tx for the pointer! On May 22, 2009, at 5:36 PM, Carlos Crosetti wrote:
> FYI OpenCobalt release has a Cryptography package added and is being > used to > TLS to Jabber..... > > -----Mensaje original----- > De: pharo-project-boun...@lists.gforge.inria.fr > [mailto:pharo-project-boun...@lists.gforge.inria.fr]en nombre de > Stéphane Ducasse > Enviado el: Viernes, 22 de Mayo de 2009 11:55 a.m. > Para: Pharo-project@lists.gforge.inria.fr > Asunto: Re: [Pharo-project] Port of Cryptography to Pharo > > > Hi guys > > Why don;t you join forces and create a Cryptography package which work > for pharo and for you. > Mariano I still would love to know the method of integer that are > missing > > Stef > > On May 22, 2009, at 4:47 PM, Jan van de Sandt wrote: > >> Hello, >> >> I faced the same problem with Cloudfork-AWS. This project required >> the Cryptography package for generating the signatures using SHA and >> for generating MD5 hash values. >> >> When I had problems loading the package in Pharo and I learned that >> the package was no longer maintained I copied the classes I required >> to a Cloudfork package. I needed the MD5, SHA1 and SHA256 classes. I >> renamed them to CFMD5, CFSHA1 and CFSHA256, I also prefixed all the >> methods in the required class extensions with cf. For example >> ThirtyTwoBitRegister>>cfBitShift: anInteger. You can use a simular >> approach for Glorp. >> >> Jan. >> >> PS: Another dependency of Cloudfork is a HTTP client. I'm now >> playing around with the CurlPlugin, this plugin works very well. >> Things like supporting https become real easy >> >> 2009/5/22 Mariano Martinez Peck <marianop...@gmail.com> >> >> >> On Fri, May 22, 2009 at 9:18 AM, Ramiro Diaz Trepat > <ramiro.diaz.tre...@jpmorgan.com >>> wrote: >> I'm really sorry to hear it is no longer being maintained. >> It was a necessary package to connect to properly set up Postgres >> databases, that requiere sending password hashes with SHA-1. We >> will probably face this kind of need when interacting with the >> outside world in general. >> >> Yes. That's why I saw it. I am trying to make Glorp to work in >> Pharo, but as you know Glorp in Squeak only works with Postgres. And >> the native postgres driver requieres cryptography package when you >> use md5 :( >> >> Just for now, I disable md5 from my postgres and use "password" auth- >> method. With this, cryptography is not needed. However, this is not >> an option in a production enviorment. >> >> Cheers, >> >> Mariano >> >> >> It was a fantastic package, I wonder why the maintainers droped it. >> I suppose maintaining crypto frameworks up to date, with no >> vulnerabilities, is a lot of work. >> Sorry for venting out my sadnes to the list. >> Cheers >> >> r. >> >> >> >> >> -----Original Message----- >> From: pharo-project-boun...@lists.gforge.inria.fr > [mailto:pharo-project-boun...@lists.gforge.inria.fr >> ] On Behalf Of Stéphane Ducasse >> Sent: 22 May 2009 11:08 >> To: Pharo-project@lists.gforge.inria.fr >> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >> >> Ok I thought the cryptology package was working well and maintained. >> >> Stef >> >> On May 22, 2009, at 11:58 AM, Schwab,Wilhelm K wrote: >> >>> Agreed: I mentioned both curl and OpenSSL - we should embrace both. >>> AFACT, the cryptography package is a thing of the past, and we >>> should look to active projects. Tell me where I'm wrong, please. >>> >>> Another reality, fair or not: if we were to take on the enormous >>> burden of maintaining the cypto package, there would always be >>> questions about security holes we left open. The same will be true >>> of OpenSSL, but there is (not always fair) credibility in numbers >>> widely known projects. There will be would-be users of Pharo who >>> will want OpenSSL for its reputation, and who would question a home- >>> grown solution. >>> >>> Bill >>> >>> >>> From: pharo-project-boun...@lists.gforge.inria.fr > [mailto:pharo-project-boun...@lists.gforge.inria.fr >>> ] On Behalf Of Fernando olivero >>> Sent: Friday, May 22, 2009 4:20 AM >>> To: Pharo-project@lists.gforge.inria.fr >>> Subject: Re: [Pharo-project] Port of Cryptography to Pharo >>> >>> >>> Just a comment, >>> >>> you could use the new AlienFFI framework to comunicate with curl. >>> Or reify any C library you want in Pharo. >>> >>> Fernando >>> >>> >>> On May 22, 2009, at 5:04 AM, Schwab,Wilhelm K wrote: >>> >>>> The most recent post on the crytography mailing list starts out as >>>> follows: >>>> >>>> Since the Cryptography Team doesn't exists anymore, the >>>> Cryptography package is not maintained by anyone. The SSL >>>> implementation doesn't allow easy debugging, you can't just turn on >>>> logging to see what's happening. Following the state machine >>>> transitions should give you the answer why the handshake isn't >>>> succeding. It might be related to certificates or TLS->SSL3 >>>> fallback. If I were you, I would go with curl. >>>> I think it is time to write a wrapper around open SSL in addition >>>> to looking at the curl plugin. Trying to write cryptography code >>>> from scratch and get and keep it right is a huge effort, and pretty >>>> avoidable, and IMHO, better avoided by letting others do the job. >>>> Ever read Sun Tzu? >>>> >>>> Bill >>>> >>>> >>>> >>>> From: pharo-project-boun...@lists.gforge.inria.fr > [mailto:pharo-project-boun...@lists.gforge.inria.fr >>>> ] On Behalf Of Mariano Martinez Peck >>>> Sent: Thursday, May 21, 2009 8:51 PM >>>> To: Pharo Development >>>> Subject: [Pharo-project] Port of Cryptography to Pharo >>>> >>>> I don't know if there is anyone of the developers of the package >>>> Cryptography but is someone is willing to do the port of it to >>>> Pharo? Most tests are break and it seems not to work because lots >>>> of Cryptography methods where in classes like SmallInteger and >>>> these methods were removed in Pharo. >>>> >>>> Regards, >>>> >>>> Mariano >>>> <ATT00001.txt> >>> >>> _______________________________________________ >>> Pharo-project mailing list >>> Pharo-project@lists.gforge.inria.fr >>> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> >> _______________________________________________ >> Pharo-project mailing list >> Pharo-project@lists.gforge.inria.fr >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> This email is confidential and subject to important disclaimers and >> conditions including on offers for the purchase or sale of >> securities, accuracy and completeness of information, viruses, >> confidentiality, legal privilege, and legal entity disclaimers, >> available at http://www.jpmorgan.com/pages/disclosures/email. >> >> _______________________________________________ >> Pharo-project mailing list >> Pharo-project@lists.gforge.inria.fr >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> >> _______________________________________________ >> Pharo-project mailing list >> Pharo-project@lists.gforge.inria.fr >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project >> >> _______________________________________________ >> Pharo-project mailing list >> Pharo-project@lists.gforge.inria.fr >> http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > _______________________________________________ > Pharo-project mailing list > Pharo-project@lists.gforge.inria.fr > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > > > > -- > Internal Virus Database is out-of-date. > Checked by AVG. > Version: 7.5.524 / Virus Database: 270.12.11/2089 - Release Date: > 30/04/2009 > 05:53 p.m. > > > > _______________________________________________ > Pharo-project mailing list > Pharo-project@lists.gforge.inria.fr > http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project > _______________________________________________ Pharo-project mailing list Pharo-project@lists.gforge.inria.fr http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project
