Crypto

Related Docs: class Crypto | package libs

object Crypto

Cryptographic utilities.

These utilities are intended as a convenience, however it is important to read each methods documentation and understand the concepts behind encryption to use this class properly. Safe encryption is hard, and there is no substitute for an adequate understanding of cryptography. These methods will not be suitable for all encryption needs.

For more information about cryptography, we recommend reading the OWASP Cryptographic Storage Cheatsheet:

https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet

Source: Crypto.scala

Linear Supertypes

AnyRef, Any

Ordering

Alphabetic
By inheritance

Inherited

Crypto
AnyRef
Any

Hide All
Show all

Learn more about member selection

Visibility

Public
All

Type Members

class CryptoException extends RuntimeException

Exception thrown by the Crypto APIs.

Value Members

final def !=(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def ##(): Int

Definition Classes
AnyRef → Any
final def ==(arg0: Any): Boolean

Definition Classes
AnyRef → Any
final def asInstanceOf[T0]: T0

Definition Classes
Any
def clone(): AnyRef

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( ... )
def compareSignedTokens(tokenA: String, tokenB: String): Boolean

Compare two signed tokens
def constantTimeEquals(a: String, b: String): Boolean

Constant time equals method.
Constant time equals method.
Given a length that both Strings are equal to, this method will always run in constant time. This prevents timing attacks.
def decryptAES(value: String, privateKey: String): String

Decrypt a String with the AES encryption standard.
Decrypt a String with the AES encryption standard.
The private key must have a length of 16 bytes.
The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
The transformation used is by default AES/CTR/NoPadding. It can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.
value
An hexadecimal encrypted string.
privateKey
The key used to encrypt.
returns
The decrypted String.
def decryptAES(value: String): String

Decrypt a String with the AES encryption standard using the application's secret key.
Decrypt a String with the AES encryption standard using the application's secret key.
The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
The transformation used is by default AES/CTR/NoPadding. It can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.
value
An hexadecimal encrypted string.
returns
The decrypted String.
def encryptAES(value: String, privateKey: String): String

Encrypt a String with the AES encryption standard and the supplied private key.
Encrypt a String with the AES encryption standard and the supplied private key.
The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
The transformation algorithm used is the provider specific implementation of the AES name. On Oracles JDK, this is AES/CTR/NoPadding. This algorithm is suitable for small amounts of data, typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
The transformation algorithm can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.
value
The String to encrypt.
privateKey
The key used to encrypt.
returns
An hexadecimal encrypted string.
def encryptAES(value: String): String

Encrypt a String with the AES encryption standard using the application's secret key.
Encrypt a String with the AES encryption standard using the application's secret key.
The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
The transformation algorithm used is the provider specific implementation of the AES name. On Oracles JDK, this is AES/CTR/NoPadding. This algorithm is suitable for small amounts of data, typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
The transformation algorithm can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.
value
The String to encrypt.
returns
An hexadecimal encrypted string.
final def eq(arg0: AnyRef): Boolean

Definition Classes
AnyRef
def equals(arg0: Any): Boolean

Definition Classes
AnyRef → Any
def extractSignedToken(token: String): Option[String]

Extract a signed token that was signed by play.api.libs.Crypto.signToken.
Extract a signed token that was signed by play.api.libs.Crypto.signToken.
token
The signed token to extract.
returns
The verified raw token, or None if the token isn't valid.
def finalize(): Unit

Attributes
protected[java.lang]
Definition Classes
AnyRef
Annotations
@throws( classOf[java.lang.Throwable] )
def generateSignedToken: String

Generate a signed token
def generateToken: String

Generate a cryptographically secure token
final def getClass(): Class[_]

Definition Classes
AnyRef → Any
def hashCode(): Int

Definition Classes
AnyRef → Any
final def isInstanceOf[T0]: Boolean

Definition Classes
Any
final def ne(arg0: AnyRef): Boolean

Definition Classes
AnyRef
final def notify(): Unit

Definition Classes
AnyRef
final def notifyAll(): Unit

Definition Classes
AnyRef
def sign(message: String): String

Signs the given String with HMAC-SHA1 using the application’s secret key.
Signs the given String with HMAC-SHA1 using the application’s secret key.
By default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
message
The message to sign.
returns
A hexadecimal encoded signature.
def sign(message: String, key: Array[Byte]): String

Signs the given String with HMAC-SHA1 using the given key.
Signs the given String with HMAC-SHA1 using the given key.
By default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.
message
The message to sign.
key
The private key to sign with.
returns
A hexadecimal encoded signature.
def signToken(token: String): String

Sign a token.
Sign a token. This produces a new token, that has this token signed with a nonce.
This primarily exists to defeat the BREACH vulnerability, as it allows the token to effectively be random per request, without actually changing the value.
token
The token to sign
returns
The signed token
final def synchronized[T0](arg0: ⇒ T0): T0

Definition Classes
AnyRef
def toString(): String

Definition Classes
AnyRef → Any
final def wait(): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long, arg1: Int): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )
final def wait(arg0: Long): Unit

Definition Classes
AnyRef
Annotations
@throws( ... )

Inherited from AnyRef

Inherited from Any

Ungrouped