Chris Pollett >
Students >
Yun
( Print
View )
[Bio]
[Project Blog]
[CS297Proposal]
[Del1-PDF]
[Del2-PDF]
[SecuritySlides-PDF]
[Del4]
[CS297Report-PDF]
[CS298Proposal]
[CS298Final Source-ZIP]
[CS297Presentation-PDF]
[CS298Report-PDF]
|
CS297-298 Project News Feed
Code improvement
(Posted on Sat, 27 Nov 2004 12:51:32 PST
.)
Created a new abstract class called USBKeyLoader.
The pure virtual function UpdatedMountedUSBKeys is for
detecting USB keys and their drive letter.
Created LinuxUSBKeyLoader as a subclass of USBKeyLoader.
The motivation is to make the platform dependent part of code
more prominent.
|
report
(Posted on Sat, 27 Nov 2004 12:47:39 PST
.)
1. Wrote the first draft of the cs298 report.
2. Did the performance test for encrypting profiles with different sizes.
|
Bug fixes
(Posted on Tue, 26 Oct 2004 13:41:44 PDT
.)
1. Removed USB profiles after shutdown. (The files are not deleted.)
2. Only encrypt the files that have been modified during the session.
3. Output the ciphertext in the base64 format instead of raw binary format.
4. Use SHA-1 as the hash function.
5. Compute hashes with salt.
|
Fixed major bugs.
(Posted on Tue, 12 Oct 2004 11:59:51 PDT
.)
Bug1: At shutdown, the profiles are not correctly encrypted.
Reason: the Mozilla component that
computes hashes is shutdown when
I do the encryption. So the key
and iv are wrong.
Solution: save an in-memory copy of the key and iv for the previous profile.
Bug2: Deleting a profile doesn't
delete the password digest.
Solution: put the digest inside the profile folder named xxx.slt
Bug3: My GetProfilePath function always return the parent folder
of the xxx.slt folder. The problem
is that sometimes, there can be
multiple xxx.slt folders under the
same parent folder. The current
xxx.slt is not the first one on
the list. For example, if a user
doesn't delete files when he
deletes a profile, the xxx.slt
folder is untouched. Next time
when the user creates a profile
with the same name, a new xxx.slt
folder will be created with the
same location as the obsolete
xxx.slt folder.
Solution: Let GetProfilePath
always return the xxx.slt folder
path and it garantees that the
path is the correct one for the
profile.
Bug4: Doesn't exit the system
when authentication fails at
startup and the user fails to
create or select another profile.
Solution: exit properly.
|
Deal with preference settings
(Posted on Tue, 12 Oct 2004 11:47:33 PDT
.)
I found a bug about profile
encryption. Everytime I start a
profile at Mozilla startup, the
preference settings were rolled
back to the default ones.
I discovered that this was
because the preference file
Mozilla loads prefs.js file
before my component is loaded.
Since the file is encrypted,
Mozilla decides that the file is
missing and it uses a default
file.
The solution was that at
startup, after decryption, I make
Mozilla read the decrypted
prefs.js file again which
overwrites the default settings.
again.
|
Implement profile bulk encryption
(Posted on Tue, 12 Oct 2004 11:39:43 PDT
.)
My initial plan was to decrypt the
profile onto the local drive to imcrease performance. However, Mozilla's profile manager doesn't have a public function for updating the profile path. I could change the registry but the profile manager wouldn't know it.
So I have to decrypt everything to the same folder on the USB token.
Initially, I do encryption at
the "profile-approve-change"
event. But then during testing, I
noticed that some profile files
are updated after this event, such as history.dat. If
so my encrypted profile missed
some updates.
My solution was that during
profile switch, I decrypt the
target profile at "profile-
approve-change" event. If the
previous profile needs security
protection, I encrypt it at
"profile-initial-state" event
when the switch is done and all
the files of the previous profile
are updated properly.
The important issue here is to
manage all the flags correctly.
|
Weekly report: Implemented authentication at startup
(Posted on Tue, 12 Oct 2004 11:23:37 PDT
.)
Authentication procedure at startup
cannot be implemented in the same
way as for switching between
profiles.
The reason is that at startup, the
system doesn't generate the
"profile-approve-change" event
that I can catch and veto when
authentication fails.
My first attempt was to do
something after "profile-do-
change" event. But the system
shuts down whether the
authentication fails or not.
I discovered that this is because
the profile selection dialog shown
by the profile manager returns 0
as long as I do something, which
causes the system to shut down.
My solution was to suppress the
Profile Manager's dialog by doing
everything ahead of it. If
authentication passes, I set the
startWithLastUsedProfile to be
true. Otherwise, I pop up either
the profile selection or creation
dialog. If I'm the one to open
those dialogs, I have total
control of it.
|
Weekly report 2 (9/13-9/19)
(Posted on Wed, 22 Sep 2004 10:35:56 PDT
.)
Veto change if user authentication fails.
- Previously, I did user authenticaiton on the "profile-before-change" event.
The disadvantage is that when this
event occurs, the profile is already switched for the Profile Manager.
Which will cause many problem and
nasty work flow.
- Currently, I listen to the "profile-approve-change" event
which happens before the profile is actually changed.
nsIProfileChangeStatus is used for veto the change gracefully.
- The technical challenge for implement this feature
is that I have to get the user
selected profile name from the UI,
as opposed as in approach 1,
I could just get the current profile name from the Profile Manager.
Some jfcunit test experience helped me with digging into
the layered window, document, element structure
to get the profile name.
I couldn't find any online document on this except class definitions and diagrams.
- Note this approach doesn't work on startup profile selection,
because at startup, no "profile-approve-change" event is generated.
Need another approach to solve this problem.
|
Project progress for week 1
(Posted on Tue, 07 Sep 2004 21:31:46 PDT
.)
I was finally able to encrypt and decrypt files with different lengths and formats, such as plain texts, texts in base64 format such as email attachments generated by Mozilla, pdf files, and images. This was done by using Mozilla's AES module.
The cipher texts are output in raw binary format.
I firstly had a problem with encrypting and decrypting special files such as a pdf files. The problem was that when I reallocated an input string buffer and copied the content from the old buffer to the new one, I used "strcpy", which only copied the sort of "header" of the file but the stream data was missing.
I solved this problem by checking the file size and allocating enough buffer space at the beginning.
If the file size was not divisible by the block size, the last block was padded by '\0's.
|
Test
(Posted on Tue, 31 Aug 2004 15:03:55 PDT
.)
This actually works.
|
Really Simple Syndication (RSS) Feed...
|