Package org.graylog2.security
Class AESTools
java.lang.Object
org.graylog2.security.AESTools
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic String
Decrypt the given cipher text value with the given encryption key and the same salt used for encryption using AES CBC.static String
decryptSiv
(String cipherText, byte[] encryptionKey) Decrypt the given cipher text value with the given encryption key using AES SIV.static String
Encrypt the given plain text value with the given encryption key and salt using AES CBC.static String
encryptSiv
(String plainText, byte[] encryptionKey) Encrypt the given plain text value with the given encryption key using AES SIV.static String
Generates a new random salt
-
Constructor Details
-
AESTools
public AESTools()
-
-
Method Details
-
encrypt
Encrypt the given plain text value with the given encryption key and salt using AES CBC. If the supplied encryption key is not of 16, 24 or 32 bytes length, it will be truncated or padded to the next largest key size before encryption.- Parameters:
plainText
- the plain text value to encryptencryptionKey
- the encryption keysalt
- the salt- Returns:
- the encrypted hexadecimal cipher text or null if encryption failed
-
decrypt
Decrypt the given cipher text value with the given encryption key and the same salt used for encryption using AES CBC. If the supplied encryption key is not of 16, 24 or 32 bytes length, it will be truncated or padded to the next largest key size before encryption.- Parameters:
cipherText
- the hexadecimal cipher text value to decryptencryptionKey
- the encryption keysalt
- the salt used for encrypting this cipherText- Returns:
- the decrypted cipher text or null if decryption failed
-
encryptSiv
Encrypt the given plain text value with the given encryption key using AES SIV. (RFC 5297)- Parameters:
plainText
- the plain text value to encryptencryptionKey
- the encryption key (must be at least 32 bytes)- Returns:
- the encrypted cipher text or null if encryption failed
- Throws:
IllegalArgumentException
- if the encryption key is smaller than 32 bytes
-
decryptSiv
Decrypt the given cipher text value with the given encryption key using AES SIV. (RFC 5297)- Parameters:
cipherText
- the cipher text value to decryptencryptionKey
- the encryption key (must be at least 32 bytes)- Returns:
- the decrypted cipher text or null if decryption failed
- Throws:
IllegalArgumentException
- if the encryption key is smaller than 32 bytes
-
generateNewSalt
Generates a new random salt- Returns:
- the generated random salt as a string of hexadecimal digits.
-