Java Security Notes (Great Examples from Chilkat)

 
Hashes: note the encoding types/modes:

    CkCrypt2 crypt = new CkCrypt2();

    //  Any string argument automatically begins the 30-day trial.
    boolean success;
    success = crypt.UnlockComponent("30-day trial");
    if (success != true) {
        System.out.println("Crypt component unlock failed");
        return;
    }

    String s;
    s = "The quick brown fox jumps over the lazy dog";

    crypt.put_HashAlgorithm("sha1");
    crypt.put_EncodingMode("hex");

    //  Other possible EncodingMode settings are:
    //  "quoted-printable", "base64", and "url"

   HMAC
 
 
 CkCrypt2 crypt = new CkCrypt2();

    //  Any string argument automatically begins the 30-day trial.
    boolean success;
    success = crypt.UnlockComponent("30-day trial");
    if (success != true) {
        System.out.println("Crypt component unlock failed");
        return;
    }

    //  The output will be Hex, so set the EncodingMode:
    crypt.put_EncodingMode("hex");

    //  Set the hash algorithm:
    // Choices are: md5, sha-1, sha256, sha384, sha512, md2, haval
    crypt.put_HashAlgorithm("md5");

    String mac;

    //  Set the HMAC key:
    crypt.SetHmacKeyEncoded("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b","hex");
    mac = crypt.hmacStringENC("Hi There");
    System.out.println(mac);

    crypt.SetHmacKeyEncoded("Jefe","us-ascii");
    mac = crypt.hmacStringENC("what do ya want for nothing?");
    System.out.println(mac);

 
Encryption for sensitive data like password is essential in everyday development. MD5 hashing algorithm is one of the most commonly used algorithms in asp.net arena and is one of the best. There are two general classes of encryption: one-way encryption and two-way encryption. Using two-way encryption you can encrypt a text as well as you can decrypt it. But for one-way encryption the difference is you can’t decrypt it. MD5 encryption is an example of a one-way encryption algorithm.

This is the common task for every registration page where user put their name & their password. You can encrypt the both or only password & save it into the database. So that no one can read the encrypted password which will increase the application security policy. Here i will show you how you can encrypt password. To make it generic it will be best to add a static class so that you can reuse it over this application.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s