profile
viewpoint
Henry Story bblfish bblfish.net Germany http://bblfish.net/people/henry/card#me Working on secure decentralised social networks and apps based on Linked Data technology. Solid.

bblfish/foafssl-java 13

FOAF+SSL Java libraries

bblfish/clerezza 7

Mirror of Apache Clerezza

bblfish/keygenapp 7

Utilities and WebApp for certificate creation within a browser, for FOAF+SSL

bblfish/java-rdfa 5

RDFa Parser for java

bblfish/authentication-panel 3

https://github.com/solid/process/blob/master/panels.md#authentication-panel

bblfish/LauncherApp 2

An App to Launch Other Apps

bblfish/akka.http.model.Uri 1

port of akka/spray's Uri class to Scala.js

bblfish/alternative-internet 1

A collection of interesting new networks and tech aiming at decentralisation (in some form).

bblfish/banana-play 1

porting banana to dotty

bblfish/banana-rdf 1

Banana RDF

push eventbblfish/httpSig

Henry Story

commit sha 8767e9483503097320492ca5c3b1a204bf2d3953

http4s selectors, tests, consolidate code

view details

push time in a day

issue openedlinkeddata/dokieli

Dokieli + HTTP Sig

HTTP Sig is a very efficient way to authenticate a client. It was initially implemented for Reactive-Solid but the library is now being exported to the httpSig repo so that it can be generalised and used by Java, JS and node.JS environments.

It is getting close to being testable in clients. So I am looking for Solid clients that could help guide the development of the library. Dokieli seems a good candidate :-)

created time in 2 days

push eventbblfish/httpSig

Henry Story

commit sha 858a28159148da20cfe1c9faafd3e79bae09b844

Signature header and tests + fixes elsewhere

view details

push time in 2 days

push eventbblfish/httpSig

Henry Story

commit sha 6563c9ec3e8b7da9b8ed48a0094126a7e631dc60

http4s `Signature-Input` header support with tests

view details

push time in 3 days

push eventbblfish/httpSig

Henry Story

commit sha 30fa60df22c7997af49c2296de4ed9b54d1e7c2d

Thanks given to nlnet

view details

push time in 5 days

issue openedbblfish/httpSig

scala native?

The current implementation of "Signing HTTP Messages" can compile to Java Byte Code and Java Script.

It could potentially also compile to native. I have never used the Scala Native compiler yet.

Perhaps this could be useful to folks like @TallTed or @kidehen as they have implementations that compile to native? @ekrich is working on the Scala-Native compiler. Could it make sense to produce DLLs for software like that?
I guess that is still a bit of a stretch.

created time in 5 days

issue commentsolid/specification

All new headers should be RFC8941 Structured Field Values

I have moved my implementation of the RFC8941 parser to it's own project in httpSig. It is write-in Scala and compiles to the JVM and to JS. (still working on pieces there).

bblfish

comment created time in 5 days

issue commentsolid/authentication-panel

Use HTTP-Signature instead of WebID-RSA

I now have the tests working for Signing Http Messages 07 having implemented most of it. The implementation is available in the httpSig repo. Currently it works with JVM based Akka. I going to try to get it to work for http4s next so I can use it in the the browser with JS - and it could also be made to work on nodejs.

My EU finding is coming to an end, so if anyone has real needs for other implementations this is the best time to contact me.

bblfish

comment created time in 5 days

issue commentw3c-ccg/http-signatures

HTTP Signatures for Solid

I now have the tests working for Signing Http Messages 07 having implemented most of it. The implementation is available in the httpSig repo. Currently it works with JVM based Akka. I going to try to get it to work for http4s next so I can use it in the the browser with JS - and it could also be made to work on nodejs.

My EU finding is coming to an end, so if anyone has real needs for other implementations this is the best time to contact me.

bblfish

comment created time in 5 days

issue commenttomitribe/http-signatures-java

Update to version 04 of Signing HTTP Messages

I now have the tests working for Signing Http Messages 07 working having implemented most of it. The implementation is available here httpSig. Currently it works with Akka. I going to try to get it to work for http4s next for the client.

But my EU finding is coming to an end, so if anyone has real needs for other implementations this is the best time to contact me.

bblfish

comment created time in 5 days

push eventbblfish/httpSig

Henry Story

commit sha 7abc6da52d661532df518d8aad0ef7f259fb14fe

update README.md

view details

push time in 5 days

issue openedbblfish/httpSig

implement "sf" annotation

I am a bit in a hurry, so I just want to document that the ;sf annotation discussed in 2.1.1. Canonicalized Structured HTTP Fields needs to be implemented.

"x-dictionary": a=1,    b=2;x=1;y=2,   c=(a   b   c)
"x-dictionary";sf: a=1, b=2;x=1;y=2, c=(a b c)

created time in 5 days

issue openedakka/alpakka

AWS Signature and IETF "Signing HTTP Messages"

Short description

AWS have a method of signing HTTP Requests AWS Sigv4 which has now been taken up by the IETF and is being standardised by the HTTPBis WG as Signing HTTP Messages which is now at version 7. One of the editors there is @richanna from AWS. I mentioned this here as it comes up in a number of issues [#98 Implement Amazon's Request-signing Test Suite] so I guess the old standard is being used in some of the Akka projects.

I have implemented this for Akka in the bblfish/httpSig repository as part of an EU project Solid Control which is ending soon.

If anyone here has a need for the new standard please let me know, as it is fresh in my mind right now. Having more users would help make the right design decisions.

created time in 5 days

issue commentakka/akka-http

Allow HttpRequest entity content-type without parameters.

I think AWS-Signature is now the IETF HTTP-Bis spec "Signing Http Messages" which is at version 07. I have an implementation of that here for Akka. https://github.com/bblfish/httpSig

devsprint

comment created time in 5 days

issue commentakka/akka-http

RFC 8941 Structured Field Values for HTTP

The code for RFC8941 is now in its own repository here with an implementation of "Signing HTTP Messages" v0.7 for Akka https://github.com/bblfish/httpSig

bblfish

comment created time in 5 days

push eventbblfish/httpSig

Henry Story

commit sha f0a4b2f72e2d9bc99a50ed4e3585dbdb9a79de43

Added support for new request-response feature

view details

push time in 5 days

push eventbblfish/httpSig

Henry Story

commit sha 235b145d311d539dde68b286c897000e8a00b4e5

added tests for all §2.2.x section

view details

push time in 7 days

push eventbblfish/httpSig

Henry Story

commit sha 99955bdb52f6486bba01b8c66bc3b6e0adc0a2e5

keyId optional, new tests, exception refactoring

view details

push time in 7 days

issue commenthttpwg/http-extensions

Signatures: 2.1.2. HTTP Field Examples broken

Ah, yes. I see "sf parameter" now! Ok, I will try to implement that too :-)

bblfish

comment created time in 8 days

push eventbblfish/httpSig

Henry Story

commit sha 4dc1cac4e292be67729076f958ca407c9759bbce

add header selectors for 07. remove validation.

view details

push time in 8 days

push eventbblfish/httpSig

Henry Story

commit sha 6b837b9e4616974adf8b93570118e860117a95a0

add key support for Dictionary type headers

view details

push time in 10 days

issue openedbblfish/httpSig

fill out test suite for Rfc8941

There are tests, but I think there may be official tests that could be used to hunt down all the corner cases.

created time in 10 days

issue commenthttpwg/http-extensions

Signatures: 2.1.2. HTTP Field Examples broken

sf should be sv

That does not help much :-) I can't find any definition of what sv means. Do you mean it should be ;key="sv" or something like that? I can only find examples using key="..." such as this nice one

Signature-Input: sig1=("@method" "@path" "@authority" \
    "cache-control" "x-empty-header" "x-example")\
    ;created=1618884475;keyid="test-key-rsa-pss", \
  proxy_sig=("signature";key="sig1" "forwarded")\
    ;created=1618884480;keyid="test-key-rsa";alg="rsa-v1_5-sha256"
bblfish

comment created time in 10 days

issue commenthttpwg/http-extensions

Add Ed25519 support: algorithm definition and examples

I got @jricher's first signature above to work in Java with this commit: https://github.com/typelevel/bobcats/pull/48/commits/4ffd678b99e699f4cbba62cfa8cae3a22b587fee#diff-761b3ea7aacf5fe09f926c3c452989e6094f6f33353cc550e029692fe9a6b588

That did not require me to set any hash.

msporny

comment created time in 11 days

pull request commenttypelevel/bobcats

Initial Asymmetric Key support

The last commit adds only support for Java for Ed25519 as discussed in issue https://github.com/typelevel/bobcats/issues/58 It can be removed later if needed. I just wanted to see how far it works and point the HTTP-WG team to a commit.

bblfish

comment created time in 11 days

push eventbblfish/bobcats

Henry Story

commit sha 4ffd678b99e699f4cbba62cfa8cae3a22b587fee

add only Java Support for ed25519

view details

push time in 11 days

issue commenttypelevel/bobcats

Add Ed25519 support

I think the example is useful though in so far as it indicates that we should perhaps work on making the system more open, so that it is easy to add new algorithms.

This would argue against for example having the algorithms being sealed.

I could see for example that someone would wish to add Ed25519 support for themselves using their trusted library.

Btw. Is it available in the Ed25519 node.js crypto API?

bblfish

comment created time in 11 days

issue commenttypelevel/bobcats

Add Ed25519 support

I did some research to see what would be needed. It looks like Java support comes out of the box, but there is no support in browsers. I can't tell for NodeJS. Here's what I found:

In Java we have:

In the JavaScript Web Crypto API I found a proposal to Support Curve25519 in WebCrypto from Feb 2020. I found an issue in Chrome's Blink-dev Intent to Prototype: Curve25519 in Web Cryptography which linked to an issue Feature: Curve25519 in Web Cryptography. Both seem to say that there is no built in implementation in Browsers. People have been building their own implementations in JS.

bblfish

comment created time in 11 days

issue openedtypelevel/bobcats

Add Ed25519 support

The HTTPbis WG's Signing HTTP Messages RFC team have been looking to add support for Ed25519.

created time in 11 days

issue commenthttpwg/http-extensions

Add Ed25519 support: algorithm definition and examples

In Java I found the following:

In the Java Web Crypto API I found a proposal to Support Curve25519 in WebCrypto from Feb 2020. I found an issue in Chrome's Blink-dev Intent to Prototype: Curve25519 in Web Cryptography which linked to an issue Feature: Curve25519 in Web Cryptography. Both seem to say that there is no built in implementation in Browsers. People have been building their own implementations in JS.

There are implementations such as noble-ed25519 aimed at node.js. But I can't tell which are well built, or not. So that means that on the JS side there is quite a lot of work to do.

So that is something to keep in mind when developing bobcats PR 48...

msporny

comment created time in 11 days

more