File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Decrypt Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Decrypt" Watch "Decrypt" New topic


visu Nekk
Ranch Hand

Joined: Sep 06, 2005
Posts: 122


import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import sun.misc.BASE64Encoder;

public class Administrator extends HttpServlet
public void service(HttpServletRequest request,HttpServletResponse response)
throws ServletException,IOException
PrintWriter out = response.getWriter();
String id = "Administrator";
String pwd = "administrator";
MessageDigest md = MessageDigest.getInstance("SHA","SUN");
BASE64Encoder encoder = new BASE64Encoder();
String encoded = encoder.encode(md.digest());
Connection con = DriverManager.getConnection(url,user,pwd);
Statement stmt = con.createStatement();
stmt.executeUpdate("insert into adminlogin values('"+id+"','"+encoded+"')");
}catch(Exception e)

Using the code above, i am able to encrpt the password field.But now how can i decrypt the password.
Thanks in advance,
Visu N
David O'Meara

Joined: Mar 06, 2001
Posts: 13459

You can't, digests are (typically) a one way process. But what you can do is get the user to send the password again, reperform the digest operation and then compare the two results.

This is not a Servlet question, I am moving it to the Security forum.

visu Nekk
Ranch Hand

Joined: Sep 06, 2005
Posts: 122
Thanx.Is there any other way that i can encrypt the password and again decrypt it?
Thanx in advance.
Visu N
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
The standard Java API for en-/decryption is called JCE, and is part of the JDK since Java 1.4. You can find it in the javax.crypto package.
I agree. Here's the link:
subject: Decrypt
It's not a secret anymore!