01: /*
02: * $Id: ICrypt.java 460331 2006-04-18 22:03:12Z dashorst $ $Revision: 460331 $
03: * $Date: 2006-04-19 00:03:12 +0200 (Wed, 19 Apr 2006) $
04: *
05: * ==============================================================================
06: * Licensed under the Apache License, Version 2.0 (the "License"); you may not
07: * use this file except in compliance with the License. You may obtain a copy of
08: * the License at
09: *
10: * http://www.apache.org/licenses/LICENSE-2.0
11: *
12: * Unless required by applicable law or agreed to in writing, software
13: * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14: * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15: * License for the specific language governing permissions and limitations under
16: * the License.
17: */
18: package wicket.util.crypt;
19:
20: /**
21: * Encryption and decryption implementations are accessed through this
22: * interface. It provide some simple means to encrypt and decrypt strings, like
23: * passwords etc.. It depends on the implementation itself which algorithms are
24: * used to en-/decrypt the data.
25: * <p>
26: * If you value the privacy of your websites users, then please consider using
27: * a one-way encryption algorithm instead of the Wicket provided ICrypt
28: * implementations. The intention of these encryption facilities is to keep
29: * passwords private when stored in cookies or in the session.The implementation
30: * of the encryption algorithm may change between releases. As such, this
31: * interface and its implementations are not intended and should not be used as
32: * an encryption facility for persistent values.
33: * <p>
34: * As of Wicket 1.2 the methods encrypt and decrypt are deprecated. Consider
35: * changing your persistent encryption strategy to be based on a one-way
36: * encryption such as a SHA1 hash, not depending on Wicket classes.
37: *
38: * @author Juergen Donnerstag
39: */
40: public interface ICrypt {
41: /**
42: * Decrypts a string.
43: *
44: * @param text
45: * the text to decrypt
46: * @return the decrypted string.
47: * @deprecated
48: */
49: String decrypt(final String text);
50:
51: /**
52: * Decrypts a string using URL and filename safe Base64 decoding.
53: *
54: * @param text
55: * the text to decrypt
56: * @return the decrypted string.
57: * @since 1.2
58: */
59: String decryptUrlSafe(final String text);
60:
61: /**
62: * Encrypts a string.
63: *
64: * @param plainText
65: * @return encrypted string
66: * @deprecated
67: */
68: String encrypt(final String plainText);
69:
70: /**
71: * Encrypts a string using URL and filename safe Base64 encoding.
72: *
73: * @param plainText
74: * @return encrypted string
75: * @since 1.2
76: */
77: String encryptUrlSafe(final String plainText);
78:
79: /**
80: * Sets private encryption key. It depends on the implementation if a
81: * default key is applied or an exception is thrown, if no private key has
82: * been provided.
83: *
84: * @param key
85: * private key
86: */
87: void setKey(final String key);
88: }
|