Mark,
> I was polishing the Language Reference for Firebird 4.0, and I noticed that we
> seem to be missing a function to use with ENCRYPT:
>
> A function to generate a BINARY (or VARBINARY) of a specified size populated
> with random bytes (from a secure random number generator). A lot of
> encryption algorithms require an IV, and a proper IV should be unique and
> random for each message encrypted.
>
> An alternative approach would be that ENCRYPT - through an explicit option
> (eg `IV GENERATED` instead of `IV _value_`) - generates the IV and returns the
> IV + encrypted value (that is <IV-bytes><enc-bytes>).
> Similarly, if `IV GENERATED` is specified for DECRYPT, it should take the
> first
> (IV/block size) bytes of the input as the IV and use that for decryption.
A comment from a "simple language" POV.
While "IV" or "Initialization Vector" are the technically correct terms, I
would suggest that we use the term "seed" or "salt" instead.
A much simpler terms that directly convey purpose, without needing for someone
to google "IV".
They could be used in syntax (along with optional keyword "Random") as
"ENCRYPT RANDOM | {Seed String} | {Seed Function| SEED" or "ENCRYPT SEED RANDOM
| {Seed String} | {Seed Function}"
Sean
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
