Re: [GNU Crypto] More keyrings, PBE.

[Raif S. Naffah]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

On Tue, 21 Oct 2003 09:12 pm, Casey Marshall wrote:
> >>>>> "Raif" == Raif S Naffah <address@hidden> writes:
> Raif> On Thu, 2 Oct 2003 01:59 pm, Casey Marshall wrote:
> >> ...  Also new is a KeyStore adapter for GNU keyrings, and I have
> >> been able to use `keytool' to read a public keyring. Attached is
> >> an example public keyring with the same contents as the `cacerts'
> >> file distributed with the JDK.
>
> Raif> i tried running the keytool on the attached file but i get:
>
> Raif> $ keytool -list -keystore ~/cacerts.gkr keytool error:
> Raif> java.io.IOException: Invalid keystore format
>
> Raif> am i missing something?
>
> ...
> Also don't forget that the basic structure of the keyrings will be
> changing slightly, so that file will be obsolete soon anyway.

ok.  in the meantime, i'll start writing some skeleton code for those 
tests.


> Raif> i'm asking because i'd like to start adding some test cases for
> Raif> the keyring as part of the upcoming release.
>
> What is your estimated release schedule for 2.0? I'd like to know so
> I can finish the keyring stuff in time.

i'd like to have full implementation of the keyring, and as much support 
as possible for Jessie in 2.0; a debian packaging, and may be a gentoo 
one, IMO are enough with all the algos and constructs we added since 
1.1 for a 2.0 release.

if we get the above around the time of the next release of Classpath and 
before the next release of GCJ that would be a bonus.  i say that 
because i keep testing against the GCJ CVS head and so far the library 
compiles (and works) with 3.3.1 and a few-week old 3.4 exp.


> (I'd also like to have Jessie stable by that time, but no promises)

agreed.  see above.


> Raif> also, is there anything we can do to improve usage of the
> Raif> library with Jesse?
>
> The situation I would like best is to have as much crypto code as
> possible in GNU Crypto. As it stands I have implemented in Jessie:
>
>   * Diffie-Hellman (I just need to figure out GNU-Crypto's API to
>     remove this).
>   * Parts of SRP (similar situation as DH).

if you point me to the class(es) that (is supposed to) use these i may 
be able to help.


>   * RSA encryption.

that's already in the library: gnu.crypto.sig.rsa.RSA.  it probably 
needs some refactoring.  i can do that if again you point me to a/the 
client class.

>   * DSS that takes a pre-computed hash.

a reference to a paper or a using class can help me refactor/add this 
code.

>   * MACs and PRNGs that are SSL-specific.

paper/specs?


> One last thing: the javax.security.callback.auth.TextOutputCallback
> class has a method `getStyle', while in the JDK this method is
> apparently called `getMessageType'. Why is this?

Keith and i wrote these more than a year ago when those classes where 
still at proposal stage.  i'll fix soon.


cheers;
rsn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Que du magnifique

iD8DBQE/lY9h+e1AKnsTRiERAxwMAKDyi6R3VFnjCtfAb4wAjO3cGgsSkACdH7C6
EphNlDUbOFlTKpEaLeQeN1U=
=2EzT
-----END PGP SIGNATURE-----