Musings about Coding, Business and other Geek Stuff Live and Direct from somewhere on the planet
September 20, 2006
Crypto on Rails presentation

I gave a talk last night at Copenhagen.rb about EzCrypto. The meeting was great and very informative with Ruby celebs like DHH and David Black present.

My talk Hide your (users) tracks was I think pretty well received. There were many great questions afterwards.

The gist of the presentation is:

  • As an Application service provider YOU are one of the biggest threats to your users. I’ve written more indepth about this in Trust points and Breach points in Web Apps
  • Basic usage of EzCrypto
  • Basic usage of ActiveCrypto

EzCrypto has really been developing quite a lot over the summer. If you haven’t looked at it for a while take a look. It now includes support for Digital Signatures and Certificates.

Posted by pelleb at 04:53 AM | Comments (0) | TrackBack (0)
September 13, 2006
The new iPod games are very cool

I am quite enjoying the new iTunes 7 and the new iPod games. I’ve bought Texas Holdem and Mahjong.

Both are pretty good, but in particular the Texas Holdem game is cool. I’ve never played it on a desktop before so I’m comparing it against a Java version I have on my phone. I haven’t explored it yet, but I’m wondering if there is a way to keep listening to your own music while playing it.

Posted by pelleb at 07:01 AM | Comments (0) | TrackBack (0)
August 09, 2006
EzCrypto now released with signature support

This should be coming along into gem within the next hour. I am now happy to release 0.6 of EzCrypto which has support for Digital Signatures and Certificates.

This release has been made to support Tractis a new Ruby on Rails application for colaborative writing and negotiation of contracts.

Posted by pelleb at 04:47 PM | Comments (0) | TrackBack (0)
August 01, 2006
EzCrypto now has support for x509 certs

I have wrapper functions for a good deal of the OpenSSL pki code right now.

   cert=EzCrypto::Verifier.from_file "testsigner.cert"
    assert_equal cert.email,"pelleb@gmail.com"
    assert_equal cert.country,"DK"
    assert_equal cert.state,"Denmark"
    assert_equal cert.locality,"Copenhagen"
    assert_equal cert.organisational_unit,"testing"
    assert_equal cert.organisation,"EzCrypto Test Certificate"
    assert_equal cert.organizational_unit,"testing"
    assert_equal cert.organization,"EzCrypto Test Certificate"
    assert_equal cert.name,"EzCrypto Testing"
    assert_equal cert.common_name,"EzCrypto Testing"

Trust stores are supported:

    trust=EzCrypto::TrustStore.new
    valicert=EzCrypto::Verifier.from_file "valicert_class2_root.crt"
    starfield=EzCrypto::Verifier.from_file "sf_issuing.crt"
    wideword=EzCrypto::Verifier.from_file "wideword.net.cert"
    trust.add valicert    
    trust.add starfield
    assert trust.verify(wideword)

Still missing are CRLs and OCSP.

If you want to play with it before release get it from:

svn://rubyforge.org//var/svn/ezcrypto/trunk/ezcrypto

Posted by pelleb at 02:43 PM | Comments (0) | TrackBack (0)
July 26, 2006
New early signature support in EzCrypto

I’ve started implementing Digital Signature support in EzCrypto. It is pretty early stage yet but my proof of concept unit tests are working.

The aim is to have 2 easy to use classses:

  • Signer
  • Verifier

They both will have a few simple static methods like in EzCrypto for generation and loading of Private/Public keys. Otherwise Signer has a sign(data) method and Verifier a verify(sig,data) method. All the other stuff such as certificates and whatever I aim to hide within the code.

A sample of code would be:

signer=EzCrypto::Signer.from_file "testsigner.pem"
sig=signer.sign "I promise to obey this"
verifier=signer.verifier
assert sig.verify sig, "I promise to obey this"

Keep an eye on this space for more.

Posted by pelleb at 02:09 PM | Comments (0) | TrackBack (0)
July 20, 2006
New EzCrypt release 0.5

I just released EzCrypto 0.5. It’s available as a ruby gem, just type gem install ezcrypto to install it.

From a user standpoint there really shouldn’t be much difference as I’ve been pretty strict on keeping the api the same. However the internals of ActiveCrypto have had some pretty heavy refactoring to make some things cleaner in preparation for the up and coming release of the act_as_capability Rails plugin.

There is nothing there yet as I am learning about generators right now. I will probably start checking things into svn when I get back from a couple of days vacation to Las Perlas (of Survivor fame).

This plugin is extracted from WideWord and will allow you to create your own Secure URL (Capability in security researcher parlance) based services in Rails just like WideWord and WideBlog.

Posted by pelleb at 02:37 AM | Comments (0) | TrackBack (0)
June 29, 2006
Rails, Queues and Mongrel?

After having been through some major Java and MQ Series root canal surgery in the last few days, I’m thinking that while MQ (an IBM product) really is ridiculously evil the queue type system is fairly useful in itself.

Then in a mid meeting psychosis day dream state I realized that it wouldn’t be particularly hard to at least rustle up a quick rest based Queue framework in Ruby. I’m thinking Camping on Mongrel would be particularly suitable for this. Think REST and ActiveResource as the API.

Should not take too long to develop. The big question is if there really is a need for a Queueing based system for Rubyistas?

Posted by pelleb at 03:36 AM | Comments (7) | TrackBack (0)