encryptionjasypt

JASYPT: How to Decrypt the Digested String using StandardByteDigester


I am pretty new to this JASYPT library and I am working on a Project that uses JASYPT StandardByteDigester for Encrypting passwords. Now I want to get the decrypted string, and can't find any function that does the same.

String password = "Password";
byte[] password_bytes = password.getBytes("UTF-8");
byte[] digest = this.byteDigester.digest(messageBytes);

What is the reverse of this ? I mean how to enter the encrypted bytes, and get the decrypted String ?


Solution

  • StandardByteDigester() creates the hash of the password, this process is not reversible. If you want to test the equality with a second password, this second password is also to be hashed and the hashes are to be compared.

    StandardByteDigester uses by default MD5 (which is insecure), a random 8 bytes salt and 1000 iterations (nowadays generally too small). But this can be changed.
    Note that to compare two passwords, the parameters used, i.e. digest, salt, and iterations, must be the same.