Hello,
I've been trying to write my first app, and I'd like for it to store users passwords. Eventually.I have been am using apache.derby for a database and been able to add users to the table in the said database.
Records consist of: login(string), hash(string), salt(string). Or varchars rather.
I've been using JPassworField for getting password char[] arrays. Then have been converting them to byte[]->to Strings, and inserting them into the table. Like this:
The query: "select * from users;" displays everything as it should so it's all good. Originally I was trying to retrive each hash as byte[] array as follows:
but some exception would be thrown saying getting byte[] from varchar field cannot be done. So i tried changing the field data type to a varchar for bit data, or a blob, as I found in some Oracle's pdf doc these were the data fields types I could retrieve bytes[] array. No luck, whatever. So I moved on to using Strings.
Now, here's what just won't work and I honestly am not able to comprehend. Hashes are generated and stored in a digested forms using:
How I convert Strings to byte[] arrays (which also seams to be working):
Then I compare digests with:
digesta and digestb are instance varaiables btw.
And like I said before, select * query shows all the records as it should, and hashes are composed of some weird characters. But encoding/decoding? seams to be working, and I have checked that by displaying system,outs before and after every step involving storing/retrieving/converting the particular hash in question.
compareHashes method never ever evaluates to true(*). I am sure that there is something not quite right with converting Strings to chars[] and bytes[], I cannot figure out what though.
And yes, I am aware that assigning passwords to Strings is not the brightest idea, as such strings could be dumped and what not. However, since I haven't been able to use chars[] and bytes[], it appeared as a good and easy enough, temporary and optional solution. I was wrong yet again. No surprises there
Hence my question: how do i compare stored digests with generated digests on the go for them to be equal? I know am quite close to solving it, as when i put the above two methods in a separate class along with main method, surprisingly it works(*):
There are neither exceptions or errors and code compiles so am not sure what else to post.
Also, my English is far from awesome, so I hope you guys can understand what I am trying to say here.
Help?