Jack,  I took a closer look at the RSAEncryptionScheme and it looks as 
if there is a limit on the message size that can be encrypted.  
Strange.  Instead, use the following for encryption:

| generator public private msg c |
generator _ RSAKeyPairGenerator new bits: bits.
public _ generator publicKey. "this may take a while"
private _ generator privateKey.

msg _ '1234567890987654321' asByteArray.
c _ public crypt: msg.
(private crypt: c) = msg.

If you want to hash the message as well, just do  (SHA1 hashMessage: 
msg).  Then you can concat the hashLen, hash, pad and the plaintext 
msg.  Then encrypt that.

Instead of msg encryption, you could use RSA/DSA for authentication and 
authorization (signatures).  Use DiffieHellman for a private key 
exchange, and finally use TripleDES + SHA1 hashing, seeded from the DH 
secret, for encryption of traffic.   This is what I am doing in 
SqueakElib.

I'll attach the x509 changeset.  I think the ASN1Der encoding stuff 
needs extended for all primitive types  (the ASN1Der in the Crypto 
package is different than that in the x509 package).    Then we could 
implement the x509 certificate encoders in terms of ASN1.

I hope this gives you some ideas,
Rob

-------------- next part --------------
A non-text attachment was scrubbed...
Name: X509.1.cs
Type: application/octet-stream
Size: 37610 bytes
Desc: not available
Url : http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20040411/4765e0ca/X509.1.obj
-------------- next part --------------



On Sunday, April 11, 2004, at 04:46 PM, Jack Keel wrote:

>
> Rob,
>
> Thanks for the quick response.
>
> The example gets much farther now, but I get a "Error: Decoding error" 
> in RSAEncryptionScheme>>decode:parameter:
> Appears to be looking for a terminating flag of 1 and finds 155. I 
> noticed you are working with 3.7;  I filed it into a 3.6 Croquet image 
> - might that be the difference?
>
> 	i _ hashLen + 1.
> 	terminado _ false.
> 	[terminado] whileFalse:
> 		[b _ dataBlock at: i.
> 		b=0 ifTrue:
> 			[i _ i+1.
> 			i > dbLen ifTrue: [self error: 'decoding error']]
> 		ifFalse:
> 			[b=1
> 				ifTrue: [terminado _ true]
> 				ifFalse: [self error: 'decoding error']    <---- Error here
> 			]
> 		].
> where b=155
> and i is 21
> and dataBlock is a ByteArray(107 210 44 216 137 106 65 130 3 156 36 
> 133 70 43 132 207 71 36 23 19 155 109 74 171 21 95 102 130 80 220 182 
> 106 88 69 185 221 146 53 7 157 9 118 27 50 93 157 158 231 44 8 34 132 
> 56 217 99 62 223 219 171 121 78 113 44 179 147 22 34 95 134 143 155 
> 179 40 219 184 96 130 233 44 163 137 69 22 35 11 180 16 161 100 249 86 
> 163 173 167 135 28 140 103 19 43 29 186 47 34 149 115 203 207)
>
>
> Also
>
> I think we will be interested in the x509 code and would probably be 
> able to attempt to incorporate it into the Cryptography package after 
> I get a little more familiar with it.  Looks kinda cryptic to me at 
> the moment ;-)
>
> Rob
>
>
>> Jack, this seems to fix it.
>>
>> I am using DSA in SqueakElib, but only with partial certificates, if
>> that helps you any.  There is x509 code floating about that needs
>> integration into the Crypto package.
>>
>> Rob
>