Proj-2015-2016-Extensions IPOPO

From air
Revision as of 16:19, 29 February 2016 by Abdelaziz.Founas (talk | contribs)
Jump to: navigation, search

Subject: Services étendus pour le modèle de composants iPOPO pour Python (in French)

Supervisors:

  • Thomas CALMANT
  • Didier DONSEZ

Students:

  • Abdelaziz FOUNAS (RICM4)
  • Rémi GATTAZ (RICM4)
  • Marwan HALLAL (RICM4)


Week 1 (Janvier 11th - January 17th)

Objectives

  • Meet with supervisors
  • Decide which suggested extension of IPOPO we will work on
  • Understand the subject

Work done

Problems faced

Week 2 (Janvier 18th - January 24th)

Objectives

  • Create the project's SRS
  • Lean python
  • Learn how to use IPOPO (basic usage)

Work done

  • Studied the code of iPOPO
  • Prepared meeting with Thomas CALMANT

Problems faced

Week 3 (Janvier 25th - January 31th)

Objectives

  • Work on the design of our extension
  • Start designing the extension
    • Find where our extension will be located in the existing code
    • Creation of UML Diagrams
    • Find python modules that we could use

Weekly meeting

During this week's meeting, the following points were discussed and agreed upon :

  • The creation and revocation of client's certificates will be done inside iPOPO. It implies that iPOPO will have to handle a keystore.
  • To connect to the IPOPO secured remote shell, we will create a simple python client
  • Extending the RemoteConsole class seems to be a good approach for what we are trying to do.

Work done

Problems faced

Week 4 (February 1st - February 7th)

Objectives

  • Search of a python2 and python3 compatible cryptology module (must be able to handle keystores)
  • Choose our workflow
  • Continue designing the extension
    • Read the IPOPO documentation to improve our understanding of the IPOPO project
    • Decide where to implant it.

Work done

Possible python extensions
name pros cons comments
pyOpenssl
  • Compatible python2 and python3
  • Downloaded several thousands time every day
  • Can work with pkcs12 files (openssl compatible keystores)
  • Add a dependency to this module in IPOPO.
ssl
  • Compatible python2 and python3
  • Already exists in any python installation
  • Doesn't handle keystores

If used with pyjks, the two modules can have everything required. pyjks is however still in alpha and seems to only support python3

Weekly meeting

During this week's meeting, the following points were discussed and agreed upon :

  • We will create a package pelix.crypto in iPOPO.
  • To handle certificates, we will create in IPOPO a module keystore
  • For a first version, we will use the python module ssl in order to not add a new dependency. We will however try to make it easy to create a new keystore module with pyOpenssl

Problems faced

We didn't have specific problems during the week.


Week 5 (February 8st - February 14th)

Objectives

  • Write a simple client/server application using AES encryption
  • Start to write the TLS versions of classes handling the remote connections in IPOPO
  • Write the keystore service interface

Work done

  • Draft of keystore interface
  • Implementation of TLS version classes
  • Client/Server application using AES encryption

Weekly meeting

  • The problem we had was discussed and a solution found

Problems faced

  • The current implementation of remote shell forced to rewrite a lot of code. A solution was found that however requires to slightly modify the current iPOPO remote shell module.


Week 6 (February 15st - February 21th)

Objectives

  • Add mutual authentication to the simple client/server python application written the previous week
  • Complete and test the TLS version of IPOPO remote shell classes

Work done

  • Mutual authentication was added to the client/server python application written the previous week
  • Tests of the TLS remote shell with the client of the simple application
  • Utilisation du tuto du lien suivant afin de créer les autorités, les clés et les certificats : Installation et configuration de OpenSSL

Weekly meeting

Problems faced

  • The client written for the simple client/server application can not connect to the TLS remote shell. The problem has not been identified yet.


Week 7 (February 29th - March 6th)

Objectives

Work done

Weekly meeting

Problems faced