Package io.jsondb.crypto

Class DefaultAESCBCCipher

  • All Implemented Interfaces:
    ICipher
    @Deprecated
public class DefaultAESCBCCipher
extends java.lang.Object
implements ICipher
    Deprecated.
    This cipher is insufficiently secure for many purposes. Please use Default1Cipher instead.

    • Constructor Summary

      Constructors 
      Constructor Description
      DefaultAESCBCCipher​(byte[] encryptionKey, java.lang.String charset)
      Deprecated.
      A default AES (CBC Mode) Cipher.
      DefaultAESCBCCipher​(java.lang.String base64CodedEncryptionKey)
      Deprecated.
      This constructor assumes data to be of type 'UTF-8' A default AES (CBC Mode) Cipher.
      DefaultAESCBCCipher​(java.lang.String base64CodedEncryptionKey, java.lang.String charset)
      Deprecated.
      A default AES (CBC Mode) Cipher.

    • Method Summary

      All Methods Instance Methods Concrete Methods Deprecated Methods 
      Modifier and Type Method Description
      java.lang.String decrypt​(java.lang.String cipherText)
      Deprecated.
      A method to decrypt the provided cipher text.
      java.lang.String encrypt​(java.lang.String plainText)
      Deprecated.
      This method is used to encrypt(Symmetric) plainText coming in input using AES algorithm

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • DefaultAESCBCCipher

        public DefaultAESCBCCipher​(java.lang.String base64CodedEncryptionKey)
                    throws java.security.GeneralSecurityException
        Deprecated.
        This constructor assumes data to be of type 'UTF-8' A default AES (CBC Mode) Cipher. AES is a 128-bit block cipher supporting keys of 128, 192, and 256 bits. CBC may not be the most secure mode, maybe you want to use the AEAD mode. This implementation is just a example you can create your own implementation similar to this one using AES AEAD or entirely a different crypto algorithm like say DES Imp Note: This constructor takes a Base64 Encoded encryption key of type String, provided only for ease of use. Generally for such type of data a good practice is to use char[] so that it can be explicitly wiped of, Strings are immutable so it is possible that some other process may dump this process memory and locate the key, so yes this is a security concern. So if you wish you can create your own implementation of ICipher that accepts a char[] or byte[] as key and you take care of filling up that array with garbage when done. This constructor does not check if the given bytes indeed specify a secret key of the specified algorithm. For example, this constructor does not check if key is 128, 192, 256 bytes long, and also does not check for weak or semi-weak keys. Note: If you want to use Key > 128 bits then you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files.
        Parameters:
        base64CodedEncryptionKey - A base 64 encoded symmetric key to be used during encryption and decryption.
        Throws:
        java.security.GeneralSecurityException - a general security exception

      • DefaultAESCBCCipher

        public DefaultAESCBCCipher​(java.lang.String base64CodedEncryptionKey,
                           java.lang.String charset)
                    throws java.security.GeneralSecurityException
        Deprecated.
        A default AES (CBC Mode) Cipher. AES is a 128-bit block cipher supporting keys of 128, 192, and 256 bits. CBC may not be the most secure mode, maybe you want to use the AEAD mode. This implementation is just a example you can create your own implementation similar to this one using AES AEAD or entirely a different crypto algorithm like say DES Imp Note: This constructor takes a Base64 Encoded encryption key of type String, provided only for ease of use. Generally for such type of data a good practice is to use char[] so that it can be explicitly wiped of, Strings are immutable so it is possible that some other process may dump this process memory and locate the key, so yes this is a security concern. So if you wish you can create your own implementation of ICipher that accepts a char[] or byte[] as key and you take care of filling up that array with garbage when done. This constructor does not check if the given bytes indeed specify a secret key of the specified algorithm. For example, this constructor does not check if key is 128, 192, 256 bytes long, and also does not check for weak or semi-weak keys. Note: If you want to use Key > 128 bits then you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files.
        Parameters:
        base64CodedEncryptionKey - A base 64 encoded symmetric key to be used during encryption and decryption.
        charset - charset to be considered when encrypting plaintext, or decrypting cipher text
        Throws:
        java.security.GeneralSecurityException - a general security exception

      • DefaultAESCBCCipher

        public DefaultAESCBCCipher​(byte[] encryptionKey,
                           java.lang.String charset)
                    throws java.security.GeneralSecurityException
        Deprecated.
        A default AES (CBC Mode) Cipher. AES is a 128-bit block cipher supporting keys of 128, 192, and 256 bits. CBC may not be the most secure mode, maybe you want to use the AEAD mode. This implementation is just a example you can create your own implementation similar to this one using AES AEAD or entirely a different crypto algorithm like say DES This constructor does not check if the given bytes indeed specify a secret key of the specified algorithm. For example, this constructor does not check if key is 128, 192, 256 bytes long, and also does not check for weak or semi-weak keys. Note: If you want to use Key > 128 bits then you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files.
        Parameters:
        encryptionKey - symmetric key to be used during encryption or decryption.
        charset - charset to be considered when encrypting plaintext, or decrypting cipher text
        Throws:
        java.security.GeneralSecurityException - a general security exception

    • Method Detail

      • encrypt

        public java.lang.String encrypt​(java.lang.String plainText)
        Deprecated.
        This method is used to encrypt(Symmetric) plainText coming in input using AES algorithm
        Specified by:
        encrypt in interface ICipher
        Parameters:
        plainText - the plain text string to be encrypted
        Returns:
        Base64 encoded AES encrypted cipher text

      • decrypt

        public java.lang.String decrypt​(java.lang.String cipherText)
        Deprecated.
        A method to decrypt the provided cipher text.
        Specified by:
        decrypt in interface ICipher
        Parameters:
        cipherText - AES encrypted cipherText
        Returns:
        decrypted text