blob: 123b1ed0a4c75118b2cdbbcd5a0afe4374ea6b71 [file] [log] [blame]
<?xml version="1.0"?>
Licensed to the Apache Software Foundation (ASF) under one or
more contributor license agreements. See the NOTICE file
distributed with this work for additional information regarding
copyright ownership. The ASF licenses this file to you under the
Apache License, Version 2.0 (the "License"); you may not use
this file except in compliance with the License. You may obtain
a copy of the License at Unless required by
applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions
and limitations under the License.
<title>Crypto Component</title>
<author email="">Eric PUgh</author>
<section name="Overview">
The Crypto Service allows an application to request various encryption
It is written for use in Turbine but it can be used in any container
compatible with Avalon's ECM container.
<section name="Configuration">
<subsection name="Role Configuration">
<subsection name="Component Configuration">
This element controls the various encryption providers. All sub-elements
of this element define the name of the provider as the element name and
the class that implements the provider as its value. See the configuration
example. The algorithm <code>default</code> can be used to override the
default which is JavaCrypt.
<subsection name="Component Configuration Example">
<section name="Usage">
If you want to encrypt a clear text with a MessageDigest Cipher, you
can do it like this:
import org.apache.fulcrum.crypto.CryptoAlgorithm;
import org.apache.fulcrum.crypto.CryptoService;
public class CryptoExample
public String doMD5Encryption(String input)
CryptoService cs = (CryptoService) avalonComponentService.lookup(CryptoService.ROLE);
CryptoAlgorithm ca = CryptoService.getCryptoAlgorithm("default");
return ca.encrypt(input);
To see an example, look at the test case
<a href="xref-test/org/apache/fulcrum/crypto/CryptoServiceTest.html">CryptoServiceTest</a>.
<section name="Default Provider">
In the source code and the example above, there is talk
about a "default" provider which is used if no encryption algorithm is
specifically requested. The reason for this comes from the first user
of the crypto service, the
<a href="">Turbine Security Service</a>.
It gives you the
ability to select an encryption algorithm like MD5 or SHA1 which is in
turn used with the normal java crypto providers. As we just wanted to
"add" new algorithms and still be able to use the old
names like MD5 and SHA1, we decided to add a "catchall" algorithm to
the crypto service.
If you don't set the default provider explicitly, the
org.apache.fulcrum.crypto.provider.JavaCrypt class is
used. If you don't set the Cipher of this class explicitly, then SHA
is used.
<section name="Included Providers">
<p>The following algorithm providers are included in the
This is the simplest algorithm which does nothing. It is still
useful because you can use the Crypto Service all the time even
if you don't want to actually encrypt something. Just request
the "clear" algorithm.
This is an implementation of the Unix crypt(3) algorithm. Its
main use is when you need to access legacy information or
databases which already contain crypted passwords.
This is the default crypto provider. It implements the normal
Java MessageDigest ciphers You don't need to have this, it is
the default if no algorithms are given. The default
provider gives you all the Java MessageDigest Ciphers including
MD5, and SHA1.
Accessing the MessageDigest functions from was
buggy in Turbine 2.1, because the Security Service didn't pad
the base64 values correctly but simply cut them
off after 20 bytes. If you're stuck with an old database full of
passwords and can't upgrade, please use this provider to keep