.png[/IMG]
Piworld ™
[Tis simple as Pie]

iamthwee

Posting Expert

5,950 posts since Aug 2005

Reputation Points: 1,543

Solved Threads: 439

6 Years Ago

0

I don't see where you're encrypting it... You get the char value from the int value, which is from the same char value, so you're really doing nothing there. You need to get the ascii value and add least add something to it.

Do you know any kind of java class i can use to encrypt passwords goin into a Mysql database.:sad:

bondito

Newbie Poster

17 posts since Sep 2005

Reputation Points: 10

Solved Threads: 1

6 Years Ago

0

Perhaps this?

http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html

If you're going to do this yourself, I'd plump for xor encryption. So long as the key is sufficiently long and randomised.

[IMG]http://img476.imageshack.us/img476/5171/cut20ln.png[/IMG]
Piworld ™
[Tis simple as Pie]

iamthwee

Posting Expert

5,950 posts since Aug 2005

Reputation Points: 1,543

Solved Threads: 439

6 Years Ago

0

There's always MD5, if you never have to recover the readable password again.

Phaelax

Practically a Posting Shark

858 posts since Mar 2004

Reputation Points: 92

Solved Threads: 51

6 Years Ago

0

Java has a crypto and security package. It will do everything for you, but probably the same amount of time will be taken because you'll need to learn it.

server_crash

Postaholic

2,111 posts since Jun 2004

Reputation Points: 113

Solved Threads: 20

6 Years Ago

0

Here is alink to 1.5 version if you want http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html

peter_budo

Code tags enforcer

Moderator

15,436 posts since Dec 2004

Reputation Points: 2,806

Solved Threads: 902

6 Years Ago

0

I wouldn't recommend using java to do any encryption to the database. DBs have their own encryption built in. Just add the DBs encryption on your jdbc call.

UPDATE users SET password = AES_ENCRYPT(`users password`, `your encryption key` WHERE id=`101`;

This makes it so you don't have to have encryption in each and every java application that touches the database. Much nicer in my opinion.

The above example is for a mysql database.

hooknc

Posting Whiz in Training

219 posts since Aug 2005

Reputation Points: 11

Solved Threads: 8

encryption

This article has been dead for over three months