[Gambas-user] need some helping hand for crypting
Charlie Reinl
Karl.Reinl at ...9...
Mon Jul 20 20:46:33 CEST 2009
Am Montag, den 20.07.2009, 17:36 +0200 schrieb Rolf Schmidt:
> Hi Charlie
> > >
> > > > > no what I need is for gambas2, I have to store Passwords in an
> > > > > XML-file, what means plain-text readable.
> > > > > So I need a crypting/uncrypting logic .
> > > > > I put my PW "TOPSECRET" to store
> > > > > Print crypting("TOPSECRET")
> > > > >
> > > > > >2sgbtf&&
> > > > >
> > > > > and get it back by
> > > > > Print uncrypting("2sgbtf&&")
> > > > >
> > > > > >TOPSECRET
> > > > >
> > > > > The uncrypted password is used for a database login.
> > >
> > > Check, if the database is able to handle md5-sum based passwords for
> > > login - PostgreSQL can, perhaps mySQL and other DBMS's too.
> > > Then you can use the md5 sum of the password written in you xml file
> > > directly for the login without "decrypt".
>
> > thanks,
> > but that way, it is like an plain text password,
> > ONE can login with.
>
> Not realy, because the given password will be converted to a md5-sum, which
> then is the md5 sum of a md5 sum - so login is not possible.
>
> So it is with PostgreSQL.
>
> By Rolf
Salut Rolf,
my problem is , the project should be able to deal with all possible
DB's.
And I don't want to force a possible user to install more then gambas.
And I know, that while dealing with open source, anybody can have a look
and debug that application, to find the pw.
So what rest for me, is not to show the key user/pw in the first look to
it.
Think about, zipping the xml, crypting the pw by one of the easy and
unsure ways to go away from plain text, or both?
But thanks to all.
--
Amicalment
Charlie
More information about the User
mailing list