CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-org-springframework-security--spring-security-crypto

Spring Security Crypto provides cryptographic utilities including password encoding, key generation, encryption, and various hashing functions

Pending
Overview
Eval results
Files

codecs.mddocs/

Codec Utilities

Encoding and decoding utilities for Base64, Hexadecimal, and UTF-8 conversions commonly used in cryptographic operations.

Capabilities

Base64 Codec

Base64 encoding and decoding utilities for binary data representation.

/**
 * Base64 encoding and decoding utilities (deprecated - use java.util.Base64)
 */
@Deprecated
class Base64 {
    /**
     * Encode bytes to Base64 format
     * @param bytes the bytes to encode
     * @return the Base64 encoded bytes
     */
    static byte[] encode(byte[] bytes);
    
    /**
     * Decode Base64 bytes to original format
     * @param bytes the Base64 encoded bytes to decode
     * @return the decoded bytes
     */
    static byte[] decode(byte[] bytes);
    
    /**
     * Check if the byte array is Base64 encoded
     * @param bytes the bytes to check
     * @return true if Base64 encoded, false otherwise
     */
    static boolean isBase64(byte[] bytes);
}

Usage Example:

import org.springframework.security.crypto.codec.Base64;

// Encode bytes to Base64
byte[] data = "Hello World".getBytes();
byte[] encoded = Base64.encode(data);

// Decode Base64 back to original
byte[] decoded = Base64.decode(encoded);

// Validation
boolean isValid = Base64.isBase64(encoded);

Hex Codec

Hexadecimal encoding and decoding utilities for binary data representation.

/**
 * Hexadecimal encoding and decoding utilities
 */
class Hex {  
    /**
     * Encode bytes to hexadecimal character array
     * @param bytes the bytes to encode
     * @return the hex encoded character array
     */
    static char[] encode(byte[] bytes);
    
    /**
     * Decode hexadecimal string to bytes
     * @param s the hex string to decode
     * @return the decoded bytes
     */
    static byte[] decode(CharSequence s);
}

Usage Example:

import org.springframework.security.crypto.codec.Hex;

// Encode bytes to hex
byte[] data = "Hello World".getBytes();
char[] hexChars = Hex.encode(data);
String hexString = new String(hexChars);

// Decode hex back to original
byte[] decoded = Hex.decode(hexString);

// Example output: "Hello World" -> "48656c6c6f20576f726c64"
System.out.println(hexString); // "48656c6c6f20576f726c64"

UTF-8 Codec

UTF-8 encoding and decoding utilities for string/byte conversions.

/**
 * UTF-8 encoding and decoding utilities
 */
class Utf8 {
    /**
     * Encode string to UTF-8 bytes
     * @param string the string to encode
     * @return the UTF-8 encoded bytes
     */
    static byte[] encode(CharSequence string);
    
    /**
     * Decode UTF-8 bytes to string
     * @param bytes the UTF-8 bytes to decode
     * @return the decoded string
     */
    static String decode(byte[] bytes);
}

Usage Example:

import org.springframework.security.crypto.codec.Utf8;

// Encode string to UTF-8 bytes
String text = "Hello 世界";
byte[] utf8Bytes = Utf8.encode(text);

// Decode UTF-8 bytes back to string
String decoded = Utf8.decode(utf8Bytes);

// Useful for consistent encoding in cryptographic operations
String password = "pássword123";
byte[] passwordBytes = Utf8.encode(password); // for key derivation

Encoding Utils

General encoding utilities for common operations.

/**
 * Static helper for encoding data (for internal use only)
 */
class EncodingUtils {
    /**
     * Concatenate multiple byte arrays
     * @param arrays the byte arrays to concatenate
     * @return the concatenated byte array
     */
    static byte[] concatenate(byte[]... arrays);
    
    /**
     * Extract a sub array of bytes out of the byte array
     * @param array the byte array to extract from
     * @param beginIndex the beginning index of the sub array, inclusive
     * @param endIndex the ending index of the sub array, exclusive
     * @return the sub array
     */
    static byte[] subArray(byte[] array, int beginIndex, int endIndex);
}

Common Usage Patterns

Cryptographic Key Preparation

import org.springframework.security.crypto.codec.*;

// Prepare password for key derivation
String password = "mySecretPassword";
byte[] passwordBytes = Utf8.encode(password);

// Prepare hex-encoded salt
String saltHex = "deadbeefcafebabe";
byte[] salt = Hex.decode(saltHex);

// Encode result for storage
byte[] derivedKey = performKeyDerivation(passwordBytes, salt);
byte[] encodedKey = Base64.encode(derivedKey);
String keyForStorage = new String(encodedKey);

Data Encoding for Transmission

// Encrypt data and encode for safe transmission
byte[] plaintext = Utf8.encode("Sensitive Information");
byte[] encrypted = encryptor.encrypt(plaintext);

// Safe for JSON/XML/URL transmission
byte[] base64Encrypted = Base64.encode(encrypted);
String safeEncrypted = new String(base64Encrypted);

// Or hex encoding for debugging/logging (less efficient)
char[] hexChars = Hex.encode(encrypted);
String hexEncrypted = new String(hexChars);

Validation and Parsing

// Validate input format before processing
String userInput = "48656c6c6f20576f726c64";
if (isValidHex(userInput)) {
    byte[] data = Hex.decode(userInput);
    // process data
}

// Validate Base64 before decoding
String base64Input = "SGVsbG8gV29ybGQ=";
byte[] base64Bytes = base64Input.getBytes();
if (Base64.isBase64(base64Bytes)) {
    byte[] data = Base64.decode(base64Bytes);
    // process data
}

Security Utilities

Security-focused utilities for constant-time operations to prevent timing attacks.

/**
 * Utility for constant time comparison to prevent against timing attacks
 */
class PasswordEncoderUtils {
    /**
     * Constant time comparison to prevent against timing attacks
     * @param expected the expected string
     * @param actual the actual string to compare
     * @return true if strings are equal, false otherwise
     */
    static boolean equals(String expected, String actual);
}

Usage Example:

import org.springframework.security.crypto.password.PasswordEncoderUtils;

// Secure comparison that prevents timing attacks
String expected = "secretPassword";
String actual = getUserInput();
boolean matches = PasswordEncoderUtils.equals(expected, actual);

Security Considerations

  • Constant Time Operations: Use PasswordEncoderUtils.equals() for secure string comparisons to prevent timing attacks
  • Character Encoding: Always use UTF-8 encoding for consistent string-to-byte conversion
  • Input Validation: Validate encoded input before decoding to prevent exceptions
  • Memory Management: Be aware that encoding operations create new byte arrays
  • Case Sensitivity: Hex decoding is case-insensitive, but be consistent in encoding

Install with Tessl CLI

npx tessl i tessl/maven-org-springframework-security--spring-security-crypto

docs

codecs.md

encryption.md

index.md

key-generation.md

password-encoding.md

tile.json