Package com.axelor.common.crypto

Class StringEncryptorPbkdf2Sha512

java.lang.Object
com.axelor.common.crypto.StringEncryptorPbkdf2Sha512
All Implemented Interfaces:
Encryptor<String,String>
public class StringEncryptorPbkdf2Sha512 extends Object
AES encryptor operating on String values using PBKDF2WithHmacSHA512 key derivation.

Encrypts and decrypts strings by delegating to a BytesEncryptorPbkdf2Sha512 and encoding the resulting bytes as Base64. The encrypted output starts with the Base64 encoding of $AESv2$, which is used by Encryptor.isEncrypted(String) to identify ciphertext.

Use the factory methods to select the AES operation mode:

  • gcm(String) — AES/GCM/NoPadding (recommended: provides authenticated encryption)
  • cbc(String) — AES/CBC/PKCS5Padding

The default constructor uses GCM.

  • Constructor Details

    • StringEncryptorPbkdf2Sha512

      public StringEncryptorPbkdf2Sha512(String password)
      Creates a GCM encryptor with the given password.

    • StringEncryptorPbkdf2Sha512

      public StringEncryptorPbkdf2Sha512(OperationMode mode, String password)
      Creates an encryptor for the given mode and password.
      Parameters:
      mode - the AES operation mode (GCM or CBC)
      password - the password used for PBKDF2 key derivation

    • StringEncryptorPbkdf2Sha512

      public StringEncryptorPbkdf2Sha512(OperationMode mode, String password, int iterations)
      Creates an encryptor for the given mode, password, and iteration count.
      Parameters:
      mode - the AES operation mode (GCM or CBC)
      password - the password used for PBKDF2 key derivation
      iterations - the PBKDF2 iteration count

    • StringEncryptorPbkdf2Sha512

      public StringEncryptorPbkdf2Sha512(OperationMode mode, String password, int iterations, int saltSize)
      Creates an encryptor with a custom salt size.
      Parameters:
      mode - the AES operation mode (GCM or CBC)
      password - the password used for PBKDF2 key derivation
      iterations - the PBKDF2 iteration count
      saltSize - the salt length in bytes

    • StringEncryptorPbkdf2Sha512

      public StringEncryptorPbkdf2Sha512(BytesEncryptorPbkdf2Sha512 encryptor)
      Creates a string encryptor backed by the given bytes encryptor.
      Parameters:
      encryptor - the underlying BytesEncryptorPbkdf2Sha512

  • Method Details

    • gcm

      public static StringEncryptorPbkdf2Sha512 gcm(String password)
      Creates a GCM encryptor with the given password.

    • cbc

      public static StringEncryptorPbkdf2Sha512 cbc(String password)
      Creates a CBC encryptor with the given password.

    • isEncrypted

      public boolean isEncrypted(String message)
      Description copied from interface: Encryptor
      Check whether the given message is already encrypted or not.
      Specified by:
      isEncrypted in interface Encryptor<String,String>
      Parameters:
      message - the message to check
      Returns:
      true if encrypted

    • encrypt

      public String encrypt(String message)
      Description copied from interface: Encryptor
      Encrypt the given message.
      Specified by:
      encrypt in interface Encryptor<String,String>
      Parameters:
      message - the message to encrypt
      Returns:
      encrypted message

    • decrypt

      public String decrypt(String encryptedMessage)
      Description copied from interface: Encryptor
      Decrypt the given encrypted message.
      Specified by:
      decrypt in interface Encryptor<String,String>
      Parameters:
      encryptedMessage - the encrypted message to decrypt
      Returns:
      decrypted message

    • toString

      public String toString()
      Overrides:
      toString in class Object