7 Replies Latest reply on Jun 16, 2010 9:56 PM by Aldo Bonzi

    how to encrypt and decrypt

    vasuki hn Newbie

      Hi All


      I am using DES algorithm to encrypt and decrypt a Name field of string type passed from the form. The form is Device.xhtml and backend action page is DeviceHome.java.


      When the form is filled and clicked on save button, i want to access name field value from getter method then call the encrypt method and encrypted value must be stored in database using setter method.How to do?
      How do i take the value from database and pass it to decrypt method and display the original name in the screen?


      Another question is can i write another class inside DeviceHome.java file? If yes how to access the methods or variables present in inner class?

        • 1. Re: how to encrypt and decrypt
          Aldo Bonzi Novice

          If you are using JPA you could take advantage of the @PostLoad and @PrePersist callback methods to achieve what you want.

          • 2. Re: how to encrypt and decrypt
            vasuki hn Newbie

            Hi Aldo,


            I tried using that in my action class ie.,DeviceHome.java but no luck..


            I just annotated postload to my pastload method in DeviceHome class. When i try to display the records in the view page that method doesn't get executed.


            Could you explain how to use it?

            • 3. Re: how to encrypt and decrypt
              Aldo Bonzi Novice

              The methods have to be within the entity bean.

              • 4. Re: how to encrypt and decrypt
                Nikolay Elenkov Master

                Aldo Bonzi wrote on Jun 14, 2010 19:34:


                The methods have to be within the entity bean.


                And how will the entity bean get a hold of the key? As I said in another (suspiciously similar...) thread, DES encryption is a bad idea, especially when you obviously don't know what you are doing. The data encrypted may not be particularly valuable, so this may be just for show (See we have encryption! Our app is secure!), but still. Cf Security theater


                That said, this has to be done in the Home class by calling the component that knows how to encrypt/decrypt after the entity is loaded from DB and before it is displayed.


                • 5. Re: how to encrypt and decrypt
                  Umut Fikret  Gürkavcu Newbie

                  You can use Transient functions in entities.You can define a @Transient variable like encryptedPassword and  use it to modify your entity field like :
                       



                          // Entity field
                          private String password;
                  
                  
                          @Transient
                       public void setEncryptedPassword(String  password) {
                             setPassword( new BasicPasswordEncryptor().encryptPassword(password));
                       }
                       
                       @Transient
                       public String getEncryptedPassword() {
                             return "";
                       }





                  in your Device.xhtml



                  <h:inputText value="#{entity.encryptedPassword}" />





                  I am using JASPYT api to encrypt user's passwords like this way.
                  http://www.jasypt.org/


                  • 6. Re: how to encrypt and decrypt
                    Umut Fikret  Gürkavcu Newbie

                    Umut Fikret  Gürkavcu wrote on Jun 15, 2010 14:36:


                    You can use Transient functions in entities.You can define a @Transient variable like encryptedPassword and  use it to modify your entity field like :
                         


                            // Entity field
                            private String password;
                    
                    
                            @Transient
                         public void setEncryptedPassword(String  password) {
                               setPassword( new BasicPasswordEncryptor().encryptPassword(password));
                         }
                         
                         @Transient
                         public String getEncryptedPassword() {
                               return "";
                         }





                    in your Device.xhtml


                      <h:inputSecret id="passwordText" value="#{entityHome.instance.encryptedPassword}" required="true" label="password" size="35">
                                <f:validateLength minimum="8"/> 
                       </h:inputSecret>





                    I am using JASPYT api to encrypt user's passwords like this way.
                    http://www.jasypt.org/




                    Click HELP for text formatting instructions. Then edit this text and check the preview.

                    • 7. Re: how to encrypt and decrypt
                      Aldo Bonzi Novice

                      Nikolay Elenkov wrote on Jun 14, 2010 22:21:



                      Aldo Bonzi wrote on Jun 14, 2010 19:34:


                      The methods have to be within the entity bean.


                      And how will the entity bean get a hold of the key?



                      That's certainly right. I was so focused on trying to propose a transparent solution to rest of the application that i didn't see the obvius.