Sunday, 21 July 2013

How to encrypt and decrypt password using AES algorithm?



Password encryption and decryption using AES algorithm


Question: - How to encrypt and decrypt password using AES algorithm?


Answer: - As AES is a Symmetric Key Algorithm, So AES algorithm describes that the secret key used for encrypting the data, the same will be used for decrypting that encrypted data.

STEPS to encrypt and decrypt the message:-


  • We can pass the secret key which is used for encryption and decryption and also pass the cryptographic algorithm in the constructor of SecretKeySpec class.

  • Then we have to create new instance of Cipher using getInstance method where we are passing the name of algorithm to transform our secret data.

  • After that we have to call init method of cipher class and then we are informing Cipher to initiate the Encryption mode and use the specified SecretKey by calling below two lines.


                    Key key = new SecretKeySpec(uniqueKeys, ALGORITHMUSEDFORENCRPTIONDECRYPTION);
                    cipher.init(Cipher.ENCRYPT_MODE, key);


  • Then to encrypt the secret data, we have to pass that data into the doFinal() of Cipher class and then we will get the our secret data as encrypted data.

  • To decrypt the encrypted data we have to call init() method of Cipher class in decrypt mode using the below java code:-
                               
cipher.init(Cipher.DECRYPT_MODE, key);
String originalData = new String(cipher.doFinal(encryptedData));


In the following sample example, we will use AES algorithm called AES and we are using the word "SecretUniqueKeys" as the secret key. AES algorithm can use a key of 128 bits (16 bytes * 8). We use "generateKey()" method of SecretKeySpec class to generate a secret key for AES algorithm with a specific key.


Java sample example for encryption and decryption



PasswordEncryptorDecryptor.java

package com.gaurav.java.security;

import java.security.Key;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class PasswordEncryptorDecryptor {
            private static final String ALGORITHMUSEDFORENCRPTIONDECRYPTION = "AES";
            private static final byte[] uniqueKeys = new byte[] { 'S', 'e', 'c', 'r',
                                    'e', 't', 'U', 'n', 'i', 'q', 'u', 'e', 'K', 'e', 'y', 's' };

            private static Key generateKey() throws Exception {
                        Key key = new SecretKeySpec(uniqueKeys,
                                                ALGORITHMUSEDFORENCRPTIONDECRYPTION);
                        return key;
            }

            /** This method is used for Password Encryption using AES algorithm */
            public static String doPasswordEncryption(String plainString4Encyption)
                                    throws Exception {
                        Key key = generateKey();
                        Cipher c = Cipher.getInstance(ALGORITHMUSEDFORENCRPTIONDECRYPTION);
                        c.init(Cipher.ENCRYPT_MODE, key);
                        byte[] encyptedArrayValue = c.doFinal(plainString4Encyption.getBytes());
                        String encryptedStringValue = new BASE64Encoder()
                                                .encode(encyptedArrayValue);
                        return encryptedStringValue;
            }

            /** This method is used for Password decryption using AES algorithm */
            public static String getDecryptedPassword(String encryptedString)
                                    throws Exception {
                        Key key = generateKey();
                        Cipher c = Cipher.getInstance(ALGORITHMUSEDFORENCRPTIONDECRYPTION);
                        c.init(Cipher.DECRYPT_MODE, key);
                        byte[] decodedArrayValue = new BASE64Decoder()
                                                .decodeBuffer(encryptedString);
                        byte[] decyptedArrayValue = c.doFinal(decodedArrayValue);
                        String decryptedStringValue = new String(decyptedArrayValue);
                        return decryptedStringValue;
            }

}


PasswordEncryptorDecryptorCaller.java

package com.gaurav.java.security;

public class PasswordEncryptorDecryptorCaller {
            public static void main(String[] args) {

                        try {
                                    String passwordToEncrypt = "KumarGaurav";
                                    String encyptedPassword = PasswordEncryptorDecryptor
                                                            .doPasswordEncryption(passwordToEncrypt);
                                    String decyptedPassword = PasswordEncryptorDecryptor
                                                            .getDecryptedPassword(encyptedPassword);

                                    System.out.println("Text which is passed for Encryption  : "
                                                            + passwordToEncrypt);
                                    System.out.println("Encrypted Password Text : " + encyptedPassword);
                                    System.out.println("Decrypted Password Text : " + decyptedPassword);

                        } catch (Exception e) {
                                    System.out
                                                            .println("Error while password encryption and decryption is :-> "
                                                                                    + e.getMessage());
                        }
            }
}

Result:-

Text which is passed for Encryption  : KumarGaurav
Encrypted Password Text : 6iUeJjU7P6wVZgiZ0xkyfA==
Decrypted Password Text : KumarGaurav
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)