Enhancement: transparently persist/retrieve large amounts of array data as JSON

[Bernard Devlin via use-livecode]

As far as I can see, providing this enhancement is (in essence) no more
than the addition of one line to Livecode's compilation process.

Details here:

https://quality.livecode.com/show_bug.cgi?id=21821

Seems to me to be a huge gain for virtually no effort.  Array data could be
stored and indexed outside of a stack.

Regards
Bernard
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Tom Glod via use-livecode]

Hi Bob,

The code goes something like this

the_password = user password string
decrypt_key = MaximizePassword(the_password)
salt = 512hash(MaximizePassword(the_password) & pepper character)

The password string runs through a "MaximizePassword" function that
maximizes the password length even if the user has a 4 character password.

Righard G once said to me here something I took to heart.. to defeat a
hacker, all you can do is add more cycles.  Hence the use of a pepper of
alphabet & 0-9. Its now 37 times harder to brute force hack the password.

theoretically.






On Mon, Feb 4, 2019 at 4:52 PM Bob Sneidar via use-livecode <
use-livecode@lists.runrev.com> wrote:

> This has my curiosity piqued. How do you use the pepper? Do you simply
> append/prepend the pepper onto the password?
>
> Bob S
>
>
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Bob Sneidar via use-livecode]

This has my curiosity piqued. How do you use the pepper? Do you simply 
append/prepend the pepper onto the password? 

Bob S


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Setting behaviors in 9.0.2

[Richard Gaskin via use-livecode]

J. Landman Gay wrote:

> On 2/4/19 1:01 AM, Richard Gaskin via use-livecode wrote:
>> J. Landman Gay wrote:
>>
>>  > I just found my unsettable behaviors. The IDE set them as custom
>>  > properties named "behavior" with the value being the long id of
>>  > the behavior button.
>>
>> Was that in a custom property set, or the default set.
>>
>> If the latter, disturbing.
>
> It was the default set. But I just tested it again with a clean
> re-launch and 9.0.2 worked correctly. The behavior was set as
> expected.
>
> Back when this was happening the script editor went wonky too. Trying
> to navigate through script text with the arrow keys occasionally
> resulted in page navigation instead, where a card obviously not meant
> to be seen was displayed.
>
> There was other weird stuff too that I can't recall, but if any of
> that was due to implementation of IDE behaviors then it kind of makes
> sense.

I'm hoping it's just an IDE issue, but unless I misunderstand what you 
describe shouldn't be possible without a serious issue in the engine:


Imagine setting the rect of an object, or its text, or anything else, 
and having those become custom props rather than setting the built-in props.


As part of a non-default property set, names of built-in object 
properties should be acceptable.


But in the default property set, the results could range from confusing 
to disastrous, depending on the context.  Indeed, the engine should 
never allow it, should it?


If you stumble across a recipe please pass it along. This one is murky, 
and concerning


--
 Richard Gaskin
 Fourth World Systems
 Software Design and Development for the Desktop, Mobile, and the Web
 
 ambassa...@fourthworld.comhttp://www.FourthWorld.com

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Tom Glod via use-livecode]

yeah i'll put it in the issues section i don't think i'll get a full
nights  sleep until the reason for this is clearso it will
happen..sigh :)

On Mon, Feb 4, 2019 at 3:18 PM Brian Milby via use-livecode <
use-livecode@lists.runrev.com> wrote:

> And I’ll say my testing is now producing the same errors.  So a recipe
> that we can test to see it will be helpful.
>
> Thanks,
> Brian
> On Feb 4, 2019, 2:02 PM -0600, Tom Glod via use-livecode <
> use-livecode@lists.runrev.com>, wrote:
> > Ya, Its a head scratcher. I can't really spend to much time
> > investigating it  thankfully I can deal with it easily once i found
> it
> > ..in this case.
> >
> > Its been driving me crazy, because once in a while in testing i would get
> > an account that was created seemingly correct but would not open.
> >
> > I'm so happy to have resolved 2 of 2 major and random issues that have
> been
> > plaguing my software for months. The other being the Adobe meta data
> being
> > updated in the clipboard.
> >
> > This code is going on github soon so I suspect I will be revisiting this
> > bug I think I will take out my workaround and try to reproduce it one
> more
> > time and then capture the data so can submit a report.
> >
> > Thanks everyone, full speed ahead.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > On Mon, Feb 4, 2019 at 2:43 PM Bob Sneidar via use-livecode <
> > use-livecode@lists.runrev.com> wrote:
> >
> > > When I attempt to decrypt a salted hash and it fails, "it" contains
> empty
> > > and the result contains "(SSL error: bad decrypt)", otherwise it
> contains
> > > some value and the result is empty. The only thing I can think of is
> that
> > > at random times even though the pepper is invalid, the decrypt function
> > > succeeds! That would suck, but I have yet to see it myself.
> > >
> > > Bob S
> > >
> > >
> > > > On Feb 4, 2019, at 10:13 , Tom Glod via use-livecode <
> > > use-livecode@lists.runrev.com> wrote:
> > > >
> > > > Just to clarify
> > > >
> > > > My (local) application uses a salt and pepper technique to add
> cycles to
> > > > the decrypt. The pepper (a-z) is added to the salt the first time the
> > > > account is made.
> > > >
> > > > Afterward, when I try to log into the account using the correct
> password,
> > > > my application has to cycle through the peppers to find the right
> combo
> > > for
> > > > a correct decrypt.
> > > >
> > > > I 'almost always' get a "bad decrypt" error message when just the
> pepper
> > > is
> > > > wrong.except for the odd time that its gibberish.
> > > >
> > > > When the password, salt and pepper is right, the decryption works
> and the
> > > > right binary data is returned.
> > > >
> > > > Because I know what I am expecting as decrypted data, its easy to
> check
> > > if
> > > > the decrypt really worked or not.
> > > >
> > > > But until now I was relying on an accurate error message to tell if
> the
> > > > decrypt work or notwhich I guess I cannot do.
> > > >
> > > > I was wondering why I usually get a normal ssl error message? and
> only
> > > > occasionally gibberish? There doesn't seem to be any pattern to it.
> > >
> > >
> > > ___
> > > use-livecode mailing list
> > > use-livecode@lists.runrev.com
> > > Please visit this url to subscribe, unsubscribe and manage your
> > > subscription preferences:
> > > http://lists.runrev.com/mailman/listinfo/use-livecode
> > >
> > ___
> > use-livecode mailing list
> > use-livecode@lists.runrev.com
> > Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Brian Milby via use-livecode]

And I’ll say my testing is now producing the same errors.  So a recipe that we 
can test to see it will be helpful.

Thanks,
Brian
On Feb 4, 2019, 2:02 PM -0600, Tom Glod via use-livecode 
, wrote:
> Ya, Its a head scratcher. I can't really spend to much time
> investigating it  thankfully I can deal with it easily once i found it
> ..in this case.
>
> Its been driving me crazy, because once in a while in testing i would get
> an account that was created seemingly correct but would not open.
>
> I'm so happy to have resolved 2 of 2 major and random issues that have been
> plaguing my software for months. The other being the Adobe meta data being
> updated in the clipboard.
>
> This code is going on github soon so I suspect I will be revisiting this
> bug I think I will take out my workaround and try to reproduce it one more
> time and then capture the data so can submit a report.
>
> Thanks everyone, full speed ahead.
>
>
>
>
>
>
>
>
>
>
> On Mon, Feb 4, 2019 at 2:43 PM Bob Sneidar via use-livecode <
> use-livecode@lists.runrev.com> wrote:
>
> > When I attempt to decrypt a salted hash and it fails, "it" contains empty
> > and the result contains "(SSL error: bad decrypt)", otherwise it contains
> > some value and the result is empty. The only thing I can think of is that
> > at random times even though the pepper is invalid, the decrypt function
> > succeeds! That would suck, but I have yet to see it myself.
> >
> > Bob S
> >
> >
> > > On Feb 4, 2019, at 10:13 , Tom Glod via use-livecode <
> > use-livecode@lists.runrev.com> wrote:
> > >
> > > Just to clarify
> > >
> > > My (local) application uses a salt and pepper technique to add cycles to
> > > the decrypt. The pepper (a-z) is added to the salt the first time the
> > > account is made.
> > >
> > > Afterward, when I try to log into the account using the correct password,
> > > my application has to cycle through the peppers to find the right combo
> > for
> > > a correct decrypt.
> > >
> > > I 'almost always' get a "bad decrypt" error message when just the pepper
> > is
> > > wrong.except for the odd time that its gibberish.
> > >
> > > When the password, salt and pepper is right, the decryption works and the
> > > right binary data is returned.
> > >
> > > Because I know what I am expecting as decrypted data, its easy to check
> > if
> > > the decrypt really worked or not.
> > >
> > > But until now I was relying on an accurate error message to tell if the
> > > decrypt work or notwhich I guess I cannot do.
> > >
> > > I was wondering why I usually get a normal ssl error message? and only
> > > occasionally gibberish? There doesn't seem to be any pattern to it.
> >
> >
> > ___
> > use-livecode mailing list
> > use-livecode@lists.runrev.com
> > Please visit this url to subscribe, unsubscribe and manage your
> > subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> >
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Tom Glod via use-livecode]

Ya, Its a head scratcher.I can't really spend to much time
investigating it  thankfully I can deal with it easily once i found it
..in this case.

Its been driving me crazy, because once in a while in testing i would get
an account that was created seemingly correct but would not open.

I'm so happy to have resolved 2 of 2 major and random issues that have been
plaguing my software for months.  The other being the Adobe meta data being
updated in the clipboard.

This code is going on github soon so I suspect I will be revisiting this
bug I think I will take out my workaround and try to reproduce it one more
time and then capture the data so can submit a report.

Thanks everyone, full speed ahead.










On Mon, Feb 4, 2019 at 2:43 PM Bob Sneidar via use-livecode <
use-livecode@lists.runrev.com> wrote:

> When I attempt to decrypt a salted hash and it fails, "it" contains empty
> and the result contains "(SSL error: bad decrypt)", otherwise it contains
> some value and the result is empty. The only thing I can think of is that
> at random times even though the pepper is invalid, the decrypt function
> succeeds! That would suck, but I have yet to see it myself.
>
> Bob S
>
>
> > On Feb 4, 2019, at 10:13 , Tom Glod via use-livecode <
> use-livecode@lists.runrev.com> wrote:
> >
> > Just to clarify
> >
> > My (local) application uses a salt and pepper technique to add cycles to
> > the decrypt. The pepper (a-z) is added to the salt the first time the
> > account is made.
> >
> > Afterward, when I try to log into the account using the correct password,
> > my application has to cycle through the peppers to find the right combo
> for
> > a correct decrypt.
> >
> > I 'almost always' get a "bad decrypt" error message when just the pepper
> is
> > wrong.except for the odd time that its gibberish.
> >
> > When the password, salt and pepper is right, the decryption works and the
> > right binary data is returned.
> >
> > Because I know what I am expecting as decrypted data, its easy to check
> if
> > the decrypt really worked or not.
> >
> > But until now I was relying on an accurate error message to tell if the
> > decrypt work or notwhich I guess I cannot do.
> >
> > I was wondering why I usually get a normal ssl error message? and only
> > occasionally gibberish?   There doesn't seem to be any pattern to it.
>
>
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Setting behaviors in 9.0.2

[J. Landman Gay via use-livecode]

On 2/4/19 1:01 AM, Richard Gaskin via use-livecode wrote:

J. Landman Gay wrote:

 > I just found my unsettable behaviors. The IDE set them as custom
 > properties named "behavior" with the value being the long id of the
 > behavior button.

Was that in a custom property set, or the default set.

If the latter, disturbing.



It was the default set. But I just tested it again with a clean 
re-launch and 9.0.2 worked correctly. The behavior was set as expected.


Back when this was happening the script editor went wonky too. Trying to 
navigate through script text with the arrow keys occasionally resulted 
in page navigation instead, where a card obviously not meant to be seen 
was displayed.


There was other weird stuff too that I can't recall, but if any of that 
was due to implementation of IDE behaviors then it kind of makes sense.


--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software   | http://www.hyperactivesw.com

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Bob Sneidar via use-livecode]

When I attempt to decrypt a salted hash and it fails, "it" contains empty and 
the result contains "(SSL error: bad decrypt)", otherwise it contains some 
value and the result is empty. The only thing I can think of is that at random 
times even though the pepper is invalid, the decrypt function succeeds! That 
would suck, but I have yet to see it myself. 

Bob S


> On Feb 4, 2019, at 10:13 , Tom Glod via use-livecode 
>  wrote:
> 
> Just to clarify
> 
> My (local) application uses a salt and pepper technique to add cycles to
> the decrypt. The pepper (a-z) is added to the salt the first time the
> account is made.
> 
> Afterward, when I try to log into the account using the correct password,
> my application has to cycle through the peppers to find the right combo for
> a correct decrypt.
> 
> I 'almost always' get a "bad decrypt" error message when just the pepper is
> wrong.except for the odd time that its gibberish.
> 
> When the password, salt and pepper is right, the decryption works and the
> right binary data is returned.
> 
> Because I know what I am expecting as decrypted data, its easy to check if
> the decrypt really worked or not.
> 
> But until now I was relying on an accurate error message to tell if the
> decrypt work or notwhich I guess I cannot do.
> 
> I was wondering why I usually get a normal ssl error message? and only
> occasionally gibberish?   There doesn't seem to be any pattern to it.


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Tom Glod via use-livecode]

thank you all for chiming in.

On Mon, Feb 4, 2019 at 1:13 PM Tom Glod  wrote:

> Just to clarify
>
> My (local) application uses a salt and pepper technique to add cycles to
> the decrypt. The pepper (a-z) is added to the salt the first time the
> account is made.
>
> Afterward, when I try to log into the account using the correct password,
> my application has to cycle through the peppers to find the right combo for
> a correct decrypt.
>
> I 'almost always' get a "bad decrypt" error message when just the pepper
> is wrong.except for the odd time that its gibberish.
>
> When the password, salt and pepper is right, the decryption works and the
> right binary data is returned.
>
> Because I know what I am expecting as decrypted data, its easy to check if
> the decrypt really worked or not.
>
> But until now I was relying on an accurate error message to tell if the
> decrypt work or notwhich I guess I cannot do.
>
> I was wondering why I usually get a normal ssl error message? and only
> occasionally gibberish?   There doesn't seem to be any pattern to it.
>
> On Mon, Feb 4, 2019 at 11:30 AM Brian Milby via use-livecode <
> use-livecode@lists.runrev.com> wrote:
>
>> This is not a bug.  The SSL library will only complain if it requires a
>> parameter with a certain bit length and you provide an invalid value.  As
>> long as your key/password/IV/salt are acceptable then you will get the
>> result of the decrypt.  One way (not necessarily secure) is the pretend
>> your salt to the encrypted message.  When you decrypt you verify that it
>> starts with your salt.  If not, you know something went wrong.  Including a
>> hash is better.
>>
>> Thanks,
>> Brian
>> On Feb 4, 2019, 11:12 AM -0500, Bob Sneidar via use-livecode <
>> use-livecode@lists.runrev.com>, wrote:
>> > Nothing in the result?
>> >
>> > Bob S
>> >
>> >
>> > > On Feb 3, 2019, at 18:33 , Tom Glod via use-livecode <
>> use-livecode@lists.runrev.com> wrote:
>> > >
>> > > Hi folks, I have just discovered a bug in Livecode where the SSL
>> Library
>> > > does not return a normal error message" like SSL: bad decrypt
>> > >
>> > > instead
>> > >
>> > > it returns unreadable binary garbage.. when in fact, the key and
>> salt
>> > > were wrong and the error message should have been "bad decrypt"
>> > >
>> > > I don't know how to trigger it. but i know for a fact that the key
>> and salt
>> > > were wrong.
>> > >
>> > > i build a quick workaround for when this occurs.
>> > >
>> > > but its weird and a little worrisome... has anyone else had
>> inconsistent
>> > > error messages with the ssl library?
>> >
>> >
>> > ___
>> > use-livecode mailing list
>> > use-livecode@lists.runrev.com
>> > Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> > http://lists.runrev.com/mailman/listinfo/use-livecode
>> ___
>> use-livecode mailing list
>> use-livecode@lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Tom Glod via use-livecode]

Just to clarify

My (local) application uses a salt and pepper technique to add cycles to
the decrypt. The pepper (a-z) is added to the salt the first time the
account is made.

Afterward, when I try to log into the account using the correct password,
my application has to cycle through the peppers to find the right combo for
a correct decrypt.

I 'almost always' get a "bad decrypt" error message when just the pepper is
wrong.except for the odd time that its gibberish.

When the password, salt and pepper is right, the decryption works and the
right binary data is returned.

Because I know what I am expecting as decrypted data, its easy to check if
the decrypt really worked or not.

But until now I was relying on an accurate error message to tell if the
decrypt work or notwhich I guess I cannot do.

I was wondering why I usually get a normal ssl error message? and only
occasionally gibberish?   There doesn't seem to be any pattern to it.

On Mon, Feb 4, 2019 at 11:30 AM Brian Milby via use-livecode <
use-livecode@lists.runrev.com> wrote:

> This is not a bug.  The SSL library will only complain if it requires a
> parameter with a certain bit length and you provide an invalid value.  As
> long as your key/password/IV/salt are acceptable then you will get the
> result of the decrypt.  One way (not necessarily secure) is the pretend
> your salt to the encrypted message.  When you decrypt you verify that it
> starts with your salt.  If not, you know something went wrong.  Including a
> hash is better.
>
> Thanks,
> Brian
> On Feb 4, 2019, 11:12 AM -0500, Bob Sneidar via use-livecode <
> use-livecode@lists.runrev.com>, wrote:
> > Nothing in the result?
> >
> > Bob S
> >
> >
> > > On Feb 3, 2019, at 18:33 , Tom Glod via use-livecode <
> use-livecode@lists.runrev.com> wrote:
> > >
> > > Hi folks, I have just discovered a bug in Livecode where the SSL
> Library
> > > does not return a normal error message" like SSL: bad decrypt
> > >
> > > instead
> > >
> > > it returns unreadable binary garbage.. when in fact, the key and
> salt
> > > were wrong and the error message should have been "bad decrypt"
> > >
> > > I don't know how to trigger it. but i know for a fact that the key and
> salt
> > > were wrong.
> > >
> > > i build a quick workaround for when this occurs.
> > >
> > > but its weird and a little worrisome... has anyone else had
> inconsistent
> > > error messages with the ssl library?
> >
> >
> > ___
> > use-livecode mailing list
> > use-livecode@lists.runrev.com
> > Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Strip XMP Packet from the end of binary image data

[Ben Rubinstein via use-livecode]

On 01/02/2019 22:43, Richard Gaskin via use-livecode wrote:

Tom Glod wrote:

 > The problem for me was that Fireworks was updating the clipboard data
 > every second ..effectively changing the content of the clipboard even
 > if it didn't change..The image was not changing , but the meta
 > data was.  so I had a runaway "Clipboard changing message" ...

As one would expect.  Any word from Adobe on why they're hammering the user's 
clipboard for no apparent reason?


I think it's like the scorpion in Aesop's fable 
(http://www.aesopfables.com/cgi/aesop1.cgi?4) - Adobe 
can't help themselves, it's just in their nature.


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Strip XMP Packet from the end of binary image data

[Ben Rubinstein via use-livecode]

Hey don't knock the invisible characters in PDFs - that's a feature. I just 
recently wrote something in LiveCode precisely to generate PDFs containing 
invisible (but search-able, select=able, copy-able) text.



On 01/02/2019 16:36, Bob Sneidar via use-livecode wrote:

Adobe does a LOT of crap when copying to the clipboard. Copy text from an OCR'd 
PDF sometime and paste it into a Livecode field. You may find the number of 
characters is more than are visible. This is what inspired me to write my 
cleanAscii function which filters out all chars before 32 and after 126.

Bob S



On Jan 31, 2019, at 14:23 , Tom Glod via use-livecode 
 wrote:

Scratch taht, its the modified date timestamp that changes.

I will try using regex to get the ID and check it to see if the clipboard
image really changed or not.

should be a safer and quicker workaround...I think all adobe software does
this when copying to clipboard.


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Brian Milby via use-livecode]

This is not a bug.  The SSL library will only complain if it requires a 
parameter with a certain bit length and you provide an invalid value.  As long 
as your key/password/IV/salt are acceptable then you will get the result of the 
decrypt.  One way (not necessarily secure) is the pretend your salt to the 
encrypted message.  When you decrypt you verify that it starts with your salt.  
If not, you know something went wrong.  Including a hash is better.

Thanks,
Brian
On Feb 4, 2019, 11:12 AM -0500, Bob Sneidar via use-livecode 
, wrote:
> Nothing in the result?
>
> Bob S
>
>
> > On Feb 3, 2019, at 18:33 , Tom Glod via use-livecode 
> >  wrote:
> >
> > Hi folks, I have just discovered a bug in Livecode where the SSL Library
> > does not return a normal error message" like SSL: bad decrypt
> >
> > instead
> >
> > it returns unreadable binary garbage.. when in fact, the key and salt
> > were wrong and the error message should have been "bad decrypt"
> >
> > I don't know how to trigger it. but i know for a fact that the key and salt
> > were wrong.
> >
> > i build a quick workaround for when this occurs.
> >
> > but its weird and a little worrisome... has anyone else had inconsistent
> > error messages with the ssl library?
>
>
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Setting behaviors in 9.0.2

[Bob Sneidar via use-livecode]

That's why I always report here  first. 

Bob S


> On Feb 2, 2019, at 11:01 , J. Landman Gay via use-livecode 
>  wrote:
> 
> Is anyone else unable to set a behavior on an object in LC 9.0.2? Neither 
> script, nor message box, nor property inspector will do it for me with the 
> possible exception of a button on the same card. I'm not using script-only 
> stacks, just buttons which are sometimes in another stack in use.
> 
> This is such a basic requirement that I'm wondering if it's just me.
> -- 
> Jacqueline Landman Gay | jac...@hyperactivesw.com
> HyperActive Software   | http://www.hyperactivesw.com


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Decrypt error message?

[Bob Sneidar via use-livecode]

Nothing in the result?

Bob S


> On Feb 3, 2019, at 18:33 , Tom Glod via use-livecode 
>  wrote:
> 
> Hi folks, I have just discovered a bug in Livecode where the SSL Library
> does not return a normal error message"  like SSL: bad decrypt
> 
> instead
> 
> it returns unreadable binary garbage.. when in fact, the key and salt
> were wrong and the error message should have been "bad decrypt"
> 
> I don't know how to trigger it. but i know for a fact that the key and salt
> were wrong.
> 
> i build a quick workaround for when this occurs.
> 
> but its weird and a little worrisome... has anyone else had inconsistent
> error messages with the ssl library?


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Strip XMP Packet from the end of binary image data

[Bob Sneidar via use-livecode]

PDF, much like McDonalds is never going to go away. 

Bob S


> On Feb 1, 2019, at 14:38 , Richard Gaskin via use-livecode 
>  wrote:
> 
> Stephen Barncard wrote:
> 
> > On Fri, Feb 1, 2019 at 12:19 Richard Gaskin wrote:
> >>
> >> Reason #233 why PDF must die. ;)
> >
> > And replaced with?
> 
> Anything useful on modern devices.
> 
> You've never read my rants here on this?  Today I'll let others make the 
> argument for me:
> 
> 
> 
> 
> 
> 
> 
> 
> HTML is a natural fit, or its packaged variant, ePub.
> 
> PDF was a fine thing in its day, but that day was 20 years ago. The world is 
> no longer 8.5" by 11".
> 
> -- 
> Richard Gaskin


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

[ANN] This Week in LiveCode 166

[panagiotis merakos via use-livecode]

Hi all,

Read about new developments in LiveCode open source and the open source
community in today's edition of the "This Week in LiveCode" newsletter!

Read issue #166 here: https://goo.gl/eRPcKf

This is a weekly newsletter about LiveCode, focussing on what's been
going on in and around the open source project. New issues will be
released weekly on Mondays. We have a dedicated mailing list that will
deliver each issue directly to you e-mail, so you don't miss any!

If you have anything you'd like mentioned (a project, a discussion
somewhere, an upcoming event) then please get in touch.


-- 
Panagiotis Merakos 
LiveCode Software Developer

Everyone Can Create Apps 
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode