Package org.graylog2.security.encryption

Class EncryptedValue

java.lang.Object
org.graylog2.security.encryption.EncryptedValue
public abstract class EncryptedValue extends Object
This is a container for encrypted values. It is supposed to be used when storing encrypted values in MongoDB (JSON) and also serialize it in HTTP responses. When storing the value in the database, the JSON serialization looks different than when it's serialized in a HTTP response.

Check org.graylog2.security.encryption.EncryptedValueTest for usage examples.

Expected structure for deserialization without active database attribute

This takes a new value and the EncryptedValueDeserializer automatically creates an encrypted value for it. (admin wants to set a new password via HTTP request) 

 // Setting a new password
 {
   "set_value": "set a new password"
 }

 // Alternative to set a new password (pass a string instead of an object)
 "set a new password"

 // Keep existing value
 {
   "keep_value": true
 }

 // Delete existing value
 {
   "delete_value": true
 }

Expected structure for deserialization with active database attribute

In this case the value is just deserialized as it is. (reading from MongoDB) 

 {
   "encrypted_value": "the encrypted value",
   "salt": "the encryption salt"
 }

Serialized structure without active database attribute

In this case the serialized JSON only contains an indicator if a value is set and doesn't contain the encrypted value and the salt. (when value is returned in a HTTP response) 

 {
   "is_set": true
 }

Serialized structure with active database attribute

In this case the serialized JSON contains the encrypted value and the salt. (when storing the value in MongoDB) 

 {
   "encrypted_value": "the encrypted value",
   "salt": "the encryption salt"
 }
See Also:

  • Constructor Details

    • EncryptedValue

      public EncryptedValue()

  • Method Details

    • value

      public abstract String value()

    • salt

      public abstract String salt()

    • isKeepValue

      public abstract boolean isKeepValue()

    • isDeleteValue

      public abstract boolean isDeleteValue()

    • isSet

      public boolean isSet()

    • createUnset

      public static EncryptedValue createUnset()

    • createWithKeepValue

      public static EncryptedValue createWithKeepValue()

    • createWithDeleteValue

      public static EncryptedValue createWithDeleteValue()

    • builder

      public static EncryptedValue.Builder builder()