Encryptors

java.lang.Object
- org.springframework.security.crypto.encrypt.Encryptors

```
public class Encryptors
extends java.lang.Object
```
Factory for commonly used encryptors. Defines the public API for constructing BytesEncryptor and TextEncryptor implementations.

Method Summary

All Methods Static Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`static TextEncryptor`	`delux(java.lang.CharSequence password, java.lang.CharSequence salt)` Creates a text encryptor that uses "stronger" password-based encryption.
`static TextEncryptor`	`noOpText()` Creates a text encryptor that performs no encryption.
`static TextEncryptor`	`queryableText(java.lang.CharSequence password, java.lang.CharSequence salt)` Deprecated. This encryptor is not secure. Instead, look to your data store for a mechanism to query encrypted data.
`static BytesEncryptor`	`standard(java.lang.CharSequence password, java.lang.CharSequence salt)` Creates a standard password-based bytes encryptor using 256 bit AES encryption.
`static BytesEncryptor`	`stronger(java.lang.CharSequence password, java.lang.CharSequence salt)` Creates a standard password-based bytes encryptor using 256 bit AES encryption with Galois Counter Mode (GCM).
`static TextEncryptor`	`text(java.lang.CharSequence password, java.lang.CharSequence salt)` Creates a text encryptor that uses "standard" password-based encryption.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - stronger
```
public static BytesEncryptor stronger(java.lang.CharSequence password,
                                      java.lang.CharSequence salt)
```
    Creates a standard password-based bytes encryptor using 256 bit AES encryption with Galois Counter Mode (GCM). Derives the secret key using PKCS #5's PBKDF2 (Password-Based Key Derivation Function #2). Salts the password to prevent dictionary attacks against the key. The provided salt is expected to be hex-encoded; it should be random and at least 8 bytes in length. Also applies a random 16-byte initialization vector to ensure each encrypted message will be unique. Requires Java 6.
    
    Parameters:
    
    password - the password used to generate the encryptor's secret key; should not be shared
    
    salt - a hex-encoded, random, site-global salt value to use to generate the key
  - standard
```
public static BytesEncryptor standard(java.lang.CharSequence password,
                                      java.lang.CharSequence salt)
```
    Creates a standard password-based bytes encryptor using 256 bit AES encryption. Derives the secret key using PKCS #5's PBKDF2 (Password-Based Key Derivation Function #2). Salts the password to prevent dictionary attacks against the key. The provided salt is expected to be hex-encoded; it should be random and at least 8 bytes in length. Also applies a random 16-byte initialization vector to ensure each encrypted message will be unique. Requires Java 6. NOTE: This mode is not authenticated and does not provide any guarantees about the authenticity of the data. For a more secure alternative, users should prefer stronger(CharSequence, CharSequence).
    
    Parameters:
    
    password - the password used to generate the encryptor's secret key; should not be shared
    
    salt - a hex-encoded, random, site-global salt value to use to generate the key
    
    See Also:
    
    #stronger(CharSequence, CharSequence), which uses the significatly more secure GCM (instead of CBC)
  - delux
```
public static TextEncryptor delux(java.lang.CharSequence password,
                                  java.lang.CharSequence salt)
```
    Creates a text encryptor that uses "stronger" password-based encryption. Encrypted text is hex-encoded.
    
    Parameters:
    
    password - the password used to generate the encryptor's secret key; should not be shared
    
    See Also:
    
    stronger(CharSequence, CharSequence)
  - text
```
public static TextEncryptor text(java.lang.CharSequence password,
                                 java.lang.CharSequence salt)
```
    Creates a text encryptor that uses "standard" password-based encryption. Encrypted text is hex-encoded.
    
    Parameters:
    
    password - the password used to generate the encryptor's secret key; should not be shared
    
    See Also:
    
    standard(CharSequence, CharSequence)
  - queryableText
```
@Deprecated
public static TextEncryptor queryableText(java.lang.CharSequence password,
                                                      java.lang.CharSequence salt)
```
    Deprecated. This encryptor is not secure. Instead, look to your data store for a mechanism to query encrypted data.
    
    Creates an encryptor for queryable text strings that uses standard password-based encryption. Uses a 16-byte all-zero initialization vector so encrypting the same data results in the same encryption result. This is done to allow encrypted data to be queried against. Encrypted text is hex-encoded.
    
    Parameters:
    
    password - the password used to generate the encryptor's secret key; should not be shared
    
    salt - a hex-encoded, random, site-global salt value to use to generate the secret key
  - noOpText
```
public static TextEncryptor noOpText()
```
    Creates a text encryptor that performs no encryption. Useful for developer testing environments where working with plain text strings is desired for simplicity.

Class Encryptors

Method Summary

Methods inherited from class java.lang.Object

Method Detail

stronger

standard

delux

text

queryableText

noOpText