Close Menu

    Encrypting and Decrypting Passwords Using Java in Selenium

    Security is a crucial aspect of any application, especially when dealing with sensitive information such as passwords. Storing passwords in plain text can expose them to potential security risks. In this blog, we’ll discuss how to securely encrypt and decrypt passwords in Java and how to integrate this functionality into your Selenium automation scripts.

    Why Encrypt Passwords?

    Encrypting passwords ensures that they are stored in an unreadable format, reducing the risk of unauthorized access. Even if someone gains access to the stored data, encrypted passwords remain secure unless the encryption key is compromised.

    Prerequisites

    Before we begin, ensure you have the following:

    Java Development Kit (JDK) installed.
    Selenium WebDriver library added to your project.
    Basic understanding of Java and Selenium.

     

    Setting Up Encryption and Decryption

    We’ll use the javax.crypto package in Java, which provides the necessary classes for encryption and decryption. We’ll create two classes: EncryptionHelper for handling encryption and decryption, and SeleniumTest to demonstrate the integration with Selenium.

     

    Step 1: Create the EncryptionHelper Class

    This class contains methods to generate a secret key, encrypt a password, and decrypt a password.

    Import Necessary Packages

    import javax.crypto.Cipher;

    import javax.crypto.KeyGenerator;

    import javax.crypto.SecretKey;

    import java.util.Base64;

     

    Define the EncryptionHelper Class

    public class EncryptionHelper {

        private static final String ALGORITHM = “AES”; // Algorithm for encryption

        // Generate a secret key

        public static SecretKey generateKey() throws Exception {

            KeyGenerator keyGen = KeyGenerator.getInstance(ALGORITHM);

            keyGen.init(128); // Key size can be 128, 192, or 256 bits

            return keyGen.generateKey();

        }

        // Encrypt the password

        public static String encrypt(String password, SecretKey key) throws Exception {

            Cipher cipher = Cipher.getInstance(ALGORITHM);

            cipher.init(Cipher.ENCRYPT_MODE, key);

            byte[] encryptedPassword = cipher.doFinal(password.getBytes());

            return Base64.getEncoder().encodeToString(encryptedPassword);

        }

        // Decrypt the password

        public static String decrypt(String encryptedPassword, SecretKey key) throws Exception {

            Cipher cipher = Cipher.getInstance(ALGORITHM);

            cipher.init(Cipher.DECRYPT_MODE, key);

            byte[] decodedPassword = Base64.getDecoder().decode(encryptedPassword);

            byte[] originalPassword = cipher.doFinal(decodedPassword);

            return new String(originalPassword);

        }

    }

     

    Explanation

    generateKey(): Generates a secret key using the AES algorithm.
    encrypt(): Encrypts the given password using the secret key.
    decrypt(): Decrypts the given encrypted password using the secret key.

     

    Step 2: Create the SeleniumTest Class

    This class demonstrates how to use the EncryptionHelper class to encrypt and decrypt passwords within a Selenium script.

     

    Import Necessary Packages

    import javax.crypto.SecretKey;

     

    Define the SeleniumTest Class

    public class SeleniumTest {

        public static void main(String[] args) {

            try {

                // Generate a secret key

                SecretKey secretKey = EncryptionHelper.generateKey();

                // Original password
                String originalPassword = “password@123”;

                // Encrypt the password
                String encryptedPassword = EncryptionHelper.encrypt(originalPassword, secretKey);

                System.out.println(“Encrypted Password: ” + encryptedPassword);

                // Decrypt the password
                String decryptedPassword = EncryptionHelper.decrypt(encryptedPassword, secretKey);

                System.out.println(“Decrypted Password: ” + decryptedPassword);

            } catch (Exception e) {

                e.printStackTrace();

            }

        }

    }

     

    Explanation

    generateKey(): Generates a secret key for encryption and decryption.
    encrypt(): Encrypts the original password.
    decrypt(): Decrypts the encrypted password back to its original form.

     

    Output:

    Integrating Encryption with Selenium

    To demonstrate the integration of password encryption with a Selenium test, we will extend the SeleniumTest class to include a simple login automation script.

    Import Selenium Packages

    import org.openqa.selenium.By;

    import org.openqa.selenium.WebDriver;

    import org.openqa.selenium.WebElement;

    import org.openqa.selenium.chrome.ChromeDriver;

     

    Update the SeleniumTest Class

    public class SeleniumTest {

        public static void main(String[] args) {

            try {

                // Generate a secret key

                SecretKey secretKey = EncryptionHelper.generateKey();

                // Original password
                String originalPassword = “password@123”;

                // Encrypt the password
                String encryptedPassword = EncryptionHelper.encrypt(originalPassword, secretKey);

                System.out.println(“Encrypted Password: ” + encryptedPassword);

                // Decrypt the password
                String decryptedPassword = EncryptionHelper.decrypt(encryptedPassword, secretKey);

                System.out.println(“Decrypted Password: ” + decryptedPassword);

                // Set up WebDriver
                System.setProperty(“webdriver.chrome.driver”, “path/to/chromedriver”);

                WebDriver driver = new ChromeDriver();

                // Navigate to the login page
                driver.get(“https://example.com/login”);

                // Find username and password fields
                WebElement usernameField = driver.findElement(By.id(“username”));

                WebElement passwordField = driver.findElement(By.id(“password”));

                // Enter username and decrypted password
                usernameField.sendKeys(“myUsername”);

                passwordField.sendKeys(decryptedPassword);

                // Submit the login form
                WebElement loginButton = driver.findElement(By.id(“loginButton”));

                loginButton.click();

                // Close the browser
                driver.quit();

            } catch (Exception e) {
                e.printStackTrace();
            }

        }

    }

     

    Advantages of Encrypting Passwords

    Security: Encrypting passwords ensures that they are not stored in plain text, reducing the risk of unauthorized access.
    Data Protection: Even if the encrypted passwords are exposed, they remain secure without the decryption key.
    Compliance: Helps in complying with security standards and regulations that mandate encryption of sensitive data.

    Conclusion

    Encrypting and decrypting passwords in Java is a straightforward process that significantly enhances the security of your application. By integrating this functionality into your Selenium scripts, you can ensure that sensitive data, such as passwords, is handled securely. Follow the steps outlined in this blog to implement password encryption and decryption in your projects, and enjoy the peace of mind that comes with enhanced security.

    Source: Read More 

    Related Posts

    Leave A Reply