Home » Core Java » security » Encrypt/Decrypt with salt

About Ilias Tsagklis

Avatar photo
Ilias is a software developer turned online entrepreneur. He is co-founder and Executive Editor at Java Code Geeks.

Encrypt/Decrypt with salt

This is an example of how to encrypt and decrypt using a salt. The salt is random data very often used in cryptography as additional input to a hash function. Doing encryption and decryption of a String with a salt implies that you should:

  • Read an initial String.
  • Generate random bytes to be placed in the salt.
  • Create a sun.misc.BASE64Decoder (a Utility Class to encode a String or ByteArray as a Base64 encoded String) and a byte array to be used as a salt.
  • Use the BASE64Encoder to encode both the salt and the String and return them, as described in the encrypt(String str) method.
  • Read the encrypted String.
  • Create a sun.misc.BASE64Encoder (A utility class to decode a Base64 encoded String to a ByteArray) to decode the String to a byte array.
  • Return the String representation of the byte array, as shown in the decrypt(String encstr) method.

Let’s take a look at the code snippet that follows:

package com.javacodegeeks.snippets.core;

import java.io.IOException;
import java.util.Date;
import java.util.Random;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class Main {

    private static Random rand = new Random((new Date()).getTime());

    public static void main(String[] args) throws Exception {

  String st = "secrete";

  String enc = encrypt(st);

  System.out.println("Encrypted string :" + enc);

  System.out.println("Decrypted string :" + decrypt(enc));

    }

    public static String encrypt(String str) {

  BASE64Encoder encoder = new BASE64Encoder();

  byte[] salt = new byte[8];

  rand.nextBytes(salt);

  return encoder.encode(salt) + encoder.encode(str.getBytes());
    }

    public static String decrypt(String encstr) {

  if (encstr.length() > 12) {

String cipher = encstr.substring(12);

BASE64Decoder decoder = new BASE64Decoder();

try {

    return new String(decoder.decodeBuffer(cipher));

} catch (IOException e) {

    //  throw new InvalidImplementationException(

    //Fail

}

  }

  return null;
    }
}

Output:

Encrypted string :CT6/c+0AAmU=c2VjcmV0ZQ== Decrypted string :secrete

 
This was an example of how to encrypt and decrypt using a salt in Java.

Do you want to know how to develop your skillset to become a Java Rockstar?

Subscribe to our newsletter to start Rocking right now!

To get you started we give you our best selling eBooks for FREE!

 

1. JPA Mini Book

2. JVM Troubleshooting Guide

3. JUnit Tutorial for Unit Testing

4. Java Annotations Tutorial

5. Java Interview Questions

6. Spring Interview Questions

7. Android UI Design

 

and many more ....

 

Receive Java & Developer job alerts in your Area

I have read and agree to the terms & conditions

 

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

4 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
M W
M W
4 years ago

Base64 is NOT encryption!! Base64 is an encoding and is no more secure than plaintext.

guest
guest
4 years ago
Reply to  M W

That’s why he included the salt…

sivakumar
sivakumar
4 years ago
Reply to  guest

1) In Eclipse, I clicked on Window/Preferences/Java/Compiler/(Errors/Warnings)
2) On top of display click on ‘Configure Project Specific Settings) then select your current project name
3) Then select Deprecated and restricted API
4) Then in ” Forbidden reference (access rules) ” switch from Error to Warning.
5) Click Okay.

Kishore M
Kishore M
3 years ago

Why you are checking the length as 12 while decrypting the encoded string? Is there any default values based on the size we are mentioning in the byte array?