org.apache.shiro.crypto
Class BlowfishCipherService

java.lang.Object
  extended by org.apache.shiro.crypto.JcaCipherService
      extended by org.apache.shiro.crypto.AbstractSymmetricCipherService
          extended by org.apache.shiro.crypto.DefaultBlockCipherService
              extended by org.apache.shiro.crypto.BlowfishCipherService
All Implemented Interfaces:
CipherService

public class BlowfishCipherService
extends DefaultBlockCipherService

CipherService using the Blowfish cipher algorithm for all encryption, decryption, and key operations.

The Blowfish algorithm can support key sizes between 32 and 448 bits*, inclusive. However, modern cryptanalysis techniques render keys of 80 bits or less mostly worthless - use 128 or more whenever possible.

Note that this class retains the parent class's default CBC mode of operation instead of the typical JDK default of ECB. ECB should not be used in security-sensitive environments because ECB does not allow for initialization vectors, which are considered necessary for strong encryption. See the parent class's JavaDoc and the JcaCipherService JavaDoc for more on why the JDK default should not be used and is not used in this implementation.

* Generating and using Blowfish key sizes greater than 128 require installation of the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files.

Since:
1.0

Constructor Summary
BlowfishCipherService()
          Creates a new CipherService instance using the Blowfish cipher algorithm with the following important cipher default attributes: Attribute Value keySize 128 bits blockSize 64 bits (required for Blowfish) mode CBC* paddingScheme PKCS5 initializationVectorSize 64 bits generateInitializationVectors true**

* The CBC operation mode is used instead of the JDK default ECB to ensure strong encryption.

 
Method Summary
 
Methods inherited from class org.apache.shiro.crypto.DefaultBlockCipherService
generateInitializationVector, getBlockSize, getModeName, getPaddingSchemeName, getStreamingBlockSize, getStreamingModeName, getStreamingPaddingSchemeName, getTransformationString, isGenerateInitializationVectors, setBlockSize, setMode, setModeName, setPaddingScheme, setPaddingSchemeName, setStreamingBlockSize, setStreamingMode, setStreamingModeName, setStreamingPaddingScheme, setStreamingPaddingSchemeName
 
Methods inherited from class org.apache.shiro.crypto.AbstractSymmetricCipherService
generateNewKey, generateNewKey
 
Methods inherited from class org.apache.shiro.crypto.JcaCipherService
decrypt, decrypt, encrypt, encrypt, ensureSecureRandom, getAlgorithmName, getDefaultSecureRandom, getInitializationVectorSize, getKeySize, getSecureRandom, getStreamingBufferSize, isGenerateInitializationVectors, setGenerateInitializationVectors, setInitializationVectorSize, setKeySize, setSecureRandom, setStreamingBufferSize
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

BlowfishCipherService

public BlowfishCipherService()
Creates a new CipherService instance using the Blowfish cipher algorithm with the following important cipher default attributes:
Attribute Value
keySize 128 bits
blockSize 64 bits (required for Blowfish)
mode CBC*
paddingScheme PKCS5
initializationVectorSize 64 bits
generateInitializationVectors true**

* The CBC operation mode is used instead of the JDK default ECB to ensure strong encryption. ECB should not be used in security-sensitive environments - see the DefaultBlockCipherService class JavaDoc's "Operation Mode" section for more.

**In conjunction with the default CBC operation mode, initialization vectors are generated by default to ensure strong encryption. See the JcaCipherService class JavaDoc for more.



Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.