implement cipher module
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zorba |
New
|
Medium
|
Sorin Marian Nasoi |
Bug Description
The set of cryptography modules should be extended with a new module to do symmetric and asymmetric encryption and decryption. The implementation should be based on openssl (as hmac and hash) also do.
Here is a proposal for the external functions that should be provided by this module.
module namespace cipher = "http://
declare function cipher:encrypt(
$input as xs:string,
$key as xs:string,
$algo as xs:string, (: "algorithm/
$options) as xs:base64Binary external;
declare function cipher:
$input as xs:base64Binary,
$key as xs:base64Binary,
$algo as xs:string, (: "algorithm/
$options) as xs:base64Binary external;
declare function cipher:decrypt(
$input as xs:base64Binary,
$key as xs:string,
$algo as xs:string, (: "algorithm/
$options) as xs:string external;
declare function cipher:
$input as xs:base64Binary,
$key as xs:base64Binary,
$algo as xs:string, (: "algorithm/
$options) as xs:base64Binary external;
$options may specify
- iv
- key encoding if key is a string (e.g. PKCS8)
We might want to add more convenience functions (e.g. for encryption using a particular algorithm) to the module but those should be implemented in XQuery.
To start with, the module should implement AES, DES, RSA, and DSA.
Changed in zorba: | |
milestone: | 2.8 → 3.0 |
Changed in zorba: | |
milestone: | 3.0 → none |
The en- and decryption of and to strings assumes that the string is UTF-8 encoded. If the user wants to encrypt a string in an encoding other than UTF-8, he should use the base64: encode( $string, $encoding) function (which doesn't exist, yet) to get a base64 item (or the other way around for decrypt).