The problem is platform-symmetric. That is, a string encrypted in LC on Windows 
will not decrypt on the Mac. Linux will not decrypt a string encrypted on the 
Mac, and presumably vice-versa.

I did toy with the idea that the encryption keys might be device dependent, 
maybe the public and private keys created by the OpenSSL library were being 
stored in the OS somewhere. But no, a string encrypted on one Mac decrypts 
correctly on a different Mac. So my guess is that the keys are being stored by 
the different platform libraries within LC but not in a place known to the 
library for another platform.

I believe this is a bug, that is to say, it is not what is intended; surely one 
should be able to store an encrypted string in an LC stack, and then any user 
with the password should be able to decrypt it. 

A workaround is to store a different encrypted string in the standalone 
compiled for each platform — but to do that you need to run LC on each 
platform, not exactly in the spirit of LC! Or not to use SSL encryption; I 
would assume all of the other ciphers available in OpenSSL would behave the 
same way.

BTW thanks Mark for the suggestion about htppie, it does look cleaner and 
easier than curl. The disadvantage in my case is it would need to be installed 
in each user’s system.

Neville Smythe



_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Reply via email to