Geek Answers Handbook

Create a password protected file in java

I would like to create a password protected file in JAVA. I mean that after starting the program, one file created by my program will be directly protected by the previously set password.

Is there an easy way to do this?

Once again, my goal is not to create a file, and then add its password, but right at the time of creating the file password protection. In fact, I want the current runner program not to have access to read / edit the created EXCEPT file if he / she has a previously set password.

Anyway, if some of you know a simple way to protect files when writing them thanks to java, I would be very grateful.

Have a nice day!

+4
source share
3 answers

You want to encrypt your file (contents) with a password. This is a pretty well-known library: http://www.jasypt.org/

From your site:

..encrypting and decrypting a text... BasicTextEncryptor textEncryptor = new BasicTextEncryptor(); textEncryptor.setPassword(myEncryptionPassword); String myEncryptedText = textEncryptor.encrypt(myText); ... String plainText = textEncryptor.decrypt(myEncryptedText);

You can read / write encrypted content to your file.

+3
source

If you want to encrypt files, lines, etc., there are two main approaches. You should start by creating a class or method to convert ur string / file to an array of bytes. Build another way to convert an array of bytes into a string / file.

You can encrypt a file using two approaches: 1 - Symmetric key. The secret word (usually a huge string of characters or a password set by the user) will encrypt your file and password, and the same password will be used for decryption. 2 - Asymmetric key - you create a key pair. One of them is called the public key, and the other is called the private key. Public keys are used to encrypt files, private keys to decrypt. This will be a more β€œprofessional” approach.

If you need a truly secure approach, you should download GnuPG. GnuPG is an executable file that controls asymmetric encryption, you can create a class to work with GnuPG and let GnuPG control the ur encryption / decryption process.

Theres an unsafe approach that is "native" to java (symmetric key), which might work for you:

Encryption:

 byte[] key = //... password converted to an array of bytes byte[] dataToSend = ... Cipher c = Cipher.getInstance("AES"); SecretKeySpec k = new SecretKeySpec(key, "AES"); c.init(Cipher.ENCRYPT_MODE, k); byte[] encryptedData = c.doFinal(dataToSend);

decryption:

 byte[] key = // byte[] encryptedData = // Cipher c = Cipher.getInstance("AES"); SecretKeySpec k = new SecretKeySpec(key, "AES"); c.init(Cipher.DECRYPT_MODE, k); byte[] data = c.doFinal(encryptedData);

Hope this helps.

+1
source

If the file is a simple text file, then not giving the user access to the file without a password in your program does not password protect the data, since the user can simply open the file using any other program. Therefore, if the file is a text file, I think you should use encryption.

You can use the comment from @mazaneicha to help you get started. If you want to dive into it more, you can look at Java Cryptography architectre and javax.crypto java docs .

If your file is not human readable, and only your program understands it, I would make the first line or the first n bytes of the file a password. If you prefer, you can save another password file in the same directory and use it to authenticate the user before deciding whether the user has the right to view the file. A common way to encrypt a password is the MD5 hash function. The user enters the password, you calculate its hash, then compare the calculated hash with the hash value read from the file:

 import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; /** * Use to encrypt passwords using MD5 algorithm * @param password should be a plain text password. * @return a hex String that results from encrypting the given password. */ static String encryptPassword(String password) { try { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(password.getBytes()); byte byteData[] = md.digest(); StringBuilder hexString = new StringBuilder(); for (int i=0;i<byteData.length;i++) { String hex=Integer.toHexString(0xff & byteData[i]); if(hex.length()==1) hexString.append('0'); hexString.append(hex); } return hexString.toString(); } catch(java.security.NoSuchAlgorithmException missing) { return password; } }
+1
source

More articles:


All Articles