CookieEncryptor

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.sandev.tools.UIProcessor
Class CookieEncryptor

java.lang.Object
  org.sandev.tools.UIProcessor.CookieEncryptor

All Implemented Interfaces:: org.sandev.basics.util.SandEncryptor

public class CookieEncryptor
extends java.lang.Object
implements org.sandev.basics.util.SandEncryptor

A weak encryptor used for making cookie values harder to read. Things like "remember me" functionality require storing authentication information in a cookie on the client machine. Because cookies are not necessarily sent over a secure protocol (in fact they frequently are not), we need to encrypt the value text.

Working assumptions:

XHTMLSandUIServlet would like to accept a passphrase from the controlling servlet as the only requirement to enable encryption.
a smaller cookie value is a good thing
if an application allows for "remember me" functionality, and the user chooses to use it, then they are accepting a risk that their authentication information can be hacked.
if more security is needed for a particular application, then a custom SandEncryptor will be used instead of this one.

Field Summary
`protected int`	`iterationCount` The number of iterations used is generally recommended to be at least 1000.
`protected byte[]`	`salt` Because we need to do multiple decryptions over time, we need the salt to be the same 8 bytes each time.

Method Summary
`java.lang.String`	`decrypt(org.sandev.basics.util.AuthUser user, java.lang.String str)` Decrypt the plaintext.
`java.lang.String`	`encrypt(org.sandev.basics.util.AuthUser user, java.lang.String str)` Encrypt the plaintext.
`long`	`getCypherUserID(java.lang.String cyphertext)` Always returns zero.
`int`	`getIterationCount()` accessor for iterationCount
`byte[]`	`getSalt()` accessor for salt
`void`	`init(java.lang.String passPhrase)` Set up for work.
`void`	`setIterationCount(int val)` mutator for iterationCount
`void`	`setSalt(byte[] salt)` mutator for salt

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

salt

protected byte[] salt

Because we need to do multiple decryptions over time, we need the salt to be the same 8 bytes each time. Salt values are not meant to be reused like this, and to some effect it defeats the purpose. However this is still better than no salt.

iterationCount

protected int iterationCount

The number of iterations used is generally recommended to be at least 1000. That takes time and effort, so we use much less.

Method Detail

getSalt

public byte[] getSalt()

accessor for salt

setSalt

public void setSalt(byte[] salt)

mutator for salt

getIterationCount

public int getIterationCount()

accessor for iterationCount

setIterationCount

public void setIterationCount(int val)

mutator for iterationCount

init

public void init(java.lang.String passPhrase)
          throws org.sandev.basics.util.SandEncryptorException

Set up for work.

Throws:: org.sandev.basics.util.SandEncryptorException

encrypt

public java.lang.String encrypt(org.sandev.basics.util.AuthUser user,
                                java.lang.String str)
                         throws org.sandev.basics.util.SandEncryptorException

Encrypt the plaintext. See SandEncryptor for details. The AuthUser parameter is ignored.

Specified by:: encrypt in interface org.sandev.basics.util.SandEncryptor

Throws:: org.sandev.basics.util.SandEncryptorException

decrypt

public java.lang.String decrypt(org.sandev.basics.util.AuthUser user,
                                java.lang.String str)
                         throws org.sandev.basics.util.SandEncryptorException

Decrypt the plaintext. See SandEncryptor for details. The AuthUser parameter is ignored.

Specified by:: decrypt in interface org.sandev.basics.util.SandEncryptor

Throws:: org.sandev.basics.util.SandEncryptorException

getCypherUserID

public long getCypherUserID(java.lang.String cyphertext)
                     throws org.sandev.basics.util.SandEncryptorException

Always returns zero. See SandEncryptor for details.

Specified by:: getCypherUserID in interface org.sandev.basics.util.SandEncryptor

Throws:: org.sandev.basics.util.SandEncryptorException