9 Aug
2010
9 Aug
'10
6:02 p.m.
+1
Any patch that makes XWiki more secure is welcome ;-)
Guillaume
On Mon, Aug 9, 2010 at 17:59, Caleb James DeLisle
<calebdelisle(a)lavabit.com>wrote;wrote:
Since this has not seen any opposition, I add the
required getDocumentURL
function to the DocumentAccessBridge
and move the crypto module into the core today.
Caleb
Jerome Velociter wrote:
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…
> WDYT?
> Caleb
>
_______________________________________________
> devs mailing list
> devs(a)xwiki.org
> http://lists.xwiki.org/mailman/listinfo/devs
> _______________________________________________
> devs mailing list
> devs(a)xwiki.org
> http://lists.xwiki.org/mailman/listinfo/devs
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
+0
Jerome.
----- Original Message -----
From: "Caleb James DeLisle" <calebdelisle(a)lavabit.com>
To: "XWiki Developers" <devs(a)xwiki.org>
Sent: Thursday, August 5, 2010 11:38:48 AM GMT +01:00 Amsterdam / Berlin
/ Bern /
Rome / Stockholm / Vienna
Subject: [xwiki-devs] [proposal] Add cryptography
api component and
script service to xwiki
Hello all,
I you have been watching on irc and in the sandbox commit notifications
you know
Alex and I have been working
hard on developing some high quality
cryptographic services, I think it
is ready to add to the core.
What xwiki-crypto provides:
* PasswordVerificationFunction provides ability to protect ("hash") a
password using functions which require a configurable amount of processor
power and RAM.
This allows a configurable level of difficulty
for password guessing
attacks and configurable memory costs even frustrate hardware
(GPU) based
cracking attempts.
This uses a standards conforming implementation
of what is a truly state
of the art password hashing technology developed by Colin
Percival, deputy
security officer for FreeBSD operating system.
The design paper is here:
http://www.tarsnap.com/scrypt/scrypt.pdf
This will be able to be used for
http://jira.xwiki.org/jira/browse/XWIKI-70 (Safe
password storage)
* Password based encryption using the function defined above for
converting the
password to the encryption key. The default encryption
algorithm is CAST-5 which has been used by PGP encryption system.
* RSA-2048 key generation and text signature.
Option #1: Generate key in user's browser (Supports Firefox and Opera,
possible to add IE support.) and be able to use the crypto.signText function
in javascript allowing for signature which are unforgable even by the
administrator (or hacker) of the server.
Option #2: Generate key on the server and store
password encrypted (see
above) allowing for "pretty good" level of
signature non-reputability.
What this will look like to a script:
## Password Encryption
#set($ciphertext = $services.crypto.passwd.encryptText("this is a
secret", "hopefully a strong password"))
## Password Decryption
#set($plaintext = $services.crypto.passwd.decryptText($ciphertext,
"hopefully
a strong password"))
## Protecting a password (so can be validated but the original can't be
derived from the protected password and it's hard to do password guessing
attacks)
#set($safePassword =
$services.crypto.passwd.protectPassword($userSuppliedPlaintextPassword)
## Validating a password against the "safe password"
#if($services.crypto.passwd.isPasswordCorrect($userSuppliedPlaintextPassword,
$safePassword)
you win!
#end
## Generating a key in the user's browser (this won't likely be used
often)
## $spkac is a public key given by the browser
when the user clicks on
the create certificate button, this is compatible with
FOAFSSL.
## 365 is the number of days the certificate
should be valid for.
## this returns 2 certificate, one is the user's and the other is a self
signed authority which trusts it.
#set($certAndAuthority =
$services.crypto.x509.certsFromSpkac($spkac,
365))
## Generating a key (x509 certificate + private key) on the server side
(this
won't likely be used often)
## this returns an XWikiX509KeyPair
#set($privateKeyAndCert = $services.crypto.x509.newCertAndPrivateKey(365,
"password for protecting private key")
## Serializing a keyPair to a base64 string (this does not conform to any
standard
because no decent standard was available)
#set($keyPairAsString =
$privateKeyAndCert.serializeAsBase64())
## Deserializing the keypair back from the string
#set($privateKeyAndCert =
$services.crypto.x509.keyPairFromBase64($keyPairAsString)
## Signing text with a "$privateKeyAndCert"
## This outputs a base64 String representing the signature.
#set($signature = $services.crypto.x509.signText("this is the text I want
to
sign", $privateKeyAndCert, "password for protecting private key")
## Verifying text (this verifies text signed with either the above
signText
function or with the mozilla/opera javascript crypto.signtText
function.)
## this outputs an XWikiX509Certificate object
which can then be compared
to known trusted certificates.
#set($signingCertificate =
$services.crypto.x509.verifyText("this is the
text I want to sign",
$signature))
## Serializing a certificate as a String in conforming PEM format
(readable by
OpenSSL)
#set($pemString =
$signingCertificate.toPEMString())
## Deserializing a certificate from PEM format
#set($signingCertificate = $services.crypto.x509.certFromPEM($pemString)
The interfaces:
http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-crypto/src/main/ja…