Skip to main content

Smalltalk Challenge: Post 4 - Porting the Kember Identity

There are a few things I find myself tripping up over even after spending some time writing "meaningful" Smalltalk code, like using single quotes to delimit strings (double quotes are used for comments) and remembering the order in which different messages are sent, but the more code I write the easier it is to remember such things. After only a few hours, Smalltalk is still something new and unfamiliar.

The first programs I wrote when looking into Go were solutions to the first two Project Euler problems and a port of the Kember Identity search program. I decided to skip the Euler problems this time and go straight to the Kember Identity port.

The Kember program ultimately boils down to generating and checking MD5 hashes. I didn't find any helpful cryptography related objects or methods in the default image, so I searched Google and eventually found Ron Teitelbaum's Cryptography/Team package. Squeak uses a package management system called Monticello to load code into the image, so getting and installing the package was pretty easy. I copied and pasted the package repository's connection information into the Monticello Browser and loaded Rob Withers' contribution, Cryptography-rww.15.mcz.

Once the package was loaded, I was able to obtain hashes with MD5 » hashStream:, but the returned object was a ByteArray and I needed to interpret it as a 32-character hexadecimal string. At first I took this approach to convert the array to a hex string:
Kember » md5: aString
    "return 32-char MD5 hash of the given text" 
    | hash str |
    hash := MD5 new
                hashStream: (ReadStream on: aString).
    str := ''.
    1 to: hash size do: [:i | 
        str := str, ((hash at: i) radix: 16)].
    ↑ str.
… only to find out later that objects of the ByteArray class were modified by the cryptography package to accept a hex message and will do the conversion for me. Oops! All the bit twiddling I had done could easily be replaced with:
    ↑ (MD5 new hashStream: (ReadStream on: aString)) hex.
Converting between hash representations wasn't the only part of the program I initially over-programmed. I was also doing long-form addition to obtain the next hash value in the sequence when all I really needed was a little bit of type juggling and string padding:
Kember » nextHash: aHashStr
    "increment the MD5 hash"
    | hexHash zeroes |
    zeroes = '00000000000000000000000000000000'.
    hexHash := ((ByteArray fromHexString: aHashStr)
        asInteger + 1) asByteArray hex.
    hexHash size < 32
        ifTrue: [↑ (zeroes copyFrom: 1 to 32 - hexHash size)
            , hexHash].
    ↑ hexHash.
I guess it just proves the saying is true, "learning the libraries is the 20% of learning a new language that takes 80% of the time and effort." If anything, at least I can take comfort in knowing I'm not the first person to over-program a solution while learning a new language. For those that want to check out my Kember code, I've set up my own repository and uploaded a Monticello package to SqueakSource, and a file dump to Github (I suggest looking at it in raw mode if you go to Github because their Markdown chokes and truncates the pretty-print view).

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Writing a Minimal PSR-0 Autoloader

An excellent overview of autoloading in PHP and the PSR-0 standard was written by Hari K T over at PHPMaster.com , and it's definitely worth the read. But maybe you don't like some of the bloated, heavier autoloader offerings provided by various PHP frameworks, or maybe you just like to roll your own solutions. Is it possible to roll your own minimal loader and still be compliant? First, let's look at what PSR-0 mandates, taken directly from the standards document on GitHub : A fully-qualified namespace and class must have the following structure \<Vendor Name>\(<Namespace>\)*<Class Name> Each namespace must have a top-level namespace ("Vendor Name"). Each namespace can have as many sub-namespaces as it wishes. Each namespace separator is converted to a DIRECTORY_SEPARATOR when loading from the file system. Each "_" character in the CLASS NAME is converted to a DIRECTORY_SEPARATOR . The "_" character has no special ...
6 comments
Read more

What's Wrong with OOP

Proponents of Object Oriented Programming feel the paradigm yields code that is better organized, easier to understand and maintain, and reusable. They view procedural programming code as unwieldy spaghetti and embrace OO-centric design patterns as the "right way" to do things. They argue objects are easier to grasp because they model how we view the world. If the popularity of languages like Java and C# is any indication, they may be right. But after almost 20 years of OOP in the mainstream, there's still a large portion of programmers who resist it. If objects truly model the way people think of things in the real world, then why do people have a hard time understanding and working in OOP? I suspect the problem might be the focus on objects instead of actions. If I may quote from Steve Yegge's Execution in the Kingdom of Nouns : Verbs in Javaland are responsible for all the work, but as they are held in contempt by all, no Verb is ever permitted to wander about ...
9 comments
Read more

Safely Identify Dependencies for Chrooting

The most difficult part of setting up a chroot environment is identifying dependencies for the programs you want to copy to the jail. For example, to make cp available, not only do you need to copy its binary from /bin and any shared libraries it depends on, but the dependencies can have their own dependencies too that need to be copied. The internet suggests using ldd to list a binary’s dependencies, but that has its own problems. The man page for ldd warns not to use the script for untrusted programs because it works by setting a special environment variable and then executes the program. What’s a security-conscious systems administrator to do? The ldd man page recommends objdump as a safe alternative. objdump outputs information about an object file, including what shared libraries it links against. It doesn’t identify the dependencies’ dependencies, but it’s still a good start because it doesn’t try to execute the target file. We can overcome the dependencies of depende...
Post a Comment
Read more