[ANN] Working SSL In Squeak

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

[ANN] Working SSL In Squeak

Ron Teitelbaum

All,

 

A while back I started an implementation of TLS 1.2.  Rob Withers joined the effort a few weeks ago and is has made terrific progress.  He reorganized everything, added a proper protocol stack, and now has the certificates working.

 

Our version now works with SSL3.0 and TLS 1.1, and DH or RSA using x509v3 Certificates.  There are still a number of things that need to be done but we can now use squeak to connect as an SSL server and/or client.  See the examples in the workspace that opens when you load the code.  You will find our implementation at www.squeaksource.com/Cryptography.  There are two Monticello Configuration files available to make loading easier.  Load Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.  

 

We could use some help with testing, code review, documentation or any other help you would like to offer.

 

There is also support for MS CryptoAPI and CertificateStores for Microsoft in the MSCert package.  In the future I will be working on integrating this functionality.  I will also be adding support for KomHttp which is mostly completed but needs to be updated to support Rob’s new version.

 

We hope you find this useful and will keep us updated on your use and issues with our implementation.  If you have any questions please let us know.  Also again we would like to invite anyone with interest or experience with cryptography to join our Cryptography Team at http://lists.squeakfoundation.org/mailman/listinfo/cryptography .

 

Thanks and enjoy,

 

Ron Teitelbaum

President / Principal Software Engineer

US Medical Record Specialists

www.USMedRec.com

[hidden email]

Squeak Cryptography Team Leader

 

 

 



Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Rob Withers
Hi all,

Let me add a few things to Ron's announcement.  First off I added a HttpsUrl class and support to retrieve pages with these Urls.  So you can do the following:

'https://www.fidelity.com' asUrl retrieveContents.

I tried to add support for a POST command, but I couldn't really test it because I couldn't find a WebBrowser.  Do we still have one?  I wanted to do my online banking in squeak! :-)

Second, without a patch the Monticello configurations won't work.  Let me list the packages needed from the Cryptography repository.  Load, in order:

CryptographyBase
Cryptography-Core
Cryptography-DES
Cryptography-DSA
Cryptography-ElGamal
Cryptography-RSA
Cryptography-SHA1
Cryptography-RC4
Cryptography-MD5
Cryptography-ASN1
Cryptography-X509
Cryptography-SSL


Lastly. you will need a DESPlugin, which you can find here: http://minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.

cheers,
Robert



On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:

All,

 

A while back I started an implementation of TLS 1.2.  Rob Withers joined the effort a few weeks ago and is has made terrific progress.  He reorganized everything, added a proper protocol stack, and now has the certificates working.

 

Our version now works with SSL3.0 and TLS 1.1, and DH or RSA using x509v3 Certificates.  There are still a number of things that need to be done but we can now use squeak to connect as an SSL server and/or client.  See the examples in the workspace that opens when you load the code.  You will find our implementation at www.squeaksource.com/Cryptography.  There are two Monticello Configuration files available to make loading easier.  Load Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.  

 

We could use some help with testing, code review, documentation or any other help you would like to offer.

 

There is also support for MS CryptoAPI and CertificateStores for Microsoft in the MSCert package.  In the future I will be working on integrating this functionality.  I will also be adding support for KomHttp which is mostly completed but needs to be updated to support Rob’s new version.

 

We hope you find this useful and will keep us updated on your use and issues with our implementation.  If you have any questions please let us know.  Also again we would like to invite anyone with interest or experience with cryptography to join our Cryptography Team athttp://lists.squeakfoundation.org/mailman/listinfo/cryptography .

 

Thanks and enjoy,

 

Ron Teitelbaum

President / Principal Software Engineer

US Medical Record Specialists

www.USMedRec.com

[hidden email]

Squeak Cryptography Team Leader

 

 

 





Reply | Threaded
Open this post in threaded view
|

Re:[croquet] [ANN] Working SSL In Squeak

Rob Withers
In reply to this post by Ron Teitelbaum
Hi all,

Let me add a few things to Ron's announcement.  First off I added a HttpsUrl class and support to retrieve pages with these Urls.  So you can do the following:

'https://www.fidelity.com' asUrl retrieveContents.

I tried to add support for a POST command, but I couldn't really test it because I couldn't find a WebBrowser.  Do we still have one?  I wanted to do my online banking in squeak! :-)

Second, without a patch the Monticello configurations won't work.  Let me list the packages needed from the Cryptography repository.  Load, in order:

CryptographyBase
Cryptography-Core
Cryptography-DES
Cryptography-DSA
Cryptography-ElGamal
Cryptography-RSA
Cryptography-SHA1
Cryptography-RC4
Cryptography-MD5
Cryptography-ASN1
Cryptography-X509
Cryptography-SSL


Lastly. you will need a DESPlugin, which you can find here: http://minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.

cheers,
Robert



On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:

All,

 

A while back I started an implementation of TLS 1.2.  Rob Withers joined the effort a few weeks ago and is has made terrific progress.  He reorganized everything, added a proper protocol stack, and now has the certificates working.

 

Our version now works with SSL3.0 and TLS 1.1, and DH or RSA using x509v3 Certificates.  There are still a number of things that need to be done but we can now use squeak to connect as an SSL server and/or client.  See the examples in the workspace that opens when you load the code.  You will find our implementation at www.squeaksource.com/Cryptography.  There are two Monticello Configuration files available to make loading easier.  Load Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.  

 

We could use some help with testing, code review, documentation or any other help you would like to offer.

 

There is also support for MS CryptoAPI and CertificateStores for Microsoft in the MSCert package.  In the future I will be working on integrating this functionality.  I will also be adding support for KomHttp which is mostly completed but needs to be updated to support Rob’s new version.

 

We hope you find this useful and will keep us updated on your use and issues with our implementation.  If you have any questions please let us know.  Also again we would like to invite anyone with interest or experience with cryptography to join our Cryptography Team athttp://lists.squeakfoundation.org/mailman/listinfo/cryptography .

 

Thanks and enjoy,

 

Ron Teitelbaum

President / Principal Software Engineer

US Medical Record Specialists

www.USMedRec.com

[hidden email]

Squeak Cryptography Team Leader

 

 

 



Reply | Threaded
Open this post in threaded view
|

Re: [Seaside] [ANN] Working SSL In Squeak

stephane ducasse-2
In reply to this post by Ron Teitelbaum
Excellent!
You are given us a lesson of "Do-it"
STef

> A while back I started an implementation of TLS 1.2.  Rob Withers  
> joined the effort a few weeks ago and is has made terrific  
> progress.  He reorganized everything, added a proper protocol  
> stack, and now has the certificates working.
>
> Our version now works with SSL3.0 and TLS 1.1, and DH or RSA using  
> x509v3 Certificates.  There are still a number of things that need  
> to be done but we can now use squeak to connect as an SSL server  
> and/or client.  See the examples in the workspace that opens when  
> you load the code.  You will find our implementation at  
> www.squeaksource.com/Cryptography.  There are two Monticello  
> Configuration files available to make loading easier.  Load  
> Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
>
> We could use some help with testing, code review, documentation or  
> any other help you would like to offer.
>
> There is also support for MS CryptoAPI and CertificateStores for  
> Microsoft in the MSCert package.  In the future I will be working  
> on integrating this functionality.  I will also be adding support  
> for KomHttp which is mostly completed but needs to be updated to  
> support Rob’s new version.
>
> We hope you find this useful and will keep us updated on your use  
> and issues with our implementation.  If you have any questions  
> please let us know.  Also again we would like to invite anyone with  
> interest or experience with cryptography to join our Cryptography  
> Team at http://lists.squeakfoundation.org/mailman/listinfo/ 
> cryptography .

Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

stephane ducasse-2
In reply to this post by Rob Withers
Hi robert

just that I understand a bit more what  is the role of the DESPlugin?

> Hi all,
>
> Let me add a few things to Ron's announcement.  First off I added a  
> HttpsUrl class and support to retrieve pages with these Urls.  So  
> you can do the following:
>
> 'https://www.fidelity.com' asUrl retrieveContents.
>
> I tried to add support for a POST command, but I couldn't really  
> test it because I couldn't find a WebBrowser.  Do we still have  
> one?  I wanted to do my online banking in squeak! :-)
>
> Second, without a patch the Monticello configurations won't work.  
> Let me list the packages needed from the Cryptography repository.  
> Load, in order:
>
> CryptographyBase
> Cryptography-Core
> Cryptography-DES
> Cryptography-DSA
> Cryptography-ElGamal
> Cryptography-RSA
> Cryptography-SHA1
> Cryptography-RC4
> Cryptography-MD5
> Cryptography-ASN1
> Cryptography-X509
> Cryptography-SSL
>
>
> Lastly. you will need a DESPlugin, which you can find here: http://
> minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.
>
> cheers,
> Robert
>
>
>
> On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:
>
>> All,
>>
>>
>>
>> A while back I started an implementation of TLS 1.2.  Rob Withers  
>> joined the effort a few weeks ago and is has made terrific  
>> progress.  He reorganized everything, added a proper protocol  
>> stack, and now has the certificates working.
>>
>>
>>
>> Our version now works with SSL3.0 and TLS 1.1, and DH or RSA using  
>> x509v3 Certificates.  There are still a number of things that need  
>> to be done but we can now use squeak to connect as an SSL server  
>> and/or client.  See the examples in the workspace that opens when  
>> you load the code.  You will find our implementation at  
>> www.squeaksource.com/Cryptography.  There are two Monticello  
>> Configuration files available to make loading easier.  Load  
>> Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
>>
>>
>>
>> We could use some help with testing, code review, documentation or  
>> any other help you would like to offer.
>>
>>
>>
>> There is also support for MS CryptoAPI and CertificateStores for  
>> Microsoft in the MSCert package.  In the future I will be working  
>> on integrating this functionality.  I will also be adding support  
>> for KomHttp which is mostly completed but needs to be updated to  
>> support Rob’s new version.
>>
>>
>>
>> We hope you find this useful and will keep us updated on your use  
>> and issues with our implementation.  If you have any questions  
>> please let us know.  Also again we would like to invite anyone  
>> with interest or experience with cryptography to join our  
>> Cryptography Team athttp://lists.squeakfoundation.org/mailman/
>> listinfo/cryptography .
>>
>>
>>
>> Thanks and enjoy,
>>
>>
>>
>> Ron Teitelbaum
>>
>> President / Principal Software Engineer
>>
>> US Medical Record Specialists
>>
>> www.USMedRec.com
>>
>> [hidden email]
>>
>> Squeak Cryptography Team Leader
>>
>>
>>
>>
>>
>>
>>
>>
>
>


Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Rob Withers
Hi Stef,

The DESPlugin implements the DES cryptography algorithm, which has  
basically two parts.  Key preparation, which DES calls "cooking the  
key", and transformation, where it takes the cooked key and the input  
block and encrypts it or decrypts it.  I have always wished that  
there were an in-image implementation so that the plugin isn't  
required when doing DES, but it hasn't happened yet.  Something to  
work on, perhaps.  Note that I didn't write it, I am only a user.

Robert

On Oct 2, 2006, at 9:22 AM, stephane ducasse wrote:

> Hi robert
>
> just that I understand a bit more what  is the role of the DESPlugin?
>
>> Hi all,
>>
>> Let me add a few things to Ron's announcement.  First off I added  
>> a HttpsUrl class and support to retrieve pages with these Urls.  
>> So you can do the following:
>>
>> 'https://www.fidelity.com' asUrl retrieveContents.
>>
>> I tried to add support for a POST command, but I couldn't really  
>> test it because I couldn't find a WebBrowser.  Do we still have  
>> one?  I wanted to do my online banking in squeak! :-)
>>
>> Second, without a patch the Monticello configurations won't work.  
>> Let me list the packages needed from the Cryptography repository.  
>> Load, in order:
>>
>> CryptographyBase
>> Cryptography-Core
>> Cryptography-DES
>> Cryptography-DSA
>> Cryptography-ElGamal
>> Cryptography-RSA
>> Cryptography-SHA1
>> Cryptography-RC4
>> Cryptography-MD5
>> Cryptography-ASN1
>> Cryptography-X509
>> Cryptography-SSL
>>
>>
>> Lastly. you will need a DESPlugin, which you can find here: http://
>> minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.
>>
>> cheers,
>> Robert
>>
>>
>>
>> On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:
>>
>>> All,
>>>
>>>
>>>
>>> A while back I started an implementation of TLS 1.2.  Rob Withers  
>>> joined the effort a few weeks ago and is has made terrific  
>>> progress.  He reorganized everything, added a proper protocol  
>>> stack, and now has the certificates working.
>>>
>>>
>>>
>>> Our version now works with SSL3.0 and TLS 1.1, and DH or RSA  
>>> using x509v3 Certificates.  There are still a number of things  
>>> that need to be done but we can now use squeak to connect as an  
>>> SSL server and/or client.  See the examples in the workspace that  
>>> opens when you load the code.  You will find our implementation  
>>> at www.squeaksource.com/Cryptography.  There are two Monticello  
>>> Configuration files available to make loading easier.  Load  
>>> Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
>>>
>>>
>>>
>>> We could use some help with testing, code review, documentation  
>>> or any other help you would like to offer.
>>>
>>>
>>>
>>> There is also support for MS CryptoAPI and CertificateStores for  
>>> Microsoft in the MSCert package.  In the future I will be working  
>>> on integrating this functionality.  I will also be adding support  
>>> for KomHttp which is mostly completed but needs to be updated to  
>>> support Rob’s new version.
>>>
>>>
>>>
>>> We hope you find this useful and will keep us updated on your use  
>>> and issues with our implementation.  If you have any questions  
>>> please let us know.  Also again we would like to invite anyone  
>>> with interest or experience with cryptography to join our  
>>> Cryptography Team athttp://lists.squeakfoundation.org/mailman/
>>> listinfo/cryptography .
>>>
>>>
>>>
>>> Thanks and enjoy,
>>>
>>>
>>>
>>> Ron Teitelbaum
>>>
>>> President / Principal Software Engineer
>>>
>>> US Medical Record Specialists
>>>
>>> www.USMedRec.com
>>>
>>> [hidden email]
>>>
>>> Squeak Cryptography Team Leader
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>


Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

J J-6
Hi Robert,

But do I understand right that you guys *did* impliment SSL in squeak from
scratch?  From what I gathered in the list it wasn't in squeak yet.

Well I'm impressed either way.  What are your next projects? :)


>From: Robert Withers <[hidden email]>
>Reply-To: The general-purpose Squeak developers
>list<[hidden email]>
>To: The general-purpose Squeak developers
>list<[hidden email]>
>Subject: Re: [ANN] Working SSL In Squeak
>Date: Mon, 2 Oct 2006 10:10:17 -0700
>
>Hi Stef,
>
>The DESPlugin implements the DES cryptography algorithm, which has  
>basically two parts.  Key preparation, which DES calls "cooking the  key",
>and transformation, where it takes the cooked key and the input  block and
>encrypts it or decrypts it.  I have always wished that  there were an
>in-image implementation so that the plugin isn't  required when doing DES,
>but it hasn't happened yet.  Something to  work on, perhaps.  Note that I
>didn't write it, I am only a user.
>
>Robert
>
>On Oct 2, 2006, at 9:22 AM, stephane ducasse wrote:
>
>>Hi robert
>>
>>just that I understand a bit more what  is the role of the DESPlugin?
>>
>>>Hi all,
>>>
>>>Let me add a few things to Ron's announcement.  First off I added  a
>>>HttpsUrl class and support to retrieve pages with these Urls.   So you
>>>can do the following:
>>>
>>>'https://www.fidelity.com' asUrl retrieveContents.
>>>
>>>I tried to add support for a POST command, but I couldn't really  test it
>>>because I couldn't find a WebBrowser.  Do we still have  one?  I wanted
>>>to do my online banking in squeak! :-)
>>>
>>>Second, without a patch the Monticello configurations won't work.   Let
>>>me list the packages needed from the Cryptography repository.   Load, in
>>>order:
>>>
>>>CryptographyBase
>>>Cryptography-Core
>>>Cryptography-DES
>>>Cryptography-DSA
>>>Cryptography-ElGamal
>>>Cryptography-RSA
>>>Cryptography-SHA1
>>>Cryptography-RC4
>>>Cryptography-MD5
>>>Cryptography-ASN1
>>>Cryptography-X509
>>>Cryptography-SSL
>>>
>>>
>>>Lastly. you will need a DESPlugin, which you can find here: http://
>>>minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.
>>>
>>>cheers,
>>>Robert
>>>
>>>
>>>
>>>On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:
>>>
>>>>All,
>>>>
>>>>
>>>>
>>>>A while back I started an implementation of TLS 1.2.  Rob Withers  
>>>>joined the effort a few weeks ago and is has made terrific  progress.  
>>>>He reorganized everything, added a proper protocol  stack, and now has
>>>>the certificates working.
>>>>
>>>>
>>>>
>>>>Our version now works with SSL3.0 and TLS 1.1, and DH or RSA  using
>>>>x509v3 Certificates.  There are still a number of things  that need to
>>>>be done but we can now use squeak to connect as an  SSL server and/or
>>>>client.  See the examples in the workspace that  opens when you load the
>>>>code.  You will find our implementation  at
>>>>www.squeaksource.com/Cryptography.  There are two Monticello  
>>>>Configuration files available to make loading easier.  Load  
>>>>Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
>>>>
>>>>
>>>>
>>>>We could use some help with testing, code review, documentation  or any
>>>>other help you would like to offer.
>>>>
>>>>
>>>>
>>>>There is also support for MS CryptoAPI and CertificateStores for  
>>>>Microsoft in the MSCert package.  In the future I will be working  on
>>>>integrating this functionality.  I will also be adding support  for
>>>>KomHttp which is mostly completed but needs to be updated to  support
>>>>Rob’s new version.
>>>>
>>>>
>>>>
>>>>We hope you find this useful and will keep us updated on your use  and
>>>>issues with our implementation.  If you have any questions  please let
>>>>us know.  Also again we would like to invite anyone  with interest or
>>>>experience with cryptography to join our  Cryptography Team
>>>>athttp://lists.squeakfoundation.org/mailman/ listinfo/cryptography .
>>>>
>>>>
>>>>
>>>>Thanks and enjoy,
>>>>
>>>>
>>>>
>>>>Ron Teitelbaum
>>>>
>>>>President / Principal Software Engineer
>>>>
>>>>US Medical Record Specialists
>>>>
>>>>www.USMedRec.com
>>>>
>>>>[hidden email]
>>>>
>>>>Squeak Cryptography Team Leader
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>



Reply | Threaded
Open this post in threaded view
|

RE: [ANN] Working SSL In Squeak

Ron Teitelbaum
Hi J J,

Just to be clear, most of the components that were used for SSL already
existed in squeak Cryptography.  It was because of all the work from others
in creating all the cryptography code that we were able to even attempt to
put it all together into the SSL protocol.  

Also I must agree with you Rob did a wonderful job getting it all working.
His work is really clean and the implementation is beautiful.  Keep in mind
this is a first pass, there is much to do to round it out to make it
production quality.

Thank you everyone that has participated in Squeak Cryptography and again if
anyone would like to join there are a number of projects we are working on,
including:

KomServer SSL integration
MS CryptoAPI integration
SSL Testing and Documentation
SSL Code Review
OpenSSL integration (may be handled with LibCurl)
ASN1 framework for additional protocol support.
Cryptography Testing and Common Criteria Modifications
Secure VM and Image
Certificates for install (try before you buy, or buy license to activate)
Squeak FIPS certification

Please sign up and volunteer at:
http://lists.squeakfoundation.org/mailman/listinfo/cryptography 

Ron Teitelbaum
Cryptography Team Leader  

> -----Original Message-----
> From: [hidden email] [mailto:squeak-dev-
> [hidden email]] On Behalf Of J J
> Sent: Monday, October 02, 2006 2:49 PM
> To: [hidden email]
> Subject: Re: [ANN] Working SSL In Squeak
>
> Hi Robert,
>
> But do I understand right that you guys *did* impliment SSL in squeak from
> scratch?  From what I gathered in the list it wasn't in squeak yet.
>
> Well I'm impressed either way.  What are your next projects? :)
>
>
> >From: Robert Withers <[hidden email]>
> >Reply-To: The general-purpose Squeak developers
> >list<[hidden email]>
> >To: The general-purpose Squeak developers
> >list<[hidden email]>
> >Subject: Re: [ANN] Working SSL In Squeak
> >Date: Mon, 2 Oct 2006 10:10:17 -0700
> >
> >Hi Stef,
> >
> >The DESPlugin implements the DES cryptography algorithm, which has
> >basically two parts.  Key preparation, which DES calls "cooking the
> key",
> >and transformation, where it takes the cooked key and the input  block
> and
> >encrypts it or decrypts it.  I have always wished that  there were an
> >in-image implementation so that the plugin isn't  required when doing
> DES,
> >but it hasn't happened yet.  Something to  work on, perhaps.  Note that I
> >didn't write it, I am only a user.
> >
> >Robert
> >
> >On Oct 2, 2006, at 9:22 AM, stephane ducasse wrote:
> >
> >>Hi robert
> >>
> >>just that I understand a bit more what  is the role of the DESPlugin?
> >>
> >>>Hi all,
> >>>
> >>>Let me add a few things to Ron's announcement.  First off I added  a
> >>>HttpsUrl class and support to retrieve pages with these Urls.   So you
> >>>can do the following:
> >>>
> >>>'https://www.fidelity.com' asUrl retrieveContents.
> >>>
> >>>I tried to add support for a POST command, but I couldn't really  test
> it
> >>>because I couldn't find a WebBrowser.  Do we still have  one?  I wanted
> >>>to do my online banking in squeak! :-)
> >>>
> >>>Second, without a patch the Monticello configurations won't work.   Let
> >>>me list the packages needed from the Cryptography repository.   Load,
> in
> >>>order:
> >>>
> >>>CryptographyBase
> >>>Cryptography-Core
> >>>Cryptography-DES
> >>>Cryptography-DSA
> >>>Cryptography-ElGamal
> >>>Cryptography-RSA
> >>>Cryptography-SHA1
> >>>Cryptography-RC4
> >>>Cryptography-MD5
> >>>Cryptography-ASN1
> >>>Cryptography-X509
> >>>Cryptography-SSL
> >>>
> >>>
> >>>Lastly. you will need a DESPlugin, which you can find here: http://
> >>>minnow.cc.gatech.edu/squeak/2410, including an updated one for Linux.
> >>>
> >>>cheers,
> >>>Robert
> >>>
> >>>
> >>>
> >>>On Oct 2, 2006, at 7:28 AM, Ron Teitelbaum wrote:
> >>>
> >>>>All,
> >>>>
> >>>>
> >>>>
> >>>>A while back I started an implementation of TLS 1.2.  Rob Withers
> >>>>joined the effort a few weeks ago and is has made terrific  progress.
> >>>>He reorganized everything, added a proper protocol  stack, and now has
> >>>>the certificates working.
> >>>>
> >>>>
> >>>>
> >>>>Our version now works with SSL3.0 and TLS 1.1, and DH or RSA  using
> >>>>x509v3 Certificates.  There are still a number of things  that need to
> >>>>be done but we can now use squeak to connect as an  SSL server and/or
> >>>>client.  See the examples in the workspace that  opens when you load
> the
> >>>>code.  You will find our implementation  at
> >>>>www.squeaksource.com/Cryptography.  There are two Monticello
> >>>>Configuration files available to make loading easier.  Load
> >>>>Cryptography-Configuration.mcm, and then Crypt-Xtra-Config.mcm.
> >>>>
> >>>>
> >>>>
> >>>>We could use some help with testing, code review, documentation  or
> any
> >>>>other help you would like to offer.
> >>>>
> >>>>
> >>>>
> >>>>There is also support for MS CryptoAPI and CertificateStores for
> >>>>Microsoft in the MSCert package.  In the future I will be working  on
> >>>>integrating this functionality.  I will also be adding support  for
> >>>>KomHttp which is mostly completed but needs to be updated to  support
> >>>>Rob's new version.
> >>>>
> >>>>
> >>>>
> >>>>We hope you find this useful and will keep us updated on your use  and
> >>>>issues with our implementation.  If you have any questions  please let
> >>>>us know.  Also again we would like to invite anyone  with interest or
> >>>>experience with cryptography to join our  Cryptography Team
> >>>>athttp://lists.squeakfoundation.org/mailman/ listinfo/cryptography .
> >>>>
> >>>>
> >>>>
> >>>>Thanks and enjoy,
> >>>>
> >>>>
> >>>>
> >>>>Ron Teitelbaum
> >>>>
> >>>>President / Principal Software Engineer
> >>>>
> >>>>US Medical Record Specialists
> >>>>
> >>>>www.USMedRec.com
> >>>>
> >>>>[hidden email]
> >>>>
> >>>>Squeak Cryptography Team Leader
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
>
>
>



Reply | Threaded
Open this post in threaded view
|

RE: [ANN] Working SSL In Squeak

J J-6
>From: "Ron Teitelbaum" <[hidden email]>
>Reply-To: [hidden email], The general-purpose Squeak developers
>list<[hidden email]>
>To: "'The general-purpose Squeak developers
>list'"<[hidden email]>
>Subject: RE: [ANN] Working SSL In Squeak
>Date: Mon, 2 Oct 2006 15:19:04 -0400
>
>Hi J J,
>
>Just to be clear, most of the components that were used for SSL already
>existed in squeak Cryptography.  It was because of all the work from others
>in creating all the cryptography code that we were able to even attempt to
>put it all together into the SSL protocol.
>

Still extremely impressive.  I'm very exited actually.  Feels like the loose
ends are getting cleaned up and something big is taking shape.

>Also I must agree with you Rob did a wonderful job getting it all working.
>His work is really clean and the implementation is beautiful.  Keep in mind
>this is a first pass, there is much to do to round it out to make it
>production quality.
>

Few things I like better then beutiful code in an eligant language.

>Thank you everyone that has participated in Squeak Cryptography and again
>if
>anyone would like to join there are a number of projects we are working on,
>including:
>
>KomServer SSL integration

What about the HTTP stream class?  Is that involved here?  I have heard
several people mention that that class (or subsystem or whatever it is) is
really bad.

>OpenSSL integration (may be handled with LibCurl)

What is the difference in this and what you have?  OpenSSL is just a library
right?  And so that would make what you did kind of a competitor to it, no
(well you know what I mean, filling the same space)?

>ASN1 framework for additional protocol support.

I had intended myself to make an SNMP class for squeak when (if) I ever get
unburried.  Should I wait for this (assuming I will have a choice :)?

Also, where is the source for that DLL?  I looked around for it, but
couldn't find it.  At some point someone should take a crack at moving that
native.



Reply | Threaded
Open this post in threaded view
|

RE: [ANN] Working SSL In Squeak

Ron Teitelbaum

> From: J J
> Sent: Monday, October 02, 2006 3:28 PM
>
> >From: "Ron Teitelbaum" <[hidden email]>
> >Reply-To: [hidden email], The general-purpose Squeak developers
> >
> >Hi J J,
> >
> >Thank you everyone that has participated in Squeak Cryptography and again
> >if
> >anyone would like to join there are a number of projects we are working
> on,
> >including:
> >
> >KomServer SSL integration
>
> What about the HTTP stream class?  Is that involved here?  I have heard
> several people mention that that class (or subsystem or whatever it is) is
> really bad.

The code does use the HTTP classes.  I crated an HttpsAdapter to handle the
translation before invoking the regular http classes.  The protocol stream
that Rob created (I believe for SqueakELib) is really nice and may be a good
replacement for parts of HTTP but I have no intention of replacing it now
(any volunteers?)

>
> >OpenSSL integration (may be handled with LibCurl)
>
> What is the difference in this and what you have?  OpenSSL is just a
> library
> right?  And so that would make what you did kind of a competitor to it, no
> (well you know what I mean, filling the same space)?

I'm not a fan of implementations, for me the more we support the more likely
people will use it.  For those that need fine control over SSL a Squeak
internal version is very useful.  For those that need to work with a
standard library the OpenSSL may be good, for those that need to work with
Governments then possibly MS CryptoAPI would be better.  In any case one
size does not always fit all.

>
> >ASN1 framework for additional protocol support.
>
> I had intended myself to make an SNMP class for squeak when (if) I ever
> get
> unburried.  Should I wait for this (assuming I will have a choice :)?

If you have an interest in SNMP then come and help us build the ASN1
framework.  You will learn lots about data transfer.  If you use our asn1
for SNMP then you can help to enhance our framework and make sure that what
we deliver works for your purposes.

>
> Also, where is the source for that DLL?  I looked around for it, but
> couldn't find it.  At some point someone should take a crack at moving
> that
> native.
>
>

The source is in Cryptography.  You will need to load VM Maker first before
loading up the Des classes.

Ron Teitelbaum
Squeak Cryptography Team Leader


Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Hans-Martin Mosner
In reply to this post by Rob Withers
Robert Withers schrieb:
> Hi Stef,
>
> The DESPlugin implements the DES cryptography algorithm, which has
> basically two parts.  Key preparation, which DES calls "cooking the
> key", and transformation, where it takes the cooked key and the input
> block and encrypts it or decrypts it.  I have always wished that there
> were an in-image implementation so that the plugin isn't required when
> doing DES, but it hasn't happened yet.  Something to work on,
> perhaps.  Note that I didn't write it, I am only a user.
The in-image implementation existed as part of my OpenPGP efforts, and
I've now ported it to the Cryptography framework.
Load the MC packages CryptographyBase-hmm.18 and Cryptography-DES-hmm.3
to use it.

BTW, the SSL example workspace assumes that #asURL is able to create a
HttpsUrl. But that ain't so. Looking at the #asUrl code, I saw that at
least in 3.8.1 this is not written with extensions in mind. Does 3.9
have a more extensible method there? (I'm too tired to look myself right
now).

Cheers,
Hans-Martin

Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Rob Withers
Hi,

On Oct 2, 2006, at 2:20 PM, Hans-Martin Mosner wrote:

> The in-image implementation existed as part of my OpenPGP efforts, and
> I've now ported it to the Cryptography framework.
> Load the MC packages CryptographyBase-hmm.18 and Cryptography-DES-
> hmm.3
> to use it.

I tested it too, with SSL, and it works great!  Thanks!  No plugin  
needed, now.


> BTW, the SSL example workspace assumes that #asURL is able to create a
> HttpsUrl. But that ain't so. Looking at the #asUrl code, I saw that at
> least in 3.8.1 this is not written with extensions in mind. Does 3.9
> have a more extensible method there? (I'm too tired to look myself  
> right
> now).

In the Cryptography-SSL Extensions, I overwrote Url  
class>>#urlClassForScheme: to include 'https' mapped to the new  
HttpsUrl class.  This only works if you have SSL loaded, of course.

I also added HierarchicalUrl>>#= and changed HTTPSocket  
class>>#expandUrl:ip:port: to provide an ability to HttpsSocket to  
redirect and also to detect infinite redirections, which I  
experienced on one of my test urls.  Unfortunately, I could not  
update HTTPSocket class>>#httpGetDocument:args:accept:request: to  
take advantage.  It loses the value of CrLf, for some reason.  I only  
barely added support to the HttpsSocket, so these things will change,  
I'm sure.

Cheers,
Robert


Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

J J-6
So, the order is now:

CryptographyBase
Cryptography-Core
Cryptography-DES
Cryptography-DSA
Cryptography-ElGamal
Cryptography-RSA
Cryptography-SHA1
Cryptography-RC4
Cryptography-MD5
Cryptography-ASN1
Cryptography-X509
Cryptography-SSL
Cryptography-DES

Right?  Or do you have to do something with versions (like download one
version of base, then a different one later)?

>From: Robert Withers <[hidden email]>
>Reply-To: The general-purpose Squeak developers
>list<[hidden email]>
>To: The general-purpose Squeak developers
>list<[hidden email]>
>CC: Cryptography Team Development
>List<[hidden email]>
>Subject: Re: [ANN] Working SSL In Squeak
>Date: Mon, 2 Oct 2006 15:07:39 -0700
>
>Hi,
>
>On Oct 2, 2006, at 2:20 PM, Hans-Martin Mosner wrote:
>
>>The in-image implementation existed as part of my OpenPGP efforts, and
>>I've now ported it to the Cryptography framework.
>>Load the MC packages CryptographyBase-hmm.18 and Cryptography-DES- hmm.3
>>to use it.
>
>I tested it too, with SSL, and it works great!  Thanks!  No plugin  needed,
>now.
>
>
>>BTW, the SSL example workspace assumes that #asURL is able to create a
>>HttpsUrl. But that ain't so. Looking at the #asUrl code, I saw that at
>>least in 3.8.1 this is not written with extensions in mind. Does 3.9
>>have a more extensible method there? (I'm too tired to look myself  right
>>now).
>
>In the Cryptography-SSL Extensions, I overwrote Url  
>class>>#urlClassForScheme: to include 'https' mapped to the new  HttpsUrl
>class.  This only works if you have SSL loaded, of course.
>
>I also added HierarchicalUrl>>#= and changed HTTPSocket  
>class>>#expandUrl:ip:port: to provide an ability to HttpsSocket to  
>redirect and also to detect infinite redirections, which I  experienced on
>one of my test urls.  Unfortunately, I could not  update HTTPSocket
>class>>#httpGetDocument:args:accept:request: to  take advantage.  It loses
>the value of CrLf, for some reason.  I only  barely added support to the
>HttpsSocket, so these things will change,  I'm sure.
>
>Cheers,
>Robert
>
>



Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Ramiro Diaz Trepat
In reply to this post by Rob Withers
I want to thank everyone how worked on this project.
I think it's going to be great for the community.
Cheers to you !


On 10/2/06, Robert Withers <[hidden email]> wrote:

> Hi,
>
> On Oct 2, 2006, at 2:20 PM, Hans-Martin Mosner wrote:
>
> > The in-image implementation existed as part of my OpenPGP efforts, and
> > I've now ported it to the Cryptography framework.
> > Load the MC packages CryptographyBase-hmm.18 and Cryptography-DES-
> > hmm.3
> > to use it.
>
> I tested it too, with SSL, and it works great!  Thanks!  No plugin
> needed, now.
>
>
> > BTW, the SSL example workspace assumes that #asURL is able to create a
> > HttpsUrl. But that ain't so. Looking at the #asUrl code, I saw that at
> > least in 3.8.1 this is not written with extensions in mind. Does 3.9
> > have a more extensible method there? (I'm too tired to look myself
> > right
> > now).
>
> In the Cryptography-SSL Extensions, I overwrote Url
> class>>#urlClassForScheme: to include 'https' mapped to the new
> HttpsUrl class.  This only works if you have SSL loaded, of course.
>
> I also added HierarchicalUrl>>#= and changed HTTPSocket
> class>>#expandUrl:ip:port: to provide an ability to HttpsSocket to
> redirect and also to detect infinite redirections, which I
> experienced on one of my test urls.  Unfortunately, I could not
> update HTTPSocket class>>#httpGetDocument:args:accept:request: to
> take advantage.  It loses the value of CrLf, for some reason.  I only
> barely added support to the HttpsSocket, so these things will change,
> I'm sure.
>
> Cheers,
> Robert
>
>
>

Reply | Threaded
Open this post in threaded view
|

RE: [ANN] Working SSL In Squeak

Ron Teitelbaum
In reply to this post by J J-6
J J,

Actually order can be a problem.  What the configuration files do is:

Cryptography-Core
Cryptography-SHA1
Cryptography-MD5
Cryptography-DES
Cryptography-SHA256
CryptographyBase
Cryptography-ElGamal
Cryptography-RSA
Cryptography-Rijndael
Cryptography-ASN1
Cryptography-RC4
Cryptography-DSA
Cryptography-X509
Cryptography-SSL

The real issue is you should load SHA1 and MD5 before you load
CryptographyBase.  

Ron Teitelbaum


> From: J J
> Sent: Monday, October 02, 2006 11:58 PM
>
> So, the order is now:
>
> CryptographyBase
> Cryptography-Core
> Cryptography-DES
> Cryptography-DSA
> Cryptography-ElGamal
> Cryptography-RSA
> Cryptography-SHA1
> Cryptography-RC4
> Cryptography-MD5
> Cryptography-ASN1
> Cryptography-X509
> Cryptography-SSL
> Cryptography-DES
>
> Right?  Or do you have to do something with versions (like download one
> version of base, then a different one later)?
>
> >From: Robert Withers <[hidden email]>
> >
> >Hi,
> >
> >On Oct 2, 2006, at 2:20 PM, Hans-Martin Mosner wrote:
> >
> >>The in-image implementation existed as part of my OpenPGP efforts, and
> >>I've now ported it to the Cryptography framework.
> >>Load the MC packages CryptographyBase-hmm.18 and Cryptography-DES- hmm.3
> >>to use it.
> >
> >I tested it too, with SSL, and it works great!  Thanks!  No plugin
> needed,
> >now.
> >
> >
> >>BTW, the SSL example workspace assumes that #asURL is able to create a
> >>HttpsUrl. But that ain't so. Looking at the #asUrl code, I saw that at
> >>least in 3.8.1 this is not written with extensions in mind. Does 3.9
> >>have a more extensible method there? (I'm too tired to look myself
> right
> >>now).
> >
> >In the Cryptography-SSL Extensions, I overwrote Url
> >class>>#urlClassForScheme: to include 'https' mapped to the new  HttpsUrl
> >class.  This only works if you have SSL loaded, of course.
> >
> >I also added HierarchicalUrl>>#= and changed HTTPSocket
> >class>>#expandUrl:ip:port: to provide an ability to HttpsSocket to
> >redirect and also to detect infinite redirections, which I  experienced
> on
> >one of my test urls.  Unfortunately, I could not  update HTTPSocket
> >class>>#httpGetDocument:args:accept:request: to  take advantage.  It
> loses
> >the value of CrLf, for some reason.  I only  barely added support to the
> >HttpsSocket, so these things will change,  I'm sure.
> >
> >Cheers,
> >Robert
> >
> >
>
>



Reply | Threaded
Open this post in threaded view
|

Collections questions

J J-6
Hello all,

I was going through the collections today and I noticed something I was
currious about.

1.  Why doesn't sorted collection over-ride any of the search messages (e.g.
occuranceOf:)?  Since the data is sorted, I would think it would have a
chance for a more efficient search.

2.  Is there a better way then making a message "select:upTo:"?  In an
application I am writting, I provide an interface to a collection (of dates)
and one of the things you can do is ask for "nextDates: aNumber".  The most
efficient way to impliment this, since my collection is ordered, would be if
I could go:

MyClass>>nextDates: aNumber
  ^ dates select: [ "some test" ] upTo: aNumber

Before I impliment this myself: is there some way that people do this
normally, and that's why no one has implimented this yet?



Reply | Threaded
Open this post in threaded view
|

Re: Collections questions

tblanchard
Really?  Its not a binary search?  Seems like it should be.

-Todd Blanchard

On Tuesday, October 03, 2006, at 10:54AM, J J <[hidden email]> wrote:

>Hello all,
>
>I was going through the collections today and I noticed something I was
>currious about.
>
>1.  Why doesn't sorted collection over-ride any of the search messages (e.g.
>occuranceOf:)?  Since the data is sorted, I would think it would have a
>chance for a more efficient search.
>
>2.  Is there a better way then making a message "select:upTo:"?  In an
>application I am writting, I provide an interface to a collection (of dates)
>and one of the things you can do is ask for "nextDates: aNumber".  The most
>efficient way to impliment this, since my collection is ordered, would be if
>I could go:
>
>MyClass>>nextDates: aNumber
>  ^ dates select: [ "some test" ] upTo: aNumber
>
>Before I impliment this myself: is there some way that people do this
>normally, and that's why no one has implimented this yet?
>
>
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Collections questions

J J-6
>From: Todd Blanchard <[hidden email]>
>Reply-To: The general-purpose Squeak developers
>list<[hidden email]>
>To: [hidden email]
>Subject: Re: Collections questions
>Date: Tue, 03 Oct 2006 11:51:19 -0700
>
>Really?  Its not a binary search?  Seems like it should be.

That's what I would have thought.  But I didn't see any overrides in
SortedCollection or below it.  And above that you can't do a binary search
since your data probably isn't sorted.

>
>-Todd Blanchard
>



Reply | Threaded
Open this post in threaded view
|

Re: Collections questions

Boris.Gaertner

 "J J" <[hidden email]> wrote:


> >From: Todd Blanchard <[hidden email]>
> >Reply-To: The general-purpose Squeak developers
> >list<[hidden email]>
> >To: [hidden email]
> >Subject: Re: Collections questions
> >Date: Tue, 03 Oct 2006 11:51:19 -0700
> >
> >Really?  Its not a binary search?  Seems like it should be.
>
> That's what I would have thought.  But I didn't see any overrides in
> SortedCollection or below it.  And above that you can't do a binary search
> since your data probably isn't sorted.
>
For an application where I need fast element removal, I
added the method that you find in the attached changes set.
That worked quite fine for me.

Perhaps we should look more closely into that issue.

Greetings.
Boris



SortedCollection.1.zip (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Working SSL In Squeak

Lex Spoon
In reply to this post by Rob Withers
Robert Withers <[hidden email]> writes:
> I tried to add support for a POST command, but I couldn't really test
> it because I couldn't find a WebBrowser.  Do we still have one?  I
> wanted to do my online banking in squeak! :-)

It's called Scamper.  It does not seem to work in 3.9, though, because
a class named "WebPageMorph" is missing.

If your code is loadable in 3.7, you could develop in that version.
There is a package-universes release of 3.7, and its version of
Scamper works fine.

    http://minnow.cc.gatech.edu/squeak/3835


-Lex


12