I uploaded my password generator's framework

Discussion in 'Mac Programming' started by italiano40, Aug 13, 2008.

  1. italiano40 macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #1
    since you wanted it you got it
    here you can download it

    and also you can leave comments and any bugs report them there
     
  2. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #2
    I didn't see a header file, so I have no idea what methods are available. I ran strings over the paswordgen file, and it looks like there're some methods like createpassword::: and createpasswordarraytable: and countstring: but I don't know what their return types are, or their argument types. It also appears to define a class called passwordgen, but without a .h file the compiler doesn't know about it.

    Not that many people would be looking, but you may want to build outside of your home directory, as this file also contained your build path, which included your username. Probably not a huge security risk, but probably something you don't want to share.

    -Lee

    P.S. In normaltable.txt d and e are on the same line. That doesn't seem intentional.
     
  3. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #3
    it is a framework that you need to put into your Xcode 3.1, then it will work correctly
    and i corrected all that and thanks for that heads up
     
  4. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #4
    I did so (though I'm using an earlier version of XCode), but what I have is enough to link against (essentially a library), but not compile against as there are no headers. I can only assume there is at least one header file that you are including when you use this framework. If not, I may have a large gap in understanding.

    -Lee
     
  5. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #5
    yes i have included one header and one main, it is writen in cocoa and works fine in my Xcode, i don't know what to tell you, and i am not releasing the source code
    but here is the header
    Code:
    //
    //  passwordgen.h
    //  fortepassgen
    //
    //  Created by John Forte on 8/11/08.
    //  Copyright 2008 Engine.inc. All rights reserved.
    //
    
    #import <Cocoa/Cocoa.h>
    
    @interface passwordgen{
    	NSString *firstname;
    	NSMutableArray *normaltable;
    	NSURL *file;
    }
    -(void)countstring:(NSString*)name;
    -(NSString*)createpassword:(NSString*)name:(int)age:(int)length_of_password;
    -(void)createpasswordmaptable:(NSURL*)file;
    @end
    
    
     
  6. sord macrumors 6502

    Joined:
    Jun 16, 2004
    #6
    Just so you know, credibility of cryptography algorithms is gained by everything being open...

    Want to know how Triple DES works, or Blowfish, or Rijndael? Just use google.
     
  7. SC68Cal macrumors 68000

    Joined:
    Feb 23, 2006
    #7
    Then you're violating the GPL, which is what you've listed the framework as being on your download page.
     
  8. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #8
    Once I had the header, I still couldn't link against the framework, so I'm guessing it's compiled against 10.5. I'm on 10.4 so it's a no go.

    Is this system supposed to just generate a password for you? Or is it generating a password/passphrase that is to be used to decrypt something? From the methods available it seemed to just be generating passwords, which doesn't involve cryptography/encryption at all which may have led to some of the confusion in the previous thread.

    -Lee
     
  9. zmttoxics macrumors 65816

    zmttoxics

    Joined:
    May 20, 2008
    #9
    Not all code of a project has to be GPL.
     
  10. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #10
    that can't be changed from the page, it is always listed as GPL but that isn't the rule that i am following

    i can't compile as 10.4 it would let me, because i am on 10.5.4
     
  11. sord macrumors 6502

    Joined:
    Jun 16, 2004
    #11
    You just have to change the project SDK to the 10.4 SDK.
     
  12. SC68Cal macrumors 68000

    Joined:
    Feb 23, 2006
    #12

    Then you need to remove the bit about agreeing to the license by downloading the framework, and putting an appropriate license agreement in with the framework.

    Then again this is all worthless posturing because nobody in their right mind trusts a crypto framework that they can't see the source and verify.
     
  13. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #13
    i did do that and it says it can't compile to the 10.4 SDK

    I can't remove the GPL becuase i am using Joomla and a plugin to make a download section, while i am creating my new web site

    Also i have been ask by some apps to actually use my new crypto framework, so people don't care if they can see the source code.
     
  14. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #14
    For the few functions that are implemented, I can't imagine it would be that hard to remove the use of fast enumeration, properties, etc. to make it Objective-C 1.0. Otherwise, the only issue would be the use of new Cocoa methods, but again I can't imagine there are that many. It really isn't here nor there, as I was just going to take a look with a purely academic interest, I had no intent to use it.

    Then they don't care about it actually being secure, being free of backdoors, the possibility of you shipping what is being encrypted to the pentagon, kremlin, etc. If they don't care about those things, they don't care about actually transmitting something securely, so they shouldn't bother with encrypting it in the first place.

    -Lee
     
  15. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #15
    it is written in new cocoa and has some python methods included
    this isn't encryption, it is a password generator and the methods to make that password can be used to encrypt a message or a file, my program doesn't do that
     
  16. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
  17. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #17
    Not sure I follow your logic here. Your program provides an algorithm to generate passwords, correct? These passwords are probably not that secure, in that someone could most likely work out your algorithm and generate their own passwords that an application that uses your framework would accept.

    The point is there are extremely secure, freely available encryption libraries that are available under the BSD license (so can be used in commercial software) that are more than likely much more secure than anything one person on their own could write. I'm not trying to be harsh, just saying that there are already plenty of great encryption libraries available that any developer who wants security should consider first.

    OpenSSL would be the place I looked first (it does general cryptography as well as SSL/TLS).
     
  18. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #18
    you guys don't get it so i think you need to just wait until the app comes out in the next month or two, it has already got buzz and a company that i have demo it to thinks it is great
     
  19. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #19
    Fair play. I'll look forward to seeing it :).
     
  20. zmttoxics macrumors 65816

    zmttoxics

    Joined:
    May 20, 2008
    #20
    I would like to know how you impressed a company with grammar and spelling skills like that. I highly doubt its as great of an app as you are leading us to believe. ESPECIALLY considering you were begging the community to write part of it the other day.

    http://forums.macrumors.com/showthread.php?t=543115

    If you can't figure out how to write a random character generator, I HIGHLY doubt this framework and app are worth anyone's time. Sorry for being harsh but someone has to pop your bubbles before you fly too far into space.
     
  21. lazydog macrumors 6502a

    Joined:
    Sep 3, 2005
    Location:
    Cramlington, UK
    #21
    It's it's not its. :rolleyes:

    b e n
     
  22. CaptainZap macrumors regular

    Joined:
    Jan 17, 2007
    #22
    Hmm, I can't seem to be able to link it in a header... But probably because of the mistype of passwordgen..
    Code:
    #include <passworkgen/passworkgen.h>
     
  23. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #23
    no that is correct, because in my app, i have another framework that is passwordgen that controls some things
    passworkgen=password workings in the generator
     
  24. SC68Cal macrumors 68000

    Joined:
    Feb 23, 2006
    #24
    Grab your barf bags

    Gentlemen, fire up your debuggers.
     

Share This Page