aspose file tools*
The moose likes I/O and Streams and the fly likes DataOutputStream Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » I/O and Streams
Bookmark "DataOutputStream" Watch "DataOutputStream" New topic
Author

DataOutputStream

Manuel Paco
Ranch Hand

Joined: Sep 23, 2001
Posts: 58
Help please,
I would like to write my String password to the "Password.dat" file
the way so when I open this file
it is not readable. I mean so far when I do the following code
I can open "Key.dat" with Notepad and read it.
Thank you.
String directory = "c:\\Source\\";
String fileName = "Password.dat";
String password = "password";
File file = new File(directory, fileName);
DataOutputStream dataOutputStream =
new DataOutputStream(new BufferedOutputStream(new FileOutputStream(file)));

dataOutputStream.writeBytes( password );
David Weitzman
Ranch Hand

Joined: Jul 27, 2001
Posts: 1365
Do you want:
Something that will keep Joe Shmoe from reading a password with Notepad but allow the program to, say, send the password to an email server later. A cryptographer with some free time could figure out the password.
OR
Something that will allow you to verify a password that nobody can read. In order for a cryptograph to figure out the password, he'd have to use a dictionary attack (just keep guessing until something works -- healthy length, hard to guess passwords will be quite safe).
Manuel Paco
Ranch Hand

Joined: Sep 23, 2001
Posts: 58
Yes, that's what I need.
Manuel Paco
Ranch Hand

Joined: Sep 23, 2001
Posts: 58
David,
I would like something that will keep Joe Shmoe from reading a password with Notepad but allow the program to read it.
David Weitzman
Ranch Hand

Joined: Jul 27, 2001
Posts: 1365
You could try adding some fixed number (say, 104) to each character as you write, and subtract that when you read.
If you don't want the password length to be obvious, you could pad the password with a few extra bytes before you encrypt it and remove them afterwards (you can expect that the password plaintext won't contain 0, or '\0', in it. Just stick one on followed by some random bytes).
OR
If you want to get more fancy, you could do something like this
encrypt:

decrypt:

The random byte array could just be a handful of bytes long (3-5).
These are just two simple possibilities -- there are millions more. They are also extremely extremely insecure, but at least the password gets obfuscated a bit.
If you want to arrange something more elaborate that slows down crafty hackers, that would take more (and of course there is no fool-proof solution without password-encrypting the password)...
[ November 20, 2002: Message edited by: David Weitzman ]
David Weitzman
Ranch Hand

Joined: Jul 27, 2001
Posts: 1365
A slightly safer varient of the first method in the previous post would be to use the index of the character instead of a fixed number to add. For example, 104 + 0 for the first character, 104 + 1 for the second character, 104 + 2 for the third, etc. Use the same method for decryption.
Manuel Paco
Ranch Hand

Joined: Sep 23, 2001
Posts: 58
Thanks a lot.
What I actually meant was isn't There a OutputWriter that could write my password to file.dat so that when open with notepad characters appears as symbols not as letters.
David Weitzman
Ranch Hand

Joined: Jul 27, 2001
Posts: 1365
There's nothing like that within the IO package, but you could write your own. The other option is to go hardcore and use javax.crypto.CipherOutputStream.
Manuel Paco
Ranch Hand

Joined: Sep 23, 2001
Posts: 58
Thanks David
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: DataOutputStream