You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by ep...@apache.org on 2004/06/30 15:01:08 UTC
cvs commit: jakarta-turbine-fulcrum/crypto/xdocs navigation.xml index.xml changes.xml
epugh 2004/06/30 06:01:08
Added: crypto/impl/xdocs navigation.xml index.xml changes.xml
Removed: crypto/xdocs navigation.xml index.xml changes.xml
Log:
move xdocs into impl/
Revision Changes Path
1.1 jakarta-turbine-fulcrum/crypto/impl/xdocs/navigation.xml
Index: navigation.xml
===================================================================
<?xml version="1.0" encoding="ISO-8859-1"?>
<project
name="Crypto"
href="http://jakarta.apache.org/turbine/fulcrum/crypto/">
<body>
<links>
<item name="Turbine"
href="http://jakarta.apache.org/turbine/"/>
<item name="Fulcrum"
href="http://jakarta.apache.org/turbine/fulcrum/"/>
</links>
<menu name="Overview">
<item name="Main" href="/index.html"/>
</menu>
</body>
</project>
1.1 jakarta-turbine-fulcrum/crypto/impl/xdocs/index.xml
Index: index.xml
===================================================================
<?xml version="1.0"?>
<document>
<properties>
<title>Crypto Component</title>
<author email="epugh@upstate.com">Eric PUgh</author>
</properties>
<body>
<section name="Overview">
<p>
The Crypto Service allows an application to request various encryption
algorithms provided by the normal Java crypto providers and 3rd party
providers such as <a href="http://www.cryptix.org/">Cryptix</a>.
</p>
<p>
It is written for use in Turbine but it can be used in any container compatible
with Avalon's ECM container.
</p>
</section>
<section name="Configuration">
<p>
First, here is the role configuration.
</p>
<source>
<![CDATA[
<role
name="org.apache.fulcrum.crypto.CryptoService"
shorthand="crypto"
default-class="org.apache.fulcrum.crypto.DefaultCryptoService"/>
]]>
</source>
<p>
Now comes the basic configuration of the component. Here will will
configure the various encryption providers
</p>
<source>
<![CDATA[
<crypto>
<algorithm>
<unix>org.apache.fulcrum.crypto.provider.UnixCrypt</unix>
<clear>org.apache.fulcrum.crypto.provider.ClearCrypt</clear>
<java>org.apache.fulcrum.crypto.provider.JavaCrypt</java>
<oldjava>org.apache.fulcrum.crypto.provider.OldJavaCrypt</oldjava>
</algorithm>
</crypto>
]]>
</source>
</section>
<section name="Usage">
<p>
If you want to encrypt a clear text with a MessageDigest Cipher, you can
do it like this:
</p>
<source><![CDATA[
import org.apache.fulcrum.crypto.CryptoAlgorithm;
import org.apache.fulcrum.crypto.CryptoService;
public class CryptoExample
{
public String doMD5Encryption(String input)
{
CryptoService cs = (CryptoService) avalonComponentService.lookup(CryptoService.ROLE);
CryptoAlgorithm ca = CryptoService.getCryptoAlgorithm("default");
ca.setCipher("MD5");
return ca.encrypt(input);
}
}
]]></source>
<p>
To see an example, look at the test case
<a href="xref-test/org/apache/fulcrum/crypto/CryptoServiceTest.html">CryptoServiceTest</a>.
</p>
</section>
<section name="Default Provider">
<p>
In the source code and the example above, there is talk about a
"default" provider which is used if no encryption algorithm is
specifically requested. The reason for this comes from the first user
of the crypto service, the <a href="security-service.html">Security
Service</a>. It gives you the ability to select an encryption
algorithm like MD5 or SHA1 which is in turn used with the normal java
crypto providers. As we just wanted to "add" new algorithms and still
be able to use the old java.security names like MD5 and SHA1, we
decided to add a "catchall" algorithm to the crypto service.
</p>
<p>
If you don't set the default provider explicitly, the
org.apache.fulcrum.crypto.provider.JavaCrypt class is used. If you
don't set the Cipher of this class explicitly, then SHA is used.
</p>
</section>
<section name="Included Providers">
<p>The following algorithm providers are included in the Cryptoservice:</p>
<p>
<ol>
<li>
<b>ClearCrypt</b> (org.apache.fulcrum.crypto.provider.ClearCrypt). This is
the simplest algorithm which does nothing. It is still useful because
you can use the Crypto Service all the time even if you don't want to
actually encrypt something. Just request the "cleartext" algorithm.
</li>
<li>
<b>UnixCrypt</b> (org.apache.fulcrum.crypto.provider.UnixCrypt). This is an
implementation of the Unix crypt(3) algorithm. Its main use is when
you need to access legacy information or databases which already
contain crypted passwords. UnixCrypt needs the cryptix32.jar from <a
href="http://www.cryptix.org/">Cryptix</a>.
</li>
<li>
<b>JavaCrypt</b> (org.apache.fulcrum.crypto.provider.JavaCrypt). This is the
default crypto provider. It implements the normal Java MessageDigest ciphers
You need not to have this, it is the default if no algorithms are given. The default
provider gives you all the Java MessageDigest Ciphers including MD5, and SHA1.
</li>
<li>
<b>OldJavaCrypt</b> (org.apache.fulcrum.crypto.provider.OldJavaCrypt). Accessing
the MessageDigest functions from java.security was buggy in Turbine 2.1, because
the Security Service didn't pad the base64 values correctly but simply cut them
off after 20 bytes. If you're stuck with an old database full of passwords and can't
upgrade, please use this provider to keep going. DO NOT USE THIS PROVIDER FOR NEW
APPLICATIONS!.
</li>
</ol>
</p>
</section>
</body>
</document>
1.1 jakarta-turbine-fulcrum/crypto/impl/xdocs/changes.xml
Index: changes.xml
===================================================================
<?xml version="1.0"?>
<document>
<properties>
<title>Fulcrum Crypto</title>
<author email="epugh@upstate.com">Eric Pugh</author>
</properties>
<body>
<release version="1.0.4" date="">
<action dev="epugh" type="update">
Update to use Merlin 3.3.0
</action>
<action dev="epugh" type="add">
Implementing the merlinized code.
</action>
</release>
<release version="1.0-alpha-3" date="11-18-2003">
<action dev="epugh" type="add">
Integrated howto documentation on main page.
</action>
</release>
</body>
</document>
---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-dev-help@jakarta.apache.org