01: /*
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: */
17: package org.apache.wicket.util.crypt;
18:
19: /**
20: * Encryption and decryption implementations are accessed through this
21: * interface. It provide some simple means to encrypt and decrypt strings, like
22: * passwords etc.. It depends on the implementation itself which algorithms are
23: * used to en-/decrypt the data.
24: * <p>
25: * If you value the privacy of your websites users, then please consider using a
26: * one-way encryption algorithm instead of the Wicket provided ICrypt
27: * implementations. The intention of these encryption facilities is to keep
28: * passwords private when stored in cookies or in the session.The implementation
29: * of the encryption algorithm may change between releases. As such, this
30: * interface and its implementations are not intended and should not be used as
31: * an encryption facility for persistent values.
32: * <p>
33: * As of Wicket 1.2 the methods encrypt and decrypt are deprecated. Consider
34: * changing your persistent encryption strategy to be based on a one-way
35: * encryption such as a SHA1 hash, not depending on Wicket classes.
36: *
37: * @author Juergen Donnerstag
38: */
39: public interface ICrypt {
40: /**
41: * Decrypts a string using URL and filename safe Base64 decoding.
42: *
43: * @param text
44: * the text to decrypt
45: * @return the decrypted string.
46: * @since 1.2
47: */
48: String decryptUrlSafe(final String text);
49:
50: /**
51: * Encrypts a string using URL and filename safe Base64 encoding.
52: *
53: * @param plainText
54: * @return encrypted string
55: * @since 1.2
56: */
57: String encryptUrlSafe(final String plainText);
58:
59: /**
60: * Sets private encryption key. It depends on the implementation if a
61: * default key is applied or an exception is thrown, if no private key has
62: * been provided.
63: *
64: * @param key
65: * private key
66: */
67: void setKey(final String key);
68: }
|