Re: [Dev] Extending BCJSSE for Token binding

2017-11-13 Thread KasunG Gajasinghe 
On Mon, Nov 13, 2017 at 1:03 PM, Inthirakumaaran Tharmakulasingham <
inthirakumaa...@wso2.com> wrote:

> I think there is a signature verification problem when using bouncy castle
> provider.You can find the details of the past problem in the link[1].(got
> this problem 3 years ago)
>
>
Alright, and there is a fix as well. So, this is not really an issue. :-)


> I started the conversation with BC developers and they're not going to
> implement token binding extension by them self in near future.The new
> extension, they added on user request was a small one and they already
> had implemented it but commented out for some reason.Details about that
> extension are in this link[2].But they are okay with sending PR for token
> binding implementation.If it is merged then we can reach java community
> easily.More details about the conversation can be found at this link[3].
>

Yes. Do keep them engaged, and send an early draft PR to BC community for
reviewing. This is going good. :)

Thanks,
KasunG


>
> When I talked to BC providers they mentioned about an extension API which
> can be used to add a new extension in the handshake.I did some digging into
> that and it seems is possible to create a token binding extension and have
> to put that into that API.Rest of the negotiations will be done by that
> API.So currently I am in the process of developing an extension that could
> fit into that API.
>
> Reference:
>   [1]Bouncy castle issue mail thread
> 
>   [2]https://github.com/bcgit/bc-java/issues/234
>   [3]https://github.com/bcgit/bc-java/issues/250
>
>
>
> On Fri, Nov 10, 2017 at 8:34 AM, KasunG Gajasinghe 
> wrote:
>
>> Hi Indra,
>>
>> Can you find out exactly what issues we faced before? I'm assuming it has
>> something to do with jar signing.
>>
>> The work we are doing is not specific to wso2 but applies to entire Java
>> community and bouncycastle users. So, our end goal should be get this
>> merged into bouncycastle project.
>>
>> Please start a dialogue with BC developers asap. They are on GitHub now I
>> suppose.
>>
>> Bouncycastle just added a new tls extension last month, and the community
>> quite active.
>>
>> @Prabath, please share your thoughts.
>>
>> Thanks,
>> KasunG
>>
>> On Thu, Nov 9, 2017 at 2:10 PM Inthirakumaaran Tharmakulasingham <
>> inthirakumaa...@wso2.com> wrote:
>>
>>> Hi,
>>> I am trying to create a Token binding library for TLS layer.One option
>>> for this to extend BCJSSE and write the implementations on top of it.But in
>>> the past, there have been some issues in making changes in Bouncy
>>> Castle.How can I proceed with this?OR any better way to write the library?
>>>
>>> Basically, our intention is to make a token binding library so that
>>> anyone can create HTTP client which can support token binding.Thus we hope
>>> to send a PR to BC after completing the implementation.
>>>
>>>
>>> --
>>> Inthirakumaaran
>>> Software Engineering - Intern | WSO2
>>>
>>> Email: inthirakumaa...@wso2.com
>>> Mobile:0766598050 <076%20659%208050>
>>>
>>> --
>>
>> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
>> email: kasung AT spamfree wso2.com
>> linked-in: http://lk.linkedin.com/in/gajasinghe
>> blog: http://kasunbg.org
>> phone: +1 650-745-4499 <(650)%20745-4499>, 77 678 0813
>>
>>
>
>
>
> --
> Inthirakumaaran
> Software Engineering - Intern | WSO2
>
> Email: inthirakumaa...@wso2.com
> Mobile:0766598050 <076%20659%208050>
>
>


-- 

*Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
email: kasung AT spamfree wso2.com
linked-in: http://lk.linkedin.com/in/gajasinghe
blog: http://kasunbg.org
phone: +1 650-745-4499, 77 678 0813
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Extending BCJSSE for Token binding

2017-11-12 Thread Inthirakumaaran Tharmakulasingham 
I think there is a signature verification problem when using bouncy castle
provider.You can find the details of the past problem in the link[1].(got
this problem 3 years ago)

I started the conversation with BC developers and they're not going to
implement token binding extension by them self in near future.The new
extension, they added on user request was a small one and they already
had implemented it but commented out for some reason.Details about that
extension are in this link[2].But they are okay with sending PR for token
binding implementation.If it is merged then we can reach java community
easily.More details about the conversation can be found at this link[3].

When I talked to BC providers they mentioned about an extension API which
can be used to add a new extension in the handshake.I did some digging into
that and it seems is possible to create a token binding extension and have
to put that into that API.Rest of the negotiations will be done by that
API.So currently I am in the process of developing an extension that could
fit into that API.

Reference:
  [1]Bouncy castle issue mail thread

  [2]https://github.com/bcgit/bc-java/issues/234
  [3]https://github.com/bcgit/bc-java/issues/250



On Fri, Nov 10, 2017 at 8:34 AM, KasunG Gajasinghe  wrote:

> Hi Indra,
>
> Can you find out exactly what issues we faced before? I'm assuming it has
> something to do with jar signing.
>
> The work we are doing is not specific to wso2 but applies to entire Java
> community and bouncycastle users. So, our end goal should be get this
> merged into bouncycastle project.
>
> Please start a dialogue with BC developers asap. They are on GitHub now I
> suppose.
>
> Bouncycastle just added a new tls extension last month, and the community
> quite active.
>
> @Prabath, please share your thoughts.
>
> Thanks,
> KasunG
>
> On Thu, Nov 9, 2017 at 2:10 PM Inthirakumaaran Tharmakulasingham <
> inthirakumaa...@wso2.com> wrote:
>
>> Hi,
>> I am trying to create a Token binding library for TLS layer.One option
>> for this to extend BCJSSE and write the implementations on top of it.But in
>> the past, there have been some issues in making changes in Bouncy
>> Castle.How can I proceed with this?OR any better way to write the library?
>>
>> Basically, our intention is to make a token binding library so that
>> anyone can create HTTP client which can support token binding.Thus we hope
>> to send a PR to BC after completing the implementation.
>>
>>
>> --
>> Inthirakumaaran
>> Software Engineering - Intern | WSO2
>>
>> Email: inthirakumaa...@wso2.com
>> Mobile:0766598050
>>
>> --
>
> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
> email: kasung AT spamfree wso2.com
> linked-in: http://lk.linkedin.com/in/gajasinghe
> blog: http://kasunbg.org
> phone: +1 650-745-4499 <(650)%20745-4499>, 77 678 0813
>
>



-- 
Inthirakumaaran
Software Engineering - Intern | WSO2

Email: inthirakumaa...@wso2.com
Mobile:0766598050
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Extending BCJSSE for Token binding

2017-11-09 Thread KasunG Gajasinghe 
Hi Indra,

Can you find out exactly what issues we faced before? I'm assuming it has
something to do with jar signing.

The work we are doing is not specific to wso2 but applies to entire Java
community and bouncycastle users. So, our end goal should be get this
merged into bouncycastle project.

Please start a dialogue with BC developers asap. They are on GitHub now I
suppose.

Bouncycastle just added a new tls extension last month, and the community
quite active.

@Prabath, please share your thoughts.

Thanks,
KasunG

On Thu, Nov 9, 2017 at 2:10 PM Inthirakumaaran Tharmakulasingham <
inthirakumaa...@wso2.com> wrote:

> Hi,
> I am trying to create a Token binding library for TLS layer.One option for
> this to extend BCJSSE and write the implementations on top of it.But in the
> past, there have been some issues in making changes in Bouncy Castle.How
> can I proceed with this?OR any better way to write the library?
>
> Basically, our intention is to make a token binding library so that anyone
> can create HTTP client which can support token binding.Thus we hope to send
> a PR to BC after completing the implementation.
>
>
> --
> Inthirakumaaran
> Software Engineering - Intern | WSO2
>
> Email: inthirakumaa...@wso2.com
> Mobile:0766598050
>
> --

*Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
email: kasung AT spamfree wso2.com
linked-in: http://lk.linkedin.com/in/gajasinghe
blog: http://kasunbg.org
phone: +1 650-745-4499, 77 678 0813
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Extending BCJSSE for Token binding

2017-11-09 Thread Inthirakumaaran Tharmakulasingham 
Hi,
I am trying to create a Token binding library for TLS layer.One option for
this to extend BCJSSE and write the implementations on top of it.But in the
past, there have been some issues in making changes in Bouncy Castle.How
can I proceed with this?OR any better way to write the library?

Basically, our intention is to make a token binding library so that anyone
can create HTTP client which can support token binding.Thus we hope to send
a PR to BC after completing the implementation.

-- 
Inthirakumaaran
Software Engineering - Intern | WSO2

Email: inthirakumaa...@wso2.com
Mobile:0766598050
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev