001/* 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017package org.apache.wicket.util.crypt; 018 019/** 020 * Encryption and decryption implementations are accessed through this interface. It provide some 021 * simple means to encrypt and decrypt strings, like passwords etc.. It depends on the 022 * implementation itself which algorithms are used to en-/decrypt the data. 023 * <p> 024 * If you value the privacy of your websites users, then please consider using a one-way encryption 025 * algorithm instead of the Wicket provided ICrypt implementations. The intention of these 026 * encryption facilities is to keep passwords private when stored in cookies or in the session.The 027 * implementation of the encryption algorithm may change between releases. As such, this interface 028 * and its implementations are not intended and should not be used as an encryption facility for 029 * persistent values. 030 * <p> 031 * As of Wicket 1.2 the methods encrypt and decrypt are deprecated. Consider changing your 032 * persistent encryption strategy to be based on a one-way encryption such as a SHA1 hash, not 033 * depending on Wicket classes. 034 * 035 * @author Juergen Donnerstag 036 */ 037public interface ICrypt 038{ 039 /** 040 * Decrypts a string using URL and filename safe Base64 decoding. 041 * 042 * @param text 043 * the text to decrypt 044 * @return the decrypted string. 045 * @since 1.2 046 */ 047 String decryptUrlSafe(final String text); 048 049 /** 050 * Encrypts a string using URL and filename safe Base64 encoding. 051 * 052 * @param plainText 053 * @return encrypted string 054 * @since 1.2 055 */ 056 String encryptUrlSafe(final String plainText); 057 058 /** 059 * Sets private encryption key. It depends on the implementation if a default key is applied or 060 * an exception is thrown, if no private key has been provided. 061 * 062 * @param key 063 * private key 064 * 065 * 066 * @deprecated TODO remove in Wicket 10 067 */ 068 @Deprecated(forRemoval = true) 069 void setKey(final String key); 070}