Monday, 4 September 2017

[RFC 4226] HOTP for BlackBerry 10 (QNX 6)

Implemented RFC 4226 - HOTP: An HMAC based One-Time-Password algorithm for BlackBerry 10 running QNX 6. Uses BlackBerry Cryptographic Kernel version 5.6 (SB-GSE-56). Various things are pending and the app in the current state can be found at github called QAuthenticator. A reference implementation of the algorithm in Groovy is at hotp.groovy.

I must say, BlackBerry cryptography library is just fantastic. And Qt makes C++ fun to program after me programming in higher level languages like Clojure.

Sunday, 3 September 2017

Linking Libraries in a BlackBerry 10 Cascades Project

Usually when developing C/C++ project we specify linked libraries in a Makefile. With BlackBerry 10 Cascades project, the libraries can be added in the <ProjectName>.pro file. This file is less clouded than the Makefile and easily manageable. For example, if you are developing a crypto app, you need to link the crypto library which is huapi. Add the below to the .pro file.
LIBS += -lhuapi
Else we will get errors like undefined reference to symbol and error adding symbols: DSO missing from command line.
Now we are ready to conquer the world!

Monday, 21 August 2017

Getting Started with Cordova and ClojureScript

This is a small writeup about getting started quickly with Cordova and ClojureScript.

1. Install cordova as usual.
$ sudo npm install -g cordova
2. Create an app.
$ cordova create MyApp
3. Add platform.
$ cd MyApp
$ cordova platform add ios
Cordova app is all set. Now instead of JavaScript we want to use ClojureScript. This part can be treated as a separate project. Write ClojureScript, compile it to JavaScript, place it in the www folder of the cordova project and build the project as usual with appropriate overrides in the respective platform folders.

Install leiningen, Java 8, Clojure 1.8.
1. Create a lein project. (We are inside MyApp folder).
$ lein new my-app
2. Update the project.clj as shown.
(defproject myapp "0.1.0"
  :description "My Lovely App"
  :url ""
  :plugins [[lein-cljsbuild "1.1.7"]]
  :dependencies [[org.clojure/clojure "1.8.0"]
                 [org.clojure/clojurescript "1.9.521"]]
  :cljsbuild {
    :builds [{
      :id "core"
      :source-paths ["src"]
      :compiler {
        :output-to "../www/js/myapp.js"
        :optimizations :whitespace
        :pretty-print true}}]})
The source folder is the src in the my-app directory. Now we are ready to write some code.
3. The main file inside src is com/example/myapp/core.cljs
(ns com.example.myapp.core)

(defn foo []
  (println "Hello, World!"))  ; Note we use println rather than console.log

(enable-console-print!)  ; this translates the println to console.log
(set! js/foo foo)  ; export the function declared in this module (namespace) to global
3. Compile the ClojureScript to JavaScript. This will watch for modifications and auto compile every time.
lein cljsbuild auto
4. Include the my-app.js in the index.html file and load it in the browser. Open console and type foo(), which will print Hello, World! to the console.

Now we are in the right path to building lovely apps with ClojureScript and Apache Cordova! But there is a caveat. This hello world app generate 32281 lines of code. I do not see much advantage in using ClojureScript as I am a big believer of being a minimalist when doing front-end development and pretty comfortable with all the craziness that JavaScript offers. Plus this has to run on smartphones and consume less energy but I don't have the luxury of going fully native. So my take, pure JavaScript.

Thursday, 17 August 2017

NPE in getUnmarshallerFactory() in OpenSAML 3

If you are getting NullPointerException when trying to get unmarshaller factory in OpenSAML 3, means most likely OpenSAML 3 has not been initialized. I was calling OpenSAML 3 methods in my unit test suite which gave me the below error. Call (InitializationService/initialize) to initialize the library. My main program does the initialization, so I do not get error when running, but unit test does not invoke that code path.
lein test :only com.concur.saml.saml-test/saml-response

ERROR in (saml-response) (
Uncaught exception, not in assertion.
expected: nil
  actual: java.lang.NullPointerException: null
 at org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport.getUnmarshallerFactory (
    com.concur.saml.core$get_response.invokeStatic (core.clj:253)
    com.concur.saml.core$get_response.invoke (core.clj:249)
    com.concur.saml.saml_test$fn__7679.invokeStatic (saml_test.clj:22)
    com.concur.saml.saml_test/fn (saml_test.clj:19)
    user$eval85$fn__136.invoke (form-init5596096413821124374.clj:1)
    clojure.lang.AFn.applyToHelper (
    clojure.lang.AFn.applyTo (
    clojure.core$apply.invokeStatic (core.clj:648)
    clojure.lang.AFn.applyToHelper (
    clojure.lang.Var.applyTo (
    clojure.main.main (

Ran 1 tests containing 1 assertions.
0 failures, 1 errors.
Tests failed.

Wednesday, 31 May 2017

Slide - SAML, Variants, Functors, Monads and Exceptions

A presentation I gave at work (SAP Concur) on SAML, using variants and exception handling in Clojure, functors, applicative functors and monads in Haskell and how Maybe and Either monads short circuits during exception and such. Removed some internal code and links.

The variant C code can be downloaded from Github.
Download this slide from Github.

Friday, 12 May 2017

BlackBerry Passport MicroSDXC Card Support

BlackBerry Passport supports microSD cards upto 128GB. microSDXC cards can also be used with it. However, BlackBerry 10 recognises only FAT formatted external partitions and these cards comes mostly with ExFAT. So the device will show that the media card is not supported and is downloading drivers, but it will fail with an error. To fix this, erase the card and choose FAT as the partition format. Then the OS will recognise the microSDXC card.

Monday, 8 May 2017

Get RSA PublicKey from XML Key Format

Here is a script (prototype) in Groovy to get RSA PublicKey from XML public key. You might encounter such XML keys, say during .NET interop.
import javax.xml.parsers.DocumentBuilder
import javax.xml.parsers.DocumentBuilderFactory
import org.w3c.dom.Document
import java.nio.charset.StandardCharsets

def rsaPubXML = "ANxn+vSe8nIdRSy0gHkGoJQnUIIJ3WfOV7hsSk9An9LRafuZXYUMB6H5RxtWFm72f7nPKlg2N5kpqk+oEuhPx4IrnXIqnN5vwu4Sbc/w8rjE3XxcGsgXUams3wgiBJ0r1/lLCd6a61xRGtj4+Vae+Ps3mz/TdGUkDf80dVek9b9VAQAB"
def docBuilderFactory = DocumentBuilderFactory.newInstance()
def docBuilder = docBuilderFactory.newDocumentBuilder()

def b64Decode(enc) {

Document xmlDoc = docBuilder.parse(new ByteArrayInputStream(rsaPubXML.getBytes(StandardCharsets.UTF_8)))

def modulus = xmlDoc.getElementsByTagName("Modulus").item(0).textContent
def exponent = xmlDoc.getElementsByTagName("Exponent").item(0).textContent
println "modulus: ${modulus}\nexponent: ${exponent}"

RSAPublicKeySpec keySpec = new RSAPublicKeySpec(new BigInteger(b64Decode(modulus)), new BigInteger(b64Decode(exponent)));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey key = keyFactory.generatePublic(keySpec);

println "key: ${key}"
This gives the following output.
modulus: ANxn+vSe8nIdRSy0gHkGoJQnUIIJ3WfOV7hsSk9An9LRafuZXYUMB6H5RxtWFm72f7nPKlg2N5kpqk+oEuhPx4IrnXIqnN5vwu4Sbc/w8rjE3XxcGsgXUams3wgiBJ0r1/lLCd6a61xRGtj4+Vae+Ps3mz/TdGUkDf80dVek9b9V
exponent: AQAB
key: Sun RSA public key, 1024 bits
  modulus: 154774478177095248394968828543369801032226937226535865231262824893513573019304152154974259955740337204606655133945162319470662684517274530901497375379716962851415879364453962123395223899051919634994929603613704222239797911292193776910691509004328773391280872757318122152217457361921195935350223751896771182421
  public exponent: 65537
Note that the modulus must be a positive integer. If you are working with other JVM languages and are getting a negative integer value, specify the signum as 1 in the BigInteger(1, b64Decode(modulus)) function call. The exponent must always be 65537 as of now because that is the largest Fermat's Prime known today.