|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.filenet.api.util.Encryption
public class Encryption
Used to encrypt sensitive properties, such as passwords, that
are sent to the Content Engine server. The encryption is done using the
public key retrieved from the Domain
object associated with the object containing the
sensitive property. Once the property is received on the server, it is
decrypted with the domain's private key, then encrypted with the Content
Engine master key prior to being persisted. Thus, this mechanism is
intended to encrypt values only during transmission to the server, where
they are immediately decrypted.
Static methods are available for encrypting bytes, chars, and
strings. Note that the use of the method that encrypts strings is discouraged, as strings are immutable,
so the sensitive data can remain in memory, posing a security risk, or it can be inadvertently written to
disk as a result of exception handling or logging activity. Any char
or
byte
array passed
to an encrypt
method is overwritten once the encryption has been performed.
If the application needs to use the sensitive data after encryption, which
should be an unusual case, it must make a copy prior to encryption.
Chars and strings are UTF-8 encoded prior to being encrypted.
Method Summary | |
---|---|
static byte[] |
encrypt(EngineObject eo,
byte[] plainText)
Encrypts a byte array using the public key from the domain object associated with the given EngineObject . |
static byte[] |
encrypt(EngineObject eo,
char[] plainText)
Encrypts the given char array using the public key from the Domain object associated with
the given EngineObject . |
static byte[] |
encrypt(EngineObject eo,
java.lang.String plainText)
Encrypts the given string using the public key from the Domain object associated with the
given EngineObject . |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public static byte[] encrypt(EngineObject eo, java.lang.String plainText)
Domain
object associated with the
given EngineObject
. The input string is UTF-8 encoded before encryption.
Note: You are strongly discouraged from using this method. Strings are immutable, so the plain text data remains in program memory for as long as the application runs, which may be a security risk for truly sensitive data. You are encouraged to use one of the methods for which the input plain text data is an array.
eo
- An EngineObject
.plainText
- The input plain text string.
encrypt(EngineObject eo, plainText byte[])
,
encrypt(EngineObject eo, plainText char[])
public static byte[] encrypt(EngineObject eo, char[] plainText)
Domain
object associated with
the given EngineObject
. The input char array is UTF-8 encoded to bytes
before being encrypted.
Note: After encryption is done, the input char array is cleared.
eo
- An EngineObject
.plainText
- The input plain text char array.
public static byte[] encrypt(EngineObject eo, byte[] plainText)
EngineObject
.
Note: After encryption is done, the input byte array is cleared.
eo
- An EngineObject
.plainText
- The input plain text byte array.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |