<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I wanted to give you a heads up about my new effort at
SecureSession, below, renamed to whisper from old days. In the
course of development, I consolidated the Cryptography package and
conformed it to be installable into both squeak or pharo, by
ensuring the RandomGenerator class>>#unpredictableStringsDo:
works in both environments. In addition, I added a more artifacts I
developed in whisper, including RSA <-> Asn1 module
definitions, a PBEEncryptor and a PBKDF2WithHmacSHA1 keyy derevation
function. A couple of tests were also added. <br>
<br>
Unfortunately, I lost my password to the Cryptography squeaksource
site and so I am unable to push the new code there. If someone could
help me reset that password, that would be quite helpful; I asked on
list to no avail and it may not be possible.<br>
<br>
The biggest help would be to get this new version in play, if
someone could load it: <a class="moz-txt-link-freetext" href="https://jumpshare.com/v/f4HwsX5nzEKQkeSaly7y">https://jumpshare.com/v/f4HwsX5nzEKQkeSaly7y</a>
and push to the canonical Cryptography repo on squeaksource. <br>
<br>
Follows is a list of changes made, which does include some protocol
changes to ASN1 for marshalling and hydration, conforming to
#asAsn1DerBytes and @fromAsn1DerBytes:.<br>
<br>
Cryptography is now the shared package between Squeak and Pharo<br>
<br>
- RandomGenerator class>>#unpredictableStringsDo: changed
details to be squeak/pharo compliant (see comment)<br>
- senders/implementers of #asAsn1Bytes (removed) changed to
#asAsn1DerBytes<br>
- senders/implementers of #fromAsn1Bytes: (removed) changed to
#fromAsn1DerBytes:<br>
- X509Certificate class>>#fromFile: changed use of #fromBytes:
(removed) to #fromAsn1DerBytes:<br>
- X509CertificateDerReader>>#asCertificate changed use of
#fromBytes: (removed) to #fromAsn1DerBytes:<br>
- all CryptoX509Test>>#certificateX changed use of
#fromBytes: (removed) to #fromAsn1DerBytes:<br>
- moved asn1 module definitions and support accessers for RSA and
DSA Keys to Cryptography<br>
- changed DiffieHellman>>sendMessage to use
SecureRandom>>#nextBits: to keep bitSize<br>
- added CryptoHashFunctionTest tests for HMAC Specs<br>
- added String>>#padLeftTo:with: for squeak<br>
- fixed padding mode to set and retrieve the IV vector<br>
<br>
kind regards,<br>
Rob<br>
<br>
<div class="moz-cite-prefix">On 10/16/2016 7:22 PM, Robert Withers
wrote:<br>
</div>
<blockquote
cite="mid:612f7bf3-aaf1-8f49-634f-6e6305658f86@gmail.com"
type="cite">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<p>Folks, I have updated whisper or SecureSession to provide
Java/Squeak/Pharo interoperability. I am no longer able to
access the Cryptography repo so I cannot push code, but the
squeak/pharo code is in the squeak-pharo directory in the
whisper github project. Here is the GitPages link: <a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="https://robertwithers.github.io/whisper">https://robertwithers.github.io/whisper</a>,
with all other links.<br>
</p>
<blockquote>
<p>whisper is osi Layer 5 SecureSession with modern crypto:
Java/Squeak/Pharo interoperability. </p>
<ul>
<li>flips normative osi layer 5 and 6 on its head: now, 5 is
crypto and 6 is session state resumption</li>
<li>3-way DH-2048/RSA-2048/RSAPublicKey ASN1DER encoding</li>
<li>256-bit AES/CBC/PKCS7Padding, 128-bit IV, 160-bit SHA1
E&M</li>
<li>PBEEncryptorAES-256 with PBKDF2WithHmacSHA1</li>
</ul>
</blockquote>
<p>Rob<br>
</p>
</blockquote>
<br>
</body>
</html>