[squeak-dev] [Vm-dev] SHA512 squeak implementation?

Robert robert.withers at pm.me
Fri Mar 20 13:06:25 UTC 2020

Hi Levente,

I got tangled up in an image that had older Crypto code loaded, then I 
loaded the most recent and I had failing tests. So I went back to a 
virgin image and loaded into that. All tests pass Green. I am trying to 
track all the changes you made, for instance relying on the stock 
ThirtyTwoBitRegister>>#rotateLeftBy: and also using the native 
SecureHashAlgorithm>>#hashInteger:seed:. It is confusing. Cryptography 
was supposed to be complete and independent, but it relies on certain 
classes being present, with certain implementations. Given this, would 
ProCrypto be loadable in Pharo and pass green?

One thing I recall you saying, I think you said you are using postscript 
initialization. Where could I find that?

k, r

On 3/18/20 7:50 AM, Levente Uzonyi wrote:
> Hi Robert,
> I've finished the integration of Hasher into the Cryptography package.
> I didn't publish Monticello Configurations, but here's a list I would
> publish if I did:
> Registers-Core-ul.1
> CryptographyCore-ul.7
> CryptographyHashing-ul.23
> CryptographyASN1-ul.6
> CryptographyRandom-ul.13
> CryptographyCiphers-rww.16
> CryptographySignatures-ul.17
> CryptographyKeyExchange-rww.14
> CryptographyArchive-ul.18
> CryptographyX509-ul.15
> The Registers repository should be added to the configuration first, then
> you can select Registers-Core and move it to the top of the list.
> Regarding load order, I swapped CryptographyHashing with CryptographyASN1
> because I added extension methods to the latter which extend classes of
> the former.
> Since CryptographyHashing does not depend on CryptographyCore, those two
> can be swapped as well if needed.
> For the tests, the configuration should contain the following packages:
> CryptographyASN1Tests-rww.1
> CryptographyCoreTests-rww.1
> CryptographyHashingTests-ul.2
> CryptographyRandomTests-rww.1
> CryptographyCiphersTests-rww.1
> CryptographySignaturesTests-rww.1
> CryptographyKeyExchangeTests-rww.1
> CryptographyArchiveTests-rww.1
> CryptographyX509Tests-rww.1
> Registers-Tests-ul.1
> Levente
> On Tue, 17 Mar 2020, Robert wrote:
>> Hi Levente,
>> On 3/16/20 2:53 PM, Levente Uzonyi wrote:
>>> Hi Robert,
>>> On Fri, 13 Mar 2020, Robert wrote:
>>>> On 3/12/20 7:49 PM, Levente Uzonyi wrote:
>>>>> On Thu, 12 Mar 2020, Robert wrote:
>>>>>> Oh? I thought we discussed your package becoming the core solution, for HashFunctions. I was thinking you were going to rename all your classes back to no prefixes (except RGThirtyTwoBitRegister renamed to CryptoThirtyTwoBitRegister). And your hashFunction becomes the one in CryptographyCore. Your Registers and HashFunctions, become CryptographyHashing. Then I'll reset the dependencies to load yours.
>>>>>> I got a little excited and released Pro Crypto v1.1.1, so with your code it would be ProCrypto v1.2.1.
>>>>>> Did I misunderstand?
>>>>> I proposed that about three times in these discussions but got no
>>>>> response from you.
>>>>> Since you started integrating SHA512 manually, my impression was that you
>>>>> want to keep the exising classes.
>>>>> If you want Hasher to be merged into Cryptography, then I can give it a
>>>>> try on the weekend, but
>>>> See this post: http://lists.squeakfoundation.org/pipermail/squeak-dev/2020-March/207872.html
>>> I must have missed that post.
>> I apologize for tacking after some other stuff, in the middle of a
>> paragraph. That was limiting.
>>>>> 1) HashFunction should stay in the same package as its subclasses. Why?
>>>>> When another package doesn't use any of HashFunction's subclasses, it will
>>>>> not use HashFunction. When another package needs a subclass, HashFunction
>>>>> has to be present.
>>>> No, I see this through the lens of reuse. there may be other packages that wish to extend hashFunction for their own use. AN example would be a SignalEncryption package. It has a HashFunction. So all the class roots belong in the Core package.
>>> I couldn't find the SignalEncryption package anywhere.
>> It is CryptoChallengeNumberFive. I had downloaded the java implementation of Signal and they have 2 special crypto algorithms, I think one a hashFunction and the other their Public/PrivateKeys. Thus I wrote for NumberFive SignalEncryption and SignalProtocol. The first would extend root classes in Core for the HashFunction and the Keys from KeyExchange. Oh! Yeah so we already use a subpackage to subclass Keys, I think. So why not Hashing? Okay, leave it in CryptographyHashing, I see now.
>>> Is there a cryptographic hash function that is missing from Hasher?
>> There could be as alternate packages extend it, such as our future
>> SignalEncryption package.
>>> If there is, can it be implemented as a subclass of HashFunction?
>> Sure, just load Hashing.
>>> If yes, why doesn't it belong to the same package as the other subclasses
>>> of HashFunction?
>> To promote broad development to extend as needed. Perhaps rolled over to
>> Hashing later...Does that work?
>>>>> 2) Registers should stay in a separate package. Why?
>>>>> They can be used for other things. For example, I've got an unpublished
>>>>> package containing various PRNG implementations using it.
>>>> That's fine then, please put these classes also in the Core package.
>>> I don't see how the CryptographyCore package would be a good place for
>>> Registers.
>> Okay, same deal as above then. But you are adding another package
>> dependency. Easy enough to record in the ProCrypto-1-1-1 configuration map.
>>> The PRNGs I implemented are unrelated to Cryptography.
>> PRNGs? I had not heard. Do you want to roll those over to Random, please?
>> K, r
>>> Levente
>>>>> Does that work for you?
>>>> Working our way to the garden.
>>>> k, r
>>>>> Levente
>>>>>> k, r
>>>>>> On 3/12/20 7:26 PM, Levente Uzonyi wrote:
>>>>>>> Hi Robert,
>>>>>>> On Wed, 11 Mar 2020, Robert wrote:
>>>>>>>> Dear Levente,
>>>>>>>> I had to rework the Hashing package. It was recording change records that moved RGSixtyTwoBitRegisters before another to rename them CryptoSixtyTwoBitRegisters, CryptographyHashing was ripping them out of your Registers package and your code started failing. So I had to swap classes around packages and fix a few
>>>>>>>> issues I had with SHA512 initialization, class & instance sides. I verified that they load in either order now and fully CryptoGreen. I setup dependencies through the latest Hashing package, 21. Here are the versions & how I load:
>>>>>>>> Anything with your merge I can help with, Levente? I am excited for the day to announce ProCrypto v1.1.1, you know! ^,^ Milk it. I added a pointer to the plugins.
>>>>>>> What merge do you mean?
>>>>>>> Levente
>>>>>>>> Installer ss      project: 'Registers';      install: 'Registers';      project: 'Hasher';      install: 'HAHasher-Core';      install: 'HAHasher-Tests'. Installer ss      project: 'Cryptography';      install: 'CryptographyPlugins';      install: 'CryptographyX509'.
>>>>>>>> K, r
>>>>>>>> ProCrypto packages and dependencies
>>>>>>>> Package
>>>>>>>> Size (kb)
>>>>>>>> Dependencies
>>>>>>>> Algorithms
>>>>>>>> 1
>>>>>>>> CryptographyCore-rww.5
>>>>>>>> 18
>>>>>>>> HMAC, CBC, CFB, CTR, OFB
>>>>>>>> 2
>>>>>>>> CryptographyASN1-rww.4
>>>>>>>> 58
>>>>>>>> ASN1Module, ASN1InputStream, ASN1OutputStream
>>>>>>>> 3
>>>>>>>> CryptographyHashing-rww.21
>>>>>>>> 208
>>>>>>>> CryptographyCore-rww.5
>>>>>>>> ND2, MD4, MD5, SHA1, SHA256, SHA512
>>>>>>>> 4
>>>>>>>> CryptographyRandom-rww.11
>>>>>>>> 21
>>>>>>>> CryptographyHashing-rww.21
>>>>>>>> RandomPool, PrimesFinder, Miller-Rabin, Fortuna, SecureRandom
>>>>>>>> 5
>>>>>>>> CryptographyCiphers-rww.15
>>>>>>>> 81
>>>>>>>> CryptographyRandom-rww.11 CryptographyASN1-rww.4
>>>>>>>> ARC2, ARC4, DES, TripleDES, Blowfish, Rijndael
>>>>>>>> 6
>>>>>>>> CryptographySignatures-rww.15
>>>>>>>> 37
>>>>>>>> CryptographyCiphers-rww.15
>>>>>>>> DSAKeyPairGenerator, ElGamalKeyPairGenerator, RSAKeyPairGenerator
>>>>>>>> 7
>>>>>>>> CryptographyKeyExchange-rww.13
>>>>>>>> 5
>>>>>>>> CryptographySignatures-rww.15
>>>>>>>> Diffie-Hellman
>>>>>>>> 8
>>>>>>>> CryptographyArchive-rww.15
>>>>>>>> 17
>>>>>>>> CryptographyKeyExchange-rww.13
>>>>>>>> PBKDF2WithHmacSHA1, PBKDF2WithHmacSHA256, PKCS12
>>>>>>>> 9
>>>>>>>> CryptographyX509-rww.13
>>>>>>>> 34
>>>>>>>> CryptographyArchive-rww.15
>>>>>>>> X509Certificate, X509CertificateDerReader, DSAPrivateKeyFileReader, RSAPublicKeyFileGenerator, RSAPrivateKeyFileGenerator
>>>>>>>> 479
>>>>>>>> Loadable
>>>>>>>> Unloadable
>>>>>>>> On 3/10/20 8:31 PM, Robert wrote:
>>>>>>>>         I should share with you that I can load Levente's work in parallel and there are no toes stepped on. And all of his tests are CryptoGreen, with & out. This is a good.
>>>>>>>>         *message too large* kindly, rabbit
>>>>>>>>         On 3/10/20 6:06 PM, Robert wrote:
>>>>>>>>         Hi Levente,
>>>>>>>>         Here is a new release of CryptographyHashing-rww.15. It is not linked up through dependencies, so load it after. It supports SHA512WithPrimitive and SHA512NonPrimitive and passes all tests. CryptoGreen for SHA512, with the shiny, new SHA2Plugin and without. Find plugins here, for linux64x64:
>>>>>>>> https://www.dropbox.com/home/Callisto%20House/squeak-crypto-plugins
>>>>>>>> .
>>>>>>>>         Here is this working implementation of SHA512. The naming ought to be without prefix for th ecore classes. I have no problem whatsoever if we were to rebase your work as the defining implementation for all of thosew funcrtions, using one plugin. That's something wonderful. We should use you
>>>>>>>>         hashFunction and rename without prefix. Tests separate, that's fashionable. We can figure out the mc config later.
>>>>>>>>         publish your work on, then I will link your solution into dependencies.
>>>>>>>>                                                                                                                                                   CryptographyHashing-ul.16
>>>>>>>>                                                                                                                                              CryptographyHashing-rww.15 (Release)
>>>>>>>>         File:
>>>>>>>>         CryptographyHashing-rww.15.mcz
>>>>>>>>         Author:
>>>>>>>>         Robert Withers
>>>>>>>>         Timestamp:
>>>>>>>>         10 March 2020 9:57:39 pm
>>>>>>>>         UUID:
>>>>>>>>         b7df722e-ab05-4465-97ef-deeffb0212d0
>>>>>>>>         Ancestors:
>>>>>>>>         CryptographyHashing-rww.14
>>>>>>>>         Dependencies:
>>>>>>>>         CryptographyCore-rww.5
>>>>>>>>         Release:
>>>>>>>>         This is a release that can be read by anybody.
>>>>>>>>         Message:
>>>>>>>>         adapt to new #primCopyoubleWords:intoBytes:. CryptoGreen for SHA512, with the shiny, new SHA2Plugin and without. Find plugins here, for linux64x64:
>>>>>>>> https://www.dropbox.com/home/Callisto%20House/squeak-crypto-plugins
>>>>>>>> .
>>>>>>>> rttyk, r
>>>>>> --
>>>> --
>> --
>> Kindly,
>> Robert

More information about the Squeak-dev mailing list