encrypted and decrypted password in java

Question

i want to store encrypted password in my mysql database.

i have insert the password like ari means have to save the password like B-dd2c1cd0250859d32754fdd85ffc0531.

But i have to insert the data(ari) means the ari is displayed on my database.how can i encrupt the password and save the password like above format.

For eg: ari is save in database like these format B-dd2c1cd0250859d32754fdd85ffc0531.how can i do.please help me.

i have wrote the code:

public class Insert {

   public String insertData(String userName,String userPassword){

   try{

   Class.forName("com.mysql.jdbc.Driver");
  Connection con =  DriverManager.getConnection("jdbc:mysql://server:3306/android","XXXX","XXX");
   PreparedStatement statement =  con.prepareStatement("INSERT INTO xcart_customers(login,password) VALUES ('"+userName+"','"+userPassword+"');");
       int result = statement.executeUpdate();
       }

          catch(Exception exc){
            System.out.println(exc.getMessage());
          }

          return "Insertion successfull!!";
        }}

This is my Demo.java class:

public class Demo {
public static void main(String[] args){
    Insert obj = new Insert();
    System.out.println(obj.insertData("krishna", "ari"));
   }
  }

What you do not know ? How to save data ? How to encrypt data ? How to decrypt data. Please create a question not statement. — Damian Leszczyński - Vash, Dec 14 '12 at 11:35
@Vash how is store encrypted password in database in java using jdbc — user1897014, Dec 14 '12 at 11:41
You need to do that yourself, nothing in JDBC is going to encrypt it for you. — Mark Rotteveel, Dec 14 '12 at 11:42
JDBC is a database access API. It won't encrypt anything. That's not its job. Your database might have encryption SQL functions. Java has cryptographic APIs. But JDBC is not the one that will do the job. Note that passwords should not be encrypted. They should be salted, then hashed. — JB Nizet, Dec 14 '12 at 11:42

score 0 · Answer 1 · answered Dec 14 '12 at 11:42

0

You need to look at password hashing and salting. Have a look at this post.

EDIT:

Remember Hashing is One way! so you can't expect to convert the Hashed value back to the clear text (in this case ari). What you can do is when login works you can check user entered value is equal or not to the database value.

answered Dec 14 '12 at 11:42

shazin

21,379
3
54
71

1

Do *not* use MD5, though. It's been broken forever. – gustafc Dec 14 '12 at 11:43
True. Better to avoid SHA as well. AES might be more secure. – shazin Dec 14 '12 at 11:46
1

@shazin: AES is not a hashing algorithm. It's a secret-key encryption algorithm. It can't replace MD5 or SHA-1. – JB Nizet Dec 14 '12 at 11:48

score 0 · Answer 2 · answered Dec 14 '12 at 11:47

0

Without knowing which scheme was used to encrypt the existing data, there's no way to tell how you can achieve compatibility. If you can start all over again, bcrypt is the way to go.

answered Dec 14 '12 at 11:47

gustafc

28,465
7
73
99

score 0 · Accepted Answer · edited May 23 '17 at 12:03

0

Looking at the sql query INSERT INTO xcart_customers(login,password) I guess you are trying to encrypt passwords for X-CART.

X-CART uses Blowfish key-based encryption. You can find your key from config.php -file.

Here's a already answered question about encrypting blowfish with a key in java which might help figuring out how encrypt it

Encryption with BlowFish in Java

edited May 23 '17 at 12:03

Community

1
1

answered Dec 14 '12 at 11:49

Oskari Kantoniemi

534
3
15

Hi.,this is my updated code like:http://pastie.org/5555969 here i got the following error :Cannot find any provider supporting password whats wrong in my code.please tell me – user1897014 Dec 20 '12 at 06:48

encrypted and decrypted password in java

3 Answers3