|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object play.libs.Crypto
public class Crypto
Cryptographic utilities.
These utilities are intended as a convenience, however it is important to read each methods documentation and
understand the concepts behind encryption to use this class properly. Safe encryption is hard, and there is no
substitute for an adequate understanding of cryptography. These methods will not be suitable for all encryption
needs.
For more information about cryptography, we recommend reading the OWASP Cryptographic Storage Cheatsheet:
https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet
Constructor Summary | |
---|---|
Crypto()
|
Method Summary | |
---|---|
static boolean |
compareSignedTokens(java.lang.String tokenA,
java.lang.String tokenB)
Compare two signed tokens |
static boolean |
constantTimeEquals(java.lang.String a,
java.lang.String b)
Constant time equals method. |
static java.lang.String |
decryptAES(java.lang.String value)
Decrypt a String with the AES encryption standard using the application's secret key. |
static java.lang.String |
decryptAES(java.lang.String value,
java.lang.String privateKey)
Decrypt a String with the AES encryption standard. |
static java.lang.String |
encryptAES(java.lang.String value)
Encrypt a String with the AES encryption standard using the application's secret key. |
static java.lang.String |
encryptAES(java.lang.String value,
java.lang.String privateKey)
Encrypt a String with the AES encryption standard and the supplied private key. |
static java.lang.String |
extractSignedToken(java.lang.String token)
Extract a signed token that was signed by signToken(String) . |
static java.lang.String |
generateSignedToken()
Generate a signed token |
static java.lang.String |
generateToken()
Generate a cryptographically secure token |
static java.lang.String |
sign(java.lang.String message)
Signs the given String with HMAC-SHA1 using the application's secret key. |
static java.lang.String |
sign(java.lang.String message,
byte[] key)
Signs the given String with HMAC-SHA1 using the given key. |
static java.lang.String |
signToken(java.lang.String token)
Sign a token. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public Crypto()
Method Detail |
---|
public static java.lang.String sign(java.lang.String message, byte[] key)
application.crypto.provider
in application.conf
.
message
- The message to sign.key
- The private key to sign with.
public static java.lang.String sign(java.lang.String message)
application.crypto.provider
in application.conf
.
message
- The message to sign.
public static java.lang.String signToken(java.lang.String token)
token
- The token to sign
public static java.lang.String extractSignedToken(java.lang.String token)
signToken(String)
.
token
- The signed token to extract.
public static java.lang.String generateToken()
public static java.lang.String generateSignedToken()
public static boolean compareSignedTokens(java.lang.String tokenA, java.lang.String tokenB)
public static boolean constantTimeEquals(java.lang.String a, java.lang.String b)
public static java.lang.String encryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/ECB/PKCS5Padding
. This algorithm is suitable for small amounts of data,
typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.
value
- The String to encrypt.
public static java.lang.String encryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/ECB/PKCS5Padding
. This algorithm is suitable for small amounts of data,
typically less than 32bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.
value
- The String to encrypt.privateKey
- The key used to encrypt.
public static java.lang.String decryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES/ECB/PKCS5Padding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.
value
- An hexadecimal encrypted string.
public static java.lang.String decryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES/ECB/PKCS5Padding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.
value
- An hexadecimal encrypted string.privateKey
- The key used to encrypt.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |