Monday, November 24, 2014

crypto keys, cold storage, etc...


Stainless Steel Fermentation Tanks at a popular winery in Northern California - Nikon D80
In the room where I took this photograph, the ambient light reflects off of the stainless steel vats creating a specular highlight known as an anisotropic reflection.

 Cold storage in the context of Internet jargon refers to the storage of cryptographic keys (private key) on some type of physical medium that is not connected to the Internet and is not susceptible to external electric fields.  A Faraday cage placed below the surface of the ground could be a choice.  Since cryptographic keys can be copied, the keys are stored at multiple geographic locations for redundancy in case of natural disaster.

For an explanation of private keys, key parirs, and symmetric vs asymmetric systems, please see my paper on Public Key Cryptography.

Friday, November 21, 2014

C++ - Generative Programming

Nikon D80 - Alcatraz from Twin Peaks
San Francisco Bay Area from Twin Peaks - Nikon D80


C++ IOStreams are a powerful mechanism for transforming input into output.  Most programmers are at least familiar with C++ IOStreams in the context of reading and writing bytes to a terminal or file.

When a file or terminal is opened for reading or writing by a process, the operating system returns a numerical identifier to the process.  This numerical identifier is known as a file descriptor.
In turn, the file or terminal can be written to by the process via this file descriptor.  The read and write system calls, which are implemented as wrappers in libc, are passed this numerical file descriptor.

Many layers of abstraction reside on top of the read and write system calls.  These layers of abstraction are implemented in both C and C++. Examples of C based layers of abstraction are fprintf and printf. Internally, these functions call the write system call.   An example of a C++ based layer of abstraction is the IOStreams hierarchy.  Out of the box, most C++ compiler toolchains provide an implementation of IOStreams.  IOStreams are an abstraction on top of the read and write system calls. When data is written to a terminal via an IOStream, the IOStream implementation calls the write system call.  Lastly, these layers of abstraction handle things such as buffering and file synchronization.

In UNIX, everything is a file. Consequently, network devices, virtual terminals, files, block devices, etc. can all be written to via a numerical file descriptor - this in turn is why UNIX is referred to as having a uniform descriptor space. With this being said, the basic IOStreams and printf abstractions I mentioned above are not designed to used with network sockets, pipes, and the sort.  The lower layer read and write system calls can be used but there are a number of functions that must be called before writing raw bytes to an open file descriptor that points to a network socket.

The additional functionality that is needed for communicating with network sockets, shared memory, and the like, can be implemented in classes that are derived from the C++ iostream class.  It is for this reason that the IOStreams classes are extended via inheritance.

Over the years, several popular C++ libraries have implemented classes that are derived from the base classes in the iostreams hierarchy.  The C++ Boost library is a popular example.  However; this has not always been the case.  Going back to 1999, the Boost library did not exist and there were one or two examples on the entire Internet as to how to properly extend the C++ IOStreams classes.  

In 1999, I pulled the source code for the GNU compiler toolchain that is available on gcc.gnu.org and derived a class hierarchy to support sockets, pipes, and shared memory. The methods in the classes that I derived from the base classes in the iostreams library were designed to be reentrant and easy to use.  I used generative programming techniques and template metaprogramming to create objects that could be instantiated using familiar C++ iostreams syntax and semantics. The library that I created is called mls and it is licensed under version 2 of the GPL.  MLS is available on github.

Since 1999, Boost has come a long way.  It provides support for cryptographic IOStreams, sockets, and all kinds of other fancy stuff. It uses generative programming techniques. It is very clean and I highly recommend it.

If you would prefer to roll your own, then I would suggest downloading the gnu compiler toolchain source code from gcc.gnu.org.  From there, you can run ctags over the source tree and begin to dig into the internals of the iostreams hierarchy. I would also recommend the following book 
Generative Programming - Methods, Tools, and Applications.  Last but not least, you'll need a Linux host with a reasonable distribution running on it, such as Fedora.

namespace mls 
{
  template<class BufType, int direction, class BaseType=mlbuf> class mlstreamimpl;
  template<class Parent, class BaseType=mlbuf> class mloutputimpl;
  template<class Parent, class BaseType=mlbuf> class mlinputimpl;
  template<class BufType, int direction, class BaseType=BufType>
  struct StreamConfig;
  template<class BufType, int direction, class BaseType>
  struct StreamConfig
  {
    typedef typename SWITCH<(direction),
    CASE<0,mlinputimpl<mlstreamimpl<BufType, direction, BaseType>, BufType>,
    CASE<1,mloutputimpl<mlstreamimpl<BufType, direction, BaseType>, BufType>,
    CASE<10,mlinputimpl<mloutputimpl<mlstreamimpl<BufType, direction, BaseType>, 
         BufType>, BufType >,
    CASE<DEFAULT,mlinputimpl<mlstreamimpl<BufType, 10, BaseType>, 
         BufType > > > > > >::RET Base;
  };
}

Wednesday, November 19, 2014

iLogMiles - Driver's daily log book for truckers

One of the most enjoyable and productive development experiences that I have been able to be a part of was the development of iLogMiles for iOS with my long-time friend, Zach Womack.

My business partner, Zach Womack, and I developed iLogMiles for iOS in 2009 and 2010. We designed and built iLogMiles for commercial drivers.  Zach and I worked together extensively on the design of the iLogMiles application.  My background is primarily software development and Zach's background and expertise are in the logistics and transportation industry.  Zach and I spent countless hours iterating over hundreds of revisions for each of the views in the application.  We poured through the human interface guidelines over and over, carefully selected the design patterns for the implementation, and ensured that every line of code adhered to Apple's iOS application submission guidelines.  We stuck to what works - design code build test - 1000x over. Sometimes in iterations less than one hour.  

As a result, iLogMiles was hugely successful.  Our efforts paid off and the application rose to the top of the app store in a short amount of time.  Please note that iLogMiles is no longer available on the App store as of late 2010 as I pulled it from the App store due to myself taking a corporate position.  Another developer picked up the iLogMiles name shortly thereafter and there is an app on the app store called iLogMiles but it is not associated with Zach or I.  Below are features and screenshots of the original iLogMiles application that Zach and I developed and published to the iOS app store.
For the database oriented reader, at the bottom of this post, there is an image of the SQLite data model that I designed for the application.

iLogMiles was featured in numerous publications and Ranked #2 on the App Store top free business apps in April 2010. iLogMiles received 2K downloads per day in 30+ countries at peak.
App released for the iTruckers on the road" - Today’s Trucking Magazine, April 2010.
“New iPhone App Provides Daily Log Book" - Heavy Duty Trucking Magazine, April 2010.
“Software developers keep churning out the apps” - Dallas Morning News, March 2010.
“Amid industry discussion…, smartphone logging apps proliferate” - Overdrive Magazine, April 2010.
“Two Dallas iPhone/iPad app developers hit milestones with iLogMiles…” - Dallas Morning News, April 2010.
YouTube videos for iLogMiles are available on the Applicandy - Mobile Software YouTube page.





Frameworks
  • UIKit
  • Foundation
  • Core Graphics
  • Core Data
  • Core Location
  • Quartz Core
  • System Configuration
  • Store Kit
  • MessageUI
  • Audio Toolbox

Computer Language(s)

  • C / Objective-C

Persistence
  • Core Data w/ sqlite store
  • Binary Plists

Additional Features
  • Preloaded Time Zones
  • Daylight Savings Time Auto Adjustment
  • Local Reverse Geo Coding
  • Preloaded U.S. cities for reverse geo coding
  • PDF Generation of data from persistent store
  • Plain text export of data from persistent store
  • View Customization with Themes
  • Mail Interface for export
  • Stateful tracking of duty status
  • PDF Generation
  • Auto DST Adjustment
  • Local Notifications

Initial Release Dates
  • 1.0 - April 06, 2010
  • 1.1 - May 10, 2010

SQLite data model

I designed this data model based on continual feedback from Zach.





















All of the above images are copyright Bryan Hinton and Zach Womack.