https://wiki.owasp.org/api.php?action=feedcontributions&feedformat=atom&user=JwinsteadOWASP - User contributions [en]2026-04-28T22:00:37ZUser contributionsMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=ESAPI_Encryption&diff=48456ESAPI Encryption2008-12-11T19:55:54Z<p>Jwinstead: /* Possible Enhancements */</p>
<hr />
<div>== Feature Overview ==<br />
<br />
TODO<br />
<br />
== Possible Enhancements == <br />
* Potentially rename Seal and Unseal to better describe what they do<br />
* seal() should include an HMAC or integrity check to ensure that the encrypted data has not been tampered with (see [http://cwe.mitre.org/data/definitions/649.html CWE-649]).<br />
<br />
* The API should include support for key rotation; indicated key used for encryption of data<br />
<br />
* The API should allow key management to be externalized, to allow developers to integrate their own key management strategies (such as a PKI).<br />
<br />
* The documentation for each method should indicate whether it is designed to protect integrity, confidentiality, or both; and whether it is suitable for encrypting transient items (such as hidden form fields) or is designed for long-term storage.</div>Jwinsteadhttps://wiki.owasp.org/index.php?title=ESAPI_Encryption&diff=48374ESAPI Encryption2008-12-11T14:43:17Z<p>Jwinstead: /* Feature Overview */</p>
<hr />
<div>== Feature Overview ==<br />
<br />
The Encryptor API is designed to provide a simplified API for common operations developers may want to use in web applications. It is not designed to be a general-purpose crypto API, but only to provide safe implementations of common functionality.<br />
<br />
== Possible Enhancements == <br />
<br />
* seal() should include an HMAC or integrity check to ensure that the encrypted data has not been tampered with.<br />
<br />
* The API should include support for key rotation<br />
<br />
* The API should allow key management to be externalized, to allow developers to integrate their own key management strategies (such as a PKI).<br />
<br />
* The documentation for each method should indicate whether it is designed to protect integrity, confidentiality, or both; and whether it is suitable for encrypting transient items (such as hidden form fields) or is designed for long-term storage.</div>Jwinsteadhttps://wiki.owasp.org/index.php?title=ESAPI_Encryption&diff=48367ESAPI Encryption2008-12-11T14:39:23Z<p>Jwinstead: </p>
<hr />
<div>== Feature Overview ==<br />
<br />
TODO<br />
<br />
== Possible Enhancements == <br />
<br />
* seal() should include an HMAC or integrity check to ensure that the encrypted data has not been tampered with.<br />
<br />
* The API should include support for key rotation<br />
<br />
* The API should allow key management to be externalized, to allow developers to integrate their own key management strategies (such as a PKI).<br />
<br />
* The documentation for each method should indicate whether it is designed to protect integrity, confidentiality, or both; and whether it is suitable for encrypting transient items (such as hidden form fields) or is designed for long-term storage.</div>Jwinstead