JSEEncryptor

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.owasp.esapi.reference
Class JSEEncryptor

java.lang.Object
  org.owasp.esapi.reference.JSEEncryptor

All Implemented Interfaces:: Encryptor

public class JSEEncryptor
extends java.lang.Object
implements Encryptor

Reference implementation of the IEncryptor interface. This implementation layers on the JCE provided cryptographic package. Algorithms used are configurable in the ESAPI.properties file.

Since:: June 1, 2007
Author:: Jeff Williams (jeff.williams .at. aspectsecurity.com) Aspect Security
See Also:: Encryptor

Constructor Summary
`JSEEncryptor()`

Method Summary
`java.lang.String`	`decrypt(java.lang.String ciphertext)` Decrypts the provided ciphertext string (encrypted with the encrypt method) and returns a plaintext string.
`java.lang.String`	`encrypt(java.lang.String plaintext)` Encrypts the provided plaintext and returns a ciphertext string.
`long`	`getRelativeTimeStamp(long offset)` Gets an absolute timestamp representing an offset from the current time to be used by other functions in the library.
`long`	`getTimeStamp()` Gets a timestamp representing the current date and time to be used by other functions in the library.
`java.lang.String`	`hash(java.lang.String plaintext, java.lang.String salt)` Hashes the data using the specified algorithm and the Java MessageDigest class.
`java.lang.String`	`seal(java.lang.String data, long expiration)` Creates a seal that binds a set of data and includes an expiration timestamp.
`java.lang.String`	`sign(java.lang.String data)` Create a digital signature for the provided data and return it in a string.
`java.lang.String`	`unseal(java.lang.String seal)` Unseals data (created with the seal method) and throws an exception describing any of the various problems that could exist with a seal, such as an invalid seal format, expired timestamp, or decryption error.
`boolean`	`verifySeal(java.lang.String seal)` Verifies a seal (created with the seal method) and throws an exception describing any of the various problems that could exist with a seal, such as an invalid seal format, expired timestamp, or data mismatch.
`boolean`	`verifySignature(java.lang.String signature, java.lang.String data)` Verifies a digital signature (created with the sign method) and returns the boolean result.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JSEEncryptor

public JSEEncryptor()

Method Detail

hash

public java.lang.String hash(java.lang.String plaintext,
                             java.lang.String salt)
                      throws EncryptionException

Hashes the data using the specified algorithm and the Java MessageDigest class. This method first adds the salt, a separator (":"), and the data, and then rehashes 1024 times to help strengthen weak passwords.

Specified by:: hash in interface Encryptor

Parameters:: plaintext - the plaintext; salt - the salt
Returns:: the string
Throws:: EncryptionException - the encryption exception
See Also:: Encryptor.hash(java.lang.String,java.lang.String)