Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Using Crypto in Servlet?

Status
Not open for further replies.
jamescpp

jamescpp

IS-IT--Management
Aug 29, 2001
70
US
I posted this same message to Sun's forum but have yet toget a response and I'm stuck right now. Sorry to post to the same message to two forums.

I have the following sample code that compiles fine:
Code: 
import java.io.*;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import sun.misc.*;

public class EncryptPasswordStaticKey
{

	public static void main(String args[]) throws Exception
	{

		if(args.length<1)
		{
			System.out.println(&quot;Usage : EncryptPassword text&quot;);
			return;
		}

		Security.addProvider(new com.sun.crypto.provider.SunJCE());

		SecretKeyFactory kf = SecretKeyFactory.getInstance (&quot;DES&quot;);
		Cipher cipher = Cipher.getInstance(&quot;DES&quot;);

		DESKeySpec ks = new DESKeySpec(new byte[] { 0x10, 0x23, 0x54, 0x67, 0x01, 0x23, 0x45, 0x67 });
		SecretKey k = kf.generateSecret(ks);
		cipher.init(Cipher.ENCRYPT_MODE, k);

		String amalgam=args[0];
		for(int i=2;i<args.length;i++)
		amalgam+=&quot; &quot;+args;

		byte[] stringBytes=amalgam.getBytes(&quot;UTF8&quot;);
		byte[] raw=cipher.doFinal(stringBytes);
		BASE64Encoder encoder = new BASE64Encoder();
		String base64 = encoder.encode(raw);
		System.out.println(base64);
	}
}
I would like to use very similar code in a servlet to encrypt some data but I get the following errors when I try to compile.
C:\Temp\Java>javac StoneURLLoginSetup.java
StoneURLLoginSetup.java:41: unreported exception java.security.NoSuchAlgorithmException; must be cau
ght or declared to be thrown
SecretKeyFactory kf = SecretKeyFactory.getInstance (&quot;DES&quot;);
^
StoneURLLoginSetup.java:42: unreported exception java.security.NoSuchAlgorithmException; must be cau
ght or declared to be thrown
Cipher cipher = Cipher.getInstance(&quot;DES&quot;);
^
StoneURLLoginSetup.java:44: unreported exception java.security.InvalidKeyException; must be caught o
r declared to be thrown
DESKeySpec ks = new DESKeySpec(new byte[] { 0x01, 0x23, 0x45, 0x67, 0x01, 0x23, 0x45
, 0x67 });
^
StoneURLLoginSetup.java:45: unreported exception java.security.spec.InvalidKeySpecException; must be
caught or declared to be thrown
SecretKey k = kf.generateSecret(ks);
^
StoneURLLoginSetup.java:46: unreported exception java.security.InvalidKeyException; must be caught o
r declared to be thrown
cipher.init(Cipher.ENCRYPT_MODE, k);
^
StoneURLLoginSetup.java:53: unreported exception javax.crypto.IllegalBlockSizeException; must be cau
ght or declared to be thrown
byte[] raw=cipher.doFinal(stringBytes);
^
6 errors

The Servlet code is:
Code: 
import java.util.*;
import java.io.*;
import java.text.*;
import java.net.*;

import javax.servlet.*;
import javax.servlet.http.*;

import java.io.*;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import sun.misc.*;


public class StoneURLLoginSetup extends HttpServlet {

 	public void service( HttpServletRequest request, HttpServletResponse response ) throws ServletException, IOException {

 		String username = request.getParameter(&quot;username&quot;);
 		String password = request.getParameter(&quot;password&quot;);
 		String args[] = null;
 		args[0] = username;
 		args[1] = password;

		//encrypt username and password
		Security.addProvider(new com.sun.crypto.provider.SunJCE());

		SecretKeyFactory kf = SecretKeyFactory.getInstance (&quot;DES&quot;);
		Cipher cipher = Cipher.getInstance(&quot;DES&quot;);

		DESKeySpec ks = new DESKeySpec(new byte[] { 0x01, 0x23, 0x45, 0x67, 0x01, 0x23, 0x45, 0x67 });
		SecretKey k = kf.generateSecret(ks);
		cipher.init(Cipher.ENCRYPT_MODE, k);

		String amalgam = username;
		for(int i=2;i<args.length;i++)
		amalgam+=&quot; &quot;+args;

		byte[] stringBytes=amalgam.getBytes(&quot;UTF8&quot;);
		byte[] raw=cipher.doFinal(stringBytes);
		BASE64Encoder encoder = new BASE64Encoder();
		String base64 = encoder.encode(raw);
		System.out.println(base64);
	}
}
Can anyone see what the problem is? Is there another way the exception should be declared?

I appreciate any and all help!
James
 
Sort by date Sort by votes
yeah...include the crypto exception in your throws clause.
 
Upvote 0 Downvote
The first one has the &quot;throws Exception&quot; clause on the method, which will catch and throw all those crypto exceptions. The servlet method throws only ServletException and IOException, so the cryto exceptions are not being handled. You should either add all those crypto exceptions to the throws list, or put the crypto lines in a try/catch block of their own and catch Exception.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

soni21
  • Locked
  • Question
Swagger Integration in Spring Boot: API Documentation Challenges
Replies
0
Views
474
soni21
soni21
soni21
  • Locked
  • Question
Best Practices for Exception Handling in Java
Replies
0
Views
409
soni21
soni21
jmarkus
  • Locked
  • Question
Exception in thread &quot;AWT-EventQueue-0&quot; triggered by normal user, but not administrator
Replies
0
Views
360
jmarkus
jmarkus
Disskyz
  • Locked
  • Question
Need help Parsing Json file in Java
Replies
1
Views
418
Diancecht
Diancecht
Xsi
  • Locked
  • Question
How to use arraylist from one class into another class + add data in Java 1
Replies
5
Views
649
Xsi
Xsi

Part and Inventory Search

Sponsor

Back
Top