Functions -
crypto
crc32b |
Returns the Hex-encoded CRC32B value for the provided element.
|
decodePrivateKey |
Reads a private key from the provided PKCS#12 archive file.
|
decodePublicKey |
Reads a public key from the provided PKCS#12 archive file.
|
decryptAesCbc |
Returns the AES-CBC-decrypted value for the given AES-CBC-encrypted data.
|
decryptAesEcb |
Returns the AES-ECB-decrypted value for the given AES-ECB-encrypted data.
|
decryptAesGcm |
Returns the AES-GCM-decrypted value for the given AES-GCM-encrypted data.
|
decryptRsaEcb |
Returns the RSA-decrypted value for the given RSA-encrypted data.
|
encryptAesCbc |
Returns the AES-CBC-encrypted value for the given data.
|
encryptAesEcb |
Returns the AES-ECB-encrypted value for the given data.
|
encryptAesGcm |
Returns the AES-GCM-encrypted value for the given data.
|
encryptRsaEcb |
Returns the RSA-encrypted value for the given data.
|
hashMd5 |
Returns the MD5 hash of the given data.
|
hashSha1 |
Returns the SHA-1 hash of the given data.
|
hashSha256 |
Returns the SHA-256 hash of the given data.
|
hashSha384 |
Returns the SHA-384 hash of the given data.
|
hashSha512 |
Returns the SHA-512 hash of the given data.
|
hmacMd5 |
Returns the HMAC using the MD-5 hash function of the given data.
|
hmacSha1 |
Returns the HMAC using the SHA-1 hash function of the given data.
|
hmacSha256 |
Returns the HMAC using the SHA-256 hash function of the given data.
|
hmacSha384 |
Returns the HMAC using the SHA-384 hash function of the given data.
|
hmacSha512 |
Returns the HMAC using the SHA-512 hash function of the given data.
|
signRsaMd5 |
Returns the RSA-MD5-based signature value for the given data.
|
signRsaSha1 |
Returns the RSA-SHA1-based signature value for the given data.
|
signRsaSha256 |
Returns the RSA-SHA256-based signature value for the given data.
|
signRsaSha384 |
Returns the RSA-SHA384-based signature value for the given data.
|
signRsaSha512 |
Returns the RSA-SHA512-based signature value for the given data.
|
verifyRsaMd5Signature |
Verifies the RSA-MD5-based signature.
|
verifyRsaSha1Signature |
Verifies the RSA-SHA1-based signature.
|
verifyRsaSha256Signature |
Verifies the RSA-SHA256-based signature.
|
verifyRsaSha384Signature |
Verifies the RSA-SHA384-based signature.
|
verifyRsaSha512Signature |
Verifies the RSA-SHA512-based signature.
|
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string checksum = crypto:crc32b(data);
Parameters
- input byte[]
-
Value for checksum generation
-
Return Type
(string) The generated checksum
decodePrivateKey
(KeyStore | TrustStore keyStore, string keyAlias, string keyPassword)
returns PrivateKey | Error crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey|crypto:Error privateKey = crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
Parameters
- keyStore KeyStore | TrustStore
-
Key store or Trust store configurations
- keyAlias string
-
Key alias
- keyPassword string
-
Key password
-
Return Type
(PrivateKey | Error) Reference to the private key or else a
crypto:Error
if the private key was unreadable
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PublicKey|crypto:Error publicKey = crypto:decodePublicKey(keyStore, "keyAlias");
Parameters
- keyStore KeyStore | TrustStore
-
Key store or Trust store configurations
- keyAlias string
-
Key alias
string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[16] initialVector = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
initialVector[i] = <byte>math:randomInRange(0, 255);
}
byte[] cipherText = checkpanic crypto:encryptAesCbc(data, key, initialVector);
byte[]|crypto:Error plainText = crypto:decryptAesCbc(cipherText, key, initialVector);
Parameters
- input byte[]
-
The content to be decrypted
- key byte[]
-
Encryption key
- iv byte[]
-
Initialization vector
- padding AesPadding (default PKCS5)
-
The padding
-
Return Type
(byte[] | Error) Decrypted data or else a
crypto:Error
if the key is invalid
string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[] cipherText = checkpanic crypto:encryptAesEcb(data, key);
byte[]|crypto:Error plainText = crypto:decryptAesEcb(cipherText, key);
Parameters
- input byte[]
-
The content to be decrypted
- key byte[]
-
Encryption key
- padding AesPadding (default PKCS5)
-
The padding
-
Return Type
(byte[] | Error) Decrypted data or else a
crypto:Error
if the key is invalid
decryptAesGcm
(byte[] input, byte[] key, byte[] iv, AesPadding padding, int tagSize)
returns byte[] | Error string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[16] initialVector = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
initialVector[i] = <byte>math:randomInRange(0, 255);
}
byte[] cipherText = checkpanic crypto:encryptAesGcm(data, key, initialVector);
byte[]|crypto:Error plainText = crypto:decryptAesGcm(cipherText, key, initialVector);
Parameters
- input byte[]
-
The content to be decrypted
- key byte[]
-
Encryption key
- iv byte[]
-
Initialization vector
- padding AesPadding (default PKCS5)
-
The padding
- tagSize int (default 128)
-
Tag size
-
Return Type
(byte[] | Error) Decrypted data or else a
crypto:Error
if the key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] cipherText = checkpanic crypto:encryptRsaEcb(data, publicKey);
byte[]|crypto:Error plainText = checkpanic crypto:decryptRsaEcb(cipherText, privateKey);
Parameters
- input byte[]
-
The content to be decrypted
- key PrivateKey | PublicKey
-
Private or public key used for encryption
- padding RsaPadding (default PKCS1)
-
The padding
-
Return Type
(byte[] | Error) Decrypted data or else a
crypto:Error
if the key is invalid
string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[16] initialVector = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
initialVector[i] = <byte>math:randomInRange(0, 255);
}
byte[]|crypto:Error cipherText = crypto:encryptAesCbc(data, key, initialVector);
Parameters
- input byte[]
-
The content to be encrypted
- key byte[]
-
Encryption key
- iv byte[]
-
Initialization vector
- padding AesPadding (default PKCS5)
-
The padding
-
Return Type
(byte[] | Error) Encrypted data or else a
crypto:Error
if the key is invalid
string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[]|crypto:Error cipherText = crypto:encryptAesEcb(data, key);
Parameters
- input byte[]
-
The content to be encrypted
- key byte[]
-
Encryption key
- padding AesPadding (default PKCS5)
-
The padding
-
Return Type
(byte[] | Error) Encrypted data or else a
crypto:Error
if the key is invalid
encryptAesGcm
(byte[] input, byte[] key, byte[] iv, AesPadding padding, int tagSize)
returns byte[] | Error string dataString = "Hello Ballerina!";
byte[] data = dataString.toBytes();
byte[16] key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
key[i] = <byte>math:randomInRange(0, 255);
}
byte[16] initialVector = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
foreach var i in 0...15 {
initialVector[i] = <byte>math:randomInRange(0, 255);
}
byte[]|crypto:Error cipherText = crypto:encryptAesGcm(data, key, initialVector);
Parameters
- input byte[]
-
The content to be encrypted
- key byte[]
-
Encryption key
- iv byte[]
-
Initialization vector
- padding AesPadding (default PKCS5)
-
The padding
- tagSize int (default 128)
-
Tag size
-
Return Type
(byte[] | Error) Encrypted data or else a
crypto:Error
if the key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
byte[]|crypto:Error cipherText = crypto:encryptRsaEcb(data, publicKey);
Parameters
- input byte[]
-
The content to be encrypted
- key PrivateKey | PublicKey
-
Private or public key used for encryption
- padding RsaPadding (default PKCS1)
-
The padding
-
Return Type
(byte[] | Error) Encrypted data or else a
crypto:Error
if the key is invalid
string dataString = "Hello Ballerina";
byte[] data = dataString.toBytes();
byte[] hash = crypto:hashMd5(data);
Parameters
- input byte[]
-
Value to be hashed
-
Return Type
(byte[]) Hashed output
string dataString = "Hello Ballerina";
byte[] data = dataString.toBytes();
byte[] hash = crypto:hashSha1(data);
Parameters
- input byte[]
-
Value to be hashed
-
Return Type
(byte[]) Hashed output
string dataString = "Hello Ballerina";
byte[] data = dataString.toBytes();
byte[] hash = crypto:hashSha256(data);
Parameters
- input byte[]
-
Value to be hashed
-
Return Type
(byte[]) Hashed output
string dataString = "Hello Ballerina";
byte[] data = dataString.toBytes();
byte[] hash = crypto:hashSha384(data);
Parameters
- input byte[]
-
Value to be hashed
-
Return Type
(byte[]) Hashed output
string dataString = "Hello Ballerina";
byte[] data = dataString.toBytes();
byte[] hash = crypto:hashSha512(data);
Parameters
- input byte[]
-
Value to be hashed
-
Return Type
(byte[]) Hashed output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string keyString = "some-secret";
byte[] key = keyString.toBytes();
byte[] hmac = crypto:hmacMd5(data, key);
Parameters
- input byte[]
-
Value to be hashed
- key byte[]
-
Key used for HMAC generation
-
Return Type
(byte[]) HMAC output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string keyString = "some-secret";
byte[] key = keyString.toBytes();
byte[] hmac = crypto:hmacSha1(data, key);
Parameters
- input byte[]
-
Value to be hashed
- key byte[]
-
Key used for HMAC generation
-
Return Type
(byte[]) HMAC output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string keyString = "some-secret";
byte[] key = keyString.toBytes();
byte[] hmac = crypto:hmacSha256(data, key);
Parameters
- input byte[]
-
Value to be hashed
- key byte[]
-
Key used for HMAC generation
-
Return Type
(byte[]) HMAC output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string keyString = "some-secret";
byte[] key = keyString.toBytes();
byte[] hmac = crypto:hmacSha384(data, key);
Parameters
- input byte[]
-
Value to be hashed
- key byte[]
-
Key used for HMAC generation
-
Return Type
(byte[]) HMAC output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
string keyString = "some-secret";
byte[] key = keyString.toBytes();
byte[] hmac = crypto:hmacSha512(data, key);
Parameters
- input byte[]
-
Value to be hashed
- key byte[]
-
Key used for HMAC generation
-
Return Type
(byte[]) HMAC output
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey =
checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[]|crypto:Error signature = crypto:signRsaMd5(data, privateKey);
-
Return Type
(byte[] | Error) The generated signature or else a
crypto:Error
if the private key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey =
checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[]|crypto:Error signature = crypto:signRsaSha1(data, privateKey);
-
Return Type
(byte[] | Error) The generated signature or else a
crypto:Error
if the private key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey =
checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[]|crypto:Error signature = crypto:signRsaSha256(data, privateKey);
-
Return Type
(byte[] | Error) The generated signature or else a
crypto:Error
if the private key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey =
checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[]|crypto:Error signature = crypto:signRsaSha384(data, privateKey);
-
Return Type
(byte[] | Error) The generated signature or else a
crypto:Error
if the private key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey =
checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[]|crypto:Error signature = crypto:signRsaSha512(data, privateKey);
-
Return Type
(byte[] | Error) The generated signature or else a
crypto:Error
if the private key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] signature = checkpanic crypto:signRsaMd5(data, privateKey);
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
boolean|crypto:Error validity = crypto:verifyRsaMd5Signature(data, signature, publicKey);
Parameters
- data byte[]
-
The content to be verified
- signature byte[]
-
Signature value
- publicKey PublicKey
-
Public key used for verification
-
Return Type
(boolean | Error) Validity of the signature or else a
crypto:Error
if the public key is invalid
string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] signature = checkpanic crypto:signRsaMd5(data, privateKey);
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
boolean|crypto:Error validity = crypto:verifyRsaSha1Signature(data, signature, publicKey);
Parameters
- data byte[]
-
The content to be verified
- signature byte[]
-
Signature value
- publicKey PublicKey
-
Public key used for verification
-
Return Type
(boolean | Error) Validity of the signature or else a
crypto:Error
if the public key is invalid
verifyRsaSha256Signature
(byte[] data, byte[] signature, PublicKey publicKey)
returns boolean | Error string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] signature = checkpanic crypto:signRsaMd5(data, privateKey);
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
boolean|crypto:Error validity = crypto:verifyRsaSha256Signature(data, signature, publicKey);
Parameters
- data byte[]
-
The content to be verified
- signature byte[]
-
Signature value
- publicKey PublicKey
-
Public key used for verification
-
Return Type
(boolean | Error) Validity of the signature or else a
crypto:Error
if the public key is invalid
verifyRsaSha384Signature
(byte[] data, byte[] signature, PublicKey publicKey)
returns boolean | Error string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] signature = checkpanic crypto:signRsaMd5(data, privateKey);
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
boolean|crypto:Error validity = crypto:verifyRsaSha384Signature(data, signature, publicKey);
Parameters
- data byte[]
-
The content to be verified
- signature byte[]
-
Signature value
- publicKey PublicKey
-
Public key used for verification
-
Return Type
(boolean | Error) Validity of the signature or else a
crypto:Error
if the public key is invalid
verifyRsaSha512Signature
(byte[] data, byte[] signature, PublicKey publicKey)
returns boolean | Error string stringData = "Hello Ballerina";
byte[] data = stringData.toBytes();
crypto:KeyStore keyStore = {
path: "/home/ballerina/keystore.p12",
password: "keystorePassword"
};
crypto:PrivateKey privateKey = checkpanic crypto:decodePrivateKey(keyStore, "keyAlias", "keyPassword");
byte[] signature = checkpanic crypto:signRsaMd5(data, privateKey);
crypto:PublicKey publicKey = checkpanic crypto:decodePublicKey(keyStore, "keyAlias");
boolean|crypto:Error validity = crypto:verifyRsaSha512Signature(data, signature, publicKey);
Parameters
- data byte[]
-
The content to be verified
- signature byte[]
-
Signature value
- publicKey PublicKey
-
Public key used for verification
-
Return Type
(boolean | Error) Validity of the signature or else a
crypto:Error
if the public key is invalid