How do I validate user’s password with PasswordEncryptor?

Every application that you’ll create may require an authentication process. This authentication process will at least contains a process of checking user’s login name and their password. To make the system reliable the password we usually stored the password in an encrypted form.

The BasicPasswordEncryptor which implements the PasswordEncryptor interface provide a BasicPasswordEncryptor.encryptPassword(String password) method for encrypting user’s password. To check if the user’s password is correct we use the BasicPasswordEncryptor.checkPassword(String plainText, String encryptedPassword) method.

package org.kodejava.example.jasypt;

import org.jasypt.util.password.BasicPasswordEncryptor;
import org.jasypt.util.password.PasswordEncryptor;

public class PasswordEncryptorDemo {
    public static void main(String[] args) {
        // Creates an instance of BasicPasswordEncryptor.
        PasswordEncryptor encryptor = new BasicPasswordEncryptor();

        // Encrypted version of user password.
        String encrypted = encryptor.encryptPassword("secret");
        System.out.println("encrypted = " + encrypted);

        // Compare user's plaintext password with the encrypted one to check
        // if they are match.
        if (encryptor.checkPassword("secret", encrypted)) {
            System.out.println("Welcome to Jasypt");
        } else {
            System.out.println("Invalid secret word, access denied!");
        }
    }
}

How do I create a message digest?

Creating a digest of a string message can be easily done using the general digester class Digester. First we need to get an instance of Digester, we call the class constructor and pass SHA-1 as the algorithm. After having a Digester instance we create the message digest by executing or calling the Digester.digest(byte[] binary) method of this class.

package org.kodejava.example.jasypt;

import org.jasypt.util.digest.Digester;

import java.util.Arrays;

public class DigesterDemo {
    public static void main(String[] args) {
        // Creates a new instance of Digester, using the SHA-1 algorithm.
        Digester digester = new Digester("SHA-1");

        byte[] message = "Hello World from Jasypt".getBytes();

        // Creates a digest from a array of byte message.
        byte[] digest = digester.digest(message);

        System.out.println("Digest = " + new String(digest));
        System.out.println("Digest = " + Arrays.toString(digest));
    }
}