On 21 Nov 2005, at 17:40, David Bovill wrote:
The SSL libraries that RunRev uses should be able to do this - and
I would have thought considerably faster than a native and possibly
less secure Transcript implementation - no?
Which is easy to do with shell() and openssl.
Shao Sean will offer a pure transcript version of SHA-1 in a short time.
Meanwhile one can experiment with the openssl version:
(this is a mac version working on OSX 10.4.3 rev 2.6.1,
never tested on other OS versions/platforms,
please upload the adaptations and good luck)
- for hash of a file:
on mouseUp
answer file "choose file for hash"
if it <> "" then
replace space with "\"&space in it
put OSSL(it) into fld 1
end if
end mouseUp
function OSSL pPath
return word -1 of shell("openssl dgst -sha1" && pPath)
end OSSL
- for hash of a password or other string(s):
on mouseUp
put OSSL(fld 1) into fld 2
end mouseUp
function OSSL pText
put the tempName&".tmp" into tPath
put pText into url ("file:"&tPath)
## adapt time according to rig (may be not necessary)
wait 0 with messages
return word -1 of shell("openssl dgst -sha1" &&tPath)
end OSSL
Other hashes are available --> man pages sha1
Option to sign a file by adding a flag --> man pages sha1
Other services of openssl --> man pages openssl
On 21 Nov 2005, at 17:35, Alessandro Manotti wrote:
Sorry if I introduce myself in this posts.
Please note that md5 is no more reliable! Since it was officially
cracked.
Even Sha-0 was cracked, but it is far incomplete/primitive then
sha-1,
which is the only reliable hash system to verify digital signature,
software integrity, etc...
SHA-1 has been compromised too.
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
http://www.rsasecurity.com/rsalabs/node.asp?id=2927
etc.
Greetings,
Wouter
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
