Chris Pollett > Students >
Yun

    ( Print View )

    [Bio]

    [Project Blog]

    [CS297Proposal]

    [Del1-PDF]

    [Del2-PDF]

    [SecuritySlides-PDF]

    [Del4]

    [CS297Report-PDF]

    [CS298Proposal]

    [CS298Final Source-ZIP]

    [CS297Presentation-PDF]

    [CS298Report-PDF]

                          

























CS297-298 Project News Feed

Code improvement
   (Posted on Sat, 27 Nov 2004 12:51:32 PST .)
Created a new abstract class called USBKeyLoader. 
The pure virtual function UpdatedMountedUSBKeys is for 
detecting USB keys and their drive letter. 
Created LinuxUSBKeyLoader as a subclass of USBKeyLoader.
The motivation is to make the platform dependent part of code
more prominent.
   


report
   (Posted on Sat, 27 Nov 2004 12:47:39 PST .)
1. Wrote the first draft of the cs298 report. 
2. Did the performance test for encrypting profiles with different sizes.


Bug fixes
   (Posted on Tue, 26 Oct 2004 13:41:44 PDT .)
1. Removed USB profiles after shutdown. (The files are not deleted.)
2. Only encrypt the files that have been modified during the session.
3. Output the ciphertext in the base64 format instead of raw binary format.
4. Use SHA-1 as the hash function.
5. Compute hashes with salt.

   


Fixed major bugs.
   (Posted on Tue, 12 Oct 2004 11:59:51 PDT .)
Bug1: At shutdown, the profiles are not correctly encrypted.

Reason: the Mozilla component that
computes hashes is shutdown when
I do the encryption. So the key 
and iv are wrong.

Solution: save an in-memory copy of the key and iv for the previous profile. 

Bug2: Deleting a profile doesn't 
delete the password digest. 

Solution: put the digest inside the profile folder named xxx.slt

Bug3: My GetProfilePath function always return the parent folder
of the xxx.slt folder. The problem
is that sometimes, there can be 
multiple xxx.slt folders under the
same parent folder. The current
xxx.slt is not the first one on 
the list. For example, if a user 
doesn't delete files when he 
deletes a profile, the xxx.slt 
folder is untouched. Next time 
when the user creates a profile
with the same name, a new xxx.slt
folder will be created with the
same location as the obsolete 
xxx.slt folder.

Solution: Let GetProfilePath
always return the xxx.slt folder
path and it garantees that the 
path is the correct one for the 
profile.

Bug4: Doesn't exit the system 
when authentication fails at 
startup and the user fails to 
create or select another profile.

Solution: exit properly.
   


Deal with preference settings
   (Posted on Tue, 12 Oct 2004 11:47:33 PDT .)
I found a bug about profile 
encryption. Everytime I start a 
profile at Mozilla startup, the
preference settings were rolled 
back to the default ones.

I discovered that this was 
because the preference file
Mozilla loads prefs.js file 
before my component is loaded. 
Since the file is encrypted, 
Mozilla decides that the file is
missing and it uses a default 
file.

The solution was that at 
startup, after decryption, I make
Mozilla read the decrypted 
prefs.js file again which 
overwrites the default settings.
again.  
   


Implement profile bulk encryption
   (Posted on Tue, 12 Oct 2004 11:39:43 PDT .)
My initial plan was to decrypt the
profile onto the local drive to imcrease performance. However, Mozilla's profile manager doesn't have a public function for updating the profile path. I could change the registry but the profile manager wouldn't know it.
So I have to decrypt everything to the same folder on the USB token.

Initially, I do encryption at 
the "profile-approve-change" 
event. But then during testing, I
noticed that some profile files 
are updated after this event, such as history.dat. If 
so my encrypted profile missed 
some updates.

My solution was that during 
profile switch, I decrypt the 
target profile at "profile-
approve-change" event. If the 
previous profile needs security
protection, I encrypt it at 
"profile-initial-state" event 
when the switch is done and all
the files of the previous profile
are updated properly.

The important issue here is to 
manage all the flags correctly. 
   


Weekly report: Implemented authentication at startup
   (Posted on Tue, 12 Oct 2004 11:23:37 PDT .)
Authentication procedure at startup 
cannot be implemented in the same 
way as for switching between 
profiles.
The reason is that at startup, the
system doesn't generate the 
"profile-approve-change" event 
that I can catch and veto when 
authentication fails.

My first attempt was to do 
something after "profile-do-
change" event. But the system 
shuts down whether the 
authentication fails or not.
I discovered that this is because
the profile selection dialog shown
by the profile manager returns 0 
as long as I do something, which 
causes the system to shut down.

My solution was to suppress the 
Profile Manager's dialog by doing
everything ahead of it. If 
authentication passes, I set the 
startWithLastUsedProfile to be 
true. Otherwise, I pop up either
the profile selection or creation
dialog. If I'm the one to open 
those dialogs, I have total 
control of it. 


Weekly report 2 (9/13-9/19)
   (Posted on Wed, 22 Sep 2004 10:35:56 PDT .)
Veto change if user authentication fails.
- Previously, I did user authenticaiton on the "profile-before-change" event.
The disadvantage is that when this
event occurs, the profile is already switched for the Profile Manager.
Which will cause many problem and 
nasty work flow.
- Currently, I listen to the "profile-approve-change" event
which happens before the profile is actually changed.
nsIProfileChangeStatus is used for veto the change gracefully.
- The technical challenge for implement this feature
is that I have to get the user
selected profile name from the UI,
as opposed as in approach 1, 
I could just get the current profile name from the Profile Manager.
Some jfcunit test experience helped me with digging into 
the layered window, document, element structure 
to get the profile name. 
I couldn't find any online document on this except class definitions and diagrams.
- Note this approach doesn't work on startup profile selection,
because at startup, no "profile-approve-change" event is generated. 
Need another approach to solve this problem.
   


Project progress for week 1
   (Posted on Tue, 07 Sep 2004 21:31:46 PDT .)
I was finally able to encrypt and decrypt files with different lengths and formats, such as plain texts, texts in base64 format such as email attachments generated by Mozilla, pdf files, and images. This was done by using Mozilla's AES module.
 
The cipher texts are output in raw binary format. 

I firstly had a problem with encrypting and decrypting special files such as a pdf files. The problem was that when I reallocated an input string buffer and copied the content from the old buffer to the new one, I used "strcpy", which only copied the sort of "header" of the file but the stream data was missing. 

I solved this problem by checking the file size and allocating enough buffer space at the beginning. 

If the file size was not divisible by the block size, the last block was padded by '\0's.


Test
   (Posted on Tue, 31 Aug 2004 15:03:55 PDT .)
This actually works.
   


Really Simple Syndication (RSS) Feed...