Proj-2015-2016-Extensions IPOPO
Jump to navigation
Jump to search
Subject: Services étendus pour le modèle de composants iPOPO pour Python (in French)
Supervisors:
- Thomas CALMANT
- Didier DONSEZ
Students:
- Abdelaziz FOUNAS (RICM4)
- Rémi GATTAZ (RICM4)
- Marwan HALLAL (RICM4)
Week 1 (Janvier 11th - January 17th)
Objectives
- Meet with supervisors
- Decide which suggested extension of IPOPO we will work on
- Understand the subject
Work done
Problems faced
Week 2 (Janvier 18th - January 24th)
Objectives
- Create the project's SRS
- Lean python
- Learn how to use IPOPO (basic usage)
Work done
- Studied the code of iPOPO
- Prepared meeting with Thomas CALMANT
Problems faced
Week 3 (Janvier 25th - January 31th)
Objectives
- Work on the design of our extension
- Start designing the extension
- Find where our extension will be located in the existing code
- Creation of UML Diagrams
- Find python modules that we could use
Weekly meeting
During this week's meeting, the following points were discussed and agreed upon :
- The creation and revocation of client's certificates will be done inside iPOPO. It implies that iPOPO will have to handle a keystore.
- To connect to the IPOPO secured remote shell, we will create a simple python client
- Extending the RemoteConsole class seems to be a good approach for what we are trying to do.
Work done
- UML Diagrams:
Problems faced
Week 4 (February 1st - February 7th)
Objectives
- Search of a python2 and python3 compatible cryptology module (must be able to handle keystores)
- Choose our workflow
- Continue designing the extension
- Read the IPOPO documentation to improve our understanding of the IPOPO project
- Decide where to implant it.
Work done
| Possible python extensions | |||
|---|---|---|---|
| name | pros | cons | comments |
| pyOpenssl |
|
|
|
| ssl |
|
|
If used with pyjks, the two modules can have everything required. pyjks is however still in alpha and seems to only support python3 |
Weekly meeting
During this week's meeting, the following points were discussed and agreed upon :
- We will create a package pelix.crypto in iPOPO.
- To handle certificates, we will create in IPOPO a module keystore
- For a first version, we will use the python module ssl in order to not add a new dependency. We will however try to make it easy to create a new keystore module with pyOpenssl
Problems faced
We didn't have specific problems during the week.
Week 5 (February 8st - February 14th)
Objectives
- Write a simple client/server application using AES encryption
- Start to write the TLS versions of classes handling the remote connections in IPOPO
- Write the keystore service interface
Work done
- Draft of keystore interface
- Implementation of TLS version classes
- Client/Server application using AES encryption
Weekly meeting
- The problem we had was discussed and a solution found
Problems faced
- The current implementation of remote shell forced to rewrite a lot of code. A solution was found that however requires to slightly modify the current iPOPO remote shell module.
Week 6 (February 15st - February 21th)
Objectives
- Add mutual authentication to the simple client/server python application written the previous week
- Complete and test the TLS version of IPOPO remote shell classes
Work done
- Mutual authentication was added to the client/server python application written the previous week
- Tests of the TLS remote shell with the client of the simple application
- Creation of two issues on Ipopo's Github repository Issue #52 Issue #53
- Use of the following Tutoriale to learn about the methods of creation of Authorities, Keys and Certificates Installation et configuration de OpenSSL
Weekly meeting
Problems faced
- The client written for the simple client/server application can not connect to the TLS remote shell. The problem has not been identified yet.
Week 7 (February 29th - March 6th)
Objectives
- Find the issue in the TLS RemoteShell and fix it
- Design a module PKI (Public Key Infrastructure) and the submodules it needs.
Work done
- The problem in our implementation of the tls remote shell was found and corrected.
- First Draft of the PKI's modules
Weekly meeting
Problems faced
- While designing the PKI modules, we were looking how to use it with the current implementation of the TLS-RemoteShell. We found that the wrapping of the socket can only be done using files. Thus, we will most likely have to create temporary files to wrap sockets with using certificates.
Week 8 (March 7th - March 13th)
Objectives
- Finish design of the PKI modules and put it on the Air wiki
- Creation of a Gantt diagram to plan the last 3 weeks of the project
- Start the implementation of the PKI
Work done
- Creation of a class diagram of the PKI's modules. It is available here
- The Ganntt was created and presented to Thomas CALMANT
Weekly meeting
During this week's meeting, we discussed what we still had to do and presented a Gantt to show what was our goal.
Problems faced
We didn't have specific problems during the week.
Week 9 (March 14th - March 20th)
Objectives
- Make small modifications to the TLS Remote Shell for upcoming merge with the second branch of our project
- Start the implementation of the dependencies of the PKI module
Work done
- Define constants in the remote shell module used in the TLS Keystore modules
- Started implementation of the module Keystore and BasicKeystore
- Creation of a function main in the module tlsremoteshell to start it easily
Problems faced
We didn't have specific problems during the week.
Week 10 (March 21th - March 27th)
Objectives
- Implementation of the module PKI
- Creation of tests for the module BasicKeystore
Work done
- Creation of the module PKI
- Creation of Travis tests of the module BasicKeystore
Problems faced
- We didn't know how to test properly our travis tests before commiting them to the project repository. We thus created a lot of meaningless commits.
Week 11 (March 28th - April 3rd)
Objectives
- Creation of Travis tests of the module PKI
- Have a bettter coverage on the module KeyStore
Work done
- Creation of automatic tests of the PKI
Problems faced
- The continuous integration server Travis was not running well. Every tests requiring networking was failing. Even previously working tests could not be completed.
Week 12 (April 4th - April 10th)
Objectives
- Modify the PKI. Have PKI the name of an interface and make the current PKI a subclass of PKI name BasicPKI
- Make BasicPKI a ipopo component
Work done
Weekly meeting
Problems faced
- Travis.yml is still not working properly. It worked on Monday morning for some time but started to fail again at the end of the morning.