0

I have created java encryption/decryption methods using good encryption algorithms and we are using both functionalities in our application .These methods are working based on encryption key(string).

As a developer I can see the encryption key in my java file and using that key I can do decryption.My client need to hide that encryption key from developers and key should be with tool owner.

I am using java 1.7 version,DB2 database and WebSphere application server .

How is this possible ?

Thanks, Nikhil

NIKHIL K A
  • 328
  • 5
  • 16

1 Answers1

0

You should provide the secret in runtime. This can be done either by using system properties, environment properties or just plain-old properties files. You can use libraries/framework like: Spring/Spring Boot, Typesafe Config etc. But... there is no problem in writing it by yourself, it's just a call to System.getProperty(), Properties.load() etc.

Arek
  • 3,106
  • 3
  • 23
  • 32
  • Thank you very much for your comment,Can you please make your answer little more clear or can you please provide any valuable documentation link for my reference – NIKHIL K A Sep 27 '17 at 10:29