Blowfish digest , how to create in Livecode

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
Hi,

i have a MySQL DB which uses passwords  created with php crypt function using blowfish

the php code looks like this for example

$salt='$2a$08$NWy7XidPPL2XEsouCG3dy’;
$digest= crypt(‘myPassword01’,$salt);

how can i do this in Livecode server? I find SHA1digest and MD5digest functions in the dictionary, but no blowfishDigest function.

Or isn´t that possible in LC?

Regards,
Matthias


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode


On 28/03/2017 00:29, Matthias Rebbe via use-livecode wrote:

> Hi,
>
> i have a MySQL DB which uses passwords  created with php crypt
> function using blowfish
>
> the php code looks like this for example
>
> $salt='$2a$08$NWy7XidPPL2XEsouCG3dy’;
> $digest= crypt(‘myPassword01’,$salt);
>
> how can i do this in Livecode server? I find SHA1digest and MD5digest
> functions in the dictionary, but no blowfishDigest function.

Hi Matthias,

Quick note that you may be affected by this PHP security vulnerability:

http://www.php.net/security/crypt_blowfish.php

I'm not sure about Blowfish-based `crypt()` with LiveCode, I'm afraid.

                                                 Peter


--
Dr Peter Brett <[hidden email]>
LiveCode Technical Project Manager

lcb-mode for Emacs: https://github.com/peter-b/lcb-mode

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
Hi Peter,


> Am 28.03.2017 um 14:58 schrieb Peter TB Brett via use-livecode <[hidden email] <mailto:[hidden email]>>:
>
>
>
> Hi Matthias,
>
> Quick note that you may be affected by this PHP security vulnerability:
>
> http://www.php.net/security/crypt_blowfish.php <http://www.php.net/security/crypt_blowfish.php>
>

thanks for letting me know, but we running PHP 5.6x on our server. So we are not affected by this.



> I'm not sure about Blowfish-based `crypt()` with LiveCode, I'm afraid.
>
I have sent a support request to Runrev 1 or 2 hours ago, so i´ll have to wait to see what your colleagues are thinking about it.

Regards,
Matthias




Matthias Rebbe
Bramkampsieke 13
32312 Lübbecke
Tel +49 5741 310000
    +49 160 5504462
Fax: +49 5741 310002
eMail: [hidden email] <mailto:[hidden email]>

BR5 Konverter - BR5 -> MP3 <http://matthiasrebbe.eu/portfolio/produkte/brx/>
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
I thought the encrypt /decrypt commands supported blowfish. (Not at my Mac
to check.)

--
Jacqueline Landman Gay         |     [hidden email]
HyperActive Software           |     http://www.hyperactivesw.com



On March 28, 2017 9:33:31 AM Matthias Rebbe via use-livecode
<[hidden email]> wrote:

> Hi Peter,
>
>
>> Am 28.03.2017 um 14:58 schrieb Peter TB Brett via use-livecode
>> <[hidden email] <mailto:[hidden email]>>:
>>
>>
>>
>> Hi Matthias,
>>
>> Quick note that you may be affected by this PHP security vulnerability:
>>
>> http://www.php.net/security/crypt_blowfish.php 
>> <http://www.php.net/security/crypt_blowfish.php>
>>
>
> thanks for letting me know, but we running PHP 5.6x on our server. So we
> are not affected by this.
>
>
>
>> I'm not sure about Blowfish-based `crypt()` with LiveCode, I'm afraid.
>>
> I have sent a support request to Runrev 1 or 2 hours ago, so i´ll have to
> wait to see what your colleagues are thinking about it.
>
> Regards,
> Matthias
>
>
>
>
> Matthias Rebbe
> Bramkampsieke 13
> 32312 Lübbecke
> Tel +49 5741 310000
>     +49 160 5504462
> Fax: +49 5741 310002
> eMail: [hidden email] <mailto:[hidden email]>
>
> BR5 Konverter - BR5 -> MP3 <http://matthiasrebbe.eu/portfolio/produkte/brx/>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode



_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
In reply to this post by Monte Goulding via use-livecode
Mathias I use blowfish from within LiveCode … but no blowfishdigest that I know of:


encrypt pPayload using "bf" with password tPassword at 128 bit

put it into tPayload




Dave
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
This in message box:
put "this is a test" into pPayload;encrypt pPayload using "bf" with password "testing" at 128 bit;put pPayload
produces:
this is a test

No Bueno.

Bob S


> On Mar 28, 2017, at 08:21 , Dave Kilroy via use-livecode <[hidden email]> wrote:
>
> encrypt pPayload using "bf" with password tPassword at 128 bit


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Blowfish digest , how to create in Livecode

Monte Goulding via use-livecode
NVM I know, it's "put it"

Bob S


> On Mar 28, 2017, at 19:27 , Bob Sneidar <[hidden email]> wrote:
>
> This in message box:
> put "this is a test" into pPayload;encrypt pPayload using "bf" with password "testing" at 128 bit;put pPayload
> produces:
> this is a test
>
> No Bueno.
>
> Bob S
>
>
>> On Mar 28, 2017, at 08:21 , Dave Kilroy via use-livecode <[hidden email]> wrote:
>>
>> encrypt pPayload using "bf" with password tPassword at 128 bit
>


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Loading...