Home    XP_CRYPT Online Help Prev Next
How To use XP_CRYPT GUI
Introduction
What is XP_CRYPT
System requirements
Free version limitations
End user license agreement
Installing XP_CRYPT
Installation procedure
Activation
XP_CRYPT API
What's new
Encryption methods overview
Session
xp_crypt_set_var
xp_crypt_get_var
xp_crypt_close_session
xp_crypt_init_session
xp_crypt_set_option
Asymmetric keys
DSA
xp_dsa_free_key
xp_dsa_load_key
xp_dsa_save_key
xp_dsa_generate_couple
RSA
xp_rsa_generate_couple
xp_rsa_generate_pub_key
xp_rsa_load_key
xp_rsa_priv_dec
xp_rsa_pub_enc
xp_rsa_save_key
xp_rsa_free_key
Digital signatures
DSA
xp_dsa_verify
xp_dsa_sign
RSA
xp_rsa_sign
xp_rsa_verify
Hashing
xp_crypt
xp_md5
xp_sha1
Symmetric encryption
AES128
xp_aes128_decrypt
xp_aes128_encrypt
AES
xp_aes_decrypt
xp_aes_encrypt
DESX
xp_desx_decrypt
xp_desx_encrypt
RC4
xp_rc4_decrypt
xp_rc4_encrypt
Triple DES
xp_des3_encrypt
xp_des3_decrypt
Error codes
Tutorial
How to use GUI
Advanced technique (Old)
Table encryption (Old)
Troubleshooting
Troubleshooting overview

What's new ?

ver 4.0

  • GUI for automated code generation. 
  • New mode of AES added.

ver 3.6.2

  • Remote installation

ver 3.6

  • Digital Signature (DSA) standard added.
  • Triple DES encryption added
  • Binary form output (without base64 encoding)

ver 3.5

  • Session management For every connection XP_CRYPT creates a separate session. Every allocated resource is attached to the session and is automatically deallocated when the session is closed. If you are abruptly disconnected and  have not deallocated the loaded keys, the keys will be automatically unloaded after the timeout period. You can set the preferable timeout as well as another session options.
  • Digital signature API You can digitally sign data and verify the signatures. Works with keys of 512 bits and longer.
  • Bulk operations This enables you to encrypt and decrypt a few variables of any type at once ! 
  • Password caching This feature allows to use load private keys and decrypt information without mentioning the password. This feature is very useful for creating encrypted tables with `views` and INSTEAD OF triggers. See xp_crypt_set_option for more information about pswd_cache option.

 

ver 3.4 

In the previous versions of XP_CRYPT, the key must have been loaded before its usage and explicitly freed after that. The key could have been loaded only from the file on the server side. This way provides a high speed of encryption/decryption operations, however it is not always the most comfortable way. By changing the internal key handling we have tried to achieve more flexibility, ease of usage and comparability with old versions. Starting from version 3.4 you must not load and free the key, you can simply specify its source and the key will be loaded from this source and freed automatically after usage. This adds more comfort, but also adds an overhead on reading the key into memory every time you use it. Key source can be also a key handle. In this case your old SQL scripts remain compatible with new versions. 

There are 3 types of key source:

  • Key handle. This handle is usually held in VARCHAR(10) variable. You must load the key, get the handle and free it when you do not need it. The key remains loaded into memory until the server restarts or until you explicitly free it.
  • Filename. You can simply specify the name of the file on the server side where the key is stored. To distinguish it from other source types precede file name with '<' character. For example if you want your public key to be stored in c:\pubkey.pem and use it for encryption in xp_rsa_pub_enc function, use : xp_rsa_pub_enc 'text', '<c:\pubkey.pem', @result OUTPUT
  • Key body. If your key is not stored on the server side and if you want to keep it somewhere else, this key source can help you. In this case you pass the key content in the string. Your front-end software should read the key file and pass it exactly to XP_CRYPT functions. Please preserve new lines and all semantics in this string. To get the content of the key you can use xp_rsa_save_key key_handle, server_filename [, password]  This saves the key to a file on the server side. To save the key content to a variable use xp_rsa_save_key key_handle, @variable OUTPUT  [, password] . You can do `select @variable` and save the output at the client side. Remember: always when you save private key you must specify secure password which should be more than 4 chars.

Browser Based Help. Published by chm2web software.