[Pharo-project] SSL/HTTPS -SecureSocketStream/SSLSessionforPharo/Squeak and otherSmalltalk implementations
reefedjib at gmail.com
Mon May 16 06:23:26 CEST 2011
Stéphane, Sven and friends,
I created a fork project called CryptoPharo on squeaksource.com. I added
Stéphane and Sven as admins. So, connect to:
I pulled the base Cryptography package, and made a few fixes...the SSL
package, and tried to get it running...and copied the CryptoPlugins without
loading it. The mouse clicks were real jumpy and it automatically copied
some versions to PharoInbox, I believe, totally out of my control.
I don't have a lot of time to offer, unfortunately, as I am quite busy with
other things in my life like rebuilding a 240z. I will see if I can take
another look at it later this week, but it would be best if you guys can
take the initiative and own it.
Below are a few notes I took.
Ported the crypto code over. All tests seem to pass except
#raisedTo:modulo: is god awful slow and so I bailed on the DiffieHellman and
ElGamal tests after a few minutes of thought. The RSA test is a little
slow, but ends up passing within 10s of seconds.
The chain of calls which end up calling #raisedTo:modulo: is ---
HTTPSocket class>>httpGetDocument:args:accept:request: has a problem with:
'' asNumber with this line of code:
port := (serverName copyFrom: index+1 to: serverName size) asNumber.
where serverName = 'https:' and index = 6
Note: this is using HTTPSocket rather than HttpsSocket due to the string
conversion to a Url subclass resolving to HttpUrl, rather than HttpsUrl.
Initial port of SSL to CryptoPharo. Fixed hex issue with CipherSuite.
Problems remain, with testCertStore (setting up private key is referencing
RSAKey, which is gone and is using a call: #exponent:modulo: that is a
RSAPublicKey thing and not a RSAPrivateKey thing) and with sending and
getting data, but the Socket is reaching a connected state, so the handshake
seems to be working. Not sure how given the perf issues with DiffieHellman.
Actually, I did get a BAD REQUEST response, so data is flowing over the
Try: SSLSocket newConnection: 'www.cacert.org' port: 443 and check for
connected (isConnected), then send: a command and receive a response.
More information about the Pharo-project