Database encryption in Java
Last Updated :
02 Sep, 2020
Basically, encryption is the process or conversion of user data in code or more specifically in the cyphertext form in order to prevent unauthorized access, So, encryption is very much important in today’s world where we all are working on large datasets stored in databases and the credentials of the database must be secured in order to secure the privacy and unauthorized access.
To encrypt our database credentials we will be using Jaspyt api. We can download the jaspyt library from here.
Java Simplified Encryption
Jasypt is a java library which allows the developer to add basic encryption capabilities to the projects with minimum effort, and without writing any code with the help of a few additions in your project here and there. Jasypt is highly configurable.
To encrypt database credentials we’ll be doing these tasks-
- Create a POJO class.
- Create a properties file.
- Create a Java class.
Step 1: Creating a POJO class
So, we have created a Plain java class named Details.java having the actual username and actual password and the keys for username and password having special and non-special characters. The code as follows-
Java
package com.jdbc;
public class details {
private String key = "@2334dgdfg@#$%dsgdf" ;
private String user = "root" ;
private String key2 = "@1567sedf#2@" ;
private String pass = "root" ;
public String getKey() { return key; }
public String getUser() { return user; }
public String getKey2() { return key2; }
public String getPass() { return pass; }
}
|
Step 2: Create an empty Properties file
Step 3- Create a MainConnecton class named TestJDBC2.java having all the lines of codes required for encryption and decryption process. We have used javax.crypto.Cipher Class, java.security.MessageDigest Abstract Class, org.jasypt.util.text.BasicTextEncryptor FinalClass which will be going to perform the encryption and decryption process.
So. First, we will going to use the key defined in the details.java file for encryption and decryption process of both username and password and will be going to call encrypt and decrypt method of BasicTextEncryptor class.
Now let’s see the code-
Java
package com.jdbc;
import java.sql.Connection;
import java.io.*;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Properties;
import java.security.MessageDigest;
import javax.crypto.Cipher;
import org.jasypt.util.text.BasicTextEncryptor;
public class TestJdbc2 {
public static void main(String[] args)
throws ClassNotFoundException, SQLException,
IOException
{
String path = System.getProperty( "user.dir" );
System.out.println( "Working Directory = " + path);
FileReader reader = new FileReader(
path + "/src/config.properties" );
Properties p = new Properties();
p.load(reader);
details dt = new details();
BasicTextEncryptor bte = new BasicTextEncryptor();
bte.setPassword(dt.getKey());
String encryptedid = bte.encrypt(dt.getUser());
p.setProperty( "username" , encryptedid);
BasicTextEncryptor bte1 = new BasicTextEncryptor();
bte1.setPassword(dt.getKey2());
String encryptedps = bte1.encrypt(dt.getPass());
p.setProperty( "password" , encryptedps);
p.store(
new FileWriter(path + "/src/config.properties" ),
" Properties Data" );
Class.forName( "com.mysql.cj.jdbc.Driver" );
Connection conn = DriverManager.getConnection(
bte.decrypt(encryptedid),
bte1.decrypt(encryptedps));
System.out.println( "Connection successful!!!" );
System.out.println( "Done" );
}
}
|
As can be seen the process of encryption and decryption clearly in this code. After the execution of this code, the encrypted username and password can be seen in the Config.properties file.
As Salt Algorithm processing can be clearly seen in the console process.
Now, let’s have a look at the Config.properties file-
As the encrypted credentials can be seen clearly in the Config. Properties file and the original database credentials are in the details.java but the Connection properties are fetching the details from properties file in the encrypted form and decrypting the same to communicate with the database servers.
So now the database encryption is an easy task for all of us in Java.
Share your thoughts in the comments
Please Login to comment...