Thank you a lot! :) I tried it in Pharo 5 and everything seems to be working (I just had to apt-get install libxcrypt:i386, load packages Cryptography, Blowfish (not sure if really needed though) and PasswordHashingFFI and manually create link in directory where it expected libxcrypt.so.1). About the FFI for Pharo 5/6, maybe that's what Esteban did in commit "Cryptography-EstebanMaringolo.50" on 15 September 2016 "Version ready to be loaded in Pharo 5.0 without affecting Kernel or System packages.".
Scrypt would be even better to have, but I'm grateful enough for now since it was all easier and faster than I expected. Jan Paul DeBruicker wrote > And to add scrypt to that FFI library would be trivial if you have a 32bit > version of scrypt but I don't think there is one. I'd be happy to learn > I'm wrong though. And thats assuming you're using 32 bit pharo, which is > whats stable/released right now. > > > > > Paul DeBruicker wrote >> I made a crypt/bcrypt ffi library for older versions of Pharo that sounds >> like it meets your needs and is in the cryptography project here: >> >> http://smalltalkhub.com/#!/~Cryptography/Cryptography >> >> But I have not updated it for the new FFI versions in Pharo 5/6. >> >> >> >> And Pierce Ng made a blog post and library about his own set up here: >> http://www.samadhiweb.com/blog/2013.11.17.shacrypt.html >> >> >> >> >> Jan Blizničenko wrote >>> Hello >>> >>> I'm working on Pharo-based webserver and right now I got to the topic of >>> storing user passwords. I found SHA256 integrated in Pharo, but hashing >>> with >>> SHA is far from enough. I also looked around the mailing list history to >>> find few posts from 2011 about bcrypt using Linux libraries. I'd like to >>> ask >>> what is current status - what are my options under following conditions: >>> >>> I prefer Pharo 5 compatibility. I could downgrade to Pharo 4 or use beta >>> Pharo 6, but latest stable relase is preferred. >>> >>> I require at least bcrypt or PDKBF2, but I much more prefer >>> GPU-attack-resistant solutions like scrypt or Argon2. >>> >>> I require Linux compatibility, but platform independent solution would >>> be >>> kinda nice (we could use the same algorithm on our local machines with >>> Mac >>> and Win for development). >>> >>> Thank you >>> Jan >>> >>> >>> >>> -- >>> View this message in context: >>> http://forum.world.st/Password-storage-options-tp4927471.html >>> Sent from the Pharo Smalltalk Users mailing list archive at Nabble.com. -- View this message in context: http://forum.world.st/Password-storage-options-tp4927480p4927521.html Sent from the Pharo Smalltalk Users mailing list archive at Nabble.com.
