SHA1 cracked .... What are the chances this will be addressed in LC?
ambassador at fourthworld.com
Wed Mar 1 13:22:48 EST 2017
This thread title asks: "What are the chances this will be addressed in LC?"
The answer turns out to be: "Quite good - pull request submitted, status
changed to 'Awaiting Build'" - i.e. "done!"
Many thanks to Peter Brett for addressing this, and implementing it in
such a nice way.
From the pull request linked to in the bug report it seems we now have
a new messageDigest function:
get messageDigest( <message>, <type> )
(Note: there's discussion in the pull request about the param order, and
I'm inferring here; the actual implementation may be the other way
around, with type first and then message - Peter, Monte, where did that
...where (if I read the notes correctly; Peter please correct me if I'm
wrong) <type> can be any of the following:
With those we should be set for several years.
This will mean that from v9.0 dp6 forward you'll probably want to avoid
using the older md5Digest and sha1Digest functions in favor of this new
If you need the older hash algos the new function apparently supports
them, but of course if you need a cryptographic-quality hash use sha2 or
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the use-livecode