Re: Encrypt Password - Decrypt same

Mon, 29 Nov 2004 14:33:48 -0800 

At 13:31 29/11/2004 -0800, Jan Schenkel wrote:

--- Steve Bonham <[EMAIL PROTECTED]> wrote:
> I'm using DreamCard 2.5.
>
> Steve
>

On the runrev.com website you cn find the differences
between Dreamcard and the other Revolution editions :
<http://www.runrev.com/section/platform.php>

When I opened the documentation to find more
information for the 'encrypt' command, I noticed at
the bottom of the text that it "is part of the SSL &
Encryption library"

So it could be that 'encrypt' doesn't work inside
Dreamcard --

Definitely the case - on http://revolution.runrev.com/section/whats_new.php it says
Industrial strength encryption
Encrypt and decrypt data for all commerce and secure applications using industrial strength encryption (Revolution only).
so it's pretty clear that it would not be supported in Dreamcard (and certainly it never returns any value for me, in Dreamcard).

however, you can sue a simple 'compress'
/ 'decompress' pair as a subsitute codec :
--
put compress(field "password") into \
    URL "binfile:password.bin"
--
put decompress(URL "binfile:password.bin") into \
    field "password"

Or, since you never need to retrieve the password, but merely ensure that it has been reproduced ....

put binarydecode("H32", md5Digest(field "password" & "my secret string"), myVar)
put myVar into URL "file:password.hex"

and subsequently
put URL "file:password.hex" into correctValue
put binarydecode("H32", md5Digest(field "password" & "my secret string"), myVar)
if myVar <> correctValue then
.... password is wrong ...
end if


It's always a good idea to include an md5digest in
your  file to make sure nobody has tinkered it.

Yep. I'd go with that too, just to be extra sure no-one has tinkered with it improperly.


BTW - if you are using Dreamcard, do you plan to distribute the stack with the player ?
Dreamcard won't allow you to build standalones. If you distribute the stack, you'll need to be careful about password protecting the stack - raw stacks can be easily read in any "text" editor which could make your password mechanism too clear to the enterprising student.

-- Alex. 
_______________________________________________
use-revolution mailing list
[EMAIL PROTECTED]
http://lists.runrev.com/mailman/listinfo/use-revolution

Reply via email to