Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * =============================================================================
   * 
   *   Copyright (c) 2007, The JASYPT team (http://www.jasypt.org)
   * 
   *   Licensed under the Apache License, Version 2.0 (the "License");
   *   you may not use this file except in compliance with the License.
   *   You may obtain a copy of the License at
   * 
  *       http://www.apache.org/licenses/LICENSE-2.0
  * 
  *   Unless required by applicable law or agreed to in writing, software
  *   distributed under the License is distributed on an "AS IS" BASIS,
  *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *   See the License for the specific language governing permissions and
  *   limitations under the License.
  * 
  * =============================================================================
  */
 package org.jasypt.util.password;
 
 

Utility class for easily performing password digesting and checking.

This class internally holds a org.jasypt.digest.StandardStringDigester which can be configured by the user by optionally choosing the algorithm to be used, the output format (BASE64 or hexadecimal) the mechanism of encryption (plain digests vs. use of random salt and iteration count (default)) and even use a org.jasypt.digest.config.DigesterConfig object for more advanced configuration.

The results obtained when encoding with this class are encoded in BASE64 form.

The required steps to use it are:

  1. Create an instance (using new).
  2. Configure if needed with the setX() methods.
  3. Perform the desired encryptPassword(java.lang.String) or checkPassword(java.lang.String,java.lang.String) operations.

This class is thread-safe

Author(s):
Daniel Fernández Garrido
Since:
1.2
 
 public final class ConfigurablePasswordEncryptor implements PasswordEncryptor {
 
     // The internal digester used
     private StandardStringDigester digester = null;
    
    
    
Creates a new instance of ConfigurablePasswordEncryptor
 
     public ConfigurablePasswordEncryptor() {
         super();
         this. = new StandardStringDigester();
     }


    
Lets the user configure this encryptor with a org.jasypt.digest.config.DigesterConfig object, like if he/she were using a org.jasypt.digest.StandardStringDigester object directly.

Parameters:
config the DigesterConfig object to be set for configuration.
See also:
org.jasypt.digest.StandardStringDigester.setConfig(org.jasypt.digest.config.DigesterConfig)
 
     public void setConfig(DigesterConfig config) {
         this..setConfig(config);
     }


    

Sets the algorithm to be used for digesting, like MD5 or SHA-1.

This algorithm has to be supported by your security infrastructure, and it should be allowed as an algorithm for creating java.security.MessageDigest instances.

If you are specifying a security provider with setProvider(java.security.Provider) or setProviderName(java.lang.String), this algorithm should be supported by your specified provider.

If you are not specifying a provider, you will be able to use those algorithms provided by the default security provider of your JVM vendor. For valid names in the Sun JVM, see Java Cryptography Architecture API Specification & Reference.

Parameters:
algorithm the name of the algorithm to be used.
See also:
org.jasypt.digest.StandardStringDigester.setAlgorithm(java.lang.String)
    public void setAlgorithm(String algorithm) {
        this..setAlgorithm(algorithm);
    }
    
    
    

Sets the name of the security provider to be asked for the digest algorithm. This security provider has to be registered beforehand at the JVM security framework.

The provider can also be set with the setProvider(java.security.Provider) method, in which case it will not be necessary neither registering the provider beforehand, nor calling this setProviderName(java.lang.String) method to specify a provider name.

Note that a call to setProvider(java.security.Provider) overrides any value set by this method.

If no provider name / provider is explicitly set, the default JVM provider will be used.

Parameters:
providerName the name of the security provider to be asked for the digest algorithm.
Throws:
org.jasypt.exceptions.AlreadyInitializedException if it has already been initialized, this is, if encryptPassword(java.lang.String) or checkPassword(java.lang.String,java.lang.String) have been called at least once.
Since:
1.3
    public void setProviderName(String providerName) {
        this..setProviderName(providerName);
    }
    
    
    

Sets the security provider to be asked for the digest algorithm. The provider does not have to be registered at the security infrastructure beforehand, and its being used here will not result in it being registered.

If this method is called, calling setProviderName(java.lang.String) becomes unnecessary.

If no provider name / provider is explicitly set, the default JVM provider will be used.

Parameters:
provider the provider to be asked for the chosen algorithm
Throws:
org.jasypt.exceptions.AlreadyInitializedException if it has already been initialized, this is, if encryptPassword(java.lang.String) or checkPassword(java.lang.String,java.lang.String) have been called at least once.
Since:
1.3
    public void setProvider(Provider provider) {
        this..setProvider(provider);
    }
    

    
Lets the user specify if he/she wants a plain digest used as an encryption mechanism (no salt or iterations, as with java.security.MessageDigest), or rather use the jasypt's usual stronger mechanism for password encryption (based on the use of a salt and the iteration of the hash function).

Parameters:
plainDigest true for using plain digests, false for the strong salt and iteration count based mechanism.
    public void setPlainDigest(boolean plainDigest) {
        if (plainDigest) {
            this..setIterations(1);
            this..setSaltSizeBytes(0);
        } else {
        }
    }

    
    

Sets the the form in which String output will be encoded. Available encoding types are:

  • base64 (default)
  • hexadecimal

Parameters:
stringOutputType the string output type.
Since:
1.3
    public void setStringOutputType(String stringOutputType) {
        this..setStringOutputType(stringOutputType);
    }
    
    
    
Encrypts (digests) a password.

Parameters:
password the password to be encrypted.
Returns:
the resulting digest.
See also:
org.jasypt.digest.StandardStringDigester.digest(java.lang.String)
    public String encryptPassword(String password) {
        return .digest(password);
    }

    
    
Checks an unencrypted (plain) password against an encrypted one (a digest) to see if they match.

Parameters:
plainPassword the plain password to check.
encryptedPassword the digest against which to check the password.
Returns:
true if passwords match, false if not.
See also:
org.jasypt.digest.StandardStringDigester.matches(java.lang.String,java.lang.String)
    public boolean checkPassword(String plainPassword
            String encryptedPassword) {
        return .matches(plainPasswordencryptedPassword);
    }
    
New to GrepCode? Check out our FAQ X