I'm developing a desktop JavaFX application and plan on putting the database and server connection details into configuration files in a hidden folder on the windows machine.
The connection details will contain passwords. I know these should not be in plain text so how should I encrypt them so that only the application can read them?
I will try use a native installer to protect the source code.
Any advice on securing a java desktop app would be great, I really don't know much about security
The base of securely encrypting is that one secret is not stored on disk but only know by a user. If you cannot use that, you can only try obfuscation, that is all the information is there but much harder to read.
Here you could encrypt the data with a password known by the application, store pieces of the password in different variables, and then at run time:
assemble the password
read and decode the configuration
erase the variable containing the password if that last operation is possible (unsure using plain Java)
But this will not protect the data from a user that is ready to analyse the Java bytecode, it will just require a very heavy work - that's why it is not security but just objuscation.
Normal encryption would need a key (file) somewhere, and that is not too difficult.
However if you want to do it totally dynamically, without trace such a jar (zip format) which inside has some key file. Then use
Random random = new Random(42_424_242);
The Random constructor with a number selects a fixed random sequence, hence now you have got a sequence of numbers to encrypt/decrypte a byte sequence, say user xor-ing,
bytes[i] = (byte) (bytes[i] ^ random.nextInt(256));
Not unbeatable, but needs hacking.
Related
I recently created a password manager using Java for my college project in OOP. To handle database I picked SQLite since using MySQL or SQL server was getting hectic for a small project. Though I am already done with the submission, I was thinking if I could do any further improvement in the project.
Biggest drawback that I have observed yet is that if anyone manages to find the location of database in the system (which is way too easy) it would be very simple to open the database.
Now here two problem arises -
User's password list will be visible
Anyone would be able to modify the data using SQLite manager.
In order to solve the first problem, I already used AES encryption and it is working just fine. However, the second problem still remains.
So in a nut shell, How can I prevent my SQLite DB to get modified except from the Password Manager itself?
Point to note that my application is just an offline Password Manager used on a household PC. So, you can consider the level of threat accordingly. Moreover, the Password Manager itself would have to modify the database content, so assigning the permission should be such that it should not prevent the application to do so.
Note: I was wondering if we can use the limitation of SQLite that only one connection to write the data can be established at a time. Using this the intruder won't be able to modify it. But, I am not sure how it can be implemented.
Restrict user access
Only the operating system can secure files against access by unauthorized persons. Put the database into a folder, which is only accessible by the current user, and have a separate database for each user.
Encryption
You're already encrypting the passwords, that's good. If you want to encrypt the whole database, you could have a look at the SQLite Encryption Extension.
The SQLite Encryption Extension (SEE) is an add-on to the public domain version of SQLite that allows an application to read and write encrypted database files.
Also have a look at the question SQLite with encryption/password protection.
Attack
What would actually happen if someone has access to the database file?
If the database is secured properly, the attacker is not able to get the plain passwords (at least not in reasonable time). In the worst case a password is replaced by another one, but that would achieve nothing, besides you using the wrong password and maybe resetting it. Therefore the worst case would be that you'll lose your saved passwords.
You can do nothing to prevent a data loss on a single machine. For example hard disks sometimes just stop working, someone could steal the whole PC, format the hard disk, etc.
Backups
If you really want to make sure that the data is not modified, you need to keep backups on different machines to minimize the possiblity that someone has access to all of them. For example you could upload the database file to a cloud service. Then you sign the file, so that you can see if a file was compromise and if so fallback to another version.
Conclusion
Your password manager is good enough for an offline tool. If you want to improve the data integrity you have to transfer the data to other machines.
I'm currently building an Eclipse plugin which creates and stores sensitive data, let's say "highscores".
As users can simply unpack the jar file, they are able to see the source code of the project. Thus they are able to cheat and create a faked highscore file by either changing the data in the file itself or writing to the highscore file (as they know how the data is encrypted from the source code).
Can I encrypt my jar file so that users cannot read the source code, but the plugin is still working properly?
As greg-449 already commented, that when the code is with user, it can be hacked in one way or the another. If Encryption of secure data is not going to help, you can move the secure data on your server.
Impact would be, it is available only when the user is online.
Another solution, a bit complex one:
Don't store High Score at all. Store/ log the user's activities to calculate high score. make the logs encrypted to add more security. Use salt, timestamp and secure key while encryption and a checksum to prevent manual changes to the file.
I wrote a Java program which needs to read a local source data file (the data is to large to be hard-coded into the program). Is it possible that I create a JAR package for the program without containing the local source data file (in order to keep the file private)? Or I have to encrypt the local file?
There is no real way to keep the file or data private. Not even encryption. If your program can read the data, then any one who has the same permissions as your program on that machine can read that data. At best you can make it a little inconvenient for someone to read the data - but you cannot prevent it.
If you encrypt the file - where will you keep the encryption key. If you program can read the encryption key, then a person also can. If you hardcode the encryption key in the program, then again the key can be got from the program binary.
I am working on a Swing application in which i have to give the HTML files to client but I dont want the client to get access to them.
Is there any way that I can put my files either in password protected folder or I could encrypt the file and my program should access them back in the Swing application.
You could encrypt them with a shared hidden key.
One for your application, hardcoded in the software, one for yourself, to encrypt the html files with.
That's about all you can do about it. Once decrypted it is fairly easy to get the contents from it because they can always write their own class which implements your class that simply shows the content(it's about 15 lines of code really, java decompilers work pretty good these days)
Hehe, well that's of course technically possible, but at some point the cleartext will be available to your client - if not by other means, then at least by network sniffing...
Use your resources to write good code and don't bother encrypting your HTML.
Cheers,
This question already has answers here:
How do I "decompile" Java class files? [closed]
(19 answers)
Closed 8 years ago.
When i create a runnable jar file from a java source code file from eclipse, i believe it creates a class file which then can be run by the JVM.
The reason i am asking this is because i am going to be making an java application that keeps all my passwords. The app is going consist of an interface that asks for a password and then if the password is correct show the passwords. Here are my questions on this subject:
What exactly does a runnable *jar file* consist of?
If the runnable jar file consists of a class file, can that class file be interpreted in anyway to be able to see the source code which would revile the passwords?
when you run the runnable jar file from cmd and type "java -jar xxx". and "xxx" meaning the file name, does "-jar" mean you are going to run a jar file and "java" means run this following file in the JVM?
Is this like .exe files, which can't be un done to readable source code when turned into the .exe file.
For the unasked question: If your password is in the source code it will be in the class file in a pretty easy to find way.
A runnable jar file is a jar file (i.e. zip file with jar suffix) containing class files and special file containing information about which class to start.
You can decompile byte code: http://www.program-transformation.org/Transform/JavaDecompilers to get source code. But you can actually see the password in the byte code without decompiling it
yes. in java -jar xxx java means run the jvm using a jar file with name xxx
If you know the language and tools created you should be able to decompile exe file just as class files. And even if not passwords in the source code will be easy to find in the .exe file. So yes jar files are kind of like exe files, but they are different then what you describe.
If you want to make an application to maintain your passwords, make it so that it encrypts the stored passwords using a master password that you provide on startup as a user of the application. Never ever store passwords in source code.
Java class files can be disassembled back to readable Java code. Even easier, though, is that you can extract all passwords from the compiled class file because they are stored as plain text (try for example the strings command on a GNU machine).
So, no, the passwords are not inherently safe inside a class file (and therefore not in a jar archive, because jars can easily be unpacked).
What you need to do is implement some sort of encryption and let your program save the passwords in an encrypted file. Your program will then need you to input the decryption key to even be able to unpack the passwords. The key should not be included in the Java program, it should be provided by you each time you run the program.
Basically, however hard you try, it can be easily decompiled and read by anyone.
If you can, don't store the password, compare it online on your server (using asynchronous encryption) or store it using a master password given to the application every time.
If you can't, don't store the password as-is. The best thing I can think of is storing (and checking against) the hashcode of the password. User enters the password, it is then SHA-256'd and the resulting hashcode is compared to your stored hashcode of the password. Add salt to protect against rainbow tables.
The idea of this is that the hash function is only one-way, a password can't be recovered from its hash. Therefore, nobody should be able to get your password in a reasonable time if it's strong enough.
A very good read on this are the wiki links - but most notably this article on jasypt.org.
That said - if you tried to encrypt the file containing the hash to add another layer of security, the decrypted password could still be found using a decompiler and a debugger, so don't really count on it being supereffective against someone who would really want to get through. Therefore, it's more a security through obscurity than a real encryption.