open secure socket... using certificate

Tom Glod tom at makeshyft.com
Thu Jan 28 22:46:13 EST 2021 

well..that was short lived. bummer I guess, esp if you really need it in
that form.
I would ask about it and try to get an answer in clear terms from the team.


Richard..... in the labs ...... I am testing the viability of using
Livecode as ONLY a UI layer.  So I have to find the fastest way of getting
decrypted JSON data from Core process (Go binary) to the UI Layer that is a
LC stack.
So when communicating data via the localhost or socket, I figured it should
still be encrypted if possible when in transit between the 2 programs.
It's an attack vector in this kind of a scenario, a local one, not remote
as much.
It would have been nice to reply on the protocol for it. I can get around
this particular problem of course by encrypting on one side and decrypting
on the other, also.  If I am really paranoid about my security.
What do you think will be the fastest way?  Socket? Open Process?
I'm still setting up a test for latency and throughput. I will not be
testing this for a few months, but when I have results on this experiment,
I will report.
Thanks for asking I guess, got me thinking about it.

Cheers,

Tom





On Wed, Jan 27, 2021 at 5:49 AM Bernard Devlin via use-livecode <
use-livecode at lists.runrev.com> wrote:

> Hi Tom
>
> You shouldn't get any hopes up. I'd commented in the bug report in 2014
> that this was something that we'd been told was coming back in the days of
> LC version 2.
>
>
> I think when a development environment has failed to deliver a feature from
> version 2 to version 10 that thing is never going to appear.
>
>
> On Tue, Jan 26, 2021 at 9:22 PM Tom Glod via use-livecode <
> use-livecode at lists.runrev.com> wrote:
>
> > super happy to see this, hopefully it will when i need it.
> > Going to look this up.
> > Wondering if it will be super hard to create certificate and make it work
> > on localhost sockets.
> >
> >
> > On Tue, Jan 26, 2021 at 2:26 PM Brian Milby via use-livecode <
> > use-livecode at lists.runrev.com> wrote:
> >
> > > “Using tCertificate and tKey” compiles but I don’t know how to test.
> It
> > > does seem like the parser doesn’t recognize those keywords.
> > >
> > > Sent from my iPhone
> > >
> > > > On Jan 26, 2021, at 2:13 PM, Bernard Devlin via use-livecode <
> > > use-livecode at lists.runrev.com> wrote:
> > > >
> > > > Thanks for the suggestion Erik, but I don't see from that how one
> > > specifies
> > > > the certificate.
> > > >
> > > > Regards, Bernard
> > > >
> > > >> On Tue, Jan 26, 2021 at 6:03 PM Erik Beugelaar via use-livecode <
> > > >> use-livecode at lists.runrev.com> wrote:
> > > >>
> > > >> Maybe this:
> > > >>
> > > >> secure socket "livecode.com:443"
> > > >>
> > > >> Examples:
> > > >>
> > > >> https://livecode.fandom.com/wiki/Secure_socket
> > > >>
> > > >> -----Original Message-----
> > > >> From: use-livecode <use-livecode-bounces at lists.runrev.com> On
> Behalf
> > Of
> > > >> Bernard Devlin via use-livecode
> > > >> Sent: dinsdag 26 januari 2021 16:40
> > > >> To: How to use LiveCode <use-livecode at lists.runrev.com>
> > > >> Cc: Bernard Devlin <bdrunrev at gmail.com>
> > > >> Subject: Re: open secure socket... using certificate
> > > >>
> > > >> I did. I tried these too:
> > > >>
> > > >> *open* *secure* socket to "localhost:443"  using certificate tc and
> > key
> > > tk
> > > >>
> > > >> *open* *secure* socket to "localhost:443" without verification using
> > > >> certificate tc and key tk
> > > >>
> > > >> When the above lines are entered in the script editor they are
> flagged
> > > as
> > > >> being syntax errors. In both cases it is what comes after
> > "certificate"
> > > >> that is flagged as a syntax error (flagged as: missing "," near
> "tc").
> > > >> There seems to be no combination of command options that works with
> > > >> certificates.
> > > >>
> > > >> The fact that the Dictionary has zero information about what is
> > expected
> > > >> for certificate/key was not a good sign, which is why I searched the
> > > >> archive.  I just went to have a look at the code on Github and I can
> > > seen
> > > >> nothing to suggest that "using certificate and key" is implemented.
> > > >>
> > > >> The server and client certificate are working in a browser, so the
> > > problem
> > > >> is definitely on the LC side.
> > > >>
> > > >> On Tue, Jan 26, 2021 at 2:34 PM Brian Milby via use-livecode <
> > > >> use-livecode at lists.runrev.com> wrote:
> > > >>
> > > >>> Did you try with “and key tKey”... it does not look like that part
> is
> > > >>> optional.
> > > >>>
> > > >>> Sent from my iPhone
> > > >>>
> > > >>>> On Jan 26, 2021, at 9:07 AM, Bernard Devlin via use-livecode <
> > > >>> use-livecode at lists.runrev.com> wrote:
> > > >>>>
> > > >>>> According to the Dictionary in LC 9.5.1 there is this command:
> > > >>>>
> > > >>>> open secure socket [from [localHostName][:localPort]] [to]
> socketID
> > > >>>> [with message callbackMessage] [without verification] *[using
> > > >>>> certificate certificate and key key]*
> > > >>>>
> > > >>>> However I can't get it to work.
> > > >>>>
> > > >>>> open secure socket to "localhost:443" using certificate
> > > >>>>
> > > >>>> throws a runtime error "no handler: using"
> > > >>>>
> > > >>>> If I use
> > > >>>>
> > > >>>> open secure socket to "localhost:443"
> > > >>>>
> > > >>>> I get a socket connection, but all the security of a client
> > > >>>> certificate does not work
> > > >>>>
> > > >>>>
> > > >>>> This causes a syntax error in the IDE:
> > > >>>>
> > > >>>> open secure socket to "localhost:443" using certificate tName
> > > >>>>
> > > >>>> Looking through the archives I see that a couple of discussions
> > > >>>> where people were asking about this variant of the "open socket"
> > > >>>> command 5 to 6 years ago, *saying that the "certificate" part has
> > > >>>> not been implemented*, regardless of what the Dictionary says.
> > > >>>>
> > > >>>> Is it really the case that for the past 6 years LC documentation
> has
> > > >>>> been misleading people concerning the implementation of
> certificates
> > > >>>> for
> > > >>> secure
> > > >>>> socket connections?
> > > >>>>
> > > >>>> I notice in the Dictionary the entry for "open socket" in the
> table
> > > >>>> of options for this command has entries for "certificate" and
> "key",
> > > >>>> but
> > > >>> these
> > > >>>> are both empty.  As if these features were meant to be implemented
> > > >>>> but
> > > >>> were
> > > >>>> never implemented and the Dictionary was never updated to remove
> > > >>>> this misleading information.
> > > >>>>
> > > >>>> I just find that hard to believe.
> > > >>>>
> > > >>>> Regards
> > > >>>>
> > > >>>> Bernard
> > > >>>> _______________________________________________
> > > >>>> use-livecode mailing list
> > > >>>> use-livecode at lists.runrev.com
> > > >>>> Please visit this url to subscribe, unsubscribe and manage your
> > > >>> subscription preferences:
> > > >>>> http://lists.runrev.com/mailman/listinfo/use-livecode
> > > >>>
> > > >>> _______________________________________________
> > > >>> use-livecode mailing list
> > > >>> use-livecode at lists.runrev.com
> > > >>> Please visit this url to subscribe, unsubscribe and manage your
> > > >>> subscription preferences:
> > > >>> http://lists.runrev.com/mailman/listinfo/use-livecode
> > > >>>
> > > >> _______________________________________________
> > > >> use-livecode mailing list
> > > >> use-livecode at lists.runrev.com
> > > >> Please visit this url to subscribe, unsubscribe and manage your
> > > >> subscription preferences:
> > > >> http://lists.runrev.com/mailman/listinfo/use-livecode
> > > >>
> > > >>
> > > >> _______________________________________________
> > > >> use-livecode mailing list
> > > >> use-livecode at lists.runrev.com
> > > >> Please visit this url to subscribe, unsubscribe and manage your
> > > >> subscription preferences:
> > > >> http://lists.runrev.com/mailman/listinfo/use-livecode
> > > >>
> > > > _______________________________________________
> > > > use-livecode mailing list
> > > > use-livecode at lists.runrev.com
> > > > Please visit this url to subscribe, unsubscribe and manage your
> > > subscription preferences:
> > > > http://lists.runrev.com/mailman/listinfo/use-livecode
> > >
> > > _______________________________________________
> > > use-livecode mailing list
> > > use-livecode at lists.runrev.com
> > > Please visit this url to subscribe, unsubscribe and manage your
> > > subscription preferences:
> > > http://lists.runrev.com/mailman/listinfo/use-livecode
> > >
> >
> >
> > --
> > Tom Glod
> > Founder & Developer
> > MakeShyft R.D.A (www.makeshyft.com)
> > Mobile:647.562.9411
> > _______________________________________________
> > use-livecode mailing list
> > use-livecode at lists.runrev.com
> > Please visit this url to subscribe, unsubscribe and manage your
> > subscription preferences:
> > http://lists.runrev.com/mailman/listinfo/use-livecode
> >
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>


-- 
Tom Glod
Founder & Developer
MakeShyft R.D.A (www.makeshyft.com)
Mobile:647.562.9411

More information about the use-livecode mailing list