Over the last year or so, there's been a lot of confusion surrounding the security (encryption) libraries in Cincom Smalltalk - an ugly confluence of US government regulation confusion and lawyers :)

The good news? The kerfuffle (apparently settled now) led their engineering group to add bindings to external encryption libraries. That means that now developers have two paths through CST - use the Smalltalk libraries (always there), or use the faster platform libraries (if they are installed).

What libs? CNG/Bcrypt on Windows (Vista or higher), and libcrypto (openSSL) elsewhere.

There are a few API changes that come along with these changes - in PKCS8, X509, and SSL/TLS. The SSL/TLS implementation has been completely redone, with support for SSL3.0 (TLS 1.0 - 1.2).

Technorati Tags: security, crypto, cst