Win a copy of Node.js Design Patterns: Design and implement production-grade Node.js applications using proven patterns and techniques this week in the Server-Side JavaScript and NodeJS forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Encryption tool that always encrypts a string in the same way

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I don't know much about encryption and I am trying - and failing - to do something very basic...
I need to encrypt a string ( it would be the user's email ) and I would like the encryption to always generate the same resulting string.

For passwords I am using Jasypt, it works fine.

I am also storing the user's email, and I am using that field for searches ( email / password combination is correct, scroll through the emails when user registers to see if the same email has already been used )

If the encryption always return a different string for the same email, I can't select just the record I want, by user email, and use Jasypt to verify the password.
The user base is still small and I could just have the result set of all the emails / passwords and check them one by one until I reach the right record, then verifying the password.
I am not sure if the same approach would work if the user base grows.

I have been searching a lot, but I haven't found any method to have String "email@email.com" consistently transformed into "abcdef".
Can anybody possibly direct me towards a tutorial which does that? I have seen quite a few, but none of them does what I would need. Or at least, maybe they do but only setting some properties I am not aware of.

Thank you very much in advance.
 
Saloon Keeper
Posts: 7101
165
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Using the same encryption algorithm with the same password transforms the same cleartext into the same crypttext every time. Are you maybe using a different password each time? Or adding a different salt to the cleartext before encryption? I'm not familiar with jasypt, so don't how it works under the hood.
 
Marshal
Posts: 74059
332
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That’s too difficult a question for “beginning”, so I shall move it.
 
Dan Arbo
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Tim, I added the keywords you mentioned in your reply ( many thanks btw ) and found the solution.

I was using Jasypt's basic text encryption. Anyone bumping into this thread, here are the different results:



which prints out ( including some non printable characters ):



So digester is the way to go.
 
Tim Moores
Saloon Keeper
Posts: 7101
165
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

So digester is the way to go.


You're aware that a digest is not a cipher, and that you will consequently not be able to reverse (i.e., decrypt) the text?

If you're serious about using jasypt, I'd look into why encrypting the same text produces different results. That's not how encryption works, which suggests that there's more to using jasypt than what your code currently does.
 
Dan Arbo
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

You're aware that a digest is not a cipher, and that you will consequently not be able to reverse (i.e., decrypt) the text?

I am now, thanks Tim!

I have spent a lot of time searching why Jasypt does that, and if there any way to make it behave the way I wanted.

I do not have any reasons to use Jasypt except that it seemed easy to use and encryption is not "central" for my application, just useful.

I guess that the best option now is to look for a different tool. If anybody is aware of one that does what I need out of the box, feel free to suggest.
In the meantime I will look for something and post the solution when I found it
 
Tim Moores
Saloon Keeper
Posts: 7101
165
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One thing to try would be to see if these two codes produce the same results:



 
Dan Arbo
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

One thing to try would be to see if these two codes produce the same results:

Not even remotely...



gives



The same behaviour is repeated across all the tutorials I have come across, and they've been quite a few.

I believe that at this point scrambling the string containing the email is the best option for me, otherwise the gain would be greatly outweighed by the pain... Got enough of that in my life having had to use hibernate, spring and gwt in the past
 
Tim Moores
Saloon Keeper
Posts: 7101
165
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK, then it's really time to read the jasypt documentation before you encrypt something that you can't later decrypt :-)
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Apply a ZeroSaltGenerator to produce consistent results

 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic