[Cryptography Team] Blowfish & Bcrypt in Smalltalk + accessing
crypt(3) through FFI.
Paul DeBruicker
pdebruic at gmail.com
Tue Apr 26 23:02:48 UTC 2011
Hi -
I've made a working implementation of the Blowfish algorithm in Pharo, a
partially broken implementation of Bcrypt in Pharo, and a reliable way
to access the linux crypt library using FFI in Pharo on linux.
At the moment it takes about 25 seconds to hash a password using my
Bcrypt implementation in Pharo, which is about 50x too long. So I'm
going to try to get a FFI version put together or just use SHA512 from
the linux crypt library. I have learned a lot but don't expect to fix
the improper hashing as I don't think the fix would cause a massive
speed up. I think the hashing error is probably an off-by-one error in
an array index in the BCrypt class. Ruby, Python, Lisp, PHP all access a
C or Java library for bcrypt which probably should have told me something.
I could either make a SqueakSource repository for all this or put it in
the Cryptography package. Or I can email anyone the mcz files off list
that would like them.
Let me know how to proceed when you get a chance.
Thanks
Paul
More information about the Cryptography
mailing list