Cryptography In CWM: Hashes from Sean B. Palmer on 2001-11-30 (www-archive@w3.org from November 2001)

From: Sean B. Palmer <sean@mysterylights.com>
Date: Fri, 30 Nov 2001 01:25:02 -0000
To: "Tim Berners-Lee" <timbl@w3.org>, "Dan Connolly" <connolly@w3.org>
Cc: <www-archive@w3.org>
Message-ID: <005401c1793d$e3afcdc0$b6570150@localhost>

Summary: the beginnings of a cryptography module for CWM, as
"cwm_crypto.py", with hash-finding built-ins.

I wanted to do signature validation before I shipped this off, but
since I have to download several hundred packages to do that, I
thought I'd just archive this first.

As a test of the module, I used crypto.n3:-

   python cwm.py crypto.n3 -think -purge > crypto-out.n3

and the file "test.txt", which simply contains the string "blargh".
The result is:-

[[[
     @prefix : <#> .
     @prefix crypto: <http://www.w3.org/2000/10/swap/crypto#> .
     @prefix log: <http://www.w3.org/2000/10/swap/log#> .
     @prefix string: <http://www.w3.org/2000/10/swap/string#> .

    <file:c:\test.txt>     a :GetHashFile;
         :content "blargh";
         :md5 "ef15c9bd4c7836612b1567f4c8396726";
         :sha "d1e670385f40ee942a059f949c761214872ac35f" .
]]] - <<crypto-out.n3>>

The files are attached. The most important is <<cwm_crypto.py>>, which
is the actual module as it stands. I also needed to modify llyn.py to
register the built-ins, so that is attached too, as <<llyn.py>>.
<<crypto.n3>> is the test file, and <<crypto-out.n3>> is the output.
Also attached is the simple <<test.txt>> "blargh" test file. The paths
should be modified appropriately. cwm_crypto.py was based on one of
the other built-ins modules: cwm_string.py.

The properties that one can use at the moment are:-

   crypto:md5 a rdf:Property; rdfs:label "md5";
      rdfs:comment "The MD5 hash of a string";
      rdfs:domain string:String; rdfs:range string:String .

   crypto:sha a daml:UnambiguousProperty,
      daml:UniqueProperty; rdfs:label "sha";
      rdfs:comment "The SHA hash of a string";
      rdfs:domain string:String; rdfs:range string:String .

Upper-case property names are used in the crypto.n3 schema [1] (which
needs chACL-ing), but I prefer to use lower-case for properties, and
upper-case (prefixes) for classes, so I changed them.

To get the hash of a file, you of course have to use log:content on
it... I did consider just putting in a built-in function that would do
that for you, but it seems more sensible to deploy one standard
approach. I also considered using a new "hash:" URI scheme to identify
hashes as first class objects on the Web, but after considering it
carefully, decided not to.

For signatures, I intend to hack on the mxCrypto stuff, but you need
an incredible amount of stuff in order to install that, so that's on
the TODO list :-)

Cheers,

[1] http://www.w3.org/2000/10/swap/crypto.n3

--
Kindest Regards,
Sean B. Palmer
@prefix : <http://webns.net/roughterms/> .
:Sean :hasHomepage <http://purl.org/net/sbp/> .

Attachments

text/plain attachment: cwm_crypto.py
text/plain attachment: llyn.py
text/plain attachment: crypto.n3
text/plain attachment: crypto-out.n3
text/plain attachment: test.txt

Received on Thursday, 29 November 2001 20:25:57 UTC