org.apache.shiro.crypto
Class BlowfishCipherService
java.lang.Object
org.apache.shiro.crypto.JcaCipherService
org.apache.shiro.crypto.AbstractSymmetricCipherService
org.apache.shiro.crypto.DefaultBlockCipherService
org.apache.shiro.crypto.BlowfishCipherService
- All Implemented Interfaces:
- CipherService
public class BlowfishCipherService
- extends DefaultBlockCipherService
CipherService
using the Blowfish
cipher algorithm for all encryption, decryption, and key operations.
The Blowfish algorithm can support key sizes between 32
and 448
bits*, inclusive. However,
modern cryptanalysis techniques render keys of 80 bits or less mostly worthless - use 128
or more whenever
possible.
Note that this class retains the parent class's default CBC
mode of operation
instead of the typical JDK default of ECB
. ECB
should not be used in
security-sensitive environments because ECB
does not allow for initialization vectors, which are
considered necessary for strong encryption. See the parent class
's JavaDoc and the
JcaCipherService
JavaDoc for more on why the JDK default should not be used and is not
used in this implementation.
* Generating and using Blowfish key sizes greater than 128 require installation of the
Java Cryptography Extension (JCE) Unlimited Strength
Jurisdiction Policy files.
- Since:
- 1.0
Methods inherited from class org.apache.shiro.crypto.DefaultBlockCipherService |
generateInitializationVector, getBlockSize, getModeName, getPaddingSchemeName, getStreamingBlockSize, getStreamingModeName, getStreamingPaddingSchemeName, getTransformationString, isGenerateInitializationVectors, setBlockSize, setMode, setModeName, setPaddingScheme, setPaddingSchemeName, setStreamingBlockSize, setStreamingMode, setStreamingModeName, setStreamingPaddingScheme, setStreamingPaddingSchemeName |
Methods inherited from class org.apache.shiro.crypto.JcaCipherService |
decrypt, decrypt, encrypt, encrypt, ensureSecureRandom, getAlgorithmName, getDefaultSecureRandom, getInitializationVectorSize, getKeySize, getSecureRandom, getStreamingBufferSize, isGenerateInitializationVectors, setGenerateInitializationVectors, setInitializationVectorSize, setKeySize, setSecureRandom, setStreamingBufferSize |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
BlowfishCipherService
public BlowfishCipherService()
- Creates a new
CipherService
instance using the Blowfish
cipher algorithm with the following
important cipher default attributes:
* The CBC
operation mode is used instead of the JDK default ECB
to
ensure strong encryption. ECB
should not be used in security-sensitive environments - see the
DefaultBlockCipherService
class JavaDoc's "Operation Mode" section
for more.
**In conjunction with the default CBC
operation mode, initialization vectors are generated by
default to ensure strong encryption. See the JcaCipherService
class JavaDoc for more.
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.