Since this has not seen any opposition, I add the required getDocumentURL function to the
DocumentAccessBridge
and move the crypto module into the core today.
Caleb
Jerome Velociter wrote:
+0
Jerome.
----- Original Message -----
From: "Caleb James DeLisle" <calebdelisle(a)lavabit.com>
To: "XWiki Developers" <devs(a)xwiki.org>
Sent: Thursday, August 5, 2010 11:38:48 AM GMT +01:00 Amsterdam / Berlin / Bern / Rome /
Stockholm / Vienna
Subject: [xwiki-devs] [proposal] Add cryptography api component and script service to
xwiki
Hello all,
I you have been watching on irc and in the sandbox commit notifications you know Alex and
I have been working
hard on developing some high quality cryptographic services, I think it is ready to add
to the core.
What xwiki-crypto provides:
* PasswordVerificationFunction provides ability to protect ("hash") a password
using functions which require a configurable amount of processor power and RAM.
This allows a configurable level of difficulty for password guessing attacks and
configurable memory costs even frustrate hardware (GPU) based cracking attempts.
This uses a standards conforming implementation of what is a truly state of the art
password hashing technology developed by Colin Percival, deputy security officer for
FreeBSD operating system.
The design paper is here:
http://www.tarsnap.com/scrypt/scrypt.pdf
This will be able to be used for
http://jira.xwiki.org/jira/browse/XWIKI-70 (Safe
password storage)
* Password based encryption using the function defined above for converting the password
to the encryption key. The default encryption algorithm is CAST-5 which has been used by
PGP encryption system.
* RSA-2048 key generation and text signature.
Option #1: Generate key in user's browser (Supports Firefox and Opera, possible to
add IE support.) and be able to use the crypto.signText function in javascript allowing
for signature which are unforgable even by the administrator (or hacker) of the server.
Option #2: Generate key on the server and store password encrypted (see above) allowing
for "pretty good" level of signature non-reputability.
What this will look like to a script:
## Password Encryption
#set($ciphertext = $services.crypto.passwd.encryptText("this is a secret",
"hopefully a strong password"))
## Password Decryption
#set($plaintext = $services.crypto.passwd.decryptText($ciphertext, "hopefully a
strong password"))
## Protecting a password (so can be validated but the original can't be derived from
the protected password and it's hard to do password guessing attacks)
#set($safePassword =
$services.crypto.passwd.protectPassword($userSuppliedPlaintextPassword)
## Validating a password against the "safe password"
#if($services.crypto.passwd.isPasswordCorrect($userSuppliedPlaintextPassword,
$safePassword)
you win!
#end
## Generating a key in the user's browser (this won't likely be used often)
## $spkac is a public key given by the browser when the user clicks on the create
certificate button, this is compatible with FOAFSSL.
## 365 is the number of days the certificate should be valid for.
## this returns 2 certificate, one is the user's and the other is a self signed
authority which trusts it.
#set($certAndAuthority = $services.crypto.x509.certsFromSpkac($spkac, 365))
## Generating a key (x509 certificate + private key) on the server side (this won't
likely be used often)
## this returns an XWikiX509KeyPair
#set($privateKeyAndCert = $services.crypto.x509.newCertAndPrivateKey(365, "password
for protecting private key")
## Serializing a keyPair to a base64 string (this does not conform to any standard
because no decent standard was available)
#set($keyPairAsString = $privateKeyAndCert.serializeAsBase64())
## Deserializing the keypair back from the string
#set($privateKeyAndCert = $services.crypto.x509.keyPairFromBase64($keyPairAsString)
## Signing text with a "$privateKeyAndCert"
## This outputs a base64 String representing the signature.
#set($signature = $services.crypto.x509.signText("this is the text I want to
sign", $privateKeyAndCert, "password for protecting private key")
## Verifying text (this verifies text signed with either the above signText function or
with the mozilla/opera javascript crypto.signtText function.)
## this outputs an XWikiX509Certificate object which can then be compared to known
trusted certificates.
#set($signingCertificate = $services.crypto.x509.verifyText("this is the text I want
to sign", $signature))
## Serializing a certificate as a String in conforming PEM format (readable by OpenSSL)
#set($pemString = $signingCertificate.toPEMString())
## Deserializing a certificate from PEM format
#set($signingCertificate = $services.crypto.x509.certFromPEM($pemString)
The interfaces:
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
WDYT?
Caleb
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs