Please Help!!!  Encrypt/Decrypt Password

Similar Messages

• Encrypt / Decrypt password

  Hi
  I'm new in Java and I need to create a function to encrypt / decrypt passwords using the Blowfish algorithm. I know how to create a key, but I don't know how to recover it to decrypt the password.
  Another question, Is it possible to use public/private keys in this case???.
  Can you give some links or examples please???
  Regards
  J.C.

  This is typically done either one of two ways:
  1) PBE based encryption. This uses a password or pass phrase to derive
  a key to use with a symmetric algorithm.
  2) Asymmetric using something like RSA. Typically RSA is used to wrap
  the actual symmetric key used to do the encryption but for very short
  plaintext it can be used directly on the plaintext. Passwords are a
  good example of short plaintext.
  Obviously symmetric encryption is a great deal faster than asymmetric
  encryption. So if your plaintext was large you would want to use
  symmetric. Also Asymmetric encryption is length dependant. AKA if your
  public key's modulus is 1024 bits then you could encrypt any plaintext
  that was 121 bytes or shorter.
  PBE takes a salt (a random byte array) and an iteration count and
  hashes a passphrase with the salt iteration number of times to generate
  a key that can be reproduced over and over again and used with a
  symmetric algorithm. The issue here is that your salt/ic either need
  to be hard coded and reused or the values for any single encryption
  need to be saved along with the ciphertext. Using the same ic/salt for
  a large number of plaintext to ciphertext operations can lead to a
  weakening of the pass phrase (aka the key) and aids a cryptoanalyst in
  breaking the code. Although it is still difficult it becomes easier
  with each successive encryption.
  Its upto you which route you take but you should note that private keys
  used in asymmetric encryption use PBE to keep them private anyway so in
  a sense if you use asymmetric encryption you are really using both
  asymmetric encryption and PBE...

• Please help: Encrypt Password

  Very small query which has confused me a lot.....
  I have to encrypt passwords and save them in to database, I am not getting where to start as I do not know anything about java encryption packages or other things.
  Please let me know where can I find the names of all the algorithms and it will be very nice if u can tell me that which one should I use.
  thanx

  Hi,
  MD5 and SHA-x Algorithms do not encrypt, these are so called hash algorithms which means they create a (hopefully) unique, fixed length byte array from what you give as input. Usually that is a way to store Passwords because you never need to decrypt a password (in the case of hash algorithms you are not able to do so anyway). If a user signs in, you hash his password and compare that created hash with the stored hash value. If they are equal, you can be sure enough (1:2^100 or something as chance that two different passwords create the same hash code) that the user knew his password. I know a lot of eBusiness plattforms that store passwords as MD5 or SHA-1 hash values. I think they can be seen as secure enough for such purposes.
  Another story if you need the password in cleartext (maybe to start a batch process) but you don't want to store it as clear text. Then you have to encrypt the password and decrypt it when needed. But then you run into the problem where to store the encryption key so that nobody can decrypt your password with that.
  The public key encryption is only usefull if you need to create a so called secret between two parties via an unsecure communication media. Like the HTTPS protocol does. The browser and the web server are exchanging public information (public keys) and then they are able to communicate secure without the need to share sensitive information in advance. But that is definitely not needed for your scenario.
  The HMAC is another completely different story. It just says that you "can" use the MAC address of your Network adapter for the hash algorithm, but you don't need to do so. Since it is hard to read the MAC address from java I would not suggest to go in that direction.
  I that now light enough? ;-)
  Stephan

• Error running SSIS package to do with encrypting/decrypting password. Help needed.

  Getting this error. Can anyone shed some light? This is the first promote since 2009. Protection level of the package is 'EncryptSensitiveWithPassword' I'm new at SSIS so don't assume I know anything.
  10/30/2014 16:11:06,HPAddress_Export,Error,0,SSQLTST01\SSQLTST02,HPAddress_Export,(Job outcome),,The job failed. 
  The Job was invoked by User AHCCCS\Administrator.  The last step to run was step 1 (Step 1).,00:00:02,0,0,,,,0
  10/30/2014 16:11:06,HPAddress_Export,Error,1,SSQLTST01\SSQLTST02,HPAddress_Export,Step 1,,Executed as user: AHCCCS\svcssqltst01. ....00.5324.00 for 32-bit 
  Copyright (C) Microsoft Corp 1984-2005. All rights reserved.   
  Started:  4:11:06 PM  Error: 2014-10-30 16:11:07.05    
  Code: 0xC001405F     Source:      
  Description: Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the encrypted information. 
  End Error  Error: 2014-10-30 16:11:07.37    
  Code: 0xC001405F     Source:      
  Description: Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the encrypted information. 
  End Error  Error: 2014-10-30 16:11:07.79    
  Code: 0xC0202009     Source: HPAddress_ExportPackage Connection manager "SQL.HealthPlanAddressChanges.hpac"    
  Description: SSIS Error Code DTS_E_OLEDBERROR.  An OLE DB error has occurred. Error code: 0x80040E4D. 
  An OLE DB record is available.  Source: "Micros... 
  The package execution fa...  The step failed.,00:00:02,0,0,,,,0

  Hi,
  From the error message “Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the encrypted information.“, it seems that the error is caused by the password to decrypt
  an encrypted XML node was not specified or incorrect.
  Besides, the EncryptSensitiveWithPassword Protection level means user should use a password to encrypt only the values of sensitive properties in the package. To open the package in SSIS Designer, the user must provide the package password. If the password
  is not provided, the package opens without the sensitive data and the current user must provide new values for sensitive data. If the user tries to execute the package without providing the password, package execution fails.
  So in order to resolve this issue, we should provide the password when executing the package. When you execute a package with this setting using DTEXEC, you can specify the password on the command line using the /Decrypt password command line argument.
  Reference:
  Access Control for Sensitive Data in Packages
  Securing Your SSIS Packages Using Package Protection Level
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Operations on Text File - Encrypt, Decrypt, Password Protected

  Dear Experts,
  My requirement is to upload a text file  and do some operations on it and then encrypt the content in it ans save it on application server with password protected. Later i want to decrypt it.
  Please help me for the following:
  How to encyypt and decrypt the text file using standard encryption alogrithms like DES, MD5, RSA? Are there any standand function modules for both encryption and decryption which accepts a user defined public key?
  How to download a password protected text file?
  Thanks in advance.

  CALL FUNCTION 'Z_CRYPT_FILE'
          EXPORTING
            SOURCE_PATH         = WS_PATH
            SOURCE_FILE         = WS_OLDFILE
            DESTINATION_PATH    = WS_NEW_PATH
            DESTINATION_FILE    = WS_NEWFILE
            SWITCH              = 'E'
            KEY                 = ZUSER_PW
            KEEP_SOURCE_FILE    = ' '
          EXCEPTIONS
            INVALID_SWITCH      = 1
            SOURCE_FILE_NOTFOUND = 2
            DIDNT_WORK          = 3.
  FUNCTION MODULE Z_CRYPT_FILE 
  DATA: CINPUT(300) TYPE C.
  DATA: BEGIN OF LIST OCCURS 0,
          DATA(238) TYPE C,
          DELIMITER(04) TYPE C,
          FILE(12) TYPE C,
        END OF LIST.
  DATA: SOURCE TYPE ZCHAR200.
  DATA: DESTINATION TYPE ZCHAR200.
  DATA: ZINDX TYPE I.
  DATA: msg(100).
  IF SWITCH = 'E'.
     IF FILETYPE = 'T'.
        OPEN DATASET SOURCE IN TEXT MODE FOR INPUT ENCODING DEFAULT
           message msg.
     ELSE.
        OPEN DATASET SOURCE IN BINARY MODE FOR INPUT message msg.
     ENDIF.
     IF SY-SUBRC <> 0.
        RAISE SOURCE_FILE_NOTFOUND.
     ENDIF.
     CLOSE DATASET SOURCE.
     CLEAR CINPUT.
     CONCATENATE '/usr/local/bin/gpg -sev -r'
      KEY
      '-o'
      DESTINATION
      SOURCE
     INTO CINPUT SEPARATED BY SPACE.
     CONCATENATE CINPUT '2>&1' INTO CINPUT SEPARATED BY ' '.
     CALL 'SYSTEM' ID 'COMMAND' FIELD CINPUT ID 'TAB' FIELD
                                LIST-SYS.
     IF FILETYPE = 'T'.  
        OPEN DATASET DESTINATION IN TEXT MODE FOR INPUT ENCODING DEFAULT
           message msg.
     ELSE.
        OPEN DATASET DESTINATION IN BINARY MODE FOR INPUT message msg.
     ENDIF.
     IF SY-SUBRC = 0.
        CLOSE DATASET DESTINATION.
        IF keep_source_file <> 'X'.
           CLEAR CINPUT.
           CONCATENATE 'rm' SOURCE INTO CINPUT
           SEPARATED BY SPACE.
           CALL 'SYSTEM' ID 'COMMAND' FIELD CINPUT ID 'TAB' FIELD
                          LIST-SYS.
        ENDIF.
     ELSE.
      write: 'Encryption error  on command: ',
         cinput.
      skip 1.
       loop at list.
          write: / LIST.
         endloop.
        RAISE DIDNT_WORK.
     ENDIF.
     IF FILETYPE = 'T'.  
        OPEN DATASET SOURCE IN TEXT MODE FOR INPUT ENCODING DEFAULT.
     ELSE.
        OPEN DATASET SOURCE IN BINARY MODE FOR INPUT.
     ENDIF.
     IF SY-SUBRC <> 0.
        RAISE SOURCE_FILE_NOTFOUND.
     ENDIF.
     CLOSE DATASET SOURCE.
     CLEAR CINPUT.
     CONCATENATE '/usr/local/bin/gpg -o'
      DESTINATION
      SOURCE
     INTO CINPUT SEPARATED BY SPACE.
     CONCATENATE CINPUT '2>&1' INTO CINPUT SEPARATED BY ' '.
     CALL 'SYSTEM' ID 'COMMAND' FIELD CINPUT ID 'TAB' FIELD
                                LIST-SYS.
    REFRESH LIST.
    CLEAR LIST.
     IF FILETYPE = 'T'. 
        OPEN DATASET DESTINATION IN TEXT MODE FOR INPUT ENCODING DEFAULT.
     ELSE.
        OPEN DATASET DESTINATION IN BINARY MODE FOR INPUT.
     ENDIF.
     IF SY-SUBRC = 0.
        CLOSE DATASET DESTINATION.
     ELSE.
  *list output if error
        loop at list.
          write: / LIST.
         endloop.
        RAISE DIDNT_WORK.
     ENDIF.
  ENDIF.

• Encrypt/Decrypt passwords

  Hi...
  Another thread with that same, old subject... right? Perhaps yes!! But I am not able to move further without help.
  I am developing an application where user needs to login by entering the password. My requirement is to encrypt the password first (while registering the user) and store it in a database (using MS Access 2007). Later, while logging in, I need to decrypt that stored password and validate the entered password by user.
  As I am quite new to this, not able to understand how to proceed. Checked in this forum, even in net - got many stuffs as well - but still I am not able to develop this.
  Any suggestion, help would be appreciated.
  I have few simple logics, that could be used: 1. replace each characters with the next (or next to next) characters, 2. insert some junk characters in between each characters and creating a string... etc
  But I am looking for some serious encryption/decryption techniques.
  Thanks in Advance...

  >
  Oh yeah.. what an 'Aloo Paratha' with no salt. But not able to understand how to add this 'Salt' to my paratha.. :(
  TiA...Suppose I had read access to the password table, where I also had an account:
  | user_name | digested_password | ...
  +-----------+-------------------+--
  | bdlh      | efagukfuilfehilef |
  | smith     | fiopwefiopf890fnk |
  ...I can't guess smith's password from his digest, but what if I notice:
  | user_name | digested_password | ...
  +-----------+-------------------+--
  | bdlh      | efagukfuilfehilef |
  | smith     | fiopwefiopf890fnk |
  | kumar     | efagukfuilfehilef |Hey! kumar and I happen to have the same digest! We have the same password! (Or as good as.) I can log on as kumar and have jolly time at his expense.
  Now change things with a pinch of salt: a randomly generated unique string. One's digested_password is actually the digest of password+salt:
  | user_name | digested_password | salt     |
  +-----------+-------------------+----------+
  | bdlh      | efagukfuilfehilef | efaghkku |
  | smith     | fiopwefiopf890fnk | h23bh9m0 |
  | kumar     | vjlvsr8u0w780w4bj | 789r2bh7 |Now even if kumar and I happen to have the same password, our salts make the digests different.
  As for "how to digest", use MessageDigest: [http://java.sun.com/javase/6/docs/api/java/security/MessageDigest.html]

• Please help about encode password idm !!!!

  Hello All,
  I'm a newbie in IDM and in my work I have to encode password with CBC Algorithm before insert password in database (SQL server 2005).
  So I have already coding CBC Algorithm but I don't know where I put my CBC encoding Algorithm for when users change password on IDM.
  Please help me.
  Thank you for advance.
  waltt

  I'm assuming you're not talking about storing the password that way in the IDM repository but rather a separate database resource.
  I had a similar requirement with a different encryption algorithm and an Oracle database. I made my life a lot easier by having the database resource do the encryption. IDM will insert the password into the resource as plain text and, in my case, a trigger will catch it, call a stored procedure to change it from plain text to encrypted and then insert it. Since IDM never reads passwords from resources anyway the password was fully encrypted as stored in the resource and IDM never knows any better.
  Technically speaking you could have created a rule or custom form to do the password encryption before IDM sends it over the wire but if you've got an encrypted channel to the database then you might take my approach and skip having IDM do it altogether.

• PLEASE HELP I NEED PASSWORD

  I need the password to " Pinewarp AP-guest" so I can finish my paper on the Holocaust Due tomorrow !!! Please help.

  onaya3 wrote:
  I need the password to " Pinewarp AP-guest" so I can finish my paper on the Holocaust Due tomorrow !!! Please help.

• Please help! changed password and now i cannot access hotmail on iphone4

  i have had my free hotmail account configured to my iphone4 for months, working perfectly. i then changed my password on my laptop and then input the new password in my mail settings on my iphone4.but it will not allow me to access my hotmail account via the mail icon.
  keeps saying i've input wrong password or user name, but i definitely have not.i can access my hotmail fine on my laptop and via the web browser on my iphone4. but i want it back to as it was..how can simply changing the password cause so much hassle when it was working perfectly before?..please can somebody help?

  i have the same problem , was working fine before then i changed my password & cant get it to connect now .
  have deleted the hotmail account & tried adding again this doesnt work
  any ideas anyone ?

• Please Help, forgot administrator password for macbook pro 2011

  Dear community,
  I forgot my administrator password for my macbook pro from 2011
  I didn´t came with any CD/DVD it's osx lion
  And when I choose the reset using your apple ID icon, nothing happens
  please advise

  Reset Password
  OS X 10.7 Lion /10.8 MountainLion
  Follow the instructions in the first and the third boxes.
  http://pondini.org/OSX/Password.html
  Note
  Keychain
  http://support.apple.com/kb/TS1544

• Please help forgot admin password for BIOS

  I haven't opened this hp up in a long while. I'm getting a disc error so I tried to enter my BIOS and I cannot remember the password. I am getting system disable 72405773. Can anyone please help

  Hi, Please try:    63563375 Regards.

• Please help forgot my password.

  Hello, My name is Thong and I from Viet Nam. First l'm a fan of Firefox :x.But when i created account Firefox Sync, i were input wrong email "[email protected]",but real email a "[email protected]" . So you can help me changes this email to "[email protected]" ??? Please !!! :(

  You will have to re-save your data to the new Sync account after you've created it.<br />
  You can wait with deleting the old sync account until you've confirmed that the new account is working.
  The data on the computers that are synced isn't affected by delinting the sync account.<br />
  Only the data of the old account that is stored stored on the sync server is no longer available if you delete the account, but if you set up and sync the new account on all computers then sync will work once again as it did with the old account.

• Please help bios password

  Please help with bios password
  CNU9363GX8

  Hi,
  Please be aware that this is not supported by HP and you try it at your own risk.
  Try entering:       e9lofgfh4u                ( Note that the 3rd character is a lower case L )
  Regards,
  DP-K
  ****Click the White thumb to say thanks****
  ****Please mark Accept As Solution if it solves your problem****
  ****I don't work for HP****
  Microsoft MVP - Windows Experience

• RSA with Cryptix: can encrypt but not decrypt? Please help.. :)

  Hi all,
  I've been trying to do RSA encryption/decryption using a pair of keys created with keytool. I've been able to encrypt some bytes, but when I attempt to decrypt the results immediately using the private key, I received the following exception:
  IllegalBlockSizeException: RSA: Cipher in DECRYPT state with an incomplete final block
  Please can anyone save me out of my misery and shed some light on this problem? Thanks a great deal in advance.
  Best Regards,
  Kenshin
  Here are the code snippets:
  // 1. imported APIs:
  import javax.net.ssl.*;
  import java.io.*;
  import java.security.*;
  import java.security.interfaces.*;
  import java.security.spec.*;
  import java.security.cert.*;
  import java.security.cert.Certificate;
  import javax.crypto.*;
  import javax.crypto.spec.*;
  import cryptix.provider.Cryptix;
  import xjava.security.Cipher;
  import xjava.security.CipherInputStream;
  import xjava.security.CipherOutputStream;
  import xjava.security.interfaces.*;
  import cryptix.provider.rsa.*;
  // 2. Getting the Public Key from the created cert:
  File certFile = new File("c:/keystore/jbossSSL.cer");
  FileInputStream certFileInStream = new FileInputStream(certFile);
  CertificateFactory cf = CertificateFactory.getInstance("X509");
  Certificate cert = (Certificate)cf.generateCertificate(certFileInStream);
  RSAPublicKey serverPublicKey = (RSAPublicKey)cert.getPublicKey();
  // 3. Doing the encryption:
  Security.addProvider( new cryptix.provider.Cryptix());
  Cipher cipherInstance = Cipher.getInstance("RSA/ECB/PKCS7", "Cryptix");
  CryptixRSAPublicKey vCryptixRSAPubKey = (CryptixRSAPublicKey) new RawRSAPublicKey(serverPublicKey.getPublicExponent());
  cipherInstance.initEncrypt(vCryptixRSAPubKey);
  System.out.println("String to be encypted: " + sRandomString);
  // Sample of what is printed: String to be encypted: 2201162506010696613
  ByteArrayInputStream clearTextInStream = new ByteArrayInputStream(sRandomString.getBytes());
  CipherInputStream cInStream = new CipherInputStream(clearTextInStream, cipherInstance);
  ByteArrayOutputStream cipherTextOutStream = new ByteArrayOutputStream();
  CipherOutputStream cOutStream = new CipherOutputStream(cipherTextOutStream, cipherInstance);
  byte[] buffer = new byte[8192];
  int length;
  while((length= cInStream.read(buffer))!=-1)
  cOutStream.write(buffer, 0, length);
  cOutStream.close();
  cInStream.close();
  cipherTextOutStream.close();
  clearTextInStream.close();
  String sEncodedString = new String(cipherTextOutStream.toByteArray());
  System.out.println("String encrpted: " + sEncodedString);
  // Sample of what is printed: String to encrpted: 2 2 01 1 6 25 0 6 01 0 6 96 6 1 3&#9786; &#9787;&#9787;
  // 4. Getting the Private key from the keystore
  FileInputStream in = new FileInputStream("C:/keystore/jbossSSL.keystore");
  KeyStore catalinaKeyStore = KeyStore.getInstance("jks");
  catalinaKeyStore.load(in, "jbossSSL".toCharArray());
  RSAPrivateKey privateK = (RSAPrivateKey)catalinaKeyStore.getKey("jbossSSL", "jbossSSL".toCharArray());
  CryptixRSAPrivateKey vCryptixRSAPriKey = (CryptixRSAPrivateKey) new RawRSAPrivateKey(privateK.getPrivateExponent(), privateK.getModulus());
  cipherInstance.initDecrypt(vCryptixRSAPriKey);
  // 5. Doing the decryption:
  ByteArrayInputStream cipherTextInStream = new ByteArrayInputStream(sEncodedString.getBytes());
  cInStream = new CipherInputStream(cipherTextInStream,cipherInstance);
  ByteArrayOutputStream clearTextOutStream = new ByteArrayOutputStream();
  cOutStream = new CipherOutputStream(clearTextOutStream,cipherInstance);
  while((length= cInStream.read(buffer))!=-1)
  cOutStream.write(buffer, 0, length); >> exception thrown here
  cOutStream.close();
  cInStream.close();
  clearTextOutStream.close();
  cipherTextInStream.close();
  String sDecodedString = new String(clearTextOutStream.toByteArray());
  System.out.println("Stringdecrpted: " + sDecodedString);

  Here is working RSA example Maybe will help you. (may has a few typing errors becosu I rmoved some confidential data ;) )
  import java.util.*;
  import javax.swing.*;
  import java.io.*;
  import java.security.*;
  import javax.crypto.Cipher;
  import xjava.security.*;
  import cryptix.provider.Cryptix;
  import xjava.security.interfaces.CryptixRSAPublicKey;
  import xjava.security.interfaces.CryptixRSAPrivateKey;
  import xjava.security.KeyGenerator;
  import xjava.security.SecretKey;
  public class testcipher extends javax.swing.JFrame{
      /** Creates new test */
      public testcipher() throws Exception {
      * @param args the command line arguments
      public static void main(String [] args) throws Exception  {
          Provider pd = new cryptix.provider.Cryptix();
          Security.addProvider(pd);
          KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "Cryptix");
          kpg.initialize(1024, new java.security.SecureRandom());
          System.out.println("Generating key pair...");
          KeyPair kp = kpg.genKeyPair();
          System.out.println("Key pair generated...");
          xjava.security.Cipher cp = xjava.security.Cipher.getInstance("RSA/ECB/PKCS7", "Cryptix");
          cp.initEncrypt(kp.getPublic());
          FileInputStream fis = new FileInputStream("c:\\temp\\b2b\\index.htm");
          CipherInputStream cin = new CipherInputStream(fis, cp);
          FileOutputStream fout = new FileOutputStream("C:\\temp\\b2b\\enc.htm");
          CipherOutputStream cout = new CipherOutputStream(fout, cp);
          byte[] buffer = new byte[8192];
          int length;
          while((length=cin.read(buffer))!=-1)
              cout.write(buffer, 0, length);
          cout.close();
          cin.close();
          fout.close();
          fis.close();
          cp.initDecrypt(kp.getPrivate());
          fis = new FileInputStream("c:\\temp\\b2b\\enc.htm");
           cin = new CipherInputStream(fis, cp);
           fout = new FileOutputStream("C:\\temp\\b2b\\dec.htm");
           cout = new CipherOutputStream(fout, cp);
                  while((length=cin.read(buffer))!=-1)
              cout.write(buffer, 0, length);
          cout.close();
          cin.close();
          fout.close();
          fis.close();
  }

• HT201269 I forgot my password for Encrypt my Backup how can I reset that please help I really need it Urgently???

  I forgot my password for Encrypt my Backup how can I reset that please help I really need it Urgently?

  If you do not know the passcode then you cannot use the backup
  Sorry