Class/Object

play.api.libs

Crypto

Related Docs: object Crypto | package libs

Permalink

class Crypto extends CookieSigner with CSRFTokenSigner with AESCrypter

Annotations
@Singleton() @deprecated
Deprecated

(Since version 2.5.0) This class is deprecated and will be removed in future versions

Source
Crypto.scala
Linear Supertypes
Ordering
  1. Alphabetic
  2. By inheritance
Inherited
  1. Crypto
  2. AESCrypter
  3. CSRFTokenSigner
  4. CookieSigner
  5. AnyRef
  6. Any
  1. Hide All
  2. Show all
Visibility
  1. Public
  2. All

Instance Constructors

  1. new Crypto(signer: CookieSigner, tokenSigner: CSRFTokenSigner, aesCrypter: AESCrypter)

    Permalink
    Annotations
    @Inject()

Value Members

  1. final def !=(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int

    Permalink
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0

    Permalink
    Definition Classes
    Any
  5. def clone(): AnyRef

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  6. def compareSignedTokens(tokenA: String, tokenB: String): Boolean

    Permalink

    Compare two signed tokens

    Compare two signed tokens

    Definition Classes
    CryptoCSRFTokenSigner
  7. def constantTimeEquals(a: String, b: String): Boolean

    Permalink

    Constant time equals method.

    Constant time equals method.

    Given a length that both Strings are equal to, this method will always run in constant time. This prevents timing attacks.

    Definition Classes
    CryptoCSRFTokenSigner
  8. final def eq(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef
  9. def equals(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any
  10. def extractSignedToken(token: String): Option[String]

    Permalink

    Extract a signed token that was signed by play.api.libs.Crypto.signToken.

    Extract a signed token that was signed by play.api.libs.Crypto.signToken.

    token

    The signed token to extract.

    returns

    The verified raw token, or None if the token isn't valid.

    Definition Classes
    CryptoCSRFTokenSigner
  11. def finalize(): Unit

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  12. def generateSignedToken: String

    Permalink

    Generates a signed token.

    Generates a signed token.

    Definition Classes
    CryptoCSRFTokenSigner
  13. def generateToken: String

    Permalink

    Generates a cryptographically secure token.

    Generates a cryptographically secure token.

    Definition Classes
    CryptoCSRFTokenSigner
  14. final def getClass(): Class[_]

    Permalink
    Definition Classes
    AnyRef → Any
  15. def hashCode(): Int

    Permalink
    Definition Classes
    AnyRef → Any
  16. final def isInstanceOf[T0]: Boolean

    Permalink
    Definition Classes
    Any
  17. final def ne(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef
  18. final def notify(): Unit

    Permalink
    Definition Classes
    AnyRef
  19. final def notifyAll(): Unit

    Permalink
    Definition Classes
    AnyRef
  20. def sign(message: String): String

    Permalink

    Signs (MAC) the given String using the application’s secret key.

    Signs (MAC) the given String using the application’s secret key.

    By default this uses the platform default JCE provider. This can be overridden by defining play.crypto.provider in application.conf.

    message

    The message to sign.

    returns

    A hexadecimal encoded signature.

    Definition Classes
    CryptoCookieSigner
  21. def sign(message: String, key: Array[Byte]): String

    Permalink

    Signs (MAC) the given String using the given secret key.

    Signs (MAC) the given String using the given secret key.

    By default this uses the platform default JCE provider. This can be overridden by defining play.crypto.provider in application.conf.

    message

    The message to sign.

    key

    The private key to sign with.

    returns

    A hexadecimal encoded signature.

    Definition Classes
    CryptoCookieSigner
  22. def signToken(token: String): String

    Permalink

    Sign a token.

    Sign a token. This produces a new token, that has this token signed with a nonce.

    This primarily exists to defeat the BREACH vulnerability, as it allows the token to effectively be random per request, without actually changing the value.

    token

    The token to sign

    returns

    The signed token

    Definition Classes
    CryptoCSRFTokenSigner
  23. final def synchronized[T0](arg0: ⇒ T0): T0

    Permalink
    Definition Classes
    AnyRef
  24. def toString(): String

    Permalink
    Definition Classes
    AnyRef → Any
  25. final def wait(): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  26. final def wait(arg0: Long, arg1: Int): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  27. final def wait(arg0: Long): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Deprecated Value Members

  1. def decryptAES(value: String, privateKey: String): String

    Permalink

    Decrypt a String with the AES encryption standard.

    Decrypt a String with the AES encryption standard.

    The private key must have a length of 16 bytes.

    The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.

    The transformation used is by default AES/CTR/NoPadding. It can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.

    value

    An hexadecimal encrypted string.

    privateKey

    The key used to encrypt.

    returns

    The decrypted String.

    Definition Classes
    CryptoAESCrypter
    Deprecated

    This method is deprecated and will be removed in future versions.

  2. def decryptAES(value: String): String

    Permalink

    Decrypt a String with the AES encryption standard using the application's secret key.

    Decrypt a String with the AES encryption standard using the application's secret key.

    The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.

    The transformation used is by default AES/CTR/NoPadding. It can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.

    value

    An hexadecimal encrypted string.

    returns

    The decrypted String.

    Definition Classes
    CryptoAESCrypter
    Deprecated

    This method is deprecated and will be removed in future versions.

  3. def encryptAES(value: String, privateKey: String): String

    Permalink

    Encrypt a String with the AES encryption standard and the supplied private key.

    Encrypt a String with the AES encryption standard and the supplied private key.

    The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.

    The transformation algorithm used is the provider specific implementation of the AES name. On Oracles JDK, this is AES/CTR/NoPadding. This algorithm is suitable for small amounts of data, typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.

    The transformation algorithm can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.

    value

    The String to encrypt.

    privateKey

    The key used to encrypt.

    returns

    An hexadecimal encrypted string.

    Definition Classes
    CryptoAESCrypter
    Deprecated

    This method is deprecated and will be removed in future versions.

  4. def encryptAES(value: String): String

    Permalink

    Encrypt a String with the AES encryption standard using the application's secret key.

    Encrypt a String with the AES encryption standard using the application's secret key.

    The provider used is by default this uses the platform default JSSE provider. This can be overridden by defining play.crypto.provider in application.conf.

    The transformation algorithm used is the provider specific implementation of the AES name. On Oracles JDK, this is AES/CTR/NoPadding. This algorithm is suitable for small amounts of data, typically less than 32 bytes, hence is useful for encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose patterns and be vulnerable to repeat attacks.

    The transformation algorithm can be configured by defining play.crypto.aes.transformation in application.conf. Although any cipher transformation algorithm can be selected here, the secret key spec used is always AES, so only AES transformation algorithms will work.

    value

    The String to encrypt.

    returns

    An hexadecimal encrypted string.

    Definition Classes
    CryptoAESCrypter
    Deprecated

    This method is deprecated and will be removed in future versions.

Inherited from AESCrypter

Inherited from CSRFTokenSigner

Inherited from CookieSigner

Inherited from AnyRef

Inherited from Any

Ungrouped