[minion-cvs] Additions to C-level code: Added ability to generate X5...

[nickm@seul.org (Nick Mathewson)]

Update of /home/minion/cvsroot/src/minion
In directory moria.seul.org:/tmp/cvs-serv10819

Modified Files:
	HACKING TODO 
Log Message:
Additions to C-level code: Added ability to generate X509 certs, and
to read and write RSA keys from PEM format.

This isn't used yet beyond a verified-to-work-once level, but I'm
checkpointing it before my next batch of hacks so I can't break
anything.


Index: HACKING
===================================================================
RCS file: /home/minion/cvsroot/src/minion/HACKING,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- HACKING	1 Jul 2002 18:03:04 -0000	1.5
+++ HACKING	5 Jul 2002 23:34:32 -0000	1.6
@@ -2,8 +2,11 @@
 
 Requirements:
 	Python 2.0-2.2  (see PORTING NOTES below)
-	OpenSSL 0.9.7 (you'll need to download a snapshot. Also see PORTING.)
-	Working /dev/urandom (see PORTING NOTES below)
+
+	OpenSSL 0.9.7 (You'll need to download a beta. As of 5 July 2002,
+           that's http//www.openssl.org/source/openssl-0.9.7-beta2.tar.gz)
+
+	A working /dev/urandom (see PORTING NOTES below)
 
 Setting up:
 	Get python 2.2.  There are RPMs around.
@@ -66,9 +69,10 @@
            yet support server-side DHE.  Bugzilla says that
            server-side DHE is targetted for 3.5.  Perhaps then we can
            port, but I wouldn't hold my breath.
-         - gnutls/libgcrypt: These is the GNU offerings; the relevant 
+         - gnutls/libgcrypt: These are the GNU offerings; the relevant
            portions of each are licensed under the LGPL.  They don't
-           support OAEP, but that's easy enough to re-do in Python.
+           support OAEP, but we've already got an implementation of that
+           in Python.
 
       So for now, it's OpenSSL.  I'll accept any patches that make us 
       run under gnutls/libgcrypt as well, but I think in the long term

Index: TODO
===================================================================
RCS file: /home/minion/cvsroot/src/minion/TODO,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- TODO	1 Jul 2002 18:03:04 -0000	1.6
+++ TODO	5 Jul 2002 23:34:32 -0000	1.7
@@ -1,19 +1,44 @@
 Legend:
 	- Not done
+	* For next checkin
 	. Partially done
 	o Done
 
 NEEDS TO BE WRITTEN
 
 FOR 0.1: (The rough edges release)
-	- Make crypt.c read/write stuff in PEM?
+	o Make crypt.c read/write stuff in PEM?
+		o (Private keys will be enough)
+		* Test private key read/write in PEM.
 	- Local delivery module
 	- Manager process
-	- Configuration code
-	- Logging/debugging/warning code
+	. Configuration code
+		* Design config interface.
+		. Write extended .ini parser
+		. Write validation code
+		- Write unit tests
+		- Write base64/multiline code
+		- Design =configuration= file format.
+	*. Logging/debugging/warning code
+		* Use consistently
+		* Add minseverity
+		* Suppress for testing
+		* Make configurable
+		- Test
+		- Add reset support on sighup
+		- Add close support at exit
 	o Coding style guide
 	- MMTP		
-		- Generate X509/RSA/DH files as needed
+		*. Generate DH
+			o C function
+			* Py wrapper
+			* Tests
+			* Invoke as appropriate
+		*. Generate X509/RSA as appropriate
+			o C function
+			* Py wrapper
+			* Tests
+			* Invoke as appropriate
 		. Check Key IDs
 		- Renegotiate connections
 		- Timeouts