Nonce()

Author: gianni.sandigliano@unifacesolutions.com (gianni)

I need to implement this: Digest = Base64( SHA1( nonce() + CreationTimestamp() + password )) Any clue about a nonce() function usable in Uniface? nonce = Number used once I've googled and found direct references only into PHP language and OpenID site. I suppose in an ideal world a nonce() could should be provided by called server...Cool Thanks in advance.

2 Comments

  1. nonce() it's de facto a random 32 alfanumeric chars string... I suppose it could be easily replaced in Uniface by: $replace($uuid(),1,"-","",4) Any disadvantage ? WinkSurprisedWink


    Author: gianni (gianni.sandigliano@unifacesolutions.com)
  2. From the doc for $uuid:

    UUID Generation on Windows

    On Microsoft Windows platforms, where a UUID is usually called a GUID (Globally Unique IDentifier), the RPC function UuidCreate() is used. This function generates a UUID that cannot be traced to the ethernet address of the computer on which it was generated.

    UUID Generation on Non-Windows Platforms

    On non-Windows platforms, the generated UUID is based on an OSF Internet-Draft (www.opengroup.org/dce/info/draft-leach-uuids-guids-01.txt).

    Instead of an actual Ethernet address, Uniface generates a random number based on the current time in milliseconds and the process ID. A bit in the UUID is set to indicate that the number is generated, thus ensuring that the random number cannot clash with an existing Ethernet address.

    The number is generated only once per process, so the last part of all generated UUIDs in one Uniface process are all the same. There cannot be two processes with the same PID at the same time on the same machine, so two Uniface processes running on one machine will never generate the same number.

    It is theoretically possible that the generated UUID is not unique, but the chances are negligible. This would require two Uniface processes running on two different machines to have the same PID, and they would need to generate their UUIDs at exactly the same time to millisecond precision.


    Author: diseli (daniel.iseli@uniface.com)