|
Steve, >MD5 is not considered as safe as the more recent Secured Hash-1 which >generates 160 bytes of hash. As you probably know (but for the sake of others, I'll mention it), the CIPHER instruction in MI can do either MD5 or SHA-1. One byte in the "controls" operand selects which hash algorithm to use. Of course, the receiver size must also be increased. >Also, let's say that your program issues a CALL to the MD5 program to check >some sort of code. Remember that inside programmers with access to the >STRDBG command can always trace this call and override the parameters in >order to find out the information. Instead of doing a CALL to an external program, use the _CIPHER builtin and remove observability. This is one of the things I like about being able to use the MI builtins from ILE languages. When it is bound directly into your program, it is much harder to subvert... Doug +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
