>
> Hi,
>
> I try to use the blob type of sqlite3 with cppdb, to stock hashed passwords,
>but It doesn't work.
> It seems it's not implemented. So I would like to know when you think to do
>it.
>
cppdb supports blob type, however it is done via iostream interface. But
basically
with sqlite3 plain strings (I think) should work as well.
So you need to:
std::ostringstream ss;
ss.write(binary_password,length);
sql << "INSERT into (user,password) values(?,?)" << username << ss;
However I do recommend storing it as hexadecimal value as it is much easier to
print and
manipulate them when you work with DB directly - i.e. run queries directly via
sqlite3 - something
very useful.
>
> I want to stock under binary because it's space efficient and it's the type
>returned by cppcms::message_digest::md5()
Note that there is cppcms::util::md5hex as well that makes hexadecimal sring
In any case I would rather suggest using sha1 and not forget salting. Even
better
use hmac rather then plain message digest to store passwords.
>
> thank you very much
> Baptiste
Regards,
Artyom
|
