Just got back from a trade show (National Association of Corrosion
Engineers - sound exciting?!) I'll download your library and tinker with it.
Thanks Mark.
Marty Knapp
In fact, ig (and a verify function).
It's at: http://futsoft.futilism.com/revolutionstuff.html
best,
Mark
On 22 Mar 2009, at 14:53, Mark Smith wrote:
If the sha1 type is acceptable, you can use either my sha1
implementation or the openssl command line to generate a sha1 digest
of the password to end up with this form:
username:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= (simple)
username:{SSHA}sVp7Y6h1ZtYAvp3UbsbZlQYACaU= (salted, more secure)
if you were going to use my sha1 (libHash-Hmac) then you could do this
function htpasswd.sha1 pPword
return "{SHA}" & sha1.b64(pPword)
end htpasswd.sha1
----
function htpasswd.sha1.salted pPword
put numtochar(random(255)) & numtochar(random(255)) into tSalt
return "{SSHA}" & sha1.b64(pPword & tSalt) & base64encode(tSalt)
end htpasswd.sha1.salted
In fact, I might add those to the library.
Best,
Mark
On 22 Mar 2009, at 00:35, Marty Knapp wrote:
Has anyone used Rev to create encrypted passwords that are
compatible with htpasswd to protect areas of your web site? I know
absolutely nothing about encryption. I've spent a few hours poking
around the internet trying to find something that I can use for a
utility I need to make. I found lots of web sites that will generate
an encrypted password, but I don't really want to go that route.
_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
