Database encryption in Java
Basically, encryption is the process or conversion of user data in code or more specifically in the cyphertext form in order to prevent unauthorized access, So, encryption is very much important in today’s world where we all are working on large datasets stored in databases and the credentials of the database must be secured in order to secure the privacy and unauthorized access.
To encrypt our database credentials we will be using Jaspyt api. We can download the jaspyt library from here.
Java Simplified Encryption
Jasypt is a java library which allows the developer to add basic encryption capabilities to the projects with minimum effort, and without writing any code with the help of a few additions in your project here and there. Jasypt is highly configurable.
To encrypt database credentials we’ll be doing these tasks-
- Create a POJO class.
- Create a properties file.
- Create a Java class.
Step 1: Creating a POJO class
So, we have created a Plain java class named Details.java having the actual username and actual password and the keys for username and password having special and non-special characters. The code as follows-
Java
// Creating a POJO class package com.jdbc; public class details { // Private fields private String key = "@2334dgdfg@#$%dsgdf"; private String user = "root"; private String key2 = "@1567sedf#2@"; private String pass = "root"; // Getter methods for private fields public String getKey() { return key; } public String getUser() { return user; } public String getKey2() { return key2; } public String getPass() { return pass; }} |
Step 2: Create an empty Properties file
Step 3- Create a MainConnecton class named TestJDBC2.java having all the lines of codes required for encryption and decryption process. We have used javax.crypto.Cipher Class, java.security.MessageDigest Abstract Class, org.jasypt.util.text.BasicTextEncryptor FinalClass which will be going to perform the encryption and decryption process.
So. First, we will going to use the key defined in the details.java file for encryption and decryption process of both username and password and will be going to call encrypt and decrypt method of BasicTextEncryptor class.
Now let’s see the code-
Java
// Creating a java class package com.jdbc; import java.sql.Connection;import java.io.*;import java.sql.DriverManager;import java.sql.SQLException;import java.util.Properties;import java.security.MessageDigest;import javax.crypto.Cipher; import org.jasypt.util.text.BasicTextEncryptor; public class TestJdbc2 { public static void main(String[] args) throws ClassNotFoundException, SQLException, IOException { // Fethches the system property String path = System.getProperty("user.dir"); System.out.println("Working Directory = " + path); // Creating a FileReader and specified the // name of the file to read from FileReader reader = new FileReader( path + "/src/config.properties"); Properties p = new Properties(); // Reads a property list from the input byte stream p.load(reader); details dt = new details(); BasicTextEncryptor bte = new BasicTextEncryptor(); // Getting key from details class object and // set the password for encryption and decryption bte.setPassword(dt.getKey()); // Encrypt the message String encryptedid = bte.encrypt(dt.getUser()); // Set the system property p.setProperty("username", encryptedid); BasicTextEncryptor bte1 = new BasicTextEncryptor(); // Setting a password bte1.setPassword(dt.getKey2()); // Encrypt the password String encryptedps = bte1.encrypt(dt.getPass()); p.setProperty("password", encryptedps); // Writes the property list in the properties table // to the output character stream in a format // suitable for using load method p.store( new FileWriter(path + "/src/config.properties"), " Properties Data"); // Load the driver class into the memory at the // runtime Class.forName("com.mysql.cj.jdbc.Driver"); // Establishes the connection and decrypt the // encryptedid and encryptedps Connection conn = DriverManager.getConnection( bte.decrypt(encryptedid), bte1.decrypt(encryptedps)); System.out.println("Connection successful!!!"); System.out.println("Done"); }} |
As can be seen the process of encryption and decryption clearly in this code. After the execution of this code, the encrypted username and password can be seen in the Config.properties file.
As Salt Algorithm processing can be clearly seen in the console process.
Now, let’s have a look at the Config.properties file-
As the encrypted credentials can be seen clearly in the Config. Properties file and the original database credentials are in the details.java but the Connection properties are fetching the details from properties file in the encrypted form and decrypting the same to communicate with the database servers.
So now the database encryption is an easy task for all of us in Java.
Please Login to comment...