Encrypt Password - Decrypt same
Alex Tweedly
alex at tweedly.net
Mon Nov 29 17:36:34 EST 2004
At 13:31 29/11/2004 -0800, Jan Schenkel wrote:
>--- Steve Bonham <sbonham at georgiasouthern.edu> wrote:
> > I'm using DreamCard 2.5.
> >
> > Steve
> >
>
>On the runrev.com website you cn find the differences
>between Dreamcard and the other Revolution editions :
><http://www.runrev.com/section/platform.php>
>
>When I opened the documentation to find more
>information for the 'encrypt' command, I noticed at
>the bottom of the text that it "is part of the SSL &
>Encryption library"
>
>So it could be that 'encrypt' doesn't work inside
>Dreamcard --
Definitely the case - on http://revolution.runrev.com/section/whats_new.php
it says
>Industrial strength encryption
>Encrypt and decrypt data for all commerce and secure applications using
>industrial strength encryption (Revolution only).
so it's pretty clear that it would not be supported in Dreamcard (and
certainly it never returns any value for me, in Dreamcard).
>however, you can sue a simple 'compress'
>/ 'decompress' pair as a subsitute codec :
>--
>put compress(field "password") into \
> URL "binfile:password.bin"
>--
>put decompress(URL "binfile:password.bin") into \
> field "password"
Or, since you never need to retrieve the password, but merely ensure that
it has been reproduced ....
put binarydecode("H32", md5Digest(field "password" & "my secret string"),
myVar)
put myVar into URL "file:password.hex"
and subsequently
put URL "file:password.hex" into correctValue
put binarydecode("H32", md5Digest(field "password" & "my secret string"),
myVar)
if myVar <> correctValue then
.... password is wrong ...
end if
>It's always a good idea to include an md5digest in
>your file to make sure nobody has tinkered it.
Yep. I'd go with that too, just to be extra sure no-one has tinkered with
it improperly.
BTW - if you are using Dreamcard, do you plan to distribute the stack with
the player ?
Dreamcard won't allow you to build standalones. If you distribute the
stack, you'll need to be careful about password protecting the stack - raw
stacks can be easily read in any "text" editor which could make your
password mechanism too clear to the enterprising student.
-- Alex.
More information about the use-livecode
mailing list