Hi Mariano, You shouldn't use it. Its broken. I didn't realize until just now. But I also haven't been using it.
To encrypt the db password do enc:=Blowfish encryptString:'myDbPassword' with: 'mySecretKey' and to decrypt it later do Blowfish decryptToString: enc with: 'mySecretKey' But if you decrypt it with the key '1234' you get 'ë "~ýãîfword' which shows its only encrypting the first 8 bytes. And if your db password is 30 chars long like this one: '123456789012345678901234567890' then the leaked info is the last 22 numbers. The tests aren't covering this error yet. I'll mess with it sometime soon and get it sorted but for now its broken and shouldn't be used. Unless your DB password is 8 bytes or less. -- View this message in context: http://forum.world.st/Pharo-dev-Recommendation-for-password-encryption-tp4698499p4698682.html Sent from the Pharo Smalltalk Developers mailing list archive at Nabble.com.
