ChatGPT – How are good coders benefiting?

 

With all the hoopla around ChatGPT, there is an interesting angle that many are discovering. Who are the beneficiaries of this, from a programmers point of view. While ChatGPT is a good tool and churns out code, knowledge is king.  Let us delve further into this.

One can only realize the full potential of ChatGPT, if you are first a good programmer and secondly have the intelligence to ask the correct question. So, it begs the question “What does it take to be a good programmer”? Therein lies the answer. You become a good programmer with an excellent base of the theory in programming and hours, months and years of practice in honing your skill. There is no short-cut to this method. Having written several hundred programs for a myriad of problems toughens you, challenges you mentally to provide elegant and working code. During this period, you would have researched, had multiple failures, whacked your head and spent sleepless nights trying to solve problems in a tight deadline.

Anticipating all the problems ahead, armed with knowledge, you plot your course when you write code. You are like a chess grandmaster, anticipating every pitfall which lies ahead and you avoid those traps that lead you to disaster later on. You reuse code that you have written before, import the correct available libraries – as you know where to look for them, apply your own special creativity in the programming language and voila, magic happens.

To see how ChatGPT would help me, I undertook a simple task. I wanted to write a file encryption and decryption program, my target language being Java and I had to write the encrypted file to a MySQL database. “Well, it does sound simple”. However, if you had to write the program from scratch, you need to understand what decryption means, what are the various methods and options available. How do you generate security keys for that, and all that stuff. It would take a few iterations is writing a workable code, that depends on how well you understand the principle of encryption/decryption.

I sat in front of my terminal and issued the command to ChatGPT.

“Write a program in Java to encrypt a file and write the output to a MySQL database”

And. soon as expected, the response started to spew out.

Before writing the program, please note that storing encrypted data in a MySQL database can be a security risk as the encryption key may also be stored in the same database. It’s important to follow best practices and ensure that the encryption key is stored separately from the database. With that being said, here’s an example Java program that encrypts a file and writes the output to a MySQL database:

Very nice, here it warned you about the security risk and mentions that you need to store the information for decryption separately.

And this was the code it generated:

import java.io.*; import java.security.*; import javax.crypto.*; import javax.crypto.spec.*; import java.sql.*;   public class EncryptFileToMySQL {   public static void main(String[] args) {     try {       // Read input file       File inputFile = new File(“input.txt”);       FileInputStream inputStream = new FileInputStream(inputFile);       byte[] inputBytes = new byte[(int) inputFile.length()];       inputStream.read(inputBytes);       inputStream.close();             // Generate AES key       KeyGenerator keyGen = KeyGenerator.getInstance(“AES”);       keyGen.init(128);       SecretKey secretKey = keyGen.generateKey();             // Initialize cipher       Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS5Padding”);       cipher.init(Cipher.ENCRYPT_MODE, secretKey);       AlgorithmParameters params = cipher.getParameters();       byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();             // Encrypt input data       byte[] encryptedBytes = cipher.doFinal(inputBytes);             // Convert key and IV to Base64 strings       String keyString = Base64.getEncoder().encodeToString(secretKey.getEncoded());       String ivString = Base64.getEncoder().encodeToString(iv);             // Write encrypted data and key/IV to MySQL database       Connection conn = DriverManager.getConnection(“jdbc:mysql://localhost:3306/mydatabase”, “myusername”, “mypassword”);       String sql = “INSERT INTO mytable (data, key, iv) VALUES (?, ?, ?)”;       PreparedStatement stmt = conn.prepareStatement(sql);       stmt.setBytes(1, encryptedBytes);       stmt.setString(2, keyString);       stmt.setString(3, ivString);       stmt.executeUpdate();       conn.close();             System.out.println(“Encryption successful”);     } catch (Exception ex) {       ex.printStackTrace();     }   } }

Voila, now we have code that is basic, and uses the standard JCA architecture. As expected ChatGPT informed me of the following after generating the code.

In this program, we use the Java Cryptography Architecture (JCA) to generate an AES key, initialize a cipher, and encrypt the input file using CBC mode with PKCS5 padding. We then convert the key and initialization vector (IV) to Base64-encoded strings and write the encrypted data and key/IV to a MySQL database using JDBC. Note that you will need to replace “mydatabase”, “myusername”, and “mypassword” with your own values.

This is just an example program and it is recommended to add error handling, logging, and other security measures as needed for your specific use case.

Very Nice. So we were able to generate a basic program which if one had to write from scratch, would take a few days at the least unless you are an expert and do this for a living day-in-and-out. For a mid-level programmer writing this code requires effort and for a beginner, I cannot comprehend how much time it would take.

I can visualize where ChatGPT is heading to. “With a team of a good business/subject matter expert and a good programmer, it will be possible to develop code and working programs quickly with a few working sessions.” For more complicated business logic, it will be left to the business analyst to define the right kind of questions to generate the code with the expert/good programmer looking at what code has been generated. This would be the optimal way to roll out complete working programs with the least amount of effort. When this will happen is anyone’s guess – but the writing is clearly on the wall, it is much sooner than you expected. Once it catches on, and the basic ChatGPT engine becomes more refined and robust, the code will also match your expectations. For example, I would imagine that in some future, ChatGPT will ask you “What kind of Cryptography architecture would you like to use – choose from the following: DES, AES, RSA, Elliptic Curve or HMAC key-pair generation” and you select one.

However, your knowledge has to match. You have to know DES, AES, RSA and the other kinds of architecture, their comparative strengths and weakness and choose one based on your particular application. Well, good luck with which ever way you want to go, but I think the future is quite clear – Embracing AI is the best way forward, work with it, rather than resisting it. You will have to keep up with technology, you have to have a good understanding of programming and as for creativity, there is no substitute.

Authored by Vijay Chander – All rights Reserved 2023