crypto

Type Members

1. type AuthEnv = AuthEnvironment[AuthResult]

   

2. sealed abstract class AuthEnvironment[F[_]] extends AnyRef

   

   An environment in which authentication is performed.

   An environment in which authentication is performed.

   It is expected that you will have a singleton instance of this class for your entire app/service. The default method in the companion object creates an instance with some reasonable defaults and caching.

   It is not strictly necessary to use this class, but it certain classes such as EncryptedCodec and SignedCodec have convenient instantiation methods that take an authentication environment.

   The environment can also be set up for asymmetric signing and verification. To set it up for asymmetric signing, set the signing key. For asymmetric verification, set the verify key. Both can be set if the library user needs to perform both functions.

   F

   the context wrapping most of the results of the environment. For example, F is usually AuthResult, which means that an F[A] is either an AuthFailure or a successful A.

3. sealed abstract class AuthFailure extends Product with Serializable

   

   An error encountered during authentication.

4. type AuthResult[A] = Either[AuthFailure, A]

   

5. sealed abstract class CipherMode extends AnyRef

   

6. trait Decryptor[F[_]] extends AnyRef

   

7. final class EncryptionKey extends AnyRef

   

8. trait Encryptor[F[_]] extends AnyRef

   

9. final class InitializationVector extends AnyRef

   

10. class Nonce extends AnyRef

    

11. final class SafeHolder[V] extends AnyRef

    

    The SafeHolder utility provide safe reuse of objects that could not be shared between thread (not thread-safe) like many java crypto objects, e.g.

    The SafeHolder utility provide safe reuse of objects that could not be shared between thread (not thread-safe) like many java crypto objects, e.g. Cipher.

12. final class SafeHolderEncryption extends Encryptor[AuthResult] with Decryptor[AuthResult]

    

13. final class SafeHolderHmac extends Signer[AuthResult]

    

    An HMAC-based implementation of Signer that caches Mac instances to reduce the overhead of initialization.

    An HMAC-based implementation of Signer that caches Mac instances to reduce the overhead of initialization.

    Caching a per-key Mac instead of just a thread-local Mac would remove the need to initialize the mac on each signature, but benchmarks show that it doesn't make a significant performance difference.

14. final class SignatureKey extends AnyRef

    

15. abstract class Signer[F[_]] extends AnyRef

    

    A Signer computes a signature (such as a checksum) of data.

    A Signer computes a signature (such as a checksum) of data.

    F

    The context in which results are wrapped. This allows a Signer to return a possible failure via Option, a disjunction, etc.

16. trait TokenAuthenticator[SerializedToken, DeserializedToken] extends AnyRef

    

    A TokenAuthenticator can authenticate with a provided encoded token and can serialize a decoded token.

    A TokenAuthenticator can authenticate with a provided encoded token and can serialize a decoded token.

    SerializedToken

    the form of the serialized token (for example String for tokens that are base-64-encoded).

    DeserializedToken

    the result of successful authentication (for example an AuthToken or User model).

17. final case class TokenVersion(major: Int, minor: Int, micro: Int) extends Product with Serializable

    

    The serialization version of a token.

    The serialization version of a token.

    While the major/minor/micro versions are represented as Int at runtime, note that the serializer treats them as unsigned integers, so their range is 0 to 255.

    We must increment major whenever there are incompatible structural changes on the part of the core library:

    1. changes to secret part structure 2. change to secret encryption algorithm, 3. change token signing algorithm 4. change to keyId -> key calculation Changes 2-4 could come from authentication library or if we overwrite the default values.