@Deprecated @Singleton public class Crypto extends java.lang.Object implements CSRFTokenSigner, CookieSigner
Constructor and Description |
---|
Crypto(play.api.libs.Crypto crypto)
Deprecated.
|
Modifier and Type | Method and Description |
---|---|
play.api.libs.Crypto |
asScala()
Deprecated.
|
boolean |
compareSignedTokens(java.lang.String tokenA,
java.lang.String tokenB)
Deprecated.
Compare two signed tokens
|
boolean |
constantTimeEquals(java.lang.String a,
java.lang.String b)
Deprecated.
Constant time equals method.
|
java.lang.String |
decryptAES(java.lang.String value)
Deprecated.
This method is deprecated and will be removed in future versions.
|
java.lang.String |
decryptAES(java.lang.String value,
java.lang.String privateKey)
Deprecated.
This method is deprecated and will be removed in future versions.
|
java.lang.String |
encryptAES(java.lang.String value)
Deprecated.
This method is deprecated and will be removed in future versions.
|
java.lang.String |
encryptAES(java.lang.String value,
java.lang.String privateKey)
Deprecated.
This method is deprecated and will be removed in future versions.
|
java.lang.String |
extractSignedToken(java.lang.String token)
Deprecated.
Extract a signed token that was signed by
signToken(String) . |
java.lang.String |
generateSignedToken()
Deprecated.
Generate a signed token
|
java.lang.String |
generateToken()
Deprecated.
Generate a cryptographically secure token
|
java.lang.String |
sign(java.lang.String message)
Deprecated.
Signs the given String with HMAC-SHA1 using the application's secret key.
|
java.lang.String |
signToken(java.lang.String token)
Deprecated.
Sign a token.
|
public play.api.libs.Crypto asScala()
asScala
in interface CSRFTokenSigner
public java.lang.String sign(java.lang.String message)
application.crypto.provider
in application.conf
.sign
in interface CookieSigner
message
- The message to sign.public java.lang.String signToken(java.lang.String token)
signToken
in interface CookieSigner
token
- The token to signpublic java.lang.String extractSignedToken(java.lang.String token)
signToken(String)
.extractSignedToken
in interface CSRFTokenSigner
token
- The signed token to extract.public java.lang.String generateToken()
generateToken
in interface CSRFTokenSigner
public java.lang.String generateSignedToken()
generateSignedToken
in interface CSRFTokenSigner
public boolean compareSignedTokens(java.lang.String tokenA, java.lang.String tokenB)
compareSignedTokens
in interface CSRFTokenSigner
public boolean constantTimeEquals(java.lang.String a, java.lang.String b)
constantTimeEquals
in interface CSRFTokenSigner
@Deprecated public java.lang.String encryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/CTR/NoPadding
. This algorithm is suitable for small amounts of data,
typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.value
- The String to encrypt.@Deprecated public java.lang.String encryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES
name. On
Oracles JDK, this is AES/CTR/NoPadding
. This algorithm is suitable for small amounts of data,
typically less than 32bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger
blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.
application.crypto.aes.transformation
in
application.conf
. Although any cipher transformation algorithm can be selected here, the secret key
spec used is always AES, so only AES transformation algorithms will work.value
- The String to encrypt.privateKey
- The key used to encrypt.@Deprecated public java.lang.String decryptAES(java.lang.String value)
application.crypto.provider
in application.conf
.
AES/CTR/NoPadding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.value
- An hexadecimal encrypted string.@Deprecated public java.lang.String decryptAES(java.lang.String value, java.lang.String privateKey)
application.crypto.provider
in application.conf
.
AES/CTR/NoPadding
. It can be configured by defining
application.crypto.aes.transformation
in application.conf
. Although any cipher
transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation
algorithms will work.value
- An hexadecimal encrypted string.privateKey
- The key used to encrypt.