 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / August 2006password encrytion and decryption
Hi, I want to encrypt and decrypt the password . I have the code for encrytion but can anyone help me to get the code for decrytion using the same API's. I have used the following code for Encryption **************************************************************************************************** package com.netapp.hraf.helper; //import com.certicom.tls.provider.MessageDigest; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; //import org.myorg.SystemUnavailableException; import sun.misc.BASE64Encoder; import sun.misc.CharacterEncoder; public final class PasswordServiceHelper { public static PasswordServiceHelper instance; public PasswordServiceHelper() { } public synchronized String encrypt(String plaintext) throws Exception { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA"); //step 2 } catch(NoSuchAlgorithmException e) { throw new Exception(e.getMessage()); } try { md.update(plaintext.getBytes("UTF-8")); //step 3 } catch(UnsupportedEncodingException e) { throw new Exception(e.getMessage()); } byte raw[] = md.digest(); //step 4 String hash = (new BASE64Encoder()).encode(raw); //step 5 System.out.println("the password in hash is "+hash); return hash; //step 6 } public static synchronized PasswordServiceHelper getInstance() //step 1 { if(instance == null) { instance = new PasswordServiceHelper(); } return instance; } } **************************************************************************************************** Thanks, Deepa > I want to encrypt and decrypt the password . > I have the code for encrytion but can anyone help me to get the code > for decrytion using the same API's. > > I have used the following code for Encryption You have to understand that MessageDigests such as SHA or MD5 are one way hash functions - and it is generally not possible to retrieve the original message if you have just the hash value available. If you need this only for authentication, use of a one way hash would be good enough - but the procedure for authentication would be to ask the user for the password, compute the digest of the entered value and compare it with the hashed original password. On the other hand, if you need to encrypt the password (or any other message) and have the capability to retrieve the original message later, you should look at a crypto algorithm rather than a Hash - Check out the docs for the javax.crypto package. BK > Hi, > > I want to encrypt and decrypt the password . You probably don't want to do that at all. You probably want to calculate and store a message digest on the password and on password entry attempts, and just compare the digests rather than the passwords. If passwords can't be decrypted at all, you have eliminated one very large source of insecurity. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.