Of course I am catching the exception but still I have to provide an output and instead of writing "wrong key" what I am trying to do is display a wrong but believable "password" , which will always be the same for the same value of the key.
Paul Clapham wrote:
Petros Papatheodoru wrote:No leap of logic here, if you provide a key and the program suddenly crashes because of the exception then obviously the key you provided is not the correct key.
It's possible to catch exceptions in Java, you know. And in this case clearly you should, although the reason you gave there isn't the reason to catch the exception. The reason to catch the exception is that programs which suddenly crash when given reasonable inputs are just bad.
I completely understand but what I am building is a password manager for myself so I need a way to retrieve the passwords. I know that there is not point really for all this hustle since I will be the only one that uses it, I just like the process and I want to build something robust. And yes, it seems that you understand what I am asking.
Paul Clapham wrote:Most security systems store hashed passwords and not encrypted passwords, they never return a decrypted password to anybody. So I don't understand your system where the user is allowed to retrieve a password.
Well I would have to store the dictionary in the source files so I guess it would be easy for someone to just search it.
Stephan van Hulst wrote:If decryption fails, you could convert the key to an index (in the same way a hash table works) and use it to get a word or phrase from a large predetermined dictionary.
This is going to hurt your legitimate users badly though, because they won't be able to tell when they've forgotten their password.
Stephan van Hulst wrote:Let me first ask you: why?
Encryption should return a different ciphertext every time. If you circumvent this you will make your ciphertexts easier to decrypt and you may even compromise your secret key.
Stephan van Hulst wrote:Java will automatically search for all classes that are required by your application, but you have to tell the compiler where your source folder is.
The easiest way to build and run your application from the command line is something like this:
The -sourcepath switch tells the compiler where the source folders are, the -d switch tells the compiler where it needs to output class files, and the -cp switch tells the JVM where it must look for compiled classes. Use the project root as the working directory.