Changes

|{{Func|crypto:hmac|$message data as xs:stringanyAtomicType, $key as xs:anyAtomicType|xs:base64Binary, $algorithm as xs:string|xs:string}}<br/>{{Func|crypto:hmac|$message data as xs:stringanyAtomicType, $key as xs:anyAtomicType|xs:base64Binary, $algorithm as xs:string, $encoding as xs:string|xs:string}}

|Creates a message an authentication code via a cryptographic hash function and a secret for the specified {{Code|$keydata}}. <br/>via a cryptographic hash function:* {{Code|$encodingkey}} must either not be {{Code|hex}}, {{Code|base64}} or the empty string and specifies the encoding of the returned authentication code. '''Default is {{Code|base64}}'''.<br/>* {{Code|$algorithm}} describes the hash algorithm which is used for encryption. Currently supported are {{Code|md5}}, {{Code|sha1}}, {{Code|sha256}}, {{Code|sha384}}, {{Code|sha512}}. '''Default is {{Code|md5}}'''.* {{Code|$encoding}} must either be {{Code|hex}} or {{Code|base64}}; it specifies the encoding of the returned authentication code. Default is {{Code|base64}}.

|'''Returns the Return message authentication code (MAC) for a given string.''':

crypto:hmac('message','secretkey','md5','base64hex')

* Cryptographic algorithms are currently limited to {{Code|symmetric}} algorithms only. This means that the same secret key is used for encryption and decryption.

|{{Func|crypto:encrypt|$input data as xs:stringanyAtomicType, $encryption type as xs:string, $key as xs:stringanyAtomicType, $algorithm as xs:string|xs:stringbase64Binary}}

|Encrypts data with the given input string.<br/>specified key:* {{Code|$encryptiondata}} must be a string or binary item.* {{Code|symmetric$type}}, as asymmetric encryption is not supported so far. '''Default is must be {{Code|symmetric}}'''.<br/>* {{Code|$key}} is the secret key which is used for both encryption and decryption of input data. It must be a string or binary item. Its length is fixed and depends on the chosen algorithm: 8 bytes for {{Code|8 bytes for DES}}, 16 bytes for {{Code|16 bytes for AES}}.<br/>* {{Code|$algorithm}} must either be {{Code|DES}} or {{Code|AES}}. Other algorithms are not supported so far, but, of course, can be added on demand. '''Default is {{Code|DES}}'''.

|'''Encrypts Encrypt input data.''' '''Query:'''

crypto:encrypt('message', 'symmetric','keykeyke','DES')

|{{Func|crypto:decrypt|$input data as xs:stringanyAtomicType, $type as xs:string, $key as xs:stringanyAtomicType, $algorithm as xs:string|xs:string}}

|Decrypts Encrypts data with the encrypted specified key:* {{Code|$inputdata}}must be a string or binary item.<br/>* {{Code|$type}} must be {{Code|symmetric}}. An option for asymmetric encryption will most likely be added with another version of BaseX. '''Default is {{Code|symmetric}}'''.<br/>* {{Code|$key}} is the secret key which is used for both encryption and decryption of input data. It must be a string or binary item. Its length is fixed and depends on the chosen algorithm: 8 bytes for {{Code|8 bytes for DES}}, 16 bytes for {{Code|16 bytes for AES}}.<br/>* {{Code|$algorithm}} must either be {{Code|DES}} or {{Code|AES}}. Other algorithms are not supported so far, but, of course, can be added on demand. '''Default is {{Code|DES}}'''.

|'''Decrypts Decrypt input data and returns the return original string.''':

let $encrypted := crypto:encrypt('message', 'symmetric','keykeyke','DES')return crypto:decrypt($encrypted, 'symmetric','keykeyke','DES')