Java: Simple AES Encryption Working Example

Post Visual Studio nowadays I am developing more dynamic web applications on Java. So again having a requirement to store passwords securely. After long research found the following piece of code which can be used to encrypt/decrypt secure data using random hash value (private key). This code uses Advanced Encryption Standards (AES) which is the symmetric algorithm.

The code uses basic java security jars and doesnt need any thirdparty base64 jar for encoding and decoding passwords.


AES Class 


import java.util.Arrays;
import java.util.Base64;
import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class AESEcryption {

private static byte[] key;
private static SecretKeySpec secretKeySpec;

 

public static void setKey(String inputKeyValue)
{
MessageDigest sha = null;
try {
key = inputKeyValue.getBytes(“UTF-8”);
sha = MessageDigest.getInstance(“SHA-1”);
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKeySpec = new SecretKeySpec(key, “AES”);
}
catch (Exception e) {
e.printStackTrace();
}

}

public static String encrypt(String strToEncrypt, String secretKeyValue)
{
try
{
setKey(secretKeyValue);
Cipher cipher = Cipher.getInstance(“AES/ECB/PKCS5Padding”);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
return Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes(“UTF-8”)));
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}

public static String decrypt(String strToDecrypt, String secretKeyValue)
{
try
{
setKey(secretKeyValue);
Cipher cipher = Cipher.getInstance(“AES/ECB/PKCS5Padding”);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
}
catch (Exception e) {
e.printStackTrace();
}
return null;
}
}


Main Class for testing code


public static void main(String[] args)
{
           // private key
    final String privateKeyVal = "abcdEFGHijklmnOPqrstuvwxyz";
    
    String originalText = "thisisMainText";
    String encryptedData =AESEcryption.encrypt(originalText,privateKeyVal) ;
    String decryptedData =AESEcryption.decrypt(encryptedData,privateKeyVal) ;
    
            // printing all variable data
    System.out.println(originalText);
    System.out.println(encryptedData);
    System.out.println(decryptedData);
}

 

In the above example, longer private Key value gives better-encrypted text. Also, don’t forget to keep private key value isolated. This can be achieved by storing the private key into the read-only file on server-side which is having access to the application user only.
Thanks.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s