0

I have a pojo which is mapped to a json response. Below is the pojo class:

 @Data
 public class User{
   private String firstName;
   private String middleName;
   private String lastName;
   private String ssn;
   private Address address
 }

My requirement is to encrypt individual field like ssn in log and decrypt while calling another rest api. How can i do that?

Pracheer Pancholi
  • 570
  • 2
  • 7
  • 21
  • 1
    do you want to decrypt it later? If so, it's not SHA256 you should be looking at. – diginoise Feb 12 '20 at 10:12
  • 1
    SHA256 is a hashing algorithm, not an encryption algorithm. – user207421 Feb 12 '20 at 10:13
  • Can you please provide more context as to what you're trying to do? It's clear that you want to "mask" the SSN. It's unclear whether you want to do so to prevent it to be logged or to prevent from sending it in clear-text when communicating data over the network to another service. Can you provide extracts of the code driving the controller that uses your `User` class and of the service that relays the data to this other rest api? – Filippo Possenti Feb 13 '20 at 14:05

1 Answers1

-1

SHA256 is a Hashing Algorithm, not an Encryption Algorithm.

You cannot decrypt SHA256 hashes, only hash some data and compare it to the existing saved SHA256 hash.

So to compare a SHA256 hash to some user input, you would SHA256 hash the new user input and compare it to the hashed data in the datastore (database, in memory, on disk etc...)

If you are actually trying to encrypt data you should use an Encryption Algorithm like RSA, AES, ECC or another existing algorithm.

SeqSEE
  • 94
  • 8
  • Ya i want to hash the input but the individual field not the entire response. – Pracheer Pancholi Feb 12 '20 at 16:44
  • Then you need to hash the field from the response.getBody() object. If response.getBody() is a string you will need to do [JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse) to get you JSON object to reference. – SeqSEE Feb 12 '20 at 17:37
  • This answer is kinda stating the obvious. I believe the user wants an actual solution rather than information on which algorithm to use. The question is valid, albeit it needs significantly more context to better understand it. The answer... doesn't really provide a workable solution, I'm afraid. – Filippo Possenti Feb 13 '20 at 14:03