[Q] password encryption
Bert Freudenberg
bert at isg.cs.uni-magdeburg.de
Wed Jan 16 10:59:29 UTC 2002
On Tue, 15 Jan 2002, Joern Eyrich wrote:
> > On Sun, 13 Jan 2002, Gerald Leeb wrote:
> >
> > > I'm searching for a password encryption like the Unix password
> > > security. I need a one-way encryption.
> >
> > Class Authorizer does RFC1421 encryption, which is what HTTP uses:
> >
> > Authorizer new encode: 'name' password: 'pass'
> >
> > --> 'bmFtZTpwYXNz'
>
> It's not one-way, though.
> Looks like the "Basic" authenticatiion scheme, which is bas64-encoding
> for "name:pass"
Uh. You're right. Would have been obvious if the code stated that ... I
wonder why RFC1421 does not mention BASE64. Is it any different? If not,
the whole method could be replaced by
encode: nameString password: pwdString
"Encode per RFC1421 of the username:password combination."
^ (Base64MimeConverter mimeEncode:
(ReadStream on: nameString, ':', pwdString)) contents
-- Bert
More information about the Squeak-dev
mailing list
|