Saturday, August 25, 2007

Seam Carving for Content-Aware Image Resizing

This is a very cool algorithm. Makes me a little keen to go back to and do a signal processing post-graduate degree at Uni...



Researchers are Shai Avidan and Ariel Shamir.

Friday, August 03, 2007

Got a spare computer lying around?

Quite a cool idea; load a display driver onto a spare computer and use it as more screen real estate for another. The video showing it in action is quite impressive.

SSL in Java

Got SSL working in Python, and for my next trick the Java end! As you may know I am no fan of Java and so this seemingly simple task took much longer than expected...

The initial program is quite simple:

import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.SSLSocket;

public class JVT
{
    public static void main(final String[] args) throws Throwable
    {
        SSLSocketFactory sslSocketFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();

        SSLSocket sslsocket = (SSLSocket)sslSocketFactory.createSocket("localhost", 12345);

        sslsocket.getOutputStream().write("Hello from the world of Java\n".getBytes());
    }
}


But when I connected I got:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Oh, what a readable exception... So it appears it doesn't like the certificate of my Python end and I should probably supply that to Java somehow. keytool is the tool for the job (a very cheap and nasty tool). I tried doing a:

$ keytool -import cert

Which did seem to import it (shows with keytool -list) but still the exception.

Tried some debugging:

-Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Djavax.net.debug=ssl

It showed the standard signing authority certificates but not my one...

And that's when I give up and copy someone else's solution to the problem. This is how to replace the certificate checking with a null implementation:

import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;

public class JVT
{
    public static void main(final String[] args) throws Throwable
    {
        // Create empty HostnameVerifier
        HostnameVerifier hv = new HostnameVerifier()
        {
            public boolean verify(String urlHostName, SSLSession session)
            {
                System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
                return true;
            }
        };

        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[]
        {
            new X509TrustManager()
            {
                public java.security.cert.X509Certificate[] getAcceptedIssuers()
                {
                    return null;
                }

                public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
                {
                }

                public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
                {
                }
            }
        };

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLSocketFactory sslSocketFactory = sc.getSocketFactory();

        SSLSocket sslsocket = (SSLSocket)sslSocketFactory.createSocket("localhost", 12345);

        sslsocket.getOutputStream().write("Hello from the world of Java\n".getBytes());
    }
}


So now it works (for transport) but I must find out how to do the certificates properly.

Making an SSL connection in Python

For a work project I want to make a secure point-to-point link between a Java application and a Python server. Here is the result of googling/tinkering to get the link working in Python...

The client side is pretty simple. Python comes with built in SSL support for connecting sockets. Basically you just wrap a standard socket with an SSL socket:

import socket

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('localhost', 12345))
sslSocket = socket.ssl(s)
print repr(sslSocket.server())
print repr(sslSocket.issuer())
sslSocket.write('Hello secure socket\n')
s.close()


The server is a bit more tricky, you need to install pyopenssl (apt-get install python-pyopenssl) for more SSL features. The server needs a private key and certificate to identify itself with.

The quick and dirty way to generate a test key+certificate is:

openssl genrsa 1024 > key
openssl req -new -x509 -nodes -sha1 -days 365 -key key > cert


And the server wraps the sockets much like the client does:

import socket
from OpenSSL import SSL

context = SSL.Context(SSL.SSLv23_METHOD)
context.use_privatekey_file('key')
context.use_certificate_file('cert')

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s = SSL.Connection(context, s)
s.bind(('', 12345))
s.listen(5)

(connection, address) = s.accept()
while True:
    print repr(connection.recv(65535))


OpenSSL also provides a test SSL client/server in the style of telnet/netcat, great for debugging:

openssl s_server -accept 12345 -cert cert -key key
openssl s_client -connect localhost:12345