And I’ll say my testing is now producing the same errors. So a recipe that we can test to see it will be helpful.
Thanks, Brian On Feb 4, 2019, 2:02 PM -0600, Tom Glod via use-livecode <use-livecode@lists.runrev.com>, wrote: > Ya, Its a head scratcher. I can't really spend to much time > investigating it .... thankfully I can deal with it easily once i found it > ......in this case. > > Its been driving me crazy, because once in a while in testing i would get > an account that was created seemingly correct but would not open. > > I'm so happy to have resolved 2 of 2 major and random issues that have been > plaguing my software for months. The other being the Adobe meta data being > updated in the clipboard. > > This code is going on github soon so I suspect I will be revisiting this > bug I think I will take out my workaround and try to reproduce it one more > time and then capture the data so can submit a report. > > Thanks everyone, full speed ahead. > > > > > > > > > > > On Mon, Feb 4, 2019 at 2:43 PM Bob Sneidar via use-livecode < > use-livecode@lists.runrev.com> wrote: > > > When I attempt to decrypt a salted hash and it fails, "it" contains empty > > and the result contains "(SSL error: bad decrypt)", otherwise it contains > > some value and the result is empty. The only thing I can think of is that > > at random times even though the pepper is invalid, the decrypt function > > succeeds! That would suck, but I have yet to see it myself. > > > > Bob S > > > > > > > On Feb 4, 2019, at 10:13 , Tom Glod via use-livecode < > > use-livecode@lists.runrev.com> wrote: > > > > > > Just to clarify > > > > > > My (local) application uses a salt and pepper technique to add cycles to > > > the decrypt. The pepper (a-z) is added to the salt the first time the > > > account is made. > > > > > > Afterward, when I try to log into the account using the correct password, > > > my application has to cycle through the peppers to find the right combo > > for > > > a correct decrypt. > > > > > > I 'almost always' get a "bad decrypt" error message when just the pepper > > is > > > wrong.....except for the odd time that its gibberish. > > > > > > When the password, salt and pepper is right, the decryption works and the > > > right binary data is returned. > > > > > > Because I know what I am expecting as decrypted data, its easy to check > > if > > > the decrypt really worked or not. > > > > > > But until now I was relying on an accurate error message to tell if the > > > decrypt work or not....which I guess I cannot do. > > > > > > I was wondering why I usually get a normal ssl error message? and only > > > occasionally gibberish? There doesn't seem to be any pattern to it. > > > > > > _______________________________________________ > > use-livecode mailing list > > use-livecode@lists.runrev.com > > Please visit this url to subscribe, unsubscribe and manage your > > subscription preferences: > > http://lists.runrev.com/mailman/listinfo/use-livecode > > > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your subscription > preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
