Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jasypt.util.password
Class ConfigurablePasswordEncryptor

Object
  extended by org.jasypt.util.password.ConfigurablePasswordEncryptor
All Implemented Interfaces:
PasswordEncryptor
public final class ConfigurablePasswordEncryptor
extends Object
implements PasswordEncryptor

Utility class for easily performing password digesting and checking.

This class internally holds a StandardStringDigester which can be configured by the user by optionally choosing the algorithm to be used, the output format (BASE64 or hexadecimal) the mechanism of encryption (plain digests vs. use of random salt and iteration count (default)) and even use a DigesterConfig object for more advanced configuration.

The results obtained when encoding with this class are encoded in BASE64 form.

The required steps to use it are:

  1. Create an instance (using new).
  2. Configure if needed with the setX() methods.
  3. Perform the desired encryptPassword(String) or checkPassword(String, String) operations.

This class is thread-safe

Since:
1.2
Author:
Daniel Fernández

Constructor Summary
ConfigurablePasswordEncryptor()
          Creates a new instance of ConfigurablePasswordEncryptor
 
Method Summary
 boolean checkPassword(String plainPassword, String encryptedPassword)
          Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.
 String encryptPassword(String password)
          Encrypts (digests) a password.
 void setAlgorithm(String algorithm)
           Sets the algorithm to be used for digesting, like MD5 or SHA-1.
 void setConfig(DigesterConfig config)
          Lets the user configure this encryptor with a DigesterConfig object, like if he/she were using a StandardStringDigester object directly.
 void setPlainDigest(boolean plainDigest)
          Lets the user specify if he/she wants a plain digest used as an encryption mechanism (no salt or iterations, as with MessageDigest), or rather use the jasypt's usual stronger mechanism for password encryption (based on the use of a salt and the iteration of the hash function).
 void setProvider(Provider provider)
           Sets the security provider to be asked for the digest algorithm.
 void setProviderName(String providerName)
           Sets the name of the security provider to be asked for the digest algorithm.
 void setStringOutputType(String stringOutputType)
           Sets the the form in which String output will be encoded.
 
Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ConfigurablePasswordEncryptor

public ConfigurablePasswordEncryptor()
Creates a new instance of ConfigurablePasswordEncryptor

Method Detail

setConfig

public void setConfig(DigesterConfig config)
Lets the user configure this encryptor with a DigesterConfig object, like if he/she were using a StandardStringDigester object directly.

Parameters:
config - the DigesterConfig object to be set for configuration.
See Also:
StandardStringDigester.setConfig(DigesterConfig)

setAlgorithm

public void setAlgorithm(String algorithm)

Sets the algorithm to be used for digesting, like MD5 or SHA-1.

This algorithm has to be supported by your security infrastructure, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

If you are specifying a security provider with setProvider(Provider) or setProviderName(String), this algorithm should be supported by your specified provider.

If you are not specifying a provider, you will be able to use those algorithms provided by the default security provider of your JVM vendor. For valid names in the Sun JVM, see Java Cryptography Architecture API Specification & Reference.

Parameters:
algorithm - the name of the algorithm to be used.
See Also:
StandardStringDigester.setAlgorithm(String)

setProviderName

public void setProviderName(String providerName)

Sets the name of the security provider to be asked for the digest algorithm. This security provider has to be registered beforehand at the JVM security framework.

The provider can also be set with the setProvider(Provider) method, in which case it will not be necessary neither registering the provider beforehand, nor calling this setProviderName(String) method to specify a provider name.

Note that a call to setProvider(Provider) overrides any value set by this method.

If no provider name / provider is explicitly set, the default JVM provider will be used.

Parameters:
providerName - the name of the security provider to be asked for the digest algorithm.
Throws:
AlreadyInitializedException - if it has already been initialized, this is, if encryptPassword(String) or checkPassword(String, String) have been called at least once.
Since:
1.3

setProvider

public void setProvider(Provider provider)

Sets the security provider to be asked for the digest algorithm. The provider does not have to be registered at the security infrastructure beforehand, and its being used here will not result in it being registered.

If this method is called, calling setProviderName(String) becomes unnecessary.

If no provider name / provider is explicitly set, the default JVM provider will be used.

Parameters:
provider - the provider to be asked for the chosen algorithm
Throws:
AlreadyInitializedException - if it has already been initialized, this is, if encryptPassword(String) or checkPassword(String, String) have been called at least once.
Since:
1.3

setPlainDigest

public void setPlainDigest(boolean plainDigest)
Lets the user specify if he/she wants a plain digest used as an encryption mechanism (no salt or iterations, as with MessageDigest), or rather use the jasypt's usual stronger mechanism for password encryption (based on the use of a salt and the iteration of the hash function).

Parameters:
plainDigest - true for using plain digests, false for the strong salt and iteration count based mechanism.

setStringOutputType

public void setStringOutputType(String stringOutputType)

Sets the the form in which String output will be encoded. Available encoding types are:

Parameters:
stringOutputType - the string output type.
Since:
1.3

encryptPassword

public String encryptPassword(String password)
Encrypts (digests) a password.

Specified by:
encryptPassword in interface PasswordEncryptor
Parameters:
password - the password to be encrypted.
Returns:
the resulting digest.
See Also:
StandardStringDigester.digest(String)

checkPassword

public boolean checkPassword(String plainPassword,
                             String encryptedPassword)
Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.

Specified by:
checkPassword in interface PasswordEncryptor
Parameters:
plainPassword - the plain password to check.
encryptedPassword - the digest against which to check the password.
Returns:
true if passwords match, false if not.
See Also:
StandardStringDigester.matches(String, String)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 The JASYPT team. All Rights Reserved.