-
Implementing Packet Sequence Validation using Pushdown Automata
In the previous blog post I discussed how a formal grammar can be transformed into a pushdown automaton in order to check if a sequence of packets or tokens is part of the language described by the grammar. In this post I will discuss how I implemented said automaton in Java in order to validate OpenPGP messages in PGPainless.
-
Using Pushdown Automata to verify Packet Sequences
As a software developer, most of my work day is spent working practically by coding and hacking away. Recently though I stumbled across an interesting problem which required another, more theoretical approach…
-
Creating a Web-of-Trust Implementation: Accessing Certificate Stores
A different type of certificate store. Photo by K Fraser on Unsplash I made progress towards a full WoT implementation. The current milestone entails integrating certificate stores more closely with the core API. More specifically, an implementation of the Shared PGP Certificate Directory.
-
Creating a Web-of-Trust Implementation: Certify Keys with PGPainless
Currently I am working on a Web-of-Trust implementation for the OpenPGP library PGPainless. Technically, the WoT consists of a graph where the nodes are OpenPGP keys (certificates) with User-IDs and the edges are signatures. In order to be able to create a WoT, users need to be able to sign other users certificates to create those edges.
-
Reproducible Builds – Telling of a Debugging Story
I try to make PGPainless build reproducible. A few months ago I added some lines to the build script which were supposed to make the project reproducible by using static file modification dates, as well as a deterministic file order in the JAR archive. However, recently my JAR files started to contain mismatching bytes…
-
Creating an OpenPGP Web-of-Trust Implementation – A Series
I am excited to announce that PGPainless will receive funding by NGI Assure to develop an implementation of the Web-of-Trust specification proposal! The Web-of-Trust (WoT) serves as an example of a decentralized authentication mechanism for OpenPGP.
-
PGPainless 1.0.0 Released!
Close to the end of 2021 I’m excited to announce the release of PGPainless version 1.0.0! I feel like it finally reached a state of sufficient maturity to be worthy of a major release with a “1” at the front.
-
A Simple OpenPGP API
In this post I demonstrate how easy it is to perform OpenPGP operations in your application by using the SOP API.
-
Progress on PGPainless Development
Photo by Raphael Koh on Unsplash Not much time has passed since I last wrote about my progress on the PGPainless library. However, I feel like its time for an update.
-
PGPainless 0.2 Released!
I’m very proud and excited to announce the release of PGPainless version 0.2! Among the major improvements are proper signature verification and a new encryption API.