I was polishing the Language Reference for Firebird 4.0, and I noticed
that we seem to be missing a function to use with ENCRYPT:
A function to generate a BINARY (or VARBINARY) of a specified size
populated with random bytes (from a secure random number generator). A
lot of encryption algorithms require an IV, and a proper IV should be
unique and random for each message encrypted.
An alternative approach would be that ENCRYPT - through an explicit
option (eg `IV GENERATED` instead of `IV _value_`) - generates the IV
and returns the IV + encrypted value (that is <IV-bytes><enc-bytes>).
Similarly, if `IV GENERATED` is specified for DECRYPT, it should take
the first (IV/block size) bytes of the input as the IV and use that for
decryption.
Thoughts?
Mark
--
Mark Rotteveel
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
