Sunday
25
January
2009

Zend_Filter_Localize proposal

Hy interested ones,

and again I had an idea for simplification and added a new proposal.
I heard from some people that they have problems with localization and normalization due to the problem of missing filters.

When you, for example, have a I18N application you have to store given user input in your database in an normalized way, english for example. But you want to display it to any other user within his localized way.

The user enters a currency value like \’1.234,50\’ and you have to store it into your database as normal integer \’1234.50\’. Also the reverse way, when you read from your database \’1234.50\’ and want to display your user \’1.234,50\’.

Until now you would have to do this manually by reading form, normalize it, store it.. reading database, localize it, display it… seems a little bit complicated. :-)

Ok… and now my new proposal comes into account:
The proposed Zend_Filter_Localize and Zend_Filter_Normalize components will do this for you with one single line.
You can simply attach a filter to the form or any other component instead of calling Zend_Locale_Format manually.

I think you got an idea of the simplification.
See http://framework.zen … ize+-+Thomas+Weidner for details.
Review and comments are welcome.

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top
Sunday
18
January
2009

New proposals

Dear ZF-interested ones. :-)

I just finished two new proposals which are now ready for review and are awaiting your comments.

Translateable exceptions
This will add the possibility to translate exceptions.

This feature is usefull when you have to provide localized log-files for example.
It also adds a possibility to rewrite the exception message if needed.
For example when you would get an exception “can not connect to database xxxx”… you could rewrite it to “please ask your database admin”.

http://framework.zen … +ZF+-+Thomas+Weidner

Zend_Filter_Compress
This will add a compression/decompression filter for files.

It allows to compress or decompress files directly at upload/download or in your application by simply using two lines of code.

http://framework.zen … fer+-+Thomas+Weidner

When you also think that this features are useful add a comment the proposals.

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top
Wednesday
14
January
2009

How to encrypt with ZF

Hy fellows,

today I finished some new components which took a long time for finishing them.
Zend Framework can, from today on, encrypt and decrypt content and complete files.

Supported are actually two extensions:
Mcrypt and OpenSSL

As both extensions provide a completly different encryption handling also the usage of this two adapters differ. But still, the encryption and decryption is really simple.

Mcrypt:
Let’s take a look at a simple example for string encryption with Mcrypt:

$filter = new Zend_Filter_Encrypt('myencryptionkey');
	
// Set a own vector, otherwise you must call getVector()
// and store this vector for later decryption
$filter->setVector('myvector');
	
$encrypted = $filter->filter('text_to_be_encoded');
print $encrypted;

Really, that’s all :-)
Ok, Mcrypt is really easy. Per default it uses the blowfish algorithm, but you can change it by giving the “algorithm” key. Also the mode, the directories and the vector to be used can be changed. You could also give a Zend_Config object as input where you have defined your encryption options. See the manual for details.

$filter = new Zend_Filter_Encrypt(array(
    'key'       => 'anotherencryptionkey',
    'algorithm' => 'DES',
));

Decryption, is as easy as encryption and can be done with 2 or 3 lines of code:

$filter = new Zend_Filter_Decrypt('myencryptionkey');
	
// Set the vector with which the content was encrypted
$filter->setVector('myvector');
	
$decrypted = $filter->filter($encrypted);
print $decrypted;
]]>

Of course, you need key, vector, algorithm and method. Otherwise you will not be able to decrypt the given content. Also for decryption you can give these options eighter as array or as Zend_Config object or simply by calling the related setter methods.

But as you see the handling is really simple.

OpenSSL:
Now let’s take a look at OpenSSL. For OpenSSL you need to have public keys and your private key.
OpenSSL works completly different. Here you encode your content for the people from whom you received the public keys. Other people will not be able to decrypt your content.

So how does a simple example look like:

$filter = new Zend_Filter_Encrypt(
    array('adapter' => 'openssl',
          'private' => '/path/to/mykey/private.pem'));
	
// of course you can also give the public keys as array key at initiation
$filter->setPublicKey(
    array('first'  => '/public/key/path/first.pem',
          'second' => '/public/key/path/second.pem')
       ->setPassphrase('mypassphrase');
	
$encrypted = $filter->filter('text_to_be_encoded');
$envelope   = $filter->getEnvelopeKey();
print $encrypted;
	
// For decryption look at the Decrypt filter

As you see we are encoding our content for two people as we gave two public keys. Additionally we provided a passphrase which means that the envelope keys we have to provide for decryption will additionally be encrypted with this passphrase.

A malcious user who has stolen the keys will not be able to decrypt the conent when he does not know the passphrase. As it’s optional you can of course supress the passphrase.

There is one emminent change to the usage of Mcrypt. After we encoded our content with filter() we have to get the envelope keys. You have to give your oponent his envelope key.
getEnvelopeKey will return you an array which looks like the one we provided in setPublicKey but instead of the public keys it will hold the related envelope keys. Based on the array key you are able to seperate the right key for the right user.

Also this was quite simple. Only 4 lines of code for encryption of content with OpenSSL.

Now let’s decrypt the content:

$filter = new Zend_Filter_Decrypt(
    array('adapter' => 'openssl',
          'private' => '/path/to/mykey/private.pem'));
	
// of course you can also give the envelope keys at initiation
$filter->setEnvelopeKey(array('/key/from/encoder/first.pem',
                              '/key/from/encoder/second.pem');
       ->setPassphrase('mypassphrase');
	
$decrypted = $filter->filter($encrypted);
print $decrypted;

That’s it… when you have no passphrase and use only the options array you can decode with just 2 lines of code.

Encrypting files:
Until now it was simple… but now it get’s even simpler.
You need to encrypt and decrypt files ?

I also added file encryption and decryption filters which can be used with Zend_Form and Zend_File_Transfer. Easy as always:

$element = new Zend_File_Transfer_Adapter_Http();
$element->addFilter('Encrypt',
                    array('key'    => 'myencryptionkey',
                          'vector' => 'myvector'));

Now all uploaded files will be encrypted.
Of course you can also use the file filter manually:

$filter = new Zend_Filter_File_Encrypt(
    array('key'    => 'myencryptionkey',
          'vector' => 'myvector'));
$filter->filter('/path/to/myfile.ext');

Decryption works the same way.

As you can see the whole encryption and decryption API is simple and easy to use. This features will be available within the next release.

I hope you find it usefull and wish you a good work.

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top