[Cryptography Team] new Cryptography package, usable in squeak and pharo (was Re: Announce: whisper updated)

Robert Withers robert.w.withers at gmail.com
Tue Oct 18 18:12:41 UTC 2016 

Hey Ron, that's good, thanks. Is there no admin for squeaksource that 
could help me with my password? I am surprised. I took your suggestion 
and I was able to add myself as a new member. Could you add 'rwww' 
please? I want to clean up the mess I left behind in there.

Kind regards,
Rob

On 10/18/2016 10:35 AM, Ron Teitelbaum wrote:
>
> Hi Rob!
>
> I’ve uploaded the version you posted to squeak source.  Thanks for all 
> your work!
>
> I’m not sure if you can register a new account on squeaksource but if 
> you do I’m happy to add you as admin.
>
> All the best,
>
> Ron
>
> *From:*cryptography-bounces at lists.squeakfoundation.org 
> [mailto:cryptography-bounces at lists.squeakfoundation.org] *On Behalf Of 
> *Robert Withers
> *Sent:* Monday, October 17, 2016 9:22 PM
> *To:* Cryptography Mailing List
> *Subject:* [Cryptography Team] new Cryptography package, usable in 
> squeak and pharo (was Re: Announce: whisper updated)
>
> I wanted to give you a heads up about my new effort at SecureSession, 
> below, renamed to whisper from old days. In the course of development, 
> I consolidated the Cryptography package and conformed it to be 
> installable into both squeak or pharo, by ensuring the RandomGenerator 
> class>>#unpredictableStringsDo: works in both environments. In 
> addition, I added a more artifacts I developed in whisper, including 
> RSA <-> Asn1 module definitions, a PBEEncryptor and a 
> PBKDF2WithHmacSHA1 keyy derevation function. A couple of tests were 
> also added.
>
> Unfortunately, I lost my password to the Cryptography squeaksource 
> site and so I am unable to push the new code there. If someone could 
> help me reset that password, that would be quite helpful; I asked on 
> list to no avail and it may not be possible.
>
> The biggest help would be to get this new version in play, if someone 
> could load it: https://jumpshare.com/v/f4HwsX5nzEKQkeSaly7y and push 
> to the canonical Cryptography repo on squeaksource.
>
> Follows is a list of changes made, which does include some protocol 
> changes to ASN1 for marshalling and hydration, conforming to 
> #asAsn1DerBytes and @fromAsn1DerBytes:.
>
> Cryptography is now the shared package between Squeak and Pharo
>
> - RandomGenerator class>>#unpredictableStringsDo: changed details to 
> be squeak/pharo compliant (see comment)
> - senders/implementers of #asAsn1Bytes (removed) changed to 
> #asAsn1DerBytes
> - senders/implementers of #fromAsn1Bytes: (removed) changed to 
> #fromAsn1DerBytes:
> - X509Certificate class>>#fromFile: changed use of #fromBytes: 
> (removed) to #fromAsn1DerBytes:
> - X509CertificateDerReader>>#asCertificate  changed use of #fromBytes: 
> (removed) to #fromAsn1DerBytes:
> - all CryptoX509Test>>#certificateX  changed use of #fromBytes: 
> (removed) to #fromAsn1DerBytes:
> - moved asn1 module definitions and support accessers for RSA and DSA 
> Keys to Cryptography
> - changed DiffieHellman>>sendMessage to use SecureRandom>>#nextBits: 
> to keep bitSize
> - added CryptoHashFunctionTest tests for HMAC Specs
> - added String>>#padLeftTo:with: for squeak
> - fixed padding mode to set and retrieve the IV vector
>
> kind regards,
> Rob
>
> On 10/16/2016 7:22 PM, Robert Withers wrote:
>
>     Folks, I have updated whisper or SecureSession to provide
>     Java/Squeak/Pharo interoperability. I am no longer able to access
>     the Cryptography repo so I cannot push code, but the squeak/pharo
>     code is in the squeak-pharo directory in the whisper github
>     project. Here is the GitPages link:
>     https://robertwithers.github.io/whisper, with all other links.
>
>         whisper is osi Layer 5 SecureSession with modern crypto:
>         Java/Squeak/Pharo interoperability.
>
>           * flips normative osi layer 5 and 6 on its head: now, 5 is
>             crypto and 6 is session state resumption
>           * 3-way DH-2048/RSA-2048/RSAPublicKey ASN1DER encoding
>           * 256-bit AES/CBC/PKCS7Padding, 128-bit IV, 160-bit SHA1 E&M
>           * PBEEncryptorAES-256 with PBKDF2WithHmacSHA1
>
>     Rob
>
>
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/cryptography/attachments/20161018/27dbdb93/attachment-0001.htm

More information about the Cryptography mailing list