Though the whisper code is currently language inter-inoperable, the
latest code is being hosted on gitlab with International Rabbits, as
voix-basse-mourde. Here is the code:
https://gitlab.com/des-lapins-internationale.
If you would like to help, Java could be brought forwards adding
PBEReader/PBEWriter, dataEncoding negotiation,
SecureSessionSpecification with filtered cryptoProtocolNames,
dataEncoderNames, scopeMaker and the traceDomains to parameterize the
server behavior. On the Smalltalk side, Whisper_json, Whisper_magma and
Whisper_fuel could be implemented. Matching JSON on the Java side. FEC
Reed-Solomon could be tested and repaired (it's broken).
kerkkutatti is the Java code for remote promises and has the Smalltalk
porcini code too. With Whisper's new SecureServerSpecification, the
injection of a scopeMaker and encoder is all the config after push into
the stack. Lots of work there on both sides, to get them talking.
If you want to help, have a beer and I'll match you, let me know what
you want to work on and I can add you as a gitlab rabbit.
Best,
Rob
On 10/16/2016 7:22 PM, Robert Withers wrote:
>
> Folks, I have updated whisper or SecureSession to provide
> Java/Squeak/Pharo interoperability. I am no longer able to access the
> Cryptography repo so I cannot push code, but the squeak/pharo code is
> in the squeak-pharo directory in the whisper github project. Here is
> the GitPages link: https://robertwithers.github.io/whisper, with all
> other links.
>
> whisper is osi Layer 5 SecureSession with modern crypto:
> Java/Squeak/Pharo interoperability.
>
> * flips normative osi layer 5 and 6 on its head: now, 5 is
> crypto and 6 is session state resumption
> * 3-way DH-2048/RSA-2048/RSAPublicKey ASN1DER encoding
> * 256-bit AES/CBC/PKCS7Padding, 128-bit IV, 160-bit SHA1 E&M
> * PBEEncryptorAES-256 with PBKDF2WithHmacSHA1
>
> Rob
>
I wanted to give you a heads up about my new effort at SecureSession,
below, renamed to whisper from old days. In the course of development, I
consolidated the Cryptography package and conformed it to be installable
into both squeak or pharo, by ensuring the RandomGenerator
class>>#unpredictableStringsDo: works in both environments. In addition,
I added a more artifacts I developed in whisper, including RSA <-> Asn1
module definitions, a PBEEncryptor and a PBKDF2WithHmacSHA1 keyy
derevation function. A couple of tests were also added.
Unfortunately, I lost my password to the Cryptography squeaksource site
and so I am unable to push the new code there. If someone could help me
reset that password, that would be quite helpful; I asked on list to no
avail and it may not be possible.
The biggest help would be to get this new version in play, if someone
could load it: https://jumpshare.com/v/f4HwsX5nzEKQkeSaly7y and push to
the canonical Cryptography repo on squeaksource.
Follows is a list of changes made, which does include some protocol
changes to ASN1 for marshalling and hydration, conforming to
#asAsn1DerBytes and @fromAsn1DerBytes:.
Cryptography is now the shared package between Squeak and Pharo
- RandomGenerator class>>#unpredictableStringsDo: changed details to be
squeak/pharo compliant (see comment)
- senders/implementers of #asAsn1Bytes (removed) changed to #asAsn1DerBytes
- senders/implementers of #fromAsn1Bytes: (removed) changed to
#fromAsn1DerBytes:
- X509Certificate class>>#fromFile: changed use of #fromBytes: (removed)
to #fromAsn1DerBytes:
- X509CertificateDerReader>>#asCertificate changed use of #fromBytes:
(removed) to #fromAsn1DerBytes:
- all CryptoX509Test>>#certificateX changed use of #fromBytes:
(removed) to #fromAsn1DerBytes:
- moved asn1 module definitions and support accessers for RSA and DSA
Keys to Cryptography
- changed DiffieHellman>>sendMessage to use SecureRandom>>#nextBits: to
keep bitSize
- added CryptoHashFunctionTest tests for HMAC Specs
- added String>>#padLeftTo:with: for squeak
- fixed padding mode to set and retrieve the IV vector
kind regards,
Rob
On 10/16/2016 7:22 PM, Robert Withers wrote:
>
> Folks, I have updated whisper or SecureSession to provide
> Java/Squeak/Pharo interoperability. I am no longer able to access the
> Cryptography repo so I cannot push code, but the squeak/pharo code is
> in the squeak-pharo directory in the whisper github project. Here is
> the GitPages link: https://robertwithers.github.io/whisper, with all
> other links.
>
> whisper is osi Layer 5 SecureSession with modern crypto:
> Java/Squeak/Pharo interoperability.
>
> * flips normative osi layer 5 and 6 on its head: now, 5 is
> crypto and 6 is session state resumption
> * 3-way DH-2048/RSA-2048/RSAPublicKey ASN1DER encoding
> * 256-bit AES/CBC/PKCS7Padding, 128-bit IV, 160-bit SHA1 E&M
> * PBEEncryptorAES-256 with PBKDF2WithHmacSHA1
>
> Rob
>