Decrypt

import java.io.IOException;
import java.io.PrintWriter;

import java.security.*;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import sun.misc.BASE64Encoder;

public class Administrator extends HttpServlet
{
public void service(HttpServletRequest request,HttpServletResponse response)
throws ServletException,IOException
{
PrintWriter out = response.getWriter();
String id = "Administrator";
String pwd = "administrator";
try
{
MessageDigest md = MessageDigest.getInstance("SHA","SUN");
md.update(pwd.getBytes());
BASE64Encoder encoder = new BASE64Encoder();
String encoded = encoder.encode(md.digest());
Class.forName("oracle.jdbc.driver.OracleDriver");
Connection con = DriverManager.getConnection(url,user,pwd);
Statement stmt = con.createStatement();
stmt.executeUpdate("insert into adminlogin values('"+id+"','"+encoded+"')");
}catch(Exception e)
{
out.println(e);
}
}
}

Using the code above, i am able to encrpt the password field.But now how can i decrypt the password.
Thanks in advance,
Visu N

You can't, digests are (typically) a one way process. But what you can do is get the user to send the password again, reperform the digest operation and then compare the two results.

This is not a Servlet question, I am moving it to the Security forum.

Dave

Thanx.Is there any other way that i can encrypt the password and again decrypt it?
Thanx in advance.
Visu N

The standard Java API for en-/decryption is called JCE, and is part of the JDK since Java 1.4. You can find it in the javax.crypto package.