Package org.craftercms.commons.crypto
Class CryptoUtils
java.lang.Object
org.craftercms.commons.crypto.CryptoUtils
Utility methods for encryption/decryption and message digest.
- Author:
- Alfonso Vásquez
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final String
static final int
static final String
static final String
static final SecureRandom
-
Method Summary
Modifier and TypeMethodDescriptionstatic byte[]
Generates a random initialization vector for an AES cipher.static SecretKey
Generates a random AES encryption key.static SecretKey
generateKey
(String cipherAlgorithm) Generates a random encryption key.static byte[]
generateRandomBytes
(int size) Generates a random array of bytes, using the singletonSecureRandom
.static String
hashPassword
(String clearPswd) Hashes a password using aSimpleDigest
.static boolean
matchPassword
(String hashedPswdAndSalt, String clearPswd) Returns true if it's a password match, that is, if the hashed clear password equals the given hash.
-
Field Details
-
secureRandom
-
AES_CIPHER_ALGORITHM
- See Also:
-
AES_KEY_BYTE_SIZE
public static final int AES_KEY_BYTE_SIZE- See Also:
-
DEFAULT_AES_CIPHER_TRANSFORMATION
- See Also:
-
PASSWORD_SEP
- See Also:
-
-
Method Details
-
generateRandomBytes
public static byte[] generateRandomBytes(int size) Generates a random array of bytes, using the singletonSecureRandom
.- Parameters:
size
- the size of the array- Returns:
- the generated array
-
generateAesKey
Generates a random AES encryption key.- Returns:
- the generated key
-
generateKey
Generates a random encryption key.- Parameters:
cipherAlgorithm
- the cipher algorithm the key will be used with. Will determine the key size- Returns:
- the generated key
- Throws:
NoSuchAlgorithmException
-
generateAesIv
public static byte[] generateAesIv()Generates a random initialization vector for an AES cipher.- Returns:
- the generated IV
-
hashPassword
Hashes a password using aSimpleDigest
. The generated salt is appended to the password, using thePASSWORD_SEP
.- Parameters:
clearPswd
- the password to hash, in clear- Returns:
- the hashed password +
PASSWORD_SEP
+ salt
-
matchPassword
Returns true if it's a password match, that is, if the hashed clear password equals the given hash.- Parameters:
hashedPswdAndSalt
- the hashed password +PASSWORD_SEP
+ salt, as returned byhashPassword(String)
clearPswd
- the password that we're trying to match, in clear- Returns:
- if the password matches
-