Encryption Decryption

I want to store a type string to my database, specifically MSSQL, I want the stored data in the database to be encrypted and I want to retrieve it in it's decrypted format. I am using JSP's, I want to encrypt user input on one jsp and retrieve it, decrypted, on another jsp for viewing and record purposes.

View Answers

February 23, 2012 at 6:00 PM

1)form.jsp:

<html>
<body>
<form name="userform" method="post" action="encrypt.jsp">
<table>
<tr><td>User Name</td><td><input type="text" name="user"></td></tr>
<tr><td>Password</td><td><input type="password" name="pass"></td></tr>
<tr><td>Confirm Password</td><td><input type="password" name="cpass"></td></tr>
<tr><td>Name</td><td><input type="text" name="name"></td></tr>
<tr><td>Phone</td><td><input type="text" name="phone"></td></tr>
<tr><td>Contact</td><td><input type="text" name="contact"></td></tr>
<tr><td><input type="submit" value="Search"></td></tr>
</table>
</form>
</body>
</html>

2)encrypt.jsp:

<%@page import="java.sql.*"%>
<%@page import=" java.security.MessageDigest"%>
<%
String username=request.getParameter("user");
String password=request.getParameter("pass");
String name=request.getParameter("name");
String phone=request.getParameter("phone");
String contact=request.getParameter("contact");
String algorithm="";
int ph=Integer.parseInt(phone);
byte[] unencodedPassword = password.getBytes();
MessageDigest md = null;
try {
md = MessageDigest.getInstance("MD5");
} catch (Exception e) {}
md.reset();
md.update(unencodedPassword);
byte[] encodedPassword = md.digest();
StringBuffer buf = new StringBuffer();
for (int i = 0; i < encodedPassword.length; i++) {
if (((int) encodedPassword[i] & 0xff) < 0x10) {
buf.append("0");
}
buf.append(Long.toString((int) encodedPassword[i] & 0xff, 16));
}
String passw=buf.toString();
String connectionURL = "jdbc:mysql://localhost:3306/test";;
Connection con=null;
try{
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(connectionURL, "root", "root");
PreparedStatement ps = con.prepareStatement("INSERT INTO register(user,pass,name,phone,contact) VALUES(?,?,?,?,?)");
ps.setString(1,username);
ps.setString(2,passw);
ps.setString(3,name);
ps.setInt(4,ph);
ps.setString(5,contact);
int i = ps.executeUpdate();
ps.close();
con.close();
}
catch(Exception ex){}

%>

February 23, 2012 at 6:01 PM

1)form.jsp:

<html>
<body>
<form name="userform" method="post" action="encrypt.jsp">
<table>
<tr><td>User Name</td><td><input type="text" name="name"></td></tr>
<tr><td>Password</td><td><input type="password" name="pass"></td></tr>
<tr><td>Address</td><td><input type="text" name="address"></td></tr>
<tr><td>Contact No</td><td><input type="text" name="phone"></td></tr>
<tr><td><input type="submit" value="Search"></td></tr>
</table>
</form>
</body>
</html>

2)encrypt.jsp:

<%@page import="java.sql.*"%>
<%@page import=" java.security.*"%>
<%@page import="javax.crypto.*"%>
<%!
private static String algorithm = "DESede";
        private static Key key = null;
        private static Cipher cipher = null;
 private static byte[] encrypt(String input)throws Exception {
            cipher.init(Cipher.ENCRYPT_MODE, key);
            byte[] inputBytes = input.getBytes();
            return cipher.doFinal(inputBytes);
        }
%>
<%!
        private static String decrypt(byte[] encryptionBytes)throws Exception {
            cipher.init(Cipher.DECRYPT_MODE, key);
            byte[] recoveredBytes =  cipher.doFinal(encryptionBytes);
            String recovered =  new String(recoveredBytes);
            return recovered;
          }
          %>
<%
String name=request.getParameter("name");
String password=request.getParameter("pass");
String address=request.getParameter("address");
String phone=request.getParameter("phone");
int ph=Integer.parseInt(phone);
StringBuffer buffer=new StringBuffer();
 key = KeyGenerator.getInstance(algorithm).generateKey();
            cipher = Cipher.getInstance(algorithm);
            String input = password;
            System.out.println("Entered: " + input);
            byte[] encryptionBytes = encrypt(input);
            String passw=new String(encryptionBytes);
String connectionURL = "jdbc:mysql://localhost:3306/test";
Connection con=null;
try{
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(connectionURL, "root", "root");
PreparedStatement ps = con.prepareStatement("INSERT INTO user(name,password,address,telno) VALUES(?,?,?,?)");
ps.setString(1,name);
ps.setString(2,passw);
ps.setString(3,address);
ps.setInt(4,ph);
int i = ps.executeUpdate();
ps.close();

}
catch(Exception ex){
System.out.println(ex);
}
try{
Statement st=con.createStatement();
ResultSet rs=st.executeQuery("Select * from user where id='1'");
String str="";
if(rs.next()){
str=rs.getString("password");
}
out.println("Your password is: "+decrypt(str.getBytes()));
System.out.println("Your password is: "+decrypt(str.getBytes()));
}
catch(Exception e){}
%>

For the above code, we have create a database table:

CREATE TABLE `user` (                                     
          `id` bigint(255) NOT NULL auto_increment,               
          `name` varchar(255) default NULL,                       
          `password` varchar(255) default NULL,                   
          `address` varchar(255) default NULL,                    
          `telno` int(255) default NULL,                          
          PRIMARY KEY  (`id`)                                     
        );

April 1, 2012 at 1:35 PM

Given final block not properly padded

April 1, 2012 at 1:35 PM

m getting dis erro plz help