Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

Here's some free code - a Lotuscript library you may find useful.

By Andrew Pollack on 03/24/2010 at 02:35 PM EDT

I built this originally for use with a client -- but there's nothing client specific in here. This is a straightforward implementation of the SHA1 hash algorithm. SHA1 is commonly used for credential hashing and token validation in single sign-on applications. When given a string data, it returns a specific hash value, which will be the same every time for the same input string, but which cannot be "decrypted" back to the original. The hashed value is much smaller and easier to store. Hashed values are also the proper way to store passwords. SHA1 isn't the newest, best, or most secure -- it can be vulnerable to dictionary attacks if common passwords are used. It is, however, excellent for use as a unique key or validation hash.

In Lotuscript, it's actually faster to call evaluate(|@password("sourcestring")|) for a similar result, however SHA1 is commonly available for other platforms and thus makes a more useful hash when passing tokens to other systems.

The read-me and license part is listed below, but what you really want is the lss file.

NCT_SHA1_PROVIDER_CLASS.LSS
NCT1_SHA1_PROVIDER_CLASS.LSS

-----------------------------------------------------------------------------------
README
-----------------------------------------------------------------------------------
This is just a straightforward implementation of SHA-1, adapted for use in
Lotuscript by Andrew Pollack, Northern Collaborative Technologies. You can
contact me by email at andrewp@thenorth.com or by way of my blog at
http://www.thenorth.com/apblog

For my implementation, the simplest way to use the code is as follows:

dim o as new NCT_SHA1_PROVIDER
hashvalue = o.sha1("", SourceTextString)

I choose to make use of a class simply to keep all the original code together in a
single unit that would not likely have any namespace clashes with anyone's
existing code.
-----------------------------------------------------------------------------------
License Information:
-----------------------------------------------------------------------------------
Since the SHA1 algorithm is itself in the public domain, John Taylor (who's code
I have adapted here) released his work to the public domain as well. Following
suit, I'm doing the same.

So far as I, Andrew Pollack, am concerned, I am releasing my part of the work into
the public domain, and officially renounce all rights to it. I also renounce all
liability from it. If you use it and something breaks, you own all the broken bits.

I would appreciate - as I'm sure John Taylor would as well, if you would keep a
reference to the previous work an your own implementation and distribution as a
matter of courtesy.

-----------------------------------------------------------------------------------
The source I started from was distributed by John Taylor, of Taylor Electronics
Services via his web site at:

http://www.tayloredge.com/utilities/vbapps/SHA1_VBSource.txt

-----------------------------------------------------------------------------------
Mr. Taylor includes this message with his source:

Since only creative works are copyrightable, this code is in the public domain.

The essential function is simply to call sha1("", "textdata") and get back a hash
string as 40 hex characters
-----------------------------------------------------------------------------------


There are  - loading -  comments....

re: Here's some free code - a Lotuscript library you may find useful.By Richard Schwartz on 03/24/2010 at 08:08 PM EDT
Note: requires Notes 6 or above. (Or whichever version introduced the byte
data typte in LotusScript, but I think that was 6.)
re: Here's some free code - a Lotuscript library you may find useful.By Alon Kedmi on 06/02/2019 at 06:23 PM EDT
Hi Richard,

This is a great Class which I was using for many years.
Do you have something similar for SHA2 ?

Thanks,
Alon


Other Recent Stories...

  1. 03/26/2019Undestanding how OAUTH scopes will bring the concept of APPS to your Domino serverWhile a full description of OATH is way beyond what I can do in this quick blog entry, I wanted to talk a bit about how "SCOPES" interact with the already rich authorization model used by Domino. Thanks to the fantastic work by John Curtis and his team, the node.js integration with Domino is going to be getting a rich security model. What we know is that a user's authorizations will be respected through the node.js application to the Domino server -- including reader names, ACLs, Roles, and so on. The way ...... 
  2. 02/05/2019Toro Yard Equipment - Not really a premium brand as far as I am concernedDear Toro Customer Service, I arm writing about the following machine: Toro Power Max 1120 OXEModel:38654S/N:31000#### Specifically, bearing part #:63-3450 This is the part ($15 online / $25 at the local dealer) that caused me to raise my objections on-line. This piece of garbage is supposed to be a bearing. It carries the shaft which drives both stages of the auger. The shaft passes through the bearing (which is what bearings do) after the auger drive pulley as the shaft goes through the back (engine ...... 
  3. 10/08/2018Will you be at the NYC Launch Event for HCL Domino v10 -- Find me!Come find me in NYC on Wednesday at the Launch Event if you're there. I really do want to talk to ...... 
  4. 09/04/2018With two big projects on hold, I suddenly find myself very available for new short and long term projects.  
  5. 07/13/2018Who is HCL and why is it a good thing that they are now the ones behind Notes and Domino? 
  6. 03/21/2018Domino Apps on IOS is a Game Changer. Quit holding back. 
  7. 02/15/2018Andrew’s Proposed Gun Laws 
  8. 05/05/2016Is the growing social-sourced economy the modern back door into socialism? 
  9. 04/20/2016Want to be whitelisted? Here are some sensible rules for web site advertising 
  10. 12/30/2015Fantastic new series on Syfy called “The Expanse” – for people who love traditional science fiction 
Click here for more articles.....


pen icon Comment Entry
Subject
Your Name
Homepage
*Your Email
* Your email address is required, but not displayed.
 
Your thoughts....
 
Remember Me  

Please wait while your document is saved.