Port of Cryptography to Pharo
Locked
123
123
Re: Port of Cryptography to Pharo
 
|
ok let us do it then
stef On May 22, 2009, at 5:16 PM, Adrian Lienhard wrote: > I think we should add MD5 and SHA1 of Cryptography to Pharo-core. > These are quite basic and often used hash functions. In the past I > also copied the MD5 class over from the Cryptography package. > > Adrian > > On May 22, 2009, at 16:54 , Stéphane Ducasse wrote: > >> Hi guys >> >> Why don;t you join forces and create a Cryptography package which >> work >> for pharo and for you. >> Mariano I still would love to know the method of integer that are >> missing >> >> Stef >> >> On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: >> >>> Hello, >>> >>> I faced the same problem with Cloudfork-AWS. This project required >>> the Cryptography package for generating the signatures using SHA and >>> for generating MD5 hash values. >>> >>> When I had problems loading the package in Pharo and I learned that >>> the package was no longer maintained I copied the classes I required >>> to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I >>> renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the >>> methods in the required class extensions with cf. For example >>> ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular >>> approach for Glorp. >>> >>> Jan. >>> >>> PS: Another dependency of Cloudfork is a HTTP client. I'm now >>> playing around with the CurlPlugin, this plugin works very well. >>> Things like supporting https become real easy >>> >>> 2009/5/22 Mariano Martinez Peck <[hidden email]> >>> >>> >>> On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat <[hidden email] >>>> wrote: >>> I'm really sorry to hear it is no longer being maintained. >>> It was a necessary package to connect to properly set up Postgres >>> databases, that requiere sending password hashes with SHA-1. We >>> will probably face this kind of need when interacting with the >>> outside world in general. >>> >>> Yes. That's why I saw it. I am trying to make Glorp to work in >>> Pharo, but as you know Glorp in Squeak only works with Postgres. And >>> the native postgres driver requieres cryptography package when you >>> use md5 :( >>> >>> Just for now, I disable md5 from my postgres and use "password" >>> auth- >>> method. With this, cryptography is not needed. However, this is not >>> an option in a production enviorment. >>> >>> Cheers, >>> >>> Mariano >>> >>> >>> It was a fantastic package, I wonder why the maintainers droped it. >>> I suppose maintaining crypto frameworks up to date, with no >>> vulnerabilities, is a lot of work. >>> Sorry for venting out my sadnes to the list. >>> Cheers >>> >>> r. >>> >>> >>> >>> >>> -----Original Message----- >>> From: [hidden email] [mailto:[hidden email] >>> ] On Behalf Of Stéphane Ducasse >>> Sent: 22 May 2009 11:08 >>> To: [hidden email] >>> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >>> >>> Ok I thought the cryptology package was working well and maintained. >>> >>> Stef >>> >>> On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: >>> >>>> Agreed: I mentioned both curl and OpenSSL - we should embrace both. >>>> AFACT, the cryptography package is a thing of the past, and we >>>> should look to active projects. Tell me where I'm wrong, please. >>>> >>>> Another reality, fair or not: if we were to take on the enormous >>>> burden of maintaining the cypto package, there would always be >>>> questions about security holes we left open. The same will be true >>>> of OpenSSL, but there is (not always fair) credibility in numbers >>>> widely known projects. There will be would-be users of Pharo who >>>> will want OpenSSL for its reputation, and who would question a >>>> home- >>>> grown solution. >>>> >>>> Bill >>>> >>>> >>>> From: [hidden email] [mailto:[hidden email] >>>> ] On Behalf Of Fernando olivero >>>> Sent: Friday, May 22, 2009 4:20 AM >>>> To: [hidden email] >>>> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >>>> >>>> >>>> Just a comment, >>>> >>>> you could use the new AlienFFI framework to comunicate with curl. >>>> Or reify any C library you want in Pharo. >>>> >>>> Fernando >>>> >>>> >>>> On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: >>>> >>>>> The most recent post on the crytography mailing list starts out as >>>>> follows: >>>>> >>>>> Since the Cryptography Team doesn't exists anymore, the >>>>> Cryptography package is not maintained by anyone. The SSL >>>>> implementation doesn't allow easy debugging, you can't just turn >>>>> on >>>>> logging to see what's happening. Following the state machine >>>>> transitions should give you the answer why the handshake isn't >>>>> succeding. It might be related to certificates or TLS->SSL3 >>>>> fallback. If I were you, I would go with curl. >>>>> I think it is time to write a wrapper around open SSL in addition >>>>> to looking at the curl plugin. Trying to write cryptography code >>>>> from scratch and get and keep it right is a huge effort, and >>>>> pretty >>>>> avoidable, and IMHO, better avoided by letting others do the job. >>>>> Ever read Sun Tzu? >>>>> >>>>> Bill >>>>> >>>>> >>>>> >>>>> From: [hidden email] [mailto:[hidden email] >>>>> ] On Behalf Of Mariano Martinez Peck >>>>> Sent: Thursday, May 21, 2009 8:51 PM >>>>> To: Pharo Development >>>>> Subject: [Pharo-project] Port of Cryptography to Pharo >>>>> >>>>> I don't know if there is anyone of the developers of the package >>>>> Cryptography but is someone is willing to do the port of it to >>>>> Pharo? Most tests are break and it seems not to work because lots >>>>> of Cryptography methods where in classes like SmallInteger and >>>>> these methods were removed in Pharo. >>>>> >>>>> Regards, >>>>> >>>>> Mariano >>>>> <ATT00001.txt> >>>> >>>> _______________________________________________ >>>> Pharo-project mailing list >>>> [hidden email] >>>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> This email is confidential and subject to important disclaimers and >>> conditions including on offers for the purchase or sale of >>> securities, accuracy and completeness of information, viruses, >>> confidentiality, legal privilege, and legal entity disclaimers, >>> available at http://www.jpmorgan.com/pages/disclosures/email. >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
In reply to this post by Stéphane Ducasse
FYI OpenCobalt release has a Cryptography package added and is being used to
TLS to Jabber..... -----Mensaje original----- De: [hidden email] [mailto:[hidden email]]En nombre de Stéphane Ducasse Enviado el: Viernes, 22 de Mayo de 2009 11:55 a.m. Para: [hidden email] Asunto: Re: [Pharo-project] Port of Cryptography to Pharo Hi guys Why don;t you join forces and create a Cryptography package which work for pharo and for you. Mariano I still would love to know the method of integer that are missing Stef On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > Hello, > > I faced the same problem with Cloudfork-AWS. This project required > the Cryptography package for generating the signatures using SHA and > for generating MD5 hash values. > > When I had problems loading the package in Pharo and I learned that > the package was no longer maintained I copied the classes I required > to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I > renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the > methods in the required class extensions with cf. For example > ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular > approach for Glorp. > > Jan. > > PS: Another dependency of Cloudfork is a HTTP client. I'm now > playing around with the CurlPlugin, this plugin works very well. > Things like supporting https become real easy > > 2009/5/22 Mariano Martinez Peck <[hidden email]> > > > On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat > > wrote: > I'm really sorry to hear it is no longer being maintained. > It was a necessary package to connect to properly set up Postgres > databases, that requiere sending password hashes with SHA-1. We > will probably face this kind of need when interacting with the > outside world in general. > > Yes. That's why I saw it. I am trying to make Glorp to work in > Pharo, but as you know Glorp in Squeak only works with Postgres. And > the native postgres driver requieres cryptography package when you > use md5 :( > > Just for now, I disable md5 from my postgres and use "password" auth- > method. With this, cryptography is not needed. However, this is not > an option in a production enviorment. > > Cheers, > > Mariano > > > It was a fantastic package, I wonder why the maintainers droped it. > I suppose maintaining crypto frameworks up to date, with no > vulnerabilities, is a lot of work. > Sorry for venting out my sadnes to the list. > Cheers > > r. > > > > > -----Original Message----- > From: [hidden email] > ] On Behalf Of Stéphane Ducasse > Sent: 22 May 2009 11:08 > To: [hidden email] > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > Ok I thought the cryptology package was working well and maintained. > > Stef > > On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: > > > Agreed: I mentioned both curl and OpenSSL - we should embrace both. > > AFACT, the cryptography package is a thing of the past, and we > > should look to active projects. Tell me where I'm wrong, please. > > > > Another reality, fair or not: if we were to take on the enormous > > burden of maintaining the cypto package, there would always be > > questions about security holes we left open. The same will be true > > of OpenSSL, but there is (not always fair) credibility in numbers > > widely known projects. There will be would-be users of Pharo who > > will want OpenSSL for its reputation, and who would question a home- > > grown solution. > > > > Bill > > > > > > From: [hidden email] > > ] On Behalf Of Fernando olivero > > Sent: Friday, May 22, 2009 4:20 AM > > To: [hidden email] > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > > > Just a comment, > > > > you could use the new AlienFFI framework to comunicate with curl. > > Or reify any C library you want in Pharo. > > > > Fernando > > > > > > On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: > > > >> The most recent post on the crytography mailing list starts out as > >> follows: > >> > >> Since the Cryptography Team doesn't exists anymore, the > >> Cryptography package is not maintained by anyone. The SSL > >> implementation doesn't allow easy debugging, you can't just turn on > >> logging to see what's happening. Following the state machine > >> transitions should give you the answer why the handshake isn't > >> succeding. It might be related to certificates or TLS->SSL3 > >> fallback. If I were you, I would go with curl. > >> I think it is time to write a wrapper around open SSL in addition > >> to looking at the curl plugin. Trying to write cryptography code > >> from scratch and get and keep it right is a huge effort, and pretty > >> avoidable, and IMHO, better avoided by letting others do the job. > >> Ever read Sun Tzu? > >> > >> Bill > >> > >> > >> > >> From: [hidden email] > >> ] On Behalf Of Mariano Martinez Peck > >> Sent: Thursday, May 21, 2009 8:51 PM > >> To: Pharo Development > >> Subject: [Pharo-project] Port of Cryptography to Pharo > >> > >> I don't know if there is anyone of the developers of the package > >> Cryptography but is someone is willing to do the port of it to > >> Pharo? Most tests are break and it seems not to work because lots > >> of Cryptography methods where in classes like SmallInteger and > >> these methods were removed in Pharo. > >> > >> Regards, > >> > >> Mariano > >> <ATT00001.txt> > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > This email is confidential and subject to important disclaimers and > conditions including on offers for the purchase or sale of > securities, accuracy and completeness of information, viruses, > confidentiality, legal privilege, and legal entity disclaimers, > available at http://www.jpmorgan.com/pages/disclosures/email. > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project -- Internal Virus Database is out-of-date. Checked by AVG. Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: 30/04/2009 05:53 p.m. _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
tx for the pointer!
On May 22, 2009, at 5:36 PM, Carlos Crosetti wrote: > FYI OpenCobalt release has a Cryptography package added and is being > used to > TLS to Jabber..... > > -----Mensaje original----- > De: [hidden email] > [mailto:[hidden email]]En nombre de > Stéphane Ducasse > Enviado el: Viernes, 22 de Mayo de 2009 11:55 a.m. > Para: [hidden email] > Asunto: Re: [Pharo-project] Port of Cryptography to Pharo > > > Hi guys > > Why don;t you join forces and create a Cryptography package which work > for pharo and for you. > Mariano I still would love to know the method of integer that are > missing > > Stef > > On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > >> Hello, >> >> I faced the same problem with Cloudfork-AWS. This project required >> the Cryptography package for generating the signatures using SHA and >> for generating MD5 hash values. >> >> When I had problems loading the package in Pharo and I learned that >> the package was no longer maintained I copied the classes I required >> to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I >> renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the >> methods in the required class extensions with cf. For example >> ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular >> approach for Glorp. >> >> Jan. >> >> PS: Another dependency of Cloudfork is a HTTP client. I'm now >> playing around with the CurlPlugin, this plugin works very well. >> Things like supporting https become real easy >> >> 2009/5/22 Mariano Martinez Peck <[hidden email]> >> >> >> On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat > <[hidden email] >>> wrote: >> I'm really sorry to hear it is no longer being maintained. >> It was a necessary package to connect to properly set up Postgres >> databases, that requiere sending password hashes with SHA-1. We >> will probably face this kind of need when interacting with the >> outside world in general. >> >> Yes. That's why I saw it. I am trying to make Glorp to work in >> Pharo, but as you know Glorp in Squeak only works with Postgres. And >> the native postgres driver requieres cryptography package when you >> use md5 :( >> >> Just for now, I disable md5 from my postgres and use "password" auth- >> method. With this, cryptography is not needed. However, this is not >> an option in a production enviorment. >> >> Cheers, >> >> Mariano >> >> >> It was a fantastic package, I wonder why the maintainers droped it. >> I suppose maintaining crypto frameworks up to date, with no >> vulnerabilities, is a lot of work. >> Sorry for venting out my sadnes to the list. >> Cheers >> >> r. >> >> >> >> >> -----Original Message----- >> From: [hidden email] > [mailto:[hidden email] >> ] On Behalf Of Stéphane Ducasse >> Sent: 22 May 2009 11:08 >> To: [hidden email] >> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >> >> Ok I thought the cryptology package was working well and maintained. >> >> Stef >> >> On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: >> >>> Agreed: I mentioned both curl and OpenSSL - we should embrace both. >>> AFACT, the cryptography package is a thing of the past, and we >>> should look to active projects. Tell me where I'm wrong, please. >>> >>> Another reality, fair or not: if we were to take on the enormous >>> burden of maintaining the cypto package, there would always be >>> questions about security holes we left open. The same will be true >>> of OpenSSL, but there is (not always fair) credibility in numbers >>> widely known projects. There will be would-be users of Pharo who >>> will want OpenSSL for its reputation, and who would question a home- >>> grown solution. >>> >>> Bill >>> >>> >>> From: [hidden email] > [mailto:[hidden email] >>> ] On Behalf Of Fernando olivero >>> Sent: Friday, May 22, 2009 4:20 AM >>> To: [hidden email] >>> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >>> >>> >>> Just a comment, >>> >>> you could use the new AlienFFI framework to comunicate with curl. >>> Or reify any C library you want in Pharo. >>> >>> Fernando >>> >>> >>> On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: >>> >>>> The most recent post on the crytography mailing list starts out as >>>> follows: >>>> >>>> Since the Cryptography Team doesn't exists anymore, the >>>> Cryptography package is not maintained by anyone. The SSL >>>> implementation doesn't allow easy debugging, you can't just turn on >>>> logging to see what's happening. Following the state machine >>>> transitions should give you the answer why the handshake isn't >>>> succeding. It might be related to certificates or TLS->SSL3 >>>> fallback. If I were you, I would go with curl. >>>> I think it is time to write a wrapper around open SSL in addition >>>> to looking at the curl plugin. Trying to write cryptography code >>>> from scratch and get and keep it right is a huge effort, and pretty >>>> avoidable, and IMHO, better avoided by letting others do the job. >>>> Ever read Sun Tzu? >>>> >>>> Bill >>>> >>>> >>>> >>>> From: [hidden email] > [mailto:[hidden email] >>>> ] On Behalf Of Mariano Martinez Peck >>>> Sent: Thursday, May 21, 2009 8:51 PM >>>> To: Pharo Development >>>> Subject: [Pharo-project] Port of Cryptography to Pharo >>>> >>>> I don't know if there is anyone of the developers of the package >>>> Cryptography but is someone is willing to do the port of it to >>>> Pharo? Most tests are break and it seems not to work because lots >>>> of Cryptography methods where in classes like SmallInteger and >>>> these methods were removed in Pharo. >>>> >>>> Regards, >>>> >>>> Mariano >>>> <ATT00001.txt> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> This email is confidential and subject to important disclaimers and >> conditions including on offers for the purchase or sale of >> securities, accuracy and completeness of information, viruses, >> confidentiality, legal privilege, and legal entity disclaimers, >> available at http://www.jpmorgan.com/pages/disclosures/email. >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > -- > Internal Virus Database is out-of-date. > Checked by AVG. > Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: > 30/04/2009 > 05:53 p.m. > > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
In reply to this post by Stéphane Ducasse
On Fri, May 22, 2009 at 1:54 PM, Stéphane Ducasse <[hidden email]> wrote: Hi guys It's a good idea.
I am a bit complicated at work right now. I hope tonight or tomorrow have the time and will tell you the methods.
_______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
sure no stress
I have to fix some walls :) stef On May 22, 2009, at 5:50 PM, Mariano Martinez Peck wrote: > > > On Fri, May 22, 2009 at 1:54 PM, Stéphane Ducasse <[hidden email] > > wrote: > Hi guys > > Why don;t you join forces and create a Cryptography package which work > for pharo and for you. > > It's a good idea. > > > Mariano I still would love to know the method of integer that are > missing > > I am a bit complicated at work right now. I hope tonight or tomorrow > have the time and will tell you the methods. > > > > Stef > > On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > > > Hello, > > > > I faced the same problem with Cloudfork-AWS. This project required > > the Cryptography package for generating the signatures using SHA and > > for generating MD5 hash values. > > > > When I had problems loading the package in Pharo and I learned that > > the package was no longer maintained I copied the classes I required > > to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I > > renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the > > methods in the required class extensions with cf. For example > > ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular > > approach for Glorp. > > > > Jan. > > > > PS: Another dependency of Cloudfork is a HTTP client. I'm now > > playing around with the CurlPlugin, this plugin works very well. > > Things like supporting https become real easy > > > > 2009/5/22 Mariano Martinez Peck <[hidden email]> > > > > > > On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat <[hidden email] > > > wrote: > > I'm really sorry to hear it is no longer being maintained. > > It was a necessary package to connect to properly set up Postgres > > databases, that requiere sending password hashes with SHA-1. We > > will probably face this kind of need when interacting with the > > outside world in general. > > > > Yes. That's why I saw it. I am trying to make Glorp to work in > > Pharo, but as you know Glorp in Squeak only works with Postgres. And > > the native postgres driver requieres cryptography package when you > > use md5 :( > > > > Just for now, I disable md5 from my postgres and use "password" > auth- > > method. With this, cryptography is not needed. However, this is not > > an option in a production enviorment. > > > > Cheers, > > > > Mariano > > > > > > It was a fantastic package, I wonder why the maintainers droped it. > > I suppose maintaining crypto frameworks up to date, with no > > vulnerabilities, is a lot of work. > > Sorry for venting out my sadnes to the list. > > Cheers > > > > r. > > > > > > > > > > -----Original Message----- > > From: [hidden email] [mailto:[hidden email] > > ] On Behalf Of Stéphane Ducasse > > Sent: 22 May 2009 11:08 > > To: [hidden email] > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > Ok I thought the cryptology package was working well and maintained. > > > > Stef > > > > On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: > > > > > Agreed: I mentioned both curl and OpenSSL - we should embrace > both. > > > AFACT, the cryptography package is a thing of the past, and we > > > should look to active projects. Tell me where I'm wrong, please. > > > > > > Another reality, fair or not: if we were to take on the enormous > > > burden of maintaining the cypto package, there would always be > > > questions about security holes we left open. The same will be > true > > > of OpenSSL, but there is (not always fair) credibility in numbers > > > widely known projects. There will be would-be users of Pharo who > > > will want OpenSSL for its reputation, and who would question a > home- > > > grown solution. > > > > > > Bill > > > > > > > > > From: [hidden email] [mailto:[hidden email] > > > ] On Behalf Of Fernando olivero > > > Sent: Friday, May 22, 2009 4:20 AM > > > To: [hidden email] > > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > > > > > > Just a comment, > > > > > > you could use the new AlienFFI framework to comunicate with curl. > > > Or reify any C library you want in Pharo. > > > > > > Fernando > > > > > > > > > On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: > > > > > >> The most recent post on the crytography mailing list starts out > as > > >> follows: > > >> > > >> Since the Cryptography Team doesn't exists anymore, the > > >> Cryptography package is not maintained by anyone. The SSL > > >> implementation doesn't allow easy debugging, you can't just > turn on > > >> logging to see what's happening. Following the state machine > > >> transitions should give you the answer why the handshake isn't > > >> succeding. It might be related to certificates or TLS->SSL3 > > >> fallback. If I were you, I would go with curl. > > >> I think it is time to write a wrapper around open SSL in addition > > >> to looking at the curl plugin. Trying to write cryptography code > > >> from scratch and get and keep it right is a huge effort, and > pretty > > >> avoidable, and IMHO, better avoided by letting others do the job. > > >> Ever read Sun Tzu? > > >> > > >> Bill > > >> > > >> > > >> > > >> From: [hidden email] [mailto:[hidden email] > > >> ] On Behalf Of Mariano Martinez Peck > > >> Sent: Thursday, May 21, 2009 8:51 PM > > >> To: Pharo Development > > >> Subject: [Pharo-project] Port of Cryptography to Pharo > > >> > > >> I don't know if there is anyone of the developers of the package > > >> Cryptography but is someone is willing to do the port of it to > > >> Pharo? Most tests are break and it seems not to work because lots > > >> of Cryptography methods where in classes like SmallInteger and > > >> these methods were removed in Pharo. > > >> > > >> Regards, > > >> > > >> Mariano > > >> <ATT00001.txt> > > > > > > _______________________________________________ > > > Pharo-project mailing list > > > [hidden email] > > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo- > project > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > This email is confidential and subject to important disclaimers and > > conditions including on offers for the purchase or sale of > > securities, accuracy and completeness of information, viruses, > > confidentiality, legal privilege, and legal entity disclaimers, > > available at http://www.jpmorgan.com/pages/disclosures/email. > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
In reply to this post by Stéphane Ducasse
Stef,
I proposed that a while ago, but there was a stunning lack of response. The offer is still good however; I'd welcome a group effort to tackle it. Bill -----Original Message----- From: [hidden email] [mailto:[hidden email]] On Behalf Of Stéphane Ducasse Sent: Friday, May 22, 2009 9:55 AM To: [hidden email] Subject: Re: [Pharo-project] Port of Cryptography to Pharo Hi guys Why don;t you join forces and create a Cryptography package which work for pharo and for you. Mariano I still would love to know the method of integer that are missing Stef On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > Hello, > > I faced the same problem with Cloudfork-AWS. This project required the > Cryptography package for generating the signatures using SHA and for > generating MD5 hash values. > > When I had problems loading the package in Pharo and I learned that > the package was no longer maintained I copied the classes I required > to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I > renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the > methods in the required class extensions with cf. For example > ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular > approach for Glorp. > > Jan. > > PS: Another dependency of Cloudfork is a HTTP client. I'm now > playing around with the CurlPlugin, this plugin works very well. > Things like supporting https become real easy > > 2009/5/22 Mariano Martinez Peck <[hidden email]> > > > On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat <[hidden email] > > wrote: > I'm really sorry to hear it is no longer being maintained. > It was a necessary package to connect to properly set up Postgres > databases, that requiere sending password hashes with SHA-1. We > will probably face this kind of need when interacting with the > outside world in general. > > Yes. That's why I saw it. I am trying to make Glorp to work in > Pharo, but as you know Glorp in Squeak only works with Postgres. And > the native postgres driver requieres cryptography package when you > use md5 :( > > Just for now, I disable md5 from my postgres and use "password" auth- > method. With this, cryptography is not needed. However, this is not > an option in a production enviorment. > > Cheers, > > Mariano > > > It was a fantastic package, I wonder why the maintainers droped it. > I suppose maintaining crypto frameworks up to date, with no > vulnerabilities, is a lot of work. > Sorry for venting out my sadnes to the list. > Cheers > > r. > > > > > -----Original Message----- > From: [hidden email] [mailto:[hidden email] > ] On Behalf Of Stéphane Ducasse > Sent: 22 May 2009 11:08 > To: [hidden email] > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > Ok I thought the cryptology package was working well and maintained. > > Stef > > On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: > > > Agreed: I mentioned both curl and OpenSSL - we should embrace both. > > AFACT, the cryptography package is a thing of the past, and we > > should look to active projects. Tell me where I'm wrong, please. > > > > Another reality, fair or not: if we were to take on the enormous > > burden of maintaining the cypto package, there would always be > > questions about security holes we left open. The same will be true > > of OpenSSL, but there is (not always fair) credibility in numbers > > widely known projects. There will be would-be users of Pharo who > > will want OpenSSL for its reputation, and who would question a home- > > grown solution. > > > > Bill > > > > > > From: [hidden email] [mailto:[hidden email] > > ] On Behalf Of Fernando olivero > > Sent: Friday, May 22, 2009 4:20 AM > > To: [hidden email] > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > > > Just a comment, > > > > you could use the new AlienFFI framework to comunicate with curl. > > Or reify any C library you want in Pharo. > > > > Fernando > > > > > > On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: > > > >> The most recent post on the crytography mailing list starts out as > >> follows: > >> > >> Since the Cryptography Team doesn't exists anymore, the > >> Cryptography package is not maintained by anyone. The SSL > >> implementation doesn't allow easy debugging, you can't just turn on > >> logging to see what's happening. Following the state machine > >> transitions should give you the answer why the handshake isn't > >> succeding. It might be related to certificates or TLS->SSL3 > >> fallback. If I were you, I would go with curl. > >> I think it is time to write a wrapper around open SSL in addition > >> to looking at the curl plugin. Trying to write cryptography code > >> from scratch and get and keep it right is a huge effort, and pretty > >> avoidable, and IMHO, better avoided by letting others do the job. > >> Ever read Sun Tzu? > >> > >> Bill > >> > >> > >> > >> From: [hidden email] [mailto:[hidden email] > >> ] On Behalf Of Mariano Martinez Peck > >> Sent: Thursday, May 21, 2009 8:51 PM > >> To: Pharo Development > >> Subject: [Pharo-project] Port of Cryptography to Pharo > >> > >> I don't know if there is anyone of the developers of the package > >> Cryptography but is someone is willing to do the port of it to > >> Pharo? Most tests are break and it seems not to work because lots > >> of Cryptography methods where in classes like SmallInteger and > >> these methods were removed in Pharo. > >> > >> Regards, > >> > >> Mariano > >> <ATT00001.txt> > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > This email is confidential and subject to important disclaimers and > conditions including on offers for the purchase or sale of > securities, accuracy and completeness of information, viruses, > confidentiality, legal privilege, and legal entity disclaimers, > available at http://www.jpmorgan.com/pages/disclosures/email. > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
In reply to this post by Carlos Crosetti-4
looking for pointers to a sample Alien FFi code calling a COM based DLL....
_______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
did you succeed to load well alien.
Because fernando and me where cleaning it but I did not check what fernando published. I know that this is much cleaner (we remove newspeak bytecode). Now we need people to shake it. On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: > looking for pointers to a sample Alien FFi code calling a COM based > DLL.... > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
Carlos, plese let me know if you have problems loading the AlienFFI
package. Look at the email i sent a couple of days ago, in there i explained the status and how to load. I'm using alien to reify C libraries and be able to call its behavior in smalltalk, doing that is fairly easy with AlienFFI and it works fast. Once you get it installed and test the examples i could help you more. Saludos, Fernando On May 23, 2009, at 11:40 AM, Stéphane Ducasse wrote: > did you succeed to load well alien. > Because fernando and me where cleaning it but I did not check what > fernando published. > I know that this is much cleaner (we remove newspeak bytecode). > > Now we need people to shake it. > > > On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: > >> looking for pointers to a sample Alien FFi code calling a COM based >> DLL.... >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
Fernando, plese can you send the note you mention again? Thanks, Carlos
-----Mensaje original----- De: [hidden email] [mailto:[hidden email]]En nombre de Fernando olivero Enviado el: Sábado, 23 de Mayo de 2009 06:56 a.m. Para: [hidden email] Asunto: Re: [Pharo-project] Alien FFI & COM Carlos, plese let me know if you have problems loading the AlienFFI package. Look at the email i sent a couple of days ago, in there i explained the status and how to load. I'm using alien to reify C libraries and be able to call its behavior in smalltalk, doing that is fairly easy with AlienFFI and it works fast. Once you get it installed and test the examples i could help you more. Saludos, Fernando On May 23, 2009, at 11:40 AM, Stéphane Ducasse wrote: > did you succeed to load well alien. > Because fernando and me where cleaning it but I did not check what > fernando published. > I know that this is much cleaner (we remove newspeak bytecode). > > Now we need people to shake it. > > > On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: > >> looking for pointers to a sample Alien FFi code calling a COM based >> DLL.... >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project -- Internal Virus Database is out-of-date. Checked by AVG. Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: 30/04/2009 05:53 p.m. _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
just load Alien from the alien squeaksource project
On May 23, 2009, at 12:58 PM, Carlos Crosetti wrote: > Fernando, plese can you send the note you mention again? Thanks, > Carlos > > -----Mensaje original----- > De: [hidden email] > [mailto:[hidden email]]En nombre de > Fernando olivero > Enviado el: Sábado, 23 de Mayo de 2009 06:56 a.m. > Para: [hidden email] > Asunto: Re: [Pharo-project] Alien FFI & COM > > > Carlos, plese let me know if you have problems loading the AlienFFI > package. > > Look at the email i sent a couple of days ago, in there i explained > the status and how to load. > > I'm using alien to reify C libraries and be able to call its behavior > in smalltalk, doing that is fairly easy with AlienFFI and it works > fast. > > Once you get it installed and test the examples i could help you > more. > > Saludos, > Fernando > > On May 23, 2009, at 11:40 AM, Stéphane Ducasse wrote: > >> did you succeed to load well alien. >> Because fernando and me where cleaning it but I did not check what >> fernando published. >> I know that this is much cleaner (we remove newspeak bytecode). >> >> Now we need people to shake it. >> >> >> On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: >> >>> looking for pointers to a sample Alien FFi code calling a COM based >>> DLL.... >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >> >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > -- > Internal Virus Database is out-of-date. > Checked by AVG. > Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: > 30/04/2009 > 05:53 p.m. > > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
I thought Alien FFI was only working in Mac. I am interesting in migrating SqueakDBX FFI calls to AlienFFI if I can see advantages, but I need AlienFFI works in Linux, Mac and Windows. When this is done and there is a documentation somewhere, I can do some tests.
Cheers, Mariano On Sat, May 23, 2009 at 8:41 AM, Stéphane Ducasse <[hidden email]> wrote: just load Alien from the alien squeaksource project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
On May 23, 2009, at 9:52 PM, Mariano Martinez Peck wrote: > I thought Alien FFI was only working in Mac. I am interesting in > migrating SqueakDBX FFI calls to AlienFFI if I can see advantages, > but I need AlienFFI works in Linux, Mac and Windows. When this is > done and there is a documentation somewhere, I can do some tests. Try because I do not have a PC here. But the code contains PC examples. Stef > > > Cheers, > > Mariano > > On Sat, May 23, 2009 at 8:41 AM, Stéphane Ducasse <[hidden email] > > wrote: > just load Alien from the alien squeaksource project > > On May 23, 2009, at 12:58 PM, Carlos Crosetti wrote: > > > Fernando, plese can you send the note you mention again? Thanks, > > Carlos > > > > -----Mensaje original----- > > De: [hidden email] > > [mailto:[hidden email]]En nombre de > > Fernando olivero > > Enviado el: Sábado, 23 de Mayo de 2009 06:56 a.m. > > Para: [hidden email] > > Asunto: Re: [Pharo-project] Alien FFI & COM > > > > > > Carlos, plese let me know if you have problems loading the AlienFFI > > package. > > > > Look at the email i sent a couple of days ago, in there i explained > > the status and how to load. > > > > I'm using alien to reify C libraries and be able to call its > behavior > > in smalltalk, doing that is fairly easy with AlienFFI and it works > > fast. > > > > Once you get it installed and test the examples i could help you > > more. > > > > Saludos, > > Fernando > > > > On May 23, 2009, at 11:40 AM, Stéphane Ducasse wrote: > > > >> did you succeed to load well alien. > >> Because fernando and me where cleaning it but I did not check what > >> fernando published. > >> I know that this is much cleaner (we remove newspeak bytecode). > >> > >> Now we need people to shake it. > >> > >> > >> On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: > >> > >>> looking for pointers to a sample Alien FFi code calling a COM > based > >>> DLL.... > >>> > >>> _______________________________________________ > >>> Pharo-project mailing list > >>> [hidden email] > >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo- > project > >>> > >> > >> > >> _______________________________________________ > >> Pharo-project mailing list > >> [hidden email] > >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > > > > > -- > > Internal Virus Database is out-of-date. > > Checked by AVG. > > Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: > > 30/04/2009 > > 05:53 p.m. > > > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
ALienFFI has plugins for windows vm also, it works for it too.
Its not tied to mac, what i meant is that i only tested on mac, because i dont have acces to a PC. AlienLoader>>loadLibCInPharo gives you examples for windows, and mac also. After loading look at the class AlienExamples. Also AlienLoader>>loadWin32InPharo gives you examples with windows specific libraries, look at AlienExamples after loading. About documentation you can look here: http://wiki.squeak.org/squeak/6100 Both pdf files there were very helpful for me. Saludos, Fernando On May 23, 2009, at 9:54 PM, Stéphane Ducasse wrote: > > On May 23, 2009, at 9:52 PM, Mariano Martinez Peck wrote: > >> I thought Alien FFI was only working in Mac. I am interesting in >> migrating SqueakDBX FFI calls to AlienFFI if I can see advantages, >> but I need AlienFFI works in Linux, Mac and Windows. When this is >> done and there is a documentation somewhere, I can do some tests. > > Try because I do not have a PC here. > But the code contains PC examples. > > Stef >> >> >> Cheers, >> >> Mariano >> >> On Sat, May 23, 2009 at 8:41 AM, Stéphane Ducasse <[hidden email] >>> wrote: >> just load Alien from the alien squeaksource project >> >> On May 23, 2009, at 12:58 PM, Carlos Crosetti wrote: >> >>> Fernando, plese can you send the note you mention again? Thanks, >>> Carlos >>> >>> -----Mensaje original----- >>> De: [hidden email] >>> [mailto:[hidden email]]En nombre de >>> Fernando olivero >>> Enviado el: Sábado, 23 de Mayo de 2009 06:56 a.m. >>> Para: [hidden email] >>> Asunto: Re: [Pharo-project] Alien FFI & COM >>> >>> >>> Carlos, plese let me know if you have problems loading the AlienFFI >>> package. >>> >>> Look at the email i sent a couple of days ago, in there i explained >>> the status and how to load. >>> >>> I'm using alien to reify C libraries and be able to call its >> behavior >>> in smalltalk, doing that is fairly easy with AlienFFI and it works >>> fast. >>> >>> Once you get it installed and test the examples i could help you >>> more. >>> >>> Saludos, >>> Fernando >>> >>> On May 23, 2009, at 11:40 AM, Stéphane Ducasse wrote: >>> >>>> did you succeed to load well alien. >>>> Because fernando and me where cleaning it but I did not check what >>>> fernando published. >>>> I know that this is much cleaner (we remove newspeak bytecode). >>>> >>>> Now we need people to shake it. >>>> >>>> >>>> On May 22, 2009, at 10:55 PM, Carlos Crosetti wrote: >>>> >>>>> looking for pointers to a sample Alien FFi code calling a COM >> based >>>>> DLL.... >>>>> >>>>> _______________________________________________ >>>>> Pharo-project mailing list >>>>> [hidden email] >>>>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo- >> project >>>>> >>>> >>>> >>>> _______________________________________________ >>>> Pharo-project mailing list >>>> [hidden email] >>>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >>> >>> >>> -- >>> Internal Virus Database is out-of-date. >>> Checked by AVG. >>> Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: >>> 30/04/2009 >>> 05:53 p.m. >>> >>> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> [hidden email] >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >>> >> >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> _______________________________________________ >> Pharo-project mailing list >> [hidden email] >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
In reply to this post by Schwab,Wilhelm K
Did someone commit any kind of magic to Pharo core orCryptography packge ? I just prepared a latest image to start working on it but I see only 3 red tests. Those are: testDES, testDES2 and testDSASigninAndVerifying.
And all of them fail because of the same problem: a primitive has failed. The primitive is primCookKey: aByteArray mode: flag to: cooked <primitive: 'primitiveDESCookKey' module: 'DESPlugin'> ^ self primitiveFailed I look here: http://code.google.com/p/pharo/wiki/VMPluginOverview but I didn't found it. I don't have that plugin in my Exupery VM. Perhaps downloading VMMaker and try to generate the plugin is a good idea but I never even download VMMaker haha Anyway, is this important? Cheers, Mariano
On Fri, May 22, 2009 at 1:42 PM, Schwab,Wilhelm K <[hidden email]> wrote: Stef, _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
Ok, in the past I've built the DES plugin for the macintosh.
However I should point out that Cryptography should NOT be made part of the base VM. Why? Well the USA government then wants you to fill out export paperwork if you are USA company or selling product thru the USA that someone that doesn't live in the USA could buy. An example of this is when you submit apps to the Apple iPhone app store, then you are asked if the product includes any encryption and if you have done the paperwork.
Yes I know this is a irksome rule, but people should be aware of the implications.
2009/5/23 Mariano Martinez Peck <[hidden email]> Did someone commit any kind of magic to Pharo core orCryptography packge ? I just prepared a latest image to start working on it but I see only 3 red tests. Those are: testDES, testDES2 and testDSASigninAndVerifying. -- =========================================================================== John M. McIntosh <[hidden email]> Corporate Smalltalk Consulting Ltd. http://www.smalltalkconsulting.com =========================================================================== _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
John,
"Yes
I know this is a irksome rule, but people should be aware of the
implications. "
- you can say that again. Conspicuously among
those people are the members of the US House and Senate, and those who elected
them.
Bill
From: [hidden email] [mailto:[hidden email]] On Behalf Of John McIntosh Sent: Saturday, May 23, 2009 4:41 PM To: [hidden email] Subject: Re: [Pharo-project] Port of Cryptography to Pharo However I should point out that Cryptography should NOT be
made part of the base VM. Why? Well the USA government then wants you
to fill out export paperwork if you are USA company or selling product thru the
USA that someone that doesn't live in the USA could buy. An example of this is
when you submit apps to the Apple iPhone app store, then you are asked if the
product includes any encryption and if you have done the paperwork.
Yes I know this is a irksome rule, but people should be aware of
the implications.
2009/5/23 Mariano Martinez Peck <[hidden email]> Did someone commit any kind of magic to Pharo core orCryptography packge ? I just prepared a latest image to start working on it but I see only 3 red tests. Those are: testDES, testDES2 and testDSASigninAndVerifying. -- =========================================================================== John M. McIntosh <[hidden email]> Corporate Smalltalk Consulting Ltd. http://www.smalltalkconsulting.com =========================================================================== _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
|
|
well being from Canada I can't quite comment, but I did have to spend 5 minutes to confirm that WikiServer, ST80Docs, and SqueakDocs didn't have any thing illegal in them when I answered the prompt as part of my due diligence for submission sign off. In theory if cryptography went in then I would have to spend another 5 minutes deleting it. Unless of course I needed to use it, then likely delays of weeks awaiting paperwork signoff.
2009/5/23 Schwab,Wilhelm K <[hidden email]>
-- =========================================================================== John M. McIntosh <[hidden email]> Corporate Smalltalk Consulting Ltd. http://www.smalltalkconsulting.com =========================================================================== _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
Re: Port of Cryptography to Pharo
|
|
In reply to this post by johnmci
ok thanks for the information
stef On May 23, 2009, at 11:40 PM, John McIntosh wrote: > Ok, in the past I've built the DES plugin for the macintosh. > > However I should point out that Cryptography should NOT be made > part of the base VM. Why? Well the USA government then wants you to > fill out export paperwork if you are USA company or selling product > thru the USA that someone that doesn't live in the USA could buy. An > example of this is when you submit apps to the Apple iPhone app > store, then you are asked if the product includes any encryption and > if you have done the paperwork. > > Yes I know this is a irksome rule, but people should be aware of the > implications. > > 2009/5/23 Mariano Martinez Peck <[hidden email]> > Did someone commit any kind of magic to Pharo core orCryptography > packge ? I just prepared a latest image to start working on it but I > see only 3 red tests. Those are: testDES, testDES2 and > testDSASigninAndVerifying. > > And all of them fail because of the same problem: a primitive has > failed. The primitive is > > primCookKey: aByteArray mode: flag to: cooked > <primitive: 'primitiveDESCookKey' module: 'DESPlugin'> > ^ self primitiveFailed > > I look here: http://code.google.com/p/pharo/wiki/VMPluginOverview > but I didn't found it. I don't have that plugin in my Exupery VM. > > Perhaps downloading VMMaker and try to generate the plugin is a good > idea but I never even download VMMaker haha > > Anyway, is this important? > > Cheers, > > Mariano > > > > > > On Fri, May 22, 2009 at 1:42 PM, Schwab,Wilhelm K <[hidden email] > > wrote: > Stef, > > I proposed that a while ago, but there was a stunning lack of > response. The offer is still good however; I'd welcome a group > effort to tackle it. > > Bill > > > -----Original Message----- > From: [hidden email] [mailto:[hidden email] > ] On Behalf Of Stéphane Ducasse > Sent: Friday, May 22, 2009 9:55 AM > To: [hidden email] > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > Hi guys > > Why don;t you join forces and create a Cryptography package which > work for pharo and for you. > Mariano I still would love to know the method of integer that are > missing > > Stef > > On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > > > Hello, > > > > I faced the same problem with Cloudfork-AWS. This project required > the > > Cryptography package for generating the signatures using SHA and for > > generating MD5 hash values. > > > > When I had problems loading the package in Pharo and I learned that > > the package was no longer maintained I copied the classes I required > > to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I > > renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the > > methods in the required class extensions with cf. For example > > ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular > > approach for Glorp. > > > > Jan. > > > > PS: Another dependency of Cloudfork is a HTTP client. I'm now > > playing around with the CurlPlugin, this plugin works very well. > > Things like supporting https become real easy > > > > 2009/5/22 Mariano Martinez Peck <[hidden email]> > > > > > > On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat <[hidden email] > > > wrote: > > I'm really sorry to hear it is no longer being maintained. > > It was a necessary package to connect to properly set up Postgres > > databases, that requiere sending password hashes with SHA-1. We > > will probably face this kind of need when interacting with the > > outside world in general. > > > > Yes. That's why I saw it. I am trying to make Glorp to work in > > Pharo, but as you know Glorp in Squeak only works with Postgres. And > > the native postgres driver requieres cryptography package when you > > use md5 :( > > > > Just for now, I disable md5 from my postgres and use "password" > auth- > > method. With this, cryptography is not needed. However, this is not > > an option in a production enviorment. > > > > Cheers, > > > > Mariano > > > > > > It was a fantastic package, I wonder why the maintainers droped it. > > I suppose maintaining crypto frameworks up to date, with no > > vulnerabilities, is a lot of work. > > Sorry for venting out my sadnes to the list. > > Cheers > > > > r. > > > > > > > > > > -----Original Message----- > > From: [hidden email] [mailto:[hidden email] > > ] On Behalf Of Stéphane Ducasse > > Sent: 22 May 2009 11:08 > > To: [hidden email] > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > Ok I thought the cryptology package was working well and maintained. > > > > Stef > > > > On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: > > > > > Agreed: I mentioned both curl and OpenSSL - we should embrace > both. > > > AFACT, the cryptography package is a thing of the past, and we > > > should look to active projects. Tell me where I'm wrong, please. > > > > > > Another reality, fair or not: if we were to take on the enormous > > > burden of maintaining the cypto package, there would always be > > > questions about security holes we left open. The same will be > true > > > of OpenSSL, but there is (not always fair) credibility in numbers > > > widely known projects. There will be would-be users of Pharo who > > > will want OpenSSL for its reputation, and who would question a > home- > > > grown solution. > > > > > > Bill > > > > > > > > > From: [hidden email] [mailto:[hidden email] > > > ] On Behalf Of Fernando olivero > > > Sent: Friday, May 22, 2009 4:20 AM > > > To: [hidden email] > > > Subject: Re: [Pharo-project] Port of Cryptography to Pharo > > > > > > > > > Just a comment, > > > > > > you could use the new AlienFFI framework to comunicate with curl. > > > Or reify any C library you want in Pharo. > > > > > > Fernando > > > > > > > > > On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: > > > > > >> The most recent post on the crytography mailing list starts out > as > > >> follows: > > >> > > >> Since the Cryptography Team doesn't exists anymore, the > > >> Cryptography package is not maintained by anyone. The SSL > > >> implementation doesn't allow easy debugging, you can't just > turn on > > >> logging to see what's happening. Following the state machine > > >> transitions should give you the answer why the handshake isn't > > >> succeding. It might be related to certificates or TLS->SSL3 > > >> fallback. If I were you, I would go with curl. > > >> I think it is time to write a wrapper around open SSL in addition > > >> to looking at the curl plugin. Trying to write cryptography code > > >> from scratch and get and keep it right is a huge effort, and > pretty > > >> avoidable, and IMHO, better avoided by letting others do the job. > > >> Ever read Sun Tzu? > > >> > > >> Bill > > >> > > >> > > >> > > >> From: [hidden email] [mailto:[hidden email] > > >> ] On Behalf Of Mariano Martinez Peck > > >> Sent: Thursday, May 21, 2009 8:51 PM > > >> To: Pharo Development > > >> Subject: [Pharo-project] Port of Cryptography to Pharo > > >> > > >> I don't know if there is anyone of the developers of the package > > >> Cryptography but is someone is willing to do the port of it to > > >> Pharo? Most tests are break and it seems not to work because lots > > >> of Cryptography methods where in classes like SmallInteger and > > >> these methods were removed in Pharo. > > >> > > >> Regards, > > >> > > >> Mariano > > >> <ATT00001.txt> > > > > > > _______________________________________________ > > > Pharo-project mailing list > > > [hidden email] > > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo- > project > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > This email is confidential and subject to important disclaimers and > > conditions including on offers for the purchase or sale of > > securities, accuracy and completeness of information, viruses, > > confidentiality, legal privilege, and legal entity disclaimers, > > available at http://www.jpmorgan.com/pages/disclosures/email. > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > _______________________________________________ > > Pharo-project mailing list > > [hidden email] > > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > -- > = > = > = > = > = > ====================================================================== > John M. McIntosh <[hidden email]> > Corporate Smalltalk Consulting Ltd. http:// > www.smalltalkconsulting.com > = > = > = > = > = > ====================================================================== > > > _______________________________________________ > Pharo-project mailing list > [hidden email] > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
BytecodeAgnosticMethodNode ???
|
|
In reply to this post by Stéphane Ducasse
while evaluating
| table1 | table1 := GridMorph withColumns: #(one two). table1 addNewRow: #('uk' 'london'). table1 openInWorld. got a DNU notifier with BytecodeAgnosticMethodNode(Object)>>doesnotUderstand: #geherate Compiler>>evaluate:in:to:notifying:iffail:logged: what`s that?? _______________________________________________ Pharo-project mailing list [hidden email] http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project |
«
Return to Pharo Smalltalk Developers
|
1 view|%1 views
| Free forum by Nabble | Edit this page |