Difference between revisions of "Cryptographic Module"

From BaseX Documentation
Jump to navigation Jump to search
m
Line 19: Line 19:
 
<b>[[XQuery Errors#Cryptographic Functions Errors|FOCX0014]]</b> is raised if the specified encoding method is not supported.<br/>
 
<b>[[XQuery Errors#Cryptographic Functions Errors|FOCX0014]]</b> is raised if the specified encoding method is not supported.<br/>
 
<b>[[XQuery Errors#Cryptographic Functions Errors|FOCX0019]]</b> is raised if the specified secret key is invalid.<br/>
 
<b>[[XQuery Errors#Cryptographic Functions Errors|FOCX0019]]</b> is raised if the specified secret key is invalid.<br/>
 +
|-
 +
| valign='top' | '''Example'''
 +
|'''Returns the message authentication code (MAC) for a given string.'''
 +
 +
'''Query:'''
 +
<pre class="brush:xquery">
 +
crypto:hmac('message','secretkey','md5','base64')
 +
</pre>
 +
 +
'''Result:'''
 +
<pre class="brush:xml">
 +
34D1E3818B347252A75A4F6D747B21C2
 +
</pre>
 
|}
 
|}
  
Line 75: Line 88:
 
==Examples==
 
==Examples==
  
'''Example 1: Returns the message authentication code (MAC) for a given string.'''
+
'''Encrypts and decrypts data.'''
 
 
'''Query:'''
 
<pre class="brush:xquery">
 
crypto:hmac('message','secretkey','md5','base64')
 
</pre>
 
 
 
'''Result:'''
 
<pre class="brush:xml">
 
34D1E3818B347252A75A4F6D747B21C2
 
</pre>
 
 
 
'''Example 2: Encrypts and decrypts data.'''
 
  
'''Example 3: Generates and validates an [http://www.w3.org/TR/xmldsig-core/ XML Signature].'''
+
'''Generates and validates an [http://www.w3.org/TR/xmldsig-core/ XML Signature].'''

Revision as of 12:00, 10 October 2011

This module contains XQuery functions to perform cryptographic operations in XQuery. The cryptographic module is based on an early draft of the EXPath Cryptographic Module and provides the following functionality:

  1. Creation of message authentication codes (HMAC)
  2. Creation and validation of an XML Digital Signature
  3. Encryption and decryption

This module is introduced with Version 7.0 of BaseX.

crypto:hmac

Signatures crypto:hmac($message as xs:string(), $secret-key as xs:string(), algorithm as xs:string()) as xs:string()
crypto:hmac($message as xs:string(), $secret-key as xs:string(), algorithm as xs:string(), $encoding as xs:string()) as xs:string()
Summary Creates a message authentication code via a cryptographic hash function and a secret key.
$encoding must either be hex, base64 or the empty string (default is base64) and specifies the encoding of the returned authentication code.
$algorithm describes the hash algorithm which is used for encryption. Currently supported are md5, sha1, sha256, sha384, sha512.
Errors FOCX0013 is raised if the specified hashing algorithm is not supported.

FOCX0014 is raised if the specified encoding method is not supported.
FOCX0019 is raised if the specified secret key is invalid.

Example Returns the message authentication code (MAC) for a given string.

Query:

crypto:hmac('message','secretkey','md5','base64')

Result:

34D1E3818B347252A75A4F6D747B21C2

crypto:encrypt

Signatures crypto:encrypt($input as xs:string(), $encryption-type as xs:string(), $secret-key as xs:string(), $cryptographic-algorithm as xs:string()) as xs:string()
Summary ?
Errors ?

crypto:decrypt

Signatures crypto:decrypt($input as xs:string(), $decryption-type as xs:string(), $secret-key as xs:string(), $cryptographic-algorithm as xs:string()) as xs:string()
Summary ?
Errors ?

crypto:generate-signature

Signatures crypto:generate-signature($input-doc node(), $canonicalization-algorithm as xs:string(), $digest-algorithm as xs:string(), $signature-algorithm as xs:string(), $signature-namespace-prefix as xs:string(), $signature-type as xs:string()) as node()
crypto:generate-signature($input-doc node(), $canonicalization-algorithm as xs:string(), $digest-algorithm as xs:string(), $signature-algorithm as xs:string(), $signature-namespace-prefix as xs:string(), $signature-type as xs:string(), $xpath-expression as xs:string()) as node()
crypto:generate-signature($input-doc node(), $canonicalization-algorithm as xs:string(), $digest-algorithm as xs:string(), $signature-algorithm as xs:string(), $signature-namespace-prefix as xs:string(), $signature-type as xs:string(), $digital-certificate as node()) as node()
crypto:generate-signature($input-doc node(), $canonicalization-algorithm as xs:string(), $digest-algorithm as xs:string(), $signature-algorithm as xs:string(), $signature-namespace-prefix as xs:string(), $signature-type as xs:string(), $xpath-expression as xs:string(), $digital-certificate as node()) as node()
Summary ?
Errors ?

crypto:validate-signature

Signatures crypto:validate-signature($input-doc as node()) as xs:boolean()
Summary ?
Errors ?

Examples

Encrypts and decrypts data.

Generates and validates an XML Signature.