It’s almost the end of my second week, and for the last 4 days I’ve been really frustrated trying to write some crypto code in Javascript. Just now, however, I got the 800-line beast to run successfully, and man, am I happy

A little background here, Weave encrypts data to keep it safe (duh). One of the primary goals of Weave is to ensure security of personal data, so at no point in time is the password ever stored anywhere (except if you ask the Firefox password manager to remember it for you, in which case it is also encrypted, but that’s outside the scope of Weave). The current trunk version of weave simply issues calls to openssl to encrypt the data using RSA. The decryption also happens with calls to openssl, so we don’t care in what format the data is encrypted, we just upload the Base64′ed version of the data to the server.

One of the ideas Chris had, however, was to create a web-based client so that users can access their data even when not using Firefox. And thus, one of the constraints here is that the decryption of the data *must* be done on the client-side, and thereby, entirely in portable Javascript. But that would also mean, that the uploaded encrypted data would have to be in a standard format.

Dan had written a WeaveCrypto component that uses PKCS #12 (not a fun standard, mind you) and DES to encrypt data. DES is the usual Triple-DES algorithm, and PKCS #12 defines how the key and initialization vector for DES can be generated from the password. This encrypted data is then encapsulated in a PKCS #7 format, which stipulates ASN.1 encoding. Well… now you know :roll:

It took me about 2 days to find out which standards the component was actually using, because the encryption was done by 3 simple calls to NSS. GDB to the rescue, I wrote a small console C++ application that linked against NSS and then traced the execution of my executable to see what was going on.

The Javascript decryption code is made of 5 basic parts:

• ASN.1 parser: I didn’t write a real ASN.1 parser, it only understands a particular type of ASN.1 encoding that NSS outputs for the very specific case of PKCS#12-Triple-DES encryption. This portion simply reads out the value of the salt, number of iteration and the encrypted text.
• PKCS 12 Generator: This portion takes the salt and number of iterations to generate a 64 byte key and 8 byte initialization vector.
• DES Decoder: This one takes the initialization vector, key and encrypted text to output a decrypted message.
• SHA-1 Hasher and Base64-Encoder/Decoder: Self-explanatory.

I only wrote the first two parts, but it took a whole week. That says something about the PKCS #12 and ASN.1 standards – like – they’re not meant to be used

Anyway, it was fun while it lasted. Hoping to get started on the next portions of the Weave web-based client. Have a fun weekend everyone, I know I will!

My first day at Mozilla was awesome. After a brief introduction session with Julie, during which I also caught up with Mary (I met her earlier at FOSS.IN, Bangalore) – I was shown the way to the ‘S’ building, which is were the labs people work. There are these cute scooters I’ve never seen before that can be used to ride between buildings ‘K’ and ‘S’ – they’re just too damn fun!

I met with my mentor for the Summer – Dan Mills (thunder) and he got me setup with this really huge monitor and power cables for my laptop. I’m still trying to get used to this OS X extended desktop feature, and it feels a little weird typing on the laptop keyboard but looking at the monitor (I’m not a touch typist, but I can type reasonably well without looking at the keyboard). Then, I met with the other folks at the Labs, a small but amazing group of people. Myk is also working at the Labs, and his desk is right behind me – Yay

Right now, the focus at Labs is to roll out a beta-quality version of Weave. As the Firefox 3 launch approaches, we’d like to make sure Weave 0.2 is ready to use around that time. One of the reasons is that Google Browser Sync isn’t going to upgraded for use with FF3 for an undetermined period of time. I’ve been going through the targeted bugs for 0.2 and am trying to fix as many as I can.

I finally checked-in to my alloted apartment yesterday, and since my roommates aren’t scheduled to arrive until next week, I have the entire place to myself for sometime. I saw an episode of How I met your Mother – hooray now I can watch all my favorite american TV shows at the time of airing (not weeks later, like before)

Ok, so my second day has begun and it’s almost lunch time. The american meal timings are a bit off from what I’m used to because most of their meals are compressed to be during the day, and then there’s a huge gap at night between 8pm and breakfast. I’m going to stock up on some knick-knacks for my midnight cravings.

The 18th of May consisted of 30 hours for me. No, the earth isn’t rotating slower than usual, I’ve just been flying against it’s direction for the whole of today. I flew over 12 countries (India, Pakistan, Afghanistan, Turkmenistan, Russia, Finland, Sweden, Norway, Iceland, Greenland/Denmark, Canada and finally the US); and 10 states in the US (New York, Ohio, Indiana, Illinois, Missouri, Kansas, Colorado, Utah, Nevada and finally California) in the last 30 hours. Somehow, I don’t feel all that “jet-lagged”, perhaps because my routine at home was upside-down anyway!

Armen and Gary were kind enough to pick me up at the airport, despite the late hour. I’ve reached Mountain View, and will be crashing at their apartment for tonight because it’s too late to check-in. Tomorrow is my first day at Mozilla, which is really exciting, but it also means that I better go to sleep now.

This blog post is courtesy of Google’s free Wifi service for Mountain View