Hey Hans,
I just read the OpenPGP spec and browsed your code. You are close to processing packets! Are you still developing this package? Let's revive it.
I recently finished implementing SMIME, although it has yet to be integrated with Celeste. I think it's possible to have both SMIME and OpenPGP support in Celeste, when we get around to it.
What do you think?
cheers, Robert
Hi Rob,
Robert Withers schrieb:
Hey Hans,
I just read the OpenPGP spec and browsed your code. You are close to processing packets! Are you still developing this package? Let's revive it.
Well I haven't been doing anything on it for quite some time. I think the code is mostly able to read public and private key files. I never decided on a good abstraction for reading and writing encrypted files, though, so that part would need some design work.
I recently finished implementing SMIME, although it has yet to be integrated with Celeste. I think it's possible to have both SMIME and OpenPGP support in Celeste, when we get around to it.
What do you think?
That would be a very good idea. My main motivation for OpenPGP was that it could be used in code signing (back when I tinkered with my distributed code repository stuff) but its use in a mail client is definitely a good goal.
Do you happen to have an idea for a good abstraction for encrypted/signed files and streams?
Cheers, Hans-Martin
On May 5, 2007, at 1:26 PM, Hans-Martin Mosner wrote:
Hi Rob,
Robert Withers schrieb:
Hey Hans,
I just read the OpenPGP spec and browsed your code. You are close to processing packets! Are you still developing this package? Let's revive it.
Well I haven't been doing anything on it for quite some time. I think the code is mostly able to read public and private key files. I never decided on a good abstraction for reading and writing encrypted files, though, so that part would need some design work.
Ok, I see where you are reading in the public and private keys. I would need to be able to generate them as well, since I don't have an OpenPGP/GPG installation. then we could come up with a default location fo these files in the squeak default directory. For SMIME, I keep all of the certificates and private key in a CertificateStore object, which is serialized to disk as 'certificates/cert.store'. Perhaps we need a 'security/pgpkeys.private' and 'security/ pgpkeys.public'. I could move 'certificates' under 'security'.
I recently finished implementing SMIME, although it has yet to be integrated with Celeste. I think it's possible to have both SMIME and OpenPGP support in Celeste, when we get around to it.
What do you think?
That would be a very good idea. My main motivation for OpenPGP was that it could be used in code signing (back when I tinkered with my distributed code repository stuff) but its use in a mail client is definitely a good goal.
Ah, yes I recall you were working on that. Lots of choices now with Monticello, Universes, packages, none with code signing. Perhaps the mail client would be a good entry point for broader use.
Do you happen to have an idea for a good abstraction for encrypted/signed files and streams?
Not really. It seems to me that there is an input stream (chunk), with ancillary input state (public/private/session keys), which would decode to an output stream (chunk).
Decryption failure is an exception as is signature verification failure. We could then use a chain of responsibility of decoders. I.e. the first attempt to verify the signature may fail/throw an exception, shifting to a second decoder which would extract the message without verifying the signature. A higher level would be responsible for reporting the outcome, based on which decoder was successful. A decoder (encoder) could be composite, so we could handle/generate encrypted, signed packets.
I suspect all of this is above the layer you are talking about, which is the internals of processing a single packet. For that I think of the ASN.1 framework I implemented with help from VW. There is a ASN1Stream holding BER encoded bytes, and you use a Type class to control how to read or write those bytes. So there is an OpenPGPStream holding encoded bytes, and you use a Type (Packet) to control how to read or write those bytes. This is what you have, is it not?
What kinds of abstractions were you thinking over?
cheers, Robert
Hi Rob,
Robert Withers schrieb:
Hey Hans,
I just read the OpenPGP spec and browsed your code. You are close to processing packets! Are you still developing this package? Let's revive it.
Well I haven't been doing anything on it for quite some time. I think the code is mostly able to read public and private key files. I never decided on a good abstraction for reading and writing encrypted files, though, so that part would need some design work.
I recently finished implementing SMIME, although it has yet to be integrated with Celeste. I think it's possible to have both SMIME and OpenPGP support in Celeste, when we get around to it.
What do you think?
That would be a very good idea. My main motivation for OpenPGP was that it could be used in code signing (back when I tinkered with my distributed code repository stuff) but its use in a mail client is definitely a good goal.
Do you happen to have an idea for a good abstraction for encrypted/signed files and streams?
Möglicherweise möchten Sie etwas sehr utopisch Klassen überprüfen, die ich getan habe (mit etwas Hilfe) in der Vergangenheit. (CipherStream) http://www.smalltalking.net/Goodies/VisualSmalltalk/index.htm
Hernán
Cheers, Hans-Martin _______________________________________________ Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
cryptography@lists.squeakfoundation.org
-
Hans-Martin Mosner -
Hernán Morales -
Robert Withers