Re: [Pharo-users] HMAC-SHA512
2017-12-10 6:01 GMT-03:00 Ben Coman : > Can anyone recommend libraries (native Smalltalk or via FFI) > to do generate a HMAC-SHA512 ? On 11 December 2017 at 01:30, Hernán Morales Durand < hernan.mora...@gmail.com> wrote: > Hi Ben, > > I would use NaCl: http://cr.yp.to/highspeed/coolnacl-20120725.pdf > which you can install from the Pharo Project Catalog in Pharo 6.x Thanks Henry. That looks like path of least resistance. I hit a stumbling block that took a short while to understand. The library binary downloaded specified by ConfigruationOfNacl>>platformLibraryUrl is libsodium: ELF 32-bit LSB shared object whereas I'm using 64bit Linux. I have the following system library preinstalled... /usr/lib/x86_64-linux-gnu/libsodium.so.18.0.1: ELF 64-bit LSB shared object However its api is slightly different. Pharo Nacl makes this call out... crypto_hash_sha512_ref() but the system library provides... 56: 00014dc0 175 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512_final 81: 00014c40 384 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512_update 154: 00014bd0 106 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512_init 233: 00014e70 114 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512 342: 00012330 6 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512_bytes 351: 00012340 6 FUNCGLOBAL DEFAULT 11 crypto_hash_sha512_statebytes The canonical source doesn't seem to have the function https://github.com/jedisct1/libsodium/search?utf8=%E2%9C%93&q=+crypto_hash_sha512_ref so I'm curious where the "_ref" comes from. My options seem... * Compile a 64-bit libsodium from source which includes "_ref" functions. Where is such source? * Use the system libsodium and define an FFI callout just for the one function I need. cheers -ben
Re: [Pharo-users] OSEnvironment issue
yes, you are right, it's caused by wrong VM, since by default, my images are opened by pharo 5 VM, I cann't change to pharo 6.1 anyway without manual effort. I would easily miss this point while saving to new image and reopen. BTW, another wierd error occured frequently, nearly everytime, i.e. system font error while runing IDEs. Error message: FT2Error: Freetype2 primitive failed[error 2][unknown file format] while calling FreeTypeFace>>create. The system would halt complete at that point and the debugger window also failed since they all depended upon the font to show. I tried to change the system via Setting Browser, but it was locked due to the same reason. -- Sent from: http://forum.world.st/Pharo-Smalltalk-Users-f1310670.html
Re: [Pharo-users] HMAC-SHA512
On 11 December 2017 at 03:08, henry wrote: > > Original Message > Subject: Re: [Pharo-users] HMAC-SHA512 > Local Time: December 10, 2017 1:20 PM > UTC Time: December 10, 2017 6:20 PM > From: s...@stfx.eu > To: Any question about pharo is welcome > > > On 10 Dec 2017, at 17:46, Ben Coman b...@openinworld.com wrote: > Thanks Sven. Its interesting to trace that through to put other stuff I've > read about HMAC into perspective. > However SHA256 != SHA512 which is a defined requirement of the site I'm > accessing. > > I was too quick. > > There is also http://www.samadhiweb.com/blog/2017.02.18.shacrypt.html > > I prefer code written in Pharo, but if you need real performance, then > native code will be needed. Are you sure SHA512 is not in the Cryptography > package ? > > > SHA512 is not in the Cryptography package, but it would be great to see it > there, with an appropriate plugin, of course, for performance. I am toying > with the idea of extending SSL to include TLS 1.3, and that would require > SHA512, plus it would be great to keep the Cryptography package current. > Adding TLS 1.3 would be a fair amount of work requiring Diffie-Hellman > group extensions to ephemeral elliptic curves, in addition. I am unsure > what symmetric ciphers are used by TLS 1.3 also. The advantage is that it > is automatically cross-platform, even with plugin generation, such that > Cryptography could be used on the big 3 as well as on ARM, Android and iOS. > I'll keep dreaming about it. > Given that SSL is "so last century" [ https://www.polyglotdeveloper.com/timeline/2015-07-01-ssl-tls-timeline/] with security issues [Section 2.2 https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices ] and latency improvements in upcoming TLS1.3 [ https://www.keycdn.com/blog/tls-1-3] perhaps this would make a good bounty to be done outside the current planned work for engineering resources. There seem several potential resources available [ http://www.squeaksource.com/Cryptography.html] Could a plan be made to address TLS? cheers -ben
[Pharo-users] Why do downloads not use HTTPS by default?
Today I visited https://pharo.org/gnu-linux-installation-64 to download the zip file containing the executable. To my surprise, the download is not carried out over HTTPS. The download link is http://files.pharo.org/platform/Pharo6.1-64-linux.zip. I ended up downloading the zip file using https://files.pharo.org/platform/Pharo6.1-64-linux.zip. The point is: if HTTPS downloads are supported, why is it not the default on the download pages of the Pharo website?
Re: [Pharo-users] Using a TreePresenter
2017-11-27 20:40 GMT+01:00 Prof. Andrew P. Black : > I'm trying to use a (subclass of a) TreePresenter that is populated with > FileReferences. I see that the current selection is, reasonably enough, a > TreeNodePresenter, so I'm assuming that to *set* a selection > programatically, I'm going to have to find the right TreeNodePresenter. > > So I've assumed a method allItemsDo: that I'm trying to write on my > subclass of TreePresenter that will iterate through all of the TreeNodes > and let me do stuff, such as looking at their #content to see if this is a > node that I'm interested in. > > But I can't! The #roots method of TreePresenter doesn't give me the root > TreeNodePresenters; it gives me the file references that they contain. How > do I iterate over the TreeNodePresenters? Or am I going about this in > entirely the wrong way? > I find the way the TreeNodeModel (or TreeNodePresenter) is used strange too. I think it is to tightly bound to the underlaying morphic tree ui. (seems a TreeNode is only created during morphic interaction). What I have seen on some other projects (pharo launcher for example). They are creating a TreeNode when building the root of the tree itself. tree roots: (something that creates the root "raw nodes") collect:[:item | build a TreeNode with this content]. But this does not fully work, as for example tree root last selected:[true] "< really selects the item" tree root last selectAllChildren "< still does not change the selection of the nodes in the tree morph." > > Andrew > >
Re: [Pharo-users] HTTP request question for an arango driver
> Am 10.12.2017 um 20:35 schrieb Yann Lesage : > > > >> Le 10/12/2017 à 19:18, Sven Van Caekenberghe a écrit : >> On 9 Dec 2017, at 18:34, Yann Lesage wrote: Le 09/12/2017 à 15:52, Sven Van Caekenberghe a écrit : Hi Yann, Zinc HTTP Components can do 1000s of requests per second, to localhost (so excluding a real network) and using a single ZnClient instance with a reused connection (HTTP/1.1's default). Of course, data size is also a factor, I am talking about small requests/responses. I browsed your code a bit on GitHub. You do reuse an instance, so that is good. But I think you are using HTTPS (TLS), which is a real slowdown (encryption is native, but costs real resources). Also, your data payload is using JSON which also adds a cost (parsing, generating). >>> Thanks for this review. So what you measured sounds about right. You might be able to optimise a bit, but that won't give you a factor 10 improvement, IMHO. The trick is usually to make as few requests as possible. >>> A factor of 10 maximum ? Ok, this indication help me. >> If you cache and reuse a single ZnClient instance, that is already good. >> Maybe try once without SSL to see how much difference that makes. You could >> also try to disable logging. As in >> >> ZnClient new in: [ :client | >> [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. >> >> vs. >> >> ZnClient new in: [ :client | >> client loggingOff. >> [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. >> >> You can also try to run in a Time profiler, but the server time is hard to >> abstract away from. > Use SSL or not is set by ZNCLient in fonction of url (http or https), no ? If > there an option to set completely off SSL, I don't think is a good idea to > use it. SSL is a real improve in security when we connect to a distant server. > It depends on what need. If you try to get maximum performance you should try without SSL to see the difference and tell us ;) Be able to use SSL enables easy setups of multiple hosts with a standalone application. If you need maximum performance the apllication setup might be different. The OS can add encryption transparently and much faster. What we use is several machines with a second network card and a private switch where they are attached to. So no need to add extra security > For the logs, I did not see that they were active by default. LoggingOff > improve the perf thanks. > > I have already look with a TimeProfiler, and yes, it's difficult to extract > an information. > >> >>> For the trick, I know it. But it's must be performed by user no ? >> Yes, the more you do in a single netwerk round trip, the better. Aggregation >> is good. > > Aggregation is possible for user with AQL(Arango Query Langage). > Sven > On 8 Dec 2017, at 16:32, Yann Lesage wrote: > > Hello, > > > I write an driver for Arangodb . So like it's indicated in Arango > documentation, I use the HTTP API. The repo is > https://github.com/Valtena/Pharango > > > Now, the problem : Arango using Znclient make around 1 000 > requests/second. > > > And the question : Are there any recommended pratice to have the better > performance with ZNClient or a better way to perform lot of HTTP requests > ? > > > Thanks for your attention, > > Yann Lesage > > > >>> >> >
Re: [Pharo-users] HTTP request question for an arango driver
Op 10-12-2017 om 20:35 schreef Yann Lesage: ? If there an option to set completely off SSL, I don't think is a good idea to use it. SSL is a real improve in security when we connect to a distant server. Depending on what you need to secure against, using a single or a few secure shared tunnel(s) might be good enough Stephan
Re: [Pharo-users] HTTP request question for an arango driver
Le 10/12/2017 à 19:18, Sven Van Caekenberghe a écrit : On 9 Dec 2017, at 18:34, Yann Lesage wrote: Le 09/12/2017 à 15:52, Sven Van Caekenberghe a écrit : Hi Yann, Zinc HTTP Components can do 1000s of requests per second, to localhost (so excluding a real network) and using a single ZnClient instance with a reused connection (HTTP/1.1's default). Of course, data size is also a factor, I am talking about small requests/responses. I browsed your code a bit on GitHub. You do reuse an instance, so that is good. But I think you are using HTTPS (TLS), which is a real slowdown (encryption is native, but costs real resources). Also, your data payload is using JSON which also adds a cost (parsing, generating). Thanks for this review. So what you measured sounds about right. You might be able to optimise a bit, but that won't give you a factor 10 improvement, IMHO. The trick is usually to make as few requests as possible. A factor of 10 maximum ? Ok, this indication help me. If you cache and reuse a single ZnClient instance, that is already good. Maybe try once without SSL to see how much difference that makes. You could also try to disable logging. As in ZnClient new in: [ :client | [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. vs. ZnClient new in: [ :client | client loggingOff. [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. You can also try to run in a Time profiler, but the server time is hard to abstract away from. Use SSL or not is set by ZNCLient in fonction of url (http or https), no ? If there an option to set completely off SSL, I don't think is a good idea to use it. SSL is a real improve in security when we connect to a distant server. For the logs, I did not see that they were active by default. LoggingOff improve the perf thanks. I have already look with a TimeProfiler, and yes, it's difficult to extract an information. For the trick, I know it. But it's must be performed by user no ? Yes, the more you do in a single netwerk round trip, the better. Aggregation is good. Aggregation is possible for user with AQL(Arango Query Langage). Sven On 8 Dec 2017, at 16:32, Yann Lesage wrote: Hello, I write an driver for Arangodb . So like it's indicated in Arango documentation, I use the HTTP API. The repo is https://github.com/Valtena/Pharango Now, the problem : Arango using Znclient make around 1 000 requests/second. And the question : Are there any recommended pratice to have the better performance with ZNClient or a better way to perform lot of HTTP requests ? Thanks for your attention, Yann Lesage
Re: [Pharo-users] HMAC-SHA512
> Original Message > Subject: Re: [Pharo-users] HMAC-SHA512 > Local Time: December 10, 2017 1:20 PM > UTC Time: December 10, 2017 6:20 PM > From: s...@stfx.eu > To: Any question about pharo is welcome > >> On 10 Dec 2017, at 17:46, Ben Coman b...@openinworld.com wrote: >> Thanks Sven. Its interesting to trace that through to put other stuff I've >> read about HMAC into perspective. >> However SHA256 != SHA512 which is a defined requirement of the site I'm >> accessing. >> >> I was too quick. >> >> There is also http://www.samadhiweb.com/blog/2017.02.18.shacrypt.html >> >> I prefer code written in Pharo, but if you need real performance, then >> native code will be needed. Are you sure SHA512 is not in the Cryptography >> package ? SHA512 is not in the Cryptography package, but it would be great to see it there, with an appropriate plugin, of course, for performance. I am toying with the idea of extending SSL to include TLS 1.3, and that would require SHA512, plus it would be great to keep the Cryptography package current. Adding TLS 1.3 would be a fair amount of work requiring Diffie-Hellman group extensions to ephemeral elliptic curves, in addition. I am unsure what symmetric ciphers are used by TLS 1.3 also. The advantage is that it is automatically cross-platform, even with plugin generation, such that Cryptography could be used on the big 3 as well as on ARM, Android and iOS. I'll keep dreaming about it.
Re: [Pharo-users] HMAC-SHA512
> On 10 Dec 2017, at 17:46, Ben Coman wrote: > > Thanks Sven. Its interesting to trace that through to put other stuff I've > read about HMAC into perspective. > However SHA256 != SHA512 which is a defined requirement of the site I'm > accessing. I was too quick. There is also http://www.samadhiweb.com/blog/2017.02.18.shacrypt.html I prefer code written in Pharo, but if you need real performance, then native code will be needed. Are you sure SHA512 is not in the Cryptography package ?
Re: [Pharo-users] HTTP request question for an arango driver
> On 9 Dec 2017, at 18:34, Yann Lesage wrote: > > > > Le 09/12/2017 à 15:52, Sven Van Caekenberghe a écrit : >> Hi Yann, >> >> Zinc HTTP Components can do 1000s of requests per second, to localhost (so >> excluding a real network) and using a single ZnClient instance with a reused >> connection (HTTP/1.1's default). Of course, data size is also a factor, I am >> talking about small requests/responses. >> >> I browsed your code a bit on GitHub. You do reuse an instance, so that is >> good. But I think you are using HTTPS (TLS), which is a real slowdown >> (encryption is native, but costs real resources). Also, your data payload is >> using JSON which also adds a cost (parsing, generating). > Thanks for this review. >> >> So what you measured sounds about right. You might be able to optimise a >> bit, but that won't give you a factor 10 improvement, IMHO. The trick is >> usually to make as few requests as possible. > A factor of 10 maximum ? Ok, this indication help me. If you cache and reuse a single ZnClient instance, that is already good. Maybe try once without SSL to see how much difference that makes. You could also try to disable logging. As in ZnClient new in: [ :client | [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. vs. ZnClient new in: [ :client | client loggingOff. [ client get: 'http://localhost:8080' ] benchFor: 5 seconds ]. You can also try to run in a Time profiler, but the server time is hard to abstract away from. > For the trick, I know it. But it's must be performed by user no ? Yes, the more you do in a single netwerk round trip, the better. Aggregation is good. >> Sven >> >>> On 8 Dec 2017, at 16:32, Yann Lesage wrote: >>> >>> Hello, >>> >>> >>> I write an driver for Arangodb . So like it's indicated in Arango >>> documentation, I use the HTTP API. The repo is >>> https://github.com/Valtena/Pharango >>> >>> >>> Now, the problem : Arango using Znclient make around 1 000 requests/second. >>> >>> >>> And the question : Are there any recommended pratice to have the better >>> performance with ZNClient or a better way to perform lot of HTTP requests ? >>> >>> >>> Thanks for your attention, >>> >>> Yann Lesage >>> >>> >>> >> > >
Re: [Pharo-users] HMAC-SHA512
Hi Ben, I would use NaCl: http://cr.yp.to/highspeed/coolnacl-20120725.pdf which you can install from the Pharo Project Catalog in Pharo 6.x Cheers, Hernán 2017-12-10 6:01 GMT-03:00 Ben Coman : > Can anyone recommend libraries (native Smalltalk or via FFI) > to do generate a HMAC-SHA512 ? > > cheers -ben
Re: [Pharo-users] OSEnvironment issue
Work there on a P7 on Linux. Wrong VM of yours? Le 10/12/2017 à 17:25, Eno a écrit : Problem with opening pharo image on macOS 10.12.6. cann't find requested origin: #home. i.e. the script "Smalltalk os current environment getEnv: 'HOME'" failed. (actually The ffiCall from LibC in the method UnixEnvironment>>getEnv: failed ). Is it occurred recently? or issued or fixed in issue tracker already? Best regards. -- Dr. Geo http://drgeo.eu
[Pharo-users] unsolicited package-cache use
I am using tonel format to install from and save to a local repository. How to prevent Monticello/Configuration/Metacello to save packages to the image package-cache dir? Even when installing from a configuration with repo on tonel file format, packages get created in the image package-cache directory. I have read there and there, Pharo gets confused and uses wrongly the package-cache versions and not the local repo. -- Dr. Geo http://drgeo.eu
Re: [Pharo-users] HMAC-SHA512
On 10 December 2017 at 18:23, Sven Van Caekenberghe wrote: > > > > On 10 Dec 2017, at 10:01, Ben Coman wrote: > > > > Can anyone recommend libraries (native Smalltalk or via FFI) > > to do generate a HMAC-SHA512 ? > > > > cheers -ben > > Well Pharo itself of course ! > (HMAC on: SHA256) > key: (ByteArray new: 32); > digestMessage: #[1 2 3]. > > SHA256 new hmac > key: (ByteArray new: 32); > digestMessage: #[1 2 3]. > > Thanks Sven. Its interesting to trace that through to put other stuff I've read about HMAC into perspective. However SHA256 != SHA512 which is a defined requirement of the site I'm accessing. What I understand from the trace is that the HMAC is generic regardless of size of SHA function and could remain in-Image while the SHA512 part could be supplied from outside the image. I could perhaps use the one from the OpenSSL library already included with Pharo. $ readelf -a ./pharo-vm/lib/pharo/5.0-201707201942/libssl.so.1.0.0 | grep 512 EVP_sha512 SHA512_Init SHA512_Update SHA512_Transform SHA512_Final where the "EVP function provide a high level interface to OpenSSL cryptographic functions." and I guess could be used similar to... ftp://188.44.46.157/Augustus/blatSrc/lib/hmac.c except I'm not sure how I'd use proceed without it taking any parameters... const EVP_MD *EVP_sha512(void); // include/openssl/evp.h The lower level functions could be used like... http://www.askyb.com/cpp/openssl-sha512-hashing-example-in-cpp/ https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/crypto/sha/sha512.c#L264 unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md); int SHA512_Init(SHA512_CTX *c); // include/openssl/sha.h int SHA512_Update(SHA512_CTX *c, const void *data, size_t len); int SHA512_Final(unsigned char *md, SHA512_CTX *c); void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); Actually the lower level functions look easier from an FFI perspective. Other options I found... * http://forum.world.st/How-to-encrypt-a-password-td3933585.html#a3933778 but it seems to be NativeBoost rather than UFFI, and also is Linux only (which might not be an issue) * https://github.com/mygityf/cipher/blob/master/cipher/sha512.h https://github.com/mygityf/cipher/blob/master/cipher/sha512.c to compile into a (hopefully) cross platform shared library cheers -ben P.S. I learnt today that "SHA-512 is faster than SHA-256 on 64 bit machines (as they use 64 bit arithmetic internally)" https://stackoverflow.com/a/18083633
[Pharo-users] OSEnvironment issue
Problem with opening pharo image on macOS 10.12.6. cann't find requested origin: #home. i.e. the script "Smalltalk os current environment getEnv: 'HOME'" failed. (actually The ffiCall from LibC in the method UnixEnvironment>>getEnv: failed ). Is it occurred recently? or issued or fixed in issue tracker already? Best regards. -- Sent from: http://forum.world.st/Pharo-Smalltalk-Users-f1310670.html
Re: [Pharo-users] FYI about Pharo MOOC
Tx for the report :) On Wed, Nov 1, 2017 at 5:35 PM, Sanjay Minni wrote: > The voice in the background behaved differetly with different players on > windows 10 > - in "Films and TV" and "VLC player" it comes unltil you manually switch > the audio channel (it shows 2 audio channels) > - In Media player it works fine though i could not find 2 audio channels > > --- > Sanjay Minni > > On Fri, Oct 13, 2017 at 6:12 PM, Ben Coman wrote: >> >> I played C019SD-W1-S1-EN-V1.mp4 >> and as well as the english voice, in the background I can still hear your >> original french voice. >> I'm curious the reasoning for this. >> >> cheers -ben >> >> >> On Fri, Oct 13, 2017 at 3:59 AM, Stephane Ducasse >> wrote: >>> >>> I'm about to release the en versions. >>> you can find them unofficially on http://www.stephaneducasse.eu/MOOC/ >>> >>> Stef >>> >>> On Tue, Oct 10, 2017 at 10:10 PM, Gour wrote: >>> > On Tue, 10 Oct 2017 21:31:55 +0200 >>> > Stephane Ducasse >>> > wrote: >>> > >>> > Hello Stef, >>> > >>> >> I will ask one guy thursday and let you know. >>> > >>> > Thanks a lot! >>> > >>> >> We will release Mooc with english voices (not mine else english >>> >> natives would get an heart attack - I have what they call a sexy >>> >> french accents ;) >>> > >>> > I did watch few of your Pharo-related presentations and, although not >>> > native, >>> > happily survived. :-) >>> > >>> > Moreover, I'd say that your English is charming! At least, one is sure >>> > that the >>> > real human is speaking and not some "robot" put on auto-pilot, so if >>> > the new >>> > Mooc is going to be the same as the current/old one, I'd prefer to >>> > download >>> > the current files and watched them along with *.srt subtitles? >>> > >>> > Iow. my point is that the accent is just one part of the talk/teaching, >>> > but the >>> > energy behind it is much more imporant - this is, my conviction, based >>> > on my >>> > own teaching experiences. >>> > >>> > >>> > Sincerely, >>> > Gour >>> > >>> > -- >>> > From anger, complete delusion arises, and from delusion >>> > bewilderment of memory. When memory is bewildered, >>> > intelligence is lost, and when intelligence is lost >>> > one falls down again into the material pool. >>> > >>> > >>> > >>> >> >
Re: [Pharo-users] FYI about Pharo MOOC
sorry mised your mail I got these files from the link in the message of your post on Oct 13 "I'm about to release the en versions. you can find them unofficially on http://www.stephaneducasse.eu/MOOC/ Stef" http://www.stephaneducasse.eu/MOOC/Videos-EN/MOOC%20WEEK%205/ and http://www.stephaneducasse.eu/MOOC/Videos-EN/MOOC%20WEEK%205/MP4/ --- Sanjay Minni +91-9900-902902 On Fri, Nov 3, 2017 at 1:44 PM, Stephane Ducasse wrote: > Sanjay > > where did you get this file? > > Stef > > On Wed, Nov 1, 2017 at 5:26 PM, Sanjay Minni wrote: > > There seems to be an issue with the english dubbed version of Week 5 > lesson > > 4 - it has no content > > C019SD-W5-S4-EN-V1.mp4 > > > > --- > > Sanjay Minni > > > > On Fri, Oct 13, 2017 at 1:29 AM, Stephane Ducasse < > stepharo.s...@gmail.com> > > wrote: > >> > >> I'm about to release the en versions. > >> you can find them unofficially on http://www.stephaneducasse.eu/MOOC/ > >> > >> Stef > >> > >> On Tue, Oct 10, 2017 at 10:10 PM, Gour wrote: > >> > On Tue, 10 Oct 2017 21:31:55 +0200 > >> > Stephane Ducasse > >> > wrote: > >> > > >> > Hello Stef, > >> > > >> >> I will ask one guy thursday and let you know. > >> > > >> > Thanks a lot! > >> > > >> >> We will release Mooc with english voices (not mine else english > >> >> natives would get an heart attack - I have what they call a sexy > >> >> french accents ;) > >> > > >> > I did watch few of your Pharo-related presentations and, although not > >> > native, > >> > happily survived. :-) > >> > > >> > Moreover, I'd say that your English is charming! At least, one is sure > >> > that the > >> > real human is speaking and not some "robot" put on auto-pilot, so if > the > >> > new > >> > Mooc is going to be the same as the current/old one, I'd prefer to > >> > download > >> > the current files and watched them along with *.srt subtitles? > >> > > >> > Iow. my point is that the accent is just one part of the > talk/teaching, > >> > but the > >> > energy behind it is much more imporant - this is, my conviction, based > >> > on my > >> > own teaching experiences. > >> > > >> > > >> > Sincerely, > >> > Gour > >> > > >> > -- > >> > From anger, complete delusion arises, and from delusion > >> > bewilderment of memory. When memory is bewildered, > >> > intelligence is lost, and when intelligence is lost > >> > one falls down again into the material pool. > >> > > >> > > >> > > >> > > > >
Re: [Pharo-users] HMAC-SHA512
Good to have extensions to Cryptography to include SHA-512, along with SHA-384. For that matter there seems to be other extensions could be made to Cryptography to support the proximate TLS 1.3, see references below for algorithms/groups specifiable. Cryptography would love to be extended for these, although OpenSSL should pick up TLS 1.3 for standardized wrapped implementation of TLS. https://tools.ietf.org/html/draft-ietf-tls-tls13-22#section-4.4.1 https://tools.ietf.org/html/draft-ietf-tls-tls13-22#section-4.2.3 https://tools.ietf.org/html/draft-ietf-tls-tls13-22#section-4.2.7 https://tools.ietf.org/html/rfc7919 - HH > Original Message > Subject: [Pharo-users] HMAC-SHA512 > Local Time: December 10, 2017 4:01 AM > UTC Time: December 10, 2017 9:01 AM > From: b...@openinworld.com > To: Any question about pharo is welcome > > Can anyone recommend libraries (native Smalltalk or via FFI) > to do generate a HMAC-SHA512 ? > > cheers -ben
Re: [Pharo-users] HMAC-SHA512
> On 10 Dec 2017, at 10:01, Ben Coman wrote: > > Can anyone recommend libraries (native Smalltalk or via FFI) > to do generate a HMAC-SHA512 ? > > cheers -ben Well Pharo itself of course ! (HMAC on: SHA256) key: (ByteArray new: 32); digestMessage: #[1 2 3]. SHA256 new hmac key: (ByteArray new: 32); digestMessage: #[1 2 3]. Sven PS: You might like this one too https://medium.com/concerning-pharo/the-code-behind-google-authenticator-9c59c606a572
Re: [Pharo-users] REST client hints
> On 10 Dec 2017, at 04:45, Ben Coman wrote: > > > On 5 December 2017 at 20:44, Sven Van Caekenberghe wrote: > > > On 5 Dec 2017, at 13:33, Ben Coman wrote: > > > @sven, I started reading Enterprise Pharo a couple of hours ago. > > I don't quite get your section references. I presume you > > don't mean "chapter 11 Persisting Objects with Voyage, 11.3 Enhancing > > Storage" > > That seems off topic. And "chapter 4 Zinc HTTP: The Client Side, 4.11 > > Headers" > > doesn't have a sub-part "3". > > I meant 11.3 in this page > https://ci.inria.fr/pharo-contribution/job/EnterprisePharoBook/lastSuccessfulBuild/artifact/book-result/Zinc-HTTP-Server/Zinc-HTTP-Server.html > a section called 11.3. A Zinc Client. > > > I guess part of what I'm interested in are patterns for hooking > > NeoJSON up to parse a REST response into objects to build a wrapper > > around a REST service. I see a chapter in Enterprise Pharo, which I'll > > get to that soon. Perhaps I was premature asking before reading that, > > but its good to have a few paths to explore. > > Here is a recent example > http://forum.world.st/Another-example-of-invoking-a-REST-JSON-web-service-resolving-User-Agent-strings-tt5017489.html > > > Thanks Sven. That helped a lot. I'd like to report success. > It may be useful to others to see how to progressively build up to parsing a > Nested JSON REST > > > 1. First parse the JSON into simple Dictionaries... > > (ZnClient new > url: 'https://bittrex.com/api/v1.1/public/getmarkets'; > enforceHttpSuccess: true; > accept: ZnMimeType applicationJson; > contentReader: [ :entity | NeoJSONReader fromString: entity contents ]; > get) inspect. > > ==>Dictionary( > 'success' ==> true > 'message' ==> '' > 'result ' ==> an Array(a Dictionary('BaseCurrency'->'BTC' > 'BaseCurrencyLong'->'Bitcoin') > ... a Dictionary('BaseCurrency'->'ETH' 'BaseCurrencyLong'->'Ethereum') > > > > 2. Then parse the first level response into a real object... > > Object subclass: #BittrexResponse > instanceVariableNames: 'success message result' > classVariableNames: '' > package: 'Bittrex' > > (ZnClient new > url: 'https://bittrex.com/api/v1.1/public/getmarkets'; > enforceHttpSuccess: true; > accept: ZnMimeType applicationJson; > contentReader: [ :entity | > (NeoJSONReader on: entity readStream) > mapInstVarsFor: BittrexResponse ; > nextAs: BittrexResponse ]; >get) inspect. > > ==>BittrexResponse > success => true > message => '' > result => an Array(a Dictionary('BaseCurrency'->'BTC' > 'BaseCurrencyLong'->'Bitcoin') > ... a Dictionary('BaseCurrency'->'ETH' 'BaseCurrencyLong'->'Ethereum') > > > Or alternatively... > (ZnClient new > url: 'https://bittrex.com/api/v1.1/public/getmarkets'; > enforceHttpSuccess: true; > accept: ZnMimeType applicationJson; > contentReader: [ :entity | |reader| > reader := (NeoJSONReader on: entity readStream). > reader for: BittrexResponse do: [:m| > m mapInstVar: #success. > m mapInstVar: #message. > m mapInstVar: #result ]. > reader nextAs: BittrexResponse ]; >get) inspect. > > ==>BittrexResponse > success => true > message => '' > result => an Array(a Dictionary('BaseCurrency'->'BTC' > 'BaseCurrencyLong'->'Bitcoin') > ... a Dictionary('BaseCurrency'->'ETH' 'BaseCurrencyLong'->'Ethereum') > > > 3. Finally parse into real objects the nested level holding the data you > really want... > > Object subclass: #Market > instanceVariableNames: 'MarketCurrency BaseCurrency MarketCurrencyLong > BaseCurrencyLong MinTradeSize MarketName IsActive Created Notice IsSponsored > LogoUrl' > classVariableNames: '' > package: 'Bittrex' > > (ZnClient new > url: 'https://bittrex.com/api/v1.1/public/getmarkets'; > enforceHttpSuccess: true; > accept: ZnMimeType applicationJson; > contentReader: [ :entity | |reader| > reader := (NeoJSONReader on: entity readStream). > reader for: BittrexResponse do: [:m| > m mapInstVar: #success. > m mapInstVar: #message. > (m mapInstVar: #result) valueSchema: #ArrayOfMarkets]. > reader for: #ArrayOfMarkets customDo: [ :mapping | mapping > listOfElementSchema: Market ]. > reader mapInstVarsFor: Market. > reader nextAs: BittrexResponse ]; >get) inspect. > > ==>BittrexResponse > success => true > message => '' > result => an Array(a Market(LTC) a Market(DOGE) a Market(VTC) a > Market(PPC) a Market(FTC) a Market(RDD) > ... Market(POWR) a Market(BTG) a Market(BTG) a Market(BTG) a Market(ADA) a > Market(ENG) a Market(ENG)) > > > WhooHoo! Great, I'
[Pharo-users] HMAC-SHA512
Can anyone recommend libraries (native Smalltalk or via FFI) to do generate a HMAC-SHA512 ? cheers -ben
Re: [Pharo-users] REST client hints
On 10 December 2017 at 15:27, Stephane Ducasse wrote: > Tx for your report :) > > https://wordpress.com/post/pharoweekly.wordpress.com/2347 > > Did you look at SmartShackles? on our inria github repo. Because > Santiago is extracting information from blockchains. > > I would hesitate to call where I'm up to right now as blockchain related. Its just the trading api of one exchange where the items traded happen to be bitcoins. But I have a growing interest in blockchains, so thanks for the tip... I didn't see anything relevant here... https://github.com/INRIA but with that product name I found... https://github.com/sbragagnolo/SmartShackle cheers -ben