String

Additional Myna specific functions on the JS String object

Summary
StringAdditional Myna specific functions on the JS String object
Functions
hashEqualsReturns true if the plaintext password matches the encrypted password
toHashReturns a copy of this string encrypted with a strong one-way hash.
decryptReturns the unencrypted string contained in this string
encryptEncrypts this using a password.
toXmlreturns an E4X XML object from this string, or throws an exception if not possible

Functions

hashEquals

String.prototype.hashEquals=function(hash)

Returns true if the plaintext password matches the encrypted password

Parameters

hashhash previously created with <String.hash>

Returns

true if this string matches hash

Detail

One way hashes like those created by <String.hash> cannot be decrypted.  However, you can encrypt a possible match and compare the hashes.  Because of the salt in the hashes produced by <String.hash>, equivalent hashes won’t look the same, but this function can compare them.

See

toHash

String.prototype.toHash=function()

Returns a copy of this string encrypted with a strong one-way hash.

Returns

Encrypted password string in only printable characters.

Detail

This function encrypts the supplied text with a one-way algorithm so that it can never be converted back to the original text.  This can be any text but it makes the most sense for passwords.  Although you can’t tell what the original text is, you can compare the encrypted string to a plaintext string to see if they match.  See String.hashEquals.

For extra security, each hash includes a salt; a string characters appended to the text to force it to be unique.  This way even if an attacker can figure out that his/her password of “bob” = “tUhTivKWsIKE4IwVX9s/wzg1JKXMPU+C”, he or she will not be able to tell if any of the other hashes equal “bob”.  This makes a brute force dictionary attack much more difficult.

Example

<%="bob".toHash()%><br>
<%="bob".toHash()%><br>
<%="bob".toHash()%><br>
<%="bob".toHash()%><br>

..prints something like

tUhTivKWsIKE4IwVX9s/wzg1JKXMPU+C
M0y5EgZVG3iW2N5k2ipHp7x7JtvJYGu5
yRxnK/RlK9VeX89duVkrncQv4/vWyWGs
ca4r3Qlt51wFk/y0pv+7YazkcFtRgkoS

See

decrypt

String.prototype.decrypt=function(password)

Returns the unencrypted string contained in this string

Parameters

passwordPassword used to orginally encrypt the string

Returns

The unencrypted string contained in this string

See

encrypt

String.prototype.encrypt=function(password)

Encrypts this using a password.

Parameters

passwordpassword to use for encryption.

Returns

The encrypted string.

Example

<%="bob".encrypt("theSecretPassword")%><br>
<%="bob".encrypt("theSecretPassword")%><br>
<%="bob".encrypt("theSecretPassword")%><br>
<%="bob".encrypt("theSecretPassword")%><br>

..prints

xeM5n1ncfX2KNTLUEjZHeg==
AedyMQ5jA1rbOdQZMTq9Ag==
+Zam3Jg4YqI/5QRkcokLcQ==
LY2OAW8+xe3I5OJi/Hg+6A==

See

toXml

String.prototype.toXml=function()

returns an E4X XML object from this string, or throws an exception if not possible

See

String.prototype.hashEquals=function(hash)
Returns true if the plaintext password matches the encrypted password
String.prototype.toHash=function()
Returns a copy of this string encrypted with a strong one-way hash.
String.prototype.decrypt=function(password)
Returns the unencrypted string contained in this string
String.prototype.encrypt=function(password)
Encrypts this using a password.
String.prototype.toXml=function()
returns an E4X XML object from this string, or throws an exception if not possible