public class Crypto
extends java.lang.Object
Constructor and Description |
---|
Crypto() |
Modifier and Type | Method and Description |
---|---|
static boolean |
compareSignedTokens(java.lang.String tokenA,
java.lang.String tokenB)
Compare two signed tokens
|
static boolean |
constantTimeEquals(java.lang.String a,
java.lang.String b)
Constant time equals method.
|
static java.lang.String |
decryptAES(java.lang.String value)
Decrypt a String with the AES encryption standard using the application's secret key.
|
static java.lang.String |
decryptAES(java.lang.String value,
java.lang.String privateKey)
Decrypt a String with the AES encryption standard.
|
static java.lang.String |
encryptAES(java.lang.String value)
Encrypt a String with the AES encryption standard using the application's secret key.
|
static java.lang.String |
encryptAES(java.lang.String value,
java.lang.String privateKey)
Encrypt a String with the AES encryption standard and the supplied private key.
|
static java.lang.String |
extractSignedToken(java.lang.String token)
Extract a signed token that was signed by
signToken(String) . |
static java.lang.String |
generateSignedToken()
Generate a signed token
|
static java.lang.String |
generateToken()
Generate a cryptographically secure token
|
static java.lang.String |
sign(java.lang.String message)
Signs the given String with HMAC-SHA1 using the application's secret key.
|
static java.lang.String |
sign(java.lang.String message,
byte[] key)
Signs the given String with HMAC-SHA1 using the given key.
|
static java.lang.String |
signToken(java.lang.String token)
Sign a token.
|
public static java.lang.String sign(java.lang.String message, byte[] key)
application.crypto.provider
in application.conf
.message
- The message to sign.key
- The private key to sign with.public static java.lang.String sign(java.lang.String message)
application.crypto.provider
in application.conf
.message
- The message to sign.public static java.lang.String signToken(java.lang.String token)
token
- The token to signpublic static java.lang.String extractSignedToken(java.lang.String token)
signToken(String)
.token
- The signed token to extract.public static java.lang.String generateToken()
public static java.lang.String generateSignedToken()
public static boolean compareSignedTokens(java.lang.String tokenA, java.lang.String tokenB)
public static boolean constantTimeEquals(java.lang.String a, java.lang.String b)
public static java.lang.String encryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/ECB/PKCS5Padding
. This algorithm is suitable for small amounts of data,
typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.value
- The String to encrypt.public static java.lang.String encryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/ECB/PKCS5Padding
. This algorithm is suitable for small amounts of data,
typically less than 32bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.value
- The String to encrypt.privateKey
- The key used to encrypt.public static java.lang.String decryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES/ECB/PKCS5Padding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.value
- An hexadecimal encrypted string.public static java.lang.String decryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES/ECB/PKCS5Padding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.value
- An hexadecimal encrypted string.privateKey
- The key used to encrypt.