Package org.saidone.service.crypto

Class AbstractCryptoService

java.lang.Object

org.saidone.component.BaseComponent

org.saidone.service.crypto.AbstractCryptoService

All Implemented Interfaces:

CryptoService, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware

Direct Known Subclasses:

BcCryptoServiceImpl, JcaCryptoServiceImpl

public abstract class AbstractCryptoService
extends BaseComponent
implements CryptoService

Base implementation for CryptoService that provides common functionality for the concrete encryption services. It offers helper methods to derive secret keys using PBKDF2, HKDF or Argon2 and defines configuration beans for the supported key derivation algorithms.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AbstractCryptoService.Kdf	Configuration class for key derivation function settings Contains nested configuration classes for PBKDF2, HKDF and Argon2

Field Summary

Fields

Modifier and Type	Field	Description
protected @Valid @NotNull AbstractCryptoService.Kdf	kdf

Constructor Summary

Constructors

Constructor	Description
AbstractCryptoService()

Method Summary

Modifier and Type	Method	Description
String	decryptText(String encryptedText)	Decrypts a Base64 encoded encrypted text string
protected org.apache.commons.lang3.tuple.Pair<SecretKeySpec,Integer>	deriveSecretKey(String algorithm, byte[] salt)
protected org.apache.commons.lang3.tuple.Pair<SecretKeySpec,Integer>	deriveSecretKey(String algorithm, byte[] salt, Integer version)	Derives a secret key based on the specified key derivation function (KDF) implementation.
String	encryptText(String text)	Encrypts a plain text string and returns Base64 encoded result

Methods inherited from class org.saidone.component.BaseComponent

init, setApplicationContext, shutDown, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.saidone.service.crypto.CryptoService

decrypt, encrypt

Field Details

kdf

@Valid
@NotNull
protected @Valid @NotNull AbstractCryptoService.Kdf kdf

Constructor Details

AbstractCryptoService

public AbstractCryptoService()

Method Details

deriveSecretKey

protected org.apache.commons.lang3.tuple.Pair<SecretKeySpec,Integer> deriveSecretKey(String algorithm,
 byte[] salt)

deriveSecretKey

protected org.apache.commons.lang3.tuple.Pair<SecretKeySpec,Integer> deriveSecretKey(String algorithm,
 byte[] salt,
 Integer version)

Derives a secret key based on the specified key derivation function (KDF) implementation.

This method selects the key derivation algorithm implementation configured in kdf and derives a secret key accordingly. Supported KDF implementations include HKDF, Argon2, and PBKDF2 (default).

Parameters:

algorithm - the name of the cryptographic algorithm for which the secret key is derived

salt - the salt value used in the key derivation process

version - the version of the key derivation parameters to use

Returns:

a Pair containing the derived SecretKeySpec and an Integer representing the key version

encryptText

public String encryptText(String text)

Encrypts a plain text string and returns Base64 encoded result

Specified by:

encryptText in interface CryptoService

Parameters:

text - The text to encrypt

Returns:

Base64 encoded encrypted text

decryptText

public String decryptText(String encryptedText)

Decrypts a Base64 encoded encrypted text string

Specified by:

decryptText in interface CryptoService

Parameters:

encryptedText - The Base64 encoded encrypted text

Returns:

Decrypted plain text