I am currently writing an document management application. Everything will be stored in an Sqlite database. It is designed to support AES encryption. It is being written in JavaScript (wxJavaScript). Its name is Krypton.
However, I am still pondering this point. How can I detect if the encryption password is correct? I planned on using an MD5 and SHA1 hash to compare it to. Would that create any security vulnerabilities?
Are there any other things I should be concerned about?
Thank you.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
If you plan on making this a portable app, you should be concerned about Javascript (.js) files not executing on machines where it's been turned off by an admin. For example, I wrote some mini-apps as .hta files and now they won't run because the network nazis forced down a policy to prevent them from executing.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
Use your portable browser FireFox
About the Hash, I guess checking both hashes to check is the entered password is correct might be quite secure for the time being. If an entered password matches both hashes chances are very high the user entered the correct password.
It is using wxJavaScript so it does not need to be enabled on the host machine. It is a GUI application, not a web application. It would be no different from using something like AutoIt. Sorry about the confusion.
cowsay Moo
cowthink 'Dude, why are you staring at me.'
Really now...I'm gonna look into that as it sounds interesting for some projects I work on.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
You will want to use this trick I posted because it normally requiers the VC++ runtime to be installed.
http://groups.google.com/group/wxjavascript/browse_thread/thread/bb0cc0d...
cowsay Moo
cowthink 'Dude, why are you staring at me.'