GSoC Mid-Term Report

This post tries to provide a brief update about the last months explorations around krypt.

Some of the things I tried touching over the month:

RIPEMD160

Fix Digest with above

Lay Cipher Prototype Implementation

Provide Cipher JCE Implementation

Provide Streaming Base64 Implementation and of course READ A LOT.

=====

I l try laying out first what and how, I had to read and understand, and lay the prototype implementations.

It all started by reading the Bouncy Castle Implementations to get to know better about the whole implementation for Crypto and Digest. I then moved on to understand how actually krypt-core-java and krypt-jce-provider worked, where my actual work was going to be.

My coding began by providing RIPEMD160 implementation to the jce-provider. Again this was hugely based on the BC Impl. Next I made a hook in the jce for the RIPEMD call.

The next thing was laying the Cipher JCE interface based on terms with the Digest. This still need work, with proper and full definitions. {More on this later}

In the meanwhile Martin, integrated Base64 and Hex Streaming implementations. So I move on to read what they did, and how they interfaced with the Ruby world. At this point of time, I really started to looking into how Java was  being exposed to the Ruby world.

There were some crazy times over here, where I wasn’t able to figure out key issues of exposure, like Method argument handling, block handling, arrays, byte handling among a long list. This made me actually look deeply into plugin development for JRuby. I plan to do some documentation work on this, with lots of help from the JRuby community soon.

It was awesome to get an example implementation of how Martin wanted, by his Hex impl. So I later ported Base64 based on the same, for streaming impl. This was one of the “tasks”, that was on the platter to complete.

Next I move on to Ciphers on krypt-core. It was a huge help from jruby-ossl, that gave a perfect interface for the OpenSSL::Cipher ruby module. I ported the same, to provide prototype implementation with full cross-compatibility, with the Ruby version. But again this was a self contained version, meaning it used its own way on instantiation Ciphers, and that was a blocker, since we wanted them to be provided over by JCE. {We wanted to remove the BC Provider Dependencies that jruby-ossl currently relies on}

So that’s one of the TODO’s , to move on to use the exported functionality from krypt-jce, for Cipher interface.

I was to write specs for Cipher, which I was onto, when my machine crashed. And now have started to work on them, after a full revamp of my Machine.

Summary

In all most of my work was surrounded on reading and understanding and then doing small bits to be supported by Krypt. It was an awesome month, and if the evaluations go through, the next month would be even awesomer!

Ahead

If all goes fine, Martin will be laying out the IO impl that we want to base the Signature’s for safely working on password storage in memory{or the avoidance of the same}. Once he does that, I l try using the underlying architecture JRuby already provides, to emulate what Martin will implement.

Then on it will be implementing  Signatures themselves. The implementation of the same would then decide our journey ahead.

Advertisements

Quick into it

So the past few days its been reading and reading and more reading. Because crypto wasn’t going to be easy they say.

Although we’ve been able scratch the surface on some things. Some things are still in the grey for me{Many!}.

I integrated RIPMD160 implementation into krypt-digests. Although I need to re factor the beauty.

Defined a prototype for Ciphers. It exposes blowfish, aes, des, rsa, ecies for now, with default padding and mode for now. I have setup architectures for these, still waiting for Martin to define the interfaces into LibraryService for integration.

The next thing after Ciphers we will be trying is Signatures. But this will be a bit different from what I had thought. Earlier, from my readings I had thought to implement,

1. Keys

2. Signatures

3. Certificates, etc

But Martin has something in mind for password erasure from Memory{scratching surface of IO directly}, while handling Signatures, and other things{I guess, not clear of the plan}. So I have been having an overview of the I/O architecture in jruby now, to see how this will be done.

Next few days, it will be more refactoring and more of reading{which is what I spent most of my time till now.} So really, we don’t know what the plan is gonna be next, cause Martin has his own ride, which is touching many more features{which I dint have in mind before.}

I don’t know what the next few days will bring in.