I looked at a few different crypto libraries in C++. The most extensive and well maintained general purpose libraries seem to be GNU Crypto and Crypto++. I decided to use Crypto++ because it is a modern and well maintained library. Three previous versions of Crypto++ have meet the FIPS 140-2 level 1 requirements, which suggests that there isn't any obvious security issues. It also has an extremely wide variety of algorithms with a consistent interface that makes them easily interchangeable. Crypto++ makes it easy to handle function composition using data pipelining which makes it easy to encode, decode, pad, and perform other transformations on the data before it is run into the encryption function. It also has native support for secure random number generation and key handling.
The main focus this week was to familiarize myself with Crypto++, and then building a sensible API and command line interface around it. My goal was to minimize dependencies between different parts of the program and to make the control flow as easy to follow as possible. I've nearly finished implementing an early iteration of the code base, the last few pieces of functionality left to implement are as follows:
- Encoding the control information for encrypted documents
- Public key and group key handling
- Sending the processed document to the server
Similarly to the rest of the implementation, these things cannot be completed until there is a formal specification for Gnocchi. However, I am planning on writing an example implementation so that when the specification is ready it will be easy to edit and extend the example code.
Here is an example input, signed output, and encrypted signed output. In the signed document, the control part contains the signature of the input encoded in Base64. In the encrypted document, the control information is just the AES key encoded in Base64, this is just a placeholder for the real functionality.
Here is an example input, signed output, and encrypted signed output. In the signed document, the control part contains the signature of the input encoded in Base64. In the encrypted document, the control information is just the AES key encoded in Base64, this is just a placeholder for the real functionality.
The Gnocchi Publisher should be able to work with any document store, which means allowing arbitrary file upload formats. I was thinking about something like having downloadable configuration files that specify how to authenticate a user and the format of the upload request. The configuration files could be stored by domain, e.g. (facebook.com, google.com, mail.google.com), where the most specific domain is used. The server should be able to store the Gnocchi documents however it wants to, and neither the Gnocchi publisher nor browser extension shouldn't need to know anything about how the server works.
However the key handling server gets implemented, I think we should create an easy to use tool that allows users to create their own key store servers very simply. There should be a one command tool that allows users to create their own key handling server and start it on a free PaaS (platform as a service) or their own server. Some ways to distribute the server code are:
No comments:
Post a Comment