Andrew Pollack's Blog

Technology, Family, Entertainment, Politics, and Random Noise

Here's some free code - a Lotuscript library you may find useful.

By Andrew Pollack on 03/24/2010 at 02:35 PM EDT

I built this originally for use with a client -- but there's nothing client specific in here. This is a straightforward implementation of the SHA1 hash algorithm. SHA1 is commonly used for credential hashing and token validation in single sign-on applications. When given a string data, it returns a specific hash value, which will be the same every time for the same input string, but which cannot be "decrypted" back to the original. The hashed value is much smaller and easier to store. Hashed values are also the proper way to store passwords. SHA1 isn't the newest, best, or most secure -- it can be vulnerable to dictionary attacks if common passwords are used. It is, however, excellent for use as a unique key or validation hash.

In Lotuscript, it's actually faster to call evaluate(|@password("sourcestring")|) for a similar result, however SHA1 is commonly available for other platforms and thus makes a more useful hash when passing tokens to other systems.

The read-me and license part is listed below, but what you really want is the lss file.

NCT_SHA1_PROVIDER_CLASS.LSS
NCT1_SHA1_PROVIDER_CLASS.LSS

-----------------------------------------------------------------------------------
README
-----------------------------------------------------------------------------------
This is just a straightforward implementation of SHA-1, adapted for use in
Lotuscript by Andrew Pollack, Northern Collaborative Technologies. You can
contact me by email at andrewp@thenorth.com or by way of my blog at
http://www.thenorth.com/apblog

For my implementation, the simplest way to use the code is as follows:

dim o as new NCT_SHA1_PROVIDER
hashvalue = o.sha1("", SourceTextString)

I choose to make use of a class simply to keep all the original code together in a
single unit that would not likely have any namespace clashes with anyone's
existing code.
-----------------------------------------------------------------------------------
License Information:
-----------------------------------------------------------------------------------
Since the SHA1 algorithm is itself in the public domain, John Taylor (who's code
I have adapted here) released his work to the public domain as well. Following
suit, I'm doing the same.

So far as I, Andrew Pollack, am concerned, I am releasing my part of the work into
the public domain, and officially renounce all rights to it. I also renounce all
liability from it. If you use it and something breaks, you own all the broken bits.

I would appreciate - as I'm sure John Taylor would as well, if you would keep a
reference to the previous work an your own implementation and distribution as a
matter of courtesy.

-----------------------------------------------------------------------------------
The source I started from was distributed by John Taylor, of Taylor Electronics
Services via his web site at:

http://www.tayloredge.com/utilities/vbapps/SHA1_VBSource.txt

-----------------------------------------------------------------------------------
Mr. Taylor includes this message with his source:

Since only creative works are copyrightable, this code is in the public domain.

The essential function is simply to call sha1("", "textdata") and get back a hash
string as 40 hex characters
-----------------------------------------------------------------------------------


There are  - loading -  comments....

re: Here's some free code - a Lotuscript library you may find useful.By Richard Schwartz on 03/24/2010 at 08:08 PM EDT
Note: requires Notes 6 or above. (Or whichever version introduced the byte
data typte in LotusScript, but I think that was 6.)


Other Recent Stories...

  1. 05/05/2016Is the growing social-sourced economy the modern back door into socialism?Is the growing social-sourced economy the modern back door into socialism? I read a really insightful post a couple of days ago that suggested the use of social network funding sites like “Go Fund Me” and “Kickstarter” have come about and gained popularity in part because the existing economy in no longer serving its purpose for anyone who isn’t already wealthy. Have the traditional ways to get new ventures funded become closed to all but a few who aren’t already connected to them and so onerous as to make ...... 
  2. 04/20/2016Want to be whitelisted? Here are some sensible rules for web site advertisingAn increasing number of websites are now detecting when users have ad-blocking enabled, and refuse to show content unless you "whitelist" their site (disable your ad-blocking for them). I think that is a fair decision on their part, it's how they pay for the site. However, if you want me (and many others) to white list your site, there are some rules you should follow. If you violate these rules, I won't whitelist your site, I'll just find content elsewhere. 1. The total space taken up by advertisements ...... 
  3. 12/30/2015Fantastic new series on Syfy called “The Expanse” – for people who love traditional science fiction[] “The Expanse” is a new science fiction series being broadcast onthe Syfy channelthis winter. It’s closely based on a series of books by author James S. A. Corey beginning with “Leviathan Wakes”. There are 5 books in the “Expanse” series so far. If you’re a fan of the novels you’ll appreciate how closely the books are followed.TIP: The first five episodes are already available on Syfy.com. If you’re having trouble getting into the characters and plot, use those to get up to speed.The worlds created for ...... 
  4. 10/20/2015My suggestion is to stay away from PayAnywhere(dot)com  
  5. 08/07/2015Here is one for you VMWARE gurus - particularly if you run ESXi without fancy drive arrays 
  6. 08/06/2015The Killer of Orphans (Orphan Documents) 
  7. 06/02/2015Homeopathic Marketing: Traveler on my Android is now calling itself VERSE. Allow me to translate that for the IBM Notes community... 
  8. 03/17/2015A review of British Airways Premium Economy Service – How to destroy customer goodwill all at once 
  9. 02/26/2015There's a bug in how @TextToTime() and @ToTime() process date strings related to international standards and browser settings. 
  10. 01/21/2015Delivering two new presentations at Developer Camp (EntwicklerCamp) 2015 in Germany 
Click here for more articles.....


pen icon Comment Entry
Subject
Your Name
Homepage
*Your Email
* Your email address is required, but not displayed.
 
Your thoughts....
 
Remember Me  

Please wait while your document is saved.