Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

Here's some free code - a Lotuscript library you may find useful.

By Andrew Pollack on 03/24/2010 at 02:35 PM EDT

I built this originally for use with a client -- but there's nothing client specific in here. This is a straightforward implementation of the SHA1 hash algorithm. SHA1 is commonly used for credential hashing and token validation in single sign-on applications. When given a string data, it returns a specific hash value, which will be the same every time for the same input string, but which cannot be "decrypted" back to the original. The hashed value is much smaller and easier to store. Hashed values are also the proper way to store passwords. SHA1 isn't the newest, best, or most secure -- it can be vulnerable to dictionary attacks if common passwords are used. It is, however, excellent for use as a unique key or validation hash.

In Lotuscript, it's actually faster to call evaluate(|@password("sourcestring")|) for a similar result, however SHA1 is commonly available for other platforms and thus makes a more useful hash when passing tokens to other systems.

The read-me and license part is listed below, but what you really want is the lss file.

NCT_SHA1_PROVIDER_CLASS.LSS
NCT1_SHA1_PROVIDER_CLASS.LSS

-----------------------------------------------------------------------------------
README
-----------------------------------------------------------------------------------
This is just a straightforward implementation of SHA-1, adapted for use in
Lotuscript by Andrew Pollack, Northern Collaborative Technologies. You can
contact me by email at andrewp@thenorth.com or by way of my blog at
http://www.thenorth.com/apblog

For my implementation, the simplest way to use the code is as follows:

dim o as new NCT_SHA1_PROVIDER
hashvalue = o.sha1("", SourceTextString)

I choose to make use of a class simply to keep all the original code together in a
single unit that would not likely have any namespace clashes with anyone's
existing code.
-----------------------------------------------------------------------------------
License Information:
-----------------------------------------------------------------------------------
Since the SHA1 algorithm is itself in the public domain, John Taylor (who's code
I have adapted here) released his work to the public domain as well. Following
suit, I'm doing the same.

So far as I, Andrew Pollack, am concerned, I am releasing my part of the work into
the public domain, and officially renounce all rights to it. I also renounce all
liability from it. If you use it and something breaks, you own all the broken bits.

I would appreciate - as I'm sure John Taylor would as well, if you would keep a
reference to the previous work an your own implementation and distribution as a
matter of courtesy.

-----------------------------------------------------------------------------------
The source I started from was distributed by John Taylor, of Taylor Electronics
Services via his web site at:

http://www.tayloredge.com/utilities/vbapps/SHA1_VBSource.txt

-----------------------------------------------------------------------------------
Mr. Taylor includes this message with his source:

Since only creative works are copyrightable, this code is in the public domain.

The essential function is simply to call sha1("", "textdata") and get back a hash
string as 40 hex characters
-----------------------------------------------------------------------------------


There are  - loading -  comments....

re: Here's some free code - a Lotuscript library you may find useful.By Richard Schwartz on 03/24/2010 at 08:08 PM EDT
Note: requires Notes 6 or above. (Or whichever version introduced the byte
data typte in LotusScript, but I think that was 6.)
re: Here's some free code - a Lotuscript library you may find useful.By Alon Kedmi on 06/02/2019 at 06:23 PM EDT
Hi Richard,

This is a great Class which I was using for many years.
Do you have something similar for SHA2 ?

Thanks,
Alon


Other Recent Stories...

  1. 04/04/2020How many Ventilators for the price of those tanks the Pentagon didn't even want?This goes WAY beyond Trump or Obama. This is decades of poor planning and poor use of funds. Certainly it should have been addressed in the Trump, Obama, Bush, Clinton, Bush, and Reagan administrations -- all of which were well aware of the implications of a pandemic. I want a military prepared to help us, not just hurt other people. As an American I expect that with the ridiculous funding of our military might, we are prepared for damn near everything. Not just killing people and breaking things, but ...... 
  2. 01/28/2020Copyright Troll WarningThere's a copyright troll firm that has automated reverse-image searches and goes around looking for any posted images that they can make a quick copyright claim on. This is not quite a scam because it's technically legal, but it's run very much like a scam. This company works with a few "clients" that have vast repositories of copyrighted images. The trolls do a reverse web search on those images looking for hits. When they find one on a site that looks like someone they can scare, they work it like ...... 
  3. 03/26/2019Undestanding how OAUTH scopes will bring the concept of APPS to your Domino serverWhile a full description of OATH is way beyond what I can do in this quick blog entry, I wanted to talk a bit about how "SCOPES" interact with the already rich authorization model used by Domino. Thanks to the fantastic work by John Curtis and his team, the node.js integration with Domino is going to be getting a rich security model. What we know is that a user's authorizations will be respected through the node.js application to the Domino server -- including reader names, ACLs, Roles, and so on. The way ...... 
  4. 02/05/2019Toro Yard Equipment - Not really a premium brand as far as I am concerned 
  5. 10/08/2018Will you be at the NYC Launch Event for HCL Domino v10 -- Find me! 
  6. 09/04/2018With two big projects on hold, I suddenly find myself very available for new short and long term projects.  
  7. 07/13/2018Who is HCL and why is it a good thing that they are now the ones behind Notes and Domino? 
  8. 03/21/2018Domino Apps on IOS is a Game Changer. Quit holding back. 
  9. 02/15/2018Andrew’s Proposed Gun Laws 
  10. 05/05/2016Is the growing social-sourced economy the modern back door into socialism? 
Click here for more articles.....


pen icon Comment Entry
Subject
Your Name
Homepage
*Your Email
* Your email address is required, but not displayed.
 
Your thoughts....
 
Remember Me  

Please wait while your document is saved.