Re: [xslt] work for next release



On Tue, Jun 22, 2004 at 07:48:32AM -0400, Daniel Veillard wrote:
>   I'm about to leave for Linux Tag in Karlsruhe Germany for a couple
> of days, but when I'm back I will have a small week left for libxml2
> and libxslt hacking, and I hope to be able to make a release within
> next week. I had a lot of work recently and may have dropped items,
> so if there is stuff I didn't handle and would need to be integrated
> or applied before the next release, please drop a reply to this mail
> and make sure if it's a bug that it's fully documented in bugzilla.

Daniel, William, and others,

wanted to bring you update on the status of my exslt:crypto patch.
i've attached two patches to bug #142105:

1) Dynamically load openssl on nix, use CryptoApi on Windows:
http://bugzilla.gnome.org/attachment.cgi?id=28351&action=view

2) Use libgcrypt on nix, use CryptoApi on Windows: 
http://bugzilla.gnome.org/attachment.cgi?id=28956&action=view

libgcrypt is an LGPL library used by GnuPG that seems far less
likely (given everything is prefixed by gcry_) to create linking
issues discussed on this list previously with regards to openssl.
there also should be no issues w.r.t licensing. finally since there
is no cleanup hook for libexslt, the dynamically loaded library
approach had to load and unload openssl each exslt:crypto call
or else leak the loaded openssl ltdl handle - the libgcrypt patch
doesn't suffer the same problem.

the gcrypt patch includes two new functions, rc4_encrypt and
rc4_decrypt demonstrated below:

<xsl:stylesheet version="1.0"
  xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
  xmlns:crypto="http://exslt.org/crypto";
  extension-element-prefixes="crypto">

  <xsl:template match="editor/plaintext">
    md4=<xsl:value-of select="crypto:md4(.)"/>
    md5=<xsl:value-of select="crypto:md5(.)"/>
    sha1=<xsl:value-of select="crypto:sha1(.)"/>
    rc4_encrypt=<xsl:value-of select="crypto:rc4_encrypt('samplekey', 'sampletext')"/>
    rc4_decrypt=<xsl:value-of select="crypto:rc4_decrypt('samplekey', crypto:rc4_encrypt('samplekey', 'sampletext'))"/>
  </xsl:template>

</xsl:stylesheet>

one usage note:

the rc4_(encrypt/decrypt) functions do not use the "key" in the same fashion.
under cryptoapi, the key is hashed, but on *nix it is used as-is padded out
to 128 bytes with '\0'. so you can't rc4_encrypt on nix and rc4_decrypt on
windows currently.

jr


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]