Encrypt Password - Decrypt same

Dar Scott dsc at swcp.com
Mon Nov 29 14:53:50 EST 2004


On Nov 29, 2004, at 11:57 AM, Steve Bonham wrote:

> I'd like to encrypt the password on closestack and write that to the 
> file. Then import and decrypt the password. But I don't understand the 
> Rev documentation for encrypt & decrypt. The following makes NO sense 
> to me at all...
>
> encrypt source using cipher with [password|key] passorkey[and salt 
> saltvalue] [and IV IVvalue] [at bit ]
>
> Can someone provide some sample Transcript that will enlighten me?

To get started, use this simplified syntax for the "password" method.  
(The "key" method is less suited to those new to this.)

    encrypt <source> using <cipher> with [ password ] <pass_phrase> [ at 
<bits> bit ]

where that in brackets is optional and the <x> symbols are expressions.

This can be simplified to this:

   encrypt <source> using <cipher> with <pass_phrase>

I plan to suggest a default cipher.  If that idea is adopted, then the 
command will simplify more.

If there is an error, 'result()' returns non-empty.  The encrypted 
value is in the variable 'it'.  It will be larger than <source>.

Use "bf-cbc" to start for the cipher value.  To find other ciphers to 
try, use cipherNames()--except on OS X for now.

A current weakness is that the default "salt" value is empty, which 
will make the encryption slightly weaker.  This will probably be fixed 
soon.  For most people, procedures in using encryption have greater 
weaknesses than this, so I wouldn't worry about it (for now).  (Here is 
how you crack a cipher with a Cray:  You call up the company and ask 
for the head engineer and offer him a Cray for the keys.)

The decryption is the same; replace 'encrypt' above with 'decrypt'.

Any value can be used for <source> or <pass_phrase>, but the 
<pass_phrase> should not be trivial.

So, an example:

    encrypt "Locker 3117, Penn Station" using "bf-cbc" with "Danger, 
Will Robinson."

Dar

****************************************
     Dar Scott Consulting
     http://www.swcp.com/dsc/
     Programming Services
****************************************



More information about the Use-livecode mailing list