Perform low-level cryptographic operations in next-generation scripts
Use the next-generation utils binding to perform functions such as encoding/decoding
and encryption/decryption, type conversion, and cryptographic operations.
The utils binding isn’t available in legacy scripts.
|
Base64 encode and decode
- String base64.encode(String toEncode)
-
Encodes the specified text using base64.
- String base64.encode(byte[] toEncode)
-
Encodes the specified bytes using base64.
- String base64.decode(String toDecode)
-
Decodes the specified text using base64.
- byte[] base64.decodeToBytes(String toDecode)
-
Decodes the specified text using base64 and returns the result as an array of bytes.
- Example
var encoded = utils.base64.encode("exampletext")
logger.debug("Encoded text: " + encoded); //ZXhhbXBsZXRleHQ=
var decoded = utils.base64.decode(encoded);
logger.debug("Decoded text: " + decoded);Base64Url encode and decode
- String base64url.encode(String toEncode)
-
Encodes the specified text using base64url.
- String base64url.decode(String toDecode)
-
Decodes the specified text using base64url.
- Example
var encodedURL = utils.base64url.encode("http://exampletext=")
logger.debug("Encoded URL: " + encodedURL); //aHR0cDovL2V4YW1wbGV0ZXh0PQ
var decodedURL = utils.base64url.decode(encodedURL);
logger.debug("Decoded URL: " + decodedURL);Generate random values
- String crypto.randomUUID()
-
Returns a type 4 pseudo-random generated UUID.
- <JavaScript array> crypto.getRandomValues(<JavaScript array> array)
-
Returns the specified array filled with the same number of generated random numbers.
- Example
// generate a pseudorandom UUID (version 4)
var uuid = utils.crypto.randomUUID();
logger.debug("UUID: " + uuid); //eef5b4e1-ae86-4c0a-9160-5afee2b5e791
// generate an array of 5 random values
var array = [0,0,0,0,0];
utils.crypto.getRandomValues(array);
array.forEach(function(element){
logger.debug("Random value: " + element);
});Convert types
- String types.bytesToString(byte[] toConvert)
-
Converts a byte array to a string.
- byte[] types.stringToBytes(String toConvert)
-
Converts a string to a byte array.
- Example
var dataBytes = utils.types.stringToBytes("data");
var dataString = utils.types.bytesToString(dataBytes);Generate keys
- Object crypto.subtle.generateKey(String algorithm)
-
Generates a key using the specified algorithm and default values.
- Object crypto.subtle.generateKey(Map<String, Object> algorithm)
-
Generates a key using the parameters provided, depending on the algorithm specified.
- Parameters
| Option | Algorithm | Description |
|---|---|---|
|
All |
Required. The name of the algorithm. Possible values: |
|
|
Optional. Default: |
|
|
Optional. Default: |
|
|
Optional. Possible values: |
- Example
var aesKey = utils.crypto.subtle.generateKey("AES");
// Optionally specify 'length' (default 256)
var aesKeyCustom = utils.crypto.subtle.generateKey(
{
"name": "AES", length: 256
}
);
var rsaKey = utils.crypto.subtle.generateKey("RSA");
// Optionally specify 'modulusLength' (default 2048)
var rsaKeyCustom = utils.crypto.subtle.generateKey(
{
"name": "RSA", modulusLength: 4096
}
);
var hmacKey = utils.crypto.subtle.generateKey("HMAC");
// Optionally specify 'hash' (default 'SHA-256')
var hmacKeyCustom = utils.crypto.subtle.generateKey(
{
"name": "HMAC", "hash": "SHA-256"
}
);
logger.debug("AES key: " + aesKey.length);
logger.debug("RSA keys: " + rsaKey.publicKey.length + " : " + rsaKey.privateKey.length);Encrypt and decrypt
- byte[] crypto.subtle.encrypt(String algorithm, byte[] key, byte[] data)
-
Encrypts the data using the specified key and algorithm (
AESorRSA).
- byte[] crypto.subtle.decrypt(String algorithm, byte[] key, byte[] data)
-
Decrypts the data using the specified key and algorithm (
AESorRSA).
- Example
var data = utils.types.stringToBytes("data");
var aesKey = utils.crypto.subtle.generateKey("AES");
var rsaKey = utils.crypto.subtle.generateKey("RSA");
var encryptedAes = utils.crypto.subtle.encrypt("AES", aesKey, data);
var decryptedAes = utils.crypto.subtle.decrypt("AES", aesKey, encryptedAes);
var encryptedRsa = utils.crypto.subtle.encrypt("RSA", rsaKey.publicKey, data);
var decryptedRsa = utils.crypto.subtle.decrypt("RSA", rsaKey.privateKey, encryptedRsa);
logger.debug("decryptedAes: " + decryptedAes + " decryptedRsa: " + decryptedRsa);Compute digest (hash) values
- String crypto.subtle.digest(String algorithm, byte[] data)
-
Returns the digest of the data using the specified algorithm. The algorithm must be one of
SHA-1,SHA-256,SHA-384,SHA-512. - Example
var data = utils.types.stringToBytes("data");
var digest = utils.crypto.subtle.digest("SHA-256", data);
logger.debug("Digest length: " + digest.length);Sign and verify
- byte[] sign(String algorithm, byte[] key, byte[] data)
-
Signs the data using the specified algorithm and key.
- byte[] sign(Map<String, Object> algorithmOptions, byte[] key, byte[] data)
-
Signs the data using the specified algorithm options and key.
- boolean verify(String algorithm, byte[] key, byte[] data, byte[] signature)
-
Verifies the signature of the data using the specified algorithm and key.
- boolean verify(Map<String, Object> algorithmOptions, byte[] key, byte[] data, byte[] signature)
-
Verifies the signature of the data using the specified key and map of parameters.
- Parameters
| Option | Algorithm | Description |
|---|---|---|
|
All |
Required. The name of the algorithm. Possible values: |
|
|
Optional. Possible values: |
- Example
var data = utils.types.stringToBytes("data");
var rsaKey = utils.crypto.subtle.generateKey("RSA");
var hmacKey = utils.crypto.subtle.generateKey("HMAC");
var signRsa = utils.crypto.subtle.sign("RSA", rsaKey.privateKey, data);
var verifyRsa = utils.crypto.subtle.verify("RSA", rsaKey.publicKey, data, signRsa);
var hmacOpts = {
"name": "HMAC",
"hash": "SHA-512"
}
var signHmac = utils.crypto.subtle.sign(hmacOpts, hmacKey, data);
var verifyHmac = utils.crypto.subtle.verify(hmacOpts, hmacKey, data, signHmac);
logger.debug("RSA key verified: " + verifyRsa);
logger.debug("HMAC key verified: " + verifyHmac);