'unknown' password
elch
looking for a way, to create during compile process a random string,
which should serve as a fixed, hardcoded password in the executable
- even unknown by the developer if he haven't looked into the .ppo ;-)
To be used for [blowfish] en- and de-crypting a file containing users/passwords
-- will be valid as long the executable is exchanged.
Something like: key := hb_blowfishKey( __RANDOM_STRING__ )
I found for pre-processor: __TIMESTAMP__
which have a difficult to predict milliseconds part -- but looks still a bit too predictable,
but this way as #define replace would be the very most convenient.
Hbmk2 doc write something about plugins, and Harbour would have e.g.: hb_randStr()
-- could that presented at end as a #define ? for a PRG/ C-file ?
A pattern available how to use hbmk2 'plugins' ?
Any other suggests ??
best regards
Rolf
elch
found one possibility,
at command line some chars have a special meaning, like '\' or '$',
and string termination letters are invalid,
so i easy limit the range of possible characters.
The key seem constant through one run of hbmk2, so if multiple PRG and C are compiled they all got the same #define.
Test compile:
hbmk2 crypt -plugin=plugrand.hb
best regards
Rolf
Massimo Belgrano
#NICEPRG#
hbmk2 crypt -plugin=plugrand.hb
PROCEDURE main
--
--
You received this message because you are subscribed to the Google
Groups "Harbour Users" group.
Unsubscribe: harbour-user...@googlegroups.com
Web: http://groups.google.com/group/harbour-users
---
You received this message because you are subscribed to the Google Groups "Harbour Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to harbour-user...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Alex Strickland
> Test compile:
>
> hbmk2 crypt -plugin=plugrand.hb
>
your password:
PROCEDURE main
#pragma TEXTHIDDEN=1
LOCAL key := hb_blowfishKey( __RANDOM_STRING__ )
#pragma TEXTHIDDEN=0
LOCAL cCrypt
cCrypt := hb_blowfishEncrypt( key, cText )
? "encrypted:", cCrypt
cText := hb_blowfishDecrypt( key, cCrypt )
? "decrypted:", cText
RETURN
quite hard to get at.
--
Regards
Alex
elch
Hi Alex and other,
my example was wrong for C files !, needs double quotation.there.
#pragma TEXTHIDDEN seem not all compilers to know,
at least not my just used older gcc.
Funny sidenote:
tried for C also with escaping the chars, aka "\x21\x42",
**BUT** someone turns the back-to-slash ( result "/x21/x42" )
when gcc is called by hbmk2 in Linux ... :-] -- for .c !, but not for .prg :-)
BTW, from C files we get no .ppo, so there the only chance to see the key is:
-trace
And if we would build such logic into Harbour, to the place where __TIMESTAMP__ is created,
the devel'o can say: don't know ! ;-)
---
attached example should now work also for C ;-)
best regards
Rolf
Alex Strickland
> #pragma TEXTHIDDEN seem not all compilers to know,
> at least not my just used older gcc.
--
Regards
Alex
elch
my mistake:
TEXTHIDDEN for PRG!, not for C -- as then it would be reached through to gcc.
So very thanks for the hint !!, didn't knew.
best regards
Rolf