Synopse Open Source - Tag - randommORMot MVC / SOA / ORM and friends2024-02-02T17:08:25+00:00urn:md5:cc547126eb580a9adbec2349d7c65274DotclearEKON 25 Slidesurn:md5:aed86aeed11190901cf050e9842ec0bc2021-11-16T12:34:00+00:002021-11-16T12:34:00+00:00Arnaud BouchezmORMot Framework64bitAESAES-CTRAES-GCMAES-NiauthenticationCertificatesCrossPlatformDDDDelphiECCECDHECIESECSDAed25519EKONFreePascalinterfacelibdeflatemORMotmORMot2multithreadOpenSSLperformancerandomSOASourceWebSockets<p><a href="https://entwickler-konferenz.de/">EKON 25 at Düsseldorf</a> was a great conference (konference?).</p>
<p>At last, a <strong>physical</strong> gathering of Delphi developers, mostly from Germany, but also from Europe - and even some from USA! No more virtual meetings, which may trigger the well known 'Abstract Error' on modern pascal coders.<br />
There were some happy FPC users too - as I am now. <img src="https://blog.synopse.info?pf=smile.svg" alt=":)" class="smiley" /></p>
<p><img src="https://blog.synopse.info?post/public/blog/Ekon25.png" alt="" /></p>
<p>I have published the slides of my conferences, mostly about mORMot 2.<br />
By the way, I wish we would be able to release officially mORMot 2 in December, before Christmas. I think it starts to be stabilized and already known to be used on production. We expect no more breaking change in the next weeks.</p> <p>Here are the slides of my two 1-hour sessions.</p>
<h5>mORMot Cryptography</h5>
<p>The OpenSource mORMot framework has a strong set of cryptography features. It offers symmetric cryptography with hashing and encryption, together with asymmetric cryptography via private/public key pairs. Its optimized pascal and assembly engines can be embedded into your executable, but you could also call an external OpenSSL library if needed. This session will present mormot.crypt.* units, and apply them to some use cases, from low-level algorithms to high-level JWT or file encryption and signing.</p>
<p><a href="https://www.slideshare.net/ArnaudBouchez1/ekon25-mormot-2-cryptography">mORMot 2 Cryptography on SlideShare</a></p>
<p>I just had an interesting discussion with Michael on <a href="https://gitlab.com/freepascal.org/fpc/source/-/commit/3229cb712e33374b85258aed43726058be633bed#note_734398698">FPC new gitlab platform</a>: the FPC RTL is gaining some official cryptography functions, and I proposed to use mORMot code base as reference, and to introduce some RTL wrapper functions which can redirect to a plain pascal FPC RTL version, or use another engines, like OpenSSL or mORMot, if available.</p>
<h5>Server-Side REST Notifications with mORMot</h5>
<p>The most powerful way of writing REST services is to define them via interfaces, then let the SOA/REST framework do all the routing, data marshalling and communication behind the scenes. One distinctive feature of mORMot is to define a method parameter as a notification interface, and let the server call back the client when needed, as with regular Delphi code. This session will present the benefit of defining REST services using interfaces, and how WebSockets can offer real-time notifications into your rich Delphi client applications.</p>
<p><a href="https://www.slideshare.net/ArnaudBouchez1/ekon25-mormot-2-serverside-notifications">mORMot 2 Server-Side Notifications on SlideShare</a></p>
<p>Feedback is <a href="https://synopse.info/forum/viewtopic.php?id=6051">welcome on our forum, as usual.</a></p>AES-256 based Cryptographically Secure Pseudo-Random Number Generator (CSPRNG)urn:md5:d99c0c7b643507d7c78be9a1b13ce23b2016-04-09T11:37:00+02:002020-07-03T09:29:59+02:00AB4327-GANDImORMot FrameworkAESAES-NiblogCSPRNGDelphiperformancerandomsecuritySource<p>Everyone knows about the pascal <a href="http://docwiki.embarcadero.com/Libraries/en/System.Random">random()
function</a>.<br />
It returns some numbers, using a <a href="http://en.wikipedia.org/wiki/Linear_congruential_generator">linear
congruential generator</a>, with a multiplier of <a href="http://forum.lazarus.freepascal.org/index.php?topic=23536.msg140722#msg140722">134775813</a>,
in its Delphi implementation.<br />
It is fast, but not really secure. Output is very predictable, especially if
you forgot to execute the <a href="http://docwiki.embarcadero.com/Libraries/en/System.RandSeed">RandSeed()
procedure</a>.</p>
<p><img src="http://resources.infosecinstitute.com/wp-content/uploads/121411_1611_SecureRando1.png" alt="" width="500" height="148" /></p>
<p>In real world scenarios, safety always requires random numbers, e.g. for
key/nonce/IV/salt/challenge generation.<br />
The less predictable, the better.<br />
We just included a <a href="https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator">Cryptographically
Secure Pseudo-Random Number Generator</a> (CSPRNG) into our <a href="https://github.com/synopse/mORMot/commit/92135fcdf7503bb54479643e926668532ca357d3">
SynCrypto.pas</a> unit.<br />
The <code>TAESPRNG</code> class would use real system entropy to generate
a sequence of pseudorandom bytes, using AES-256, so returning highly
unpredictable content.</p> <p>The <code>TAESPRNG</code> class is implemented as such:</p>
<ul>
<li>It would gather entropy using dedicated OS API, i.e. the <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379942">CryptGenRandom
API</a> under Windows or <a href="http://www.2uo.de/myths-about-urandom/">/dev/urandom - /dev/random</a> on
Linux/POSIX systems; and since we are paranoid, we XOR some entropy hash
(retrieved e.g. directly from RDTSC and other system variables) to those OS
values - so even if the API is compromised, we try to have some changing
input;</li>
<li>This entropy (256 bytes of password, 16 bytes of salt) would be hashed
using safe PBKDF2-HMAC-SHA256 key derivation function (256 iterations by
default) to setup the secret key of an AES-256 cypher, and set a counter (CTR)
initial value by applying this AES-256 to the salt;</li>
<li>Each time some output is to be generated, AES-256 is applied to the CTR to
produce 16 bytes (2^128 bits) of pseudorandom data;</li>
<li>The CTR is incremented after each 16-byte block; AES being a block
cipher, it is a permutation of the space of block values: as such, it won't
ever output twice the same 16-byte block, so you can generate 2^128 blocks,
i.e. 2^132 bytes before the CTR overflows;</li>
<li>The AES-256 cypher is re-seeded from entropy on a regular basis (after
some bytes are generated), to avoid potential attacks on backward or
forward security;</li>
<li>The implementation is thread-safe, a shared <code>TAESPRNG.Main</code>
instance is available, but you can create your
own <code>TAESPRNG</code> instance, with tuned parameters (number
of PBKDF2 counts or automatic re-seeding number of bytes);</li>
<li>The level of security would be the same on all platforms, since OS is used
only for entropy, but an unique CSPRNG algorithm would actually generate
the data - even a compromised system (older CryptGenRandomAPI had <a href="http://eprint.iacr.org/2007/419.pdf">known weaknesses</a>, or you could
imagine some plot-based undocumented backdoor) may produce safe enough
output;</li>
<li>It would use <a href="https://blog.synopse.info?post/post/2015/01/15/AES-NI-enabled-for-SynCrypto">AES-NI</a> or Padlock hardware
acceleration, if available.</li>
</ul>
<p>You may use it in your projects by calling <a href="http://synopse.info/files/html/api-1.18/SynCrypto.html#TAESPRNG_FILLRANDOM">TAESPRNG.Main.FillRandom()</a>
overloaded methods or <a href="http://synopse.info/files/html/api-1.18/SynCrypto.html#TAESPRNG_FILLRANDOMBYTES">
TAESPRNG.Main.FillRandomBytes()</a>.</p>
<p>See the <a href="http://synopse.info/files/html/api-1.18/SynCrypto.html#TAESPRNG">class
documentation</a>.</p>
<p>The main idea of a CSPRNG is that its output is as safe as the cypher it is
based on.<br />
Using AES-256, and initial PBKDF2 key derivation of OS-gathered entropy,
implements a <a href="https://en.wikipedia.org/wiki/Randomness_extractor">very
good randomness extractor</a>.<br />
Last but not least, especially if your CPU supports AES-NI (which is very
likely on a server), performance would be very high.<br />
Just use <code>TAESPRNG</code> when you need random input. Then go back to
your own code.</p>
<p>Feedback is <a href="http://synopse.info/forum/viewtopic.php?id=3263">welcome on our forum</a>, as
usual!</p>