The first thing I worked on is fixing a bug in the group key encryption. On other systems it was throwing an error when generating RSA key pairs. The bug ended up being a small scoping issue that my compiler automatically fixed, but other compilers didn't.
Then I worked on implementing encryption of group keys under each member. This works by encrypting the message once under a random AES-256 key/IV, and then encrypting the AES key under each group members public key. This indirection is necessary because RSA encryption can only handle inputs that are less than the length of the key.
After that I worked on refactoring the publisher code. Since the summer is coming to a close, I want the publisher code to be extremely readable for the next person, whoever that may be. The first goal of my refactor is to have all of the "low level" functionality, such as crypto, formatting, and file access, to be accessed through an abstract base class interface so the implementation can be changed out without changing the code that uses it. This technique also allows tests on the interface to be applied to every implementation of the interface (sub-class) without any extra code. For example, the code could switch from using the OpenSSL API to using the OpenSSL CLI by only changing which implementation of the crypto interface is used, which is only located in one place.
Along with the refactor, I've been adding unit tests to the code base. This is one of the "technical debts" that I've built up over the summer that I need to pay off. However, the nice thing about writing the tests alongside the refactored code, is that I get to use the fancy new abstract base classes to test all implementations of the interface at once.
Lastly, I had to correct a mistake I made with group key encryption. I had incorrectly assumed that the public exponent should be encrypted when distributing the group key to each group member. Therefore, I used a symmetric cipher to encrypt the group key and then encrypt the symmetric key under each members public key, because if you include the public exponent in encrypted part, it is too long for RSA encryption. However, I learned that the public exponent does not need to be encrypted, so the group key state can be directly encrypted under each members public key.
No comments:
Post a Comment