Re: encrypt but with normal characters for result?

This WebDNA talk-list message is from

2005


It keeps the original formatting.
numero = 62344
interpreted = N
texte = eLists wrote: > I can, although the goal though is to use the encrypted value to create > either a file or folder that needs to be accessible via a webpage. The documentation on [encrypt] presumes you understand encryption methods, so it is a little difficult to parse. Here's my attempt to make each method more understandable: 0) no method listed - internal WebCatalog encryption method. Some proprietary method of unknown strength. The cyphertext output is not limited to just alphanumeric characters, so it is typically [url]'d when storing as text. Can be double [url]'d to make URL-safe strings. 1) method=Base64 - not an encryption scheme, it merely rewrites the enclosed text using the Base64 alphabet (suitable for sending binaries as plain text). This is not a secure method, because anyone can decode the original text without knowing the seed (because there isn't one). 2) method=Cybercash - Triple DES encryption method. This is an actual high-strength encryption/decryption method that requires the seed to decrypt. The result of a triple DES encryption is stable (the same plaintext and the same seed always create the same cyphertext) but the character set output in the cyphertext is not just alphanumeric characters (so you have the same problem and solution as #0). 3) method=APOP - a one-way hashing algorithm. This means that the same string and seed produce a cyphertext output where the original string cannot be recovered even with the seed. However, given the seed and a second copy of the original string, you can confirm that the first plaintext is equal to the second. This method is typically used in password application where you don't even store the original password, only the hash, and you can only confirm that the challenge string hashes to the same cyphertext. The result is stable (see above) and is guaranteed to be alphanumeric, so the value could be used for URL's, but you cannot [decrypt] the value. So for your purposes, you can probably use #0 or #2 (with the double [URL] trick) if you need to decrypt the path later. If you are just trying to hide the actual path, you can use #3 (with the seed being specific to each login). The other possibility (since I don't know what you are actually trying to do) is to use the WebMerchant features which no one ever seems to remember exist: See the ShipVia methods for Web and Email, which automatically handle delivering content out of secure locations. I believe all of the ECommerce editions now include this functionality (you'll probably have to use StoreBuilder initially to generate the templates). This works by having a source directory for content which is not linked directly within the site. Then after a purchase has been made, the item purchased is copied into a temporary location (based on [cart]) and the user has X hours to download it (I don't remember what X is any more). HTH John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4720 Boston Way Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5747 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: encrypt but with normal characters for result? ( John Peacock 2005)
  2. Re: encrypt but with normal characters for result? ( Gary Krockover 2005)
  3. Re: encrypt but with normal characters for result? ( eLists 2005)
  4. Re: encrypt but with normal characters for result? ( "WebDna @ Inkblot Media" 2005)
  5. Re: encrypt but with normal characters for result? ( Gary Krockover 2005)
  6. Re: encrypt but with normal characters for result? ( eLists 2005)
  7. Re: encrypt but with normal characters for result? ( "WebDna @ Inkblot Media" 2005)
  8. Re: encrypt but with normal characters for result? ( "Dale's Lists" 2005)
  9. Re: encrypt but with normal characters for result? ( Gary Krockover 2005)
  10. encrypt but with normal characters for result? ( "Dale's Lists" 2005)
eLists wrote: > I can, although the goal though is to use the encrypted value to create > either a file or folder that needs to be accessible via a webpage. The documentation on [encrypt] presumes you understand encryption methods, so it is a little difficult to parse. Here's my attempt to make each method more understandable: 0) no method listed - internal WebCatalog encryption method. Some proprietary method of unknown strength. The cyphertext output is not limited to just alphanumeric characters, so it is typically [url]'d when storing as text. Can be double [url]'d to make URL-safe strings. 1) method=Base64 - not an encryption scheme, it merely rewrites the enclosed text using the Base64 alphabet (suitable for sending binaries as plain text). This is not a secure method, because anyone can decode the original text without knowing the seed (because there isn't one). 2) method=Cybercash - Triple DES encryption method. This is an actual high-strength encryption/decryption method that requires the seed to decrypt. The result of a triple DES encryption is stable (the same plaintext and the same seed always create the same cyphertext) but the character set output in the cyphertext is not just alphanumeric characters (so you have the same problem and solution as #0). 3) method=APOP - a one-way hashing algorithm. This means that the same string and seed produce a cyphertext output where the original string cannot be recovered even with the seed. However, given the seed and a second copy of the original string, you can confirm that the first plaintext is equal to the second. This method is typically used in password application where you don't even store the original password, only the hash, and you can only confirm that the challenge string hashes to the same cyphertext. The result is stable (see above) and is guaranteed to be alphanumeric, so the value could be used for URL's, but you cannot [decrypt] the value. So for your purposes, you can probably use #0 or #2 (with the double [url] trick) if you need to decrypt the path later. If you are just trying to hide the actual path, you can use #3 (with the seed being specific to each login). The other possibility (since I don't know what you are actually trying to do) is to use the WebMerchant features which no one ever seems to remember exist: See the ShipVia methods for Web and Email, which automatically handle delivering content out of secure locations. I believe all of the ECommerce editions now include this functionality (you'll probably have to use StoreBuilder initially to generate the templates). This works by having a source directory for content which is not linked directly within the site. Then after a purchase has been made, the item purchased is copied into a temporary location (based on [cart]) and the user has X hours to download it (I don't remember what X is any more). HTH John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4720 Boston Way Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5747 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ John Peacock

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Variables (1999) Email Newsletters (2003) shipping formula (2000) LOOP and IF statements (1997) page redirect in webDNA (1997) Separate server for jpg/gif files (1998) [WebDNA] sudo WebCatalogCtl stop won't work (2016) a search based on ^(contains) (1998) Guestbook (2000) [OT] (waaaay OT) my photo (2004) WebCat2b13MacPlugIn - [include] (1997) WC2b15 - [HTMLx]...[/HTMLx] problems SOLVED! (1997) Multi-processor Mac info ... (1997) Setting the Date (2000) WebCat2b13MacPlugin - [math][date][/math] problem (1997) add to cart within a page? (1997) WebDNA Feature Request (2006) Images (2000) b12 cannot limit records returned and more. (1997) .html processing? (1998)