Download Latest Version
Phoenix - NUX Micro skin ++ source code.tar.gz (781.8 kB)
Get an email when there's a new version of Phosphorus Five
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| Documentation.pdf | 2018-06-22 | 4.7 MB | |
| binaries.zip | 2018-06-22 | 6.2 MB | |
| install.sh | 2018-06-22 | 10.6 kB | |
| Source-Complete-With-Submodules.zip | 2018-06-22 | 6.2 MB | |
| Phoenix - PGP Lambda Web Services source code.tar.gz | 2018-06-22 | 780.7 kB | |
| Phoenix - PGP Lambda Web Services source code.zip | 2018-06-22 | 1.2 MB | |
| README.md | 2018-06-22 | 8.4 kB | |
| Totals: 7 Items | 19.2 MB | 0 | |
Phoenix release version 8.4
About this release
For this release security has gained (yet more) significant improvements. Among other things, the passwords in the "auth.hl" file are now being slowly hashed with "bcrypt". Internally bcrypt is using a Blowfish algorithm, largely eliminating the ability an adversary has to create a Rainbow/Dictionary attack, if having physical access to the (unencrypted) password file somehow.
PGP Lambda Web Services
Hypereval now contains a generic PGP enabled web service endpoint, that allows you to cryptographically sign and (optionally) encrypt MIME envelopes, passing in Hyperlambda, to be evaluated on the web service endpoint. This allows you to securely have the client supply the code that is to be evaluated on the web service endpoint, resulting that you at least in theory can create a single web service endpoint, solving all your web service needs.
If you wish, you can configure the web service to only allow for certain PGP keys, modify its whitelisted events, and modify tons of other settings allowing you to fine grain access to it, any ways you see fit. The web service endpoint will also by default create a GUI if its initial request is an HTTP GET request, allowing you to play around with code to create web service constructs, you consume in your own code.
In addition, a client side wrapper has been created, who's name is [micro.web-service.invoke], that allows you to easily invoke web services, and does most of the heavy lifting for you.
Refactoring, cleaning up, and further tightening security
Security has gain yet another significant improvement, using "bcrypt" and a Blowfish based algorithm to store the passwords, among other things. Parts of the C# code has been significantly cleaned up, and improved. Among other things, you can now (more easily) exchange the PgpContext your server is using. However, the default implementation is to store the PGP keys in "GNUPG" format, AES encrypted.
Improved PGP administration
The PGP features of Phosphorus Five has been significantly improved, allowing you to among other things, communicate your server's public PGP key outwards from a URL resolved through "Micro". In addition, during the initial setup of your server, you can choose to have your server's public PGP key automatically submitted to a key server of your choosing, and while parsing a cryptographically signed MIME envelope, the system will automatically download any public PGP keys that were used to sign the MIME message.
Parts of this has still not been adequately documented, which will be prioritised in the next release - But if you're interested, you can check out my blog - Or read the source code for details about this.
Breaking changes
There are unfortunately some breaking changes that had to be applied for this version, to increase security. See the CHANGES.md document for details.
Shitty programming contest
Some guy over at the Reddit group called "shittyprogramming" said the following; "Hyperlambda is an amalgamation of busswords and hype". As I defended myself and Phosphorus Five, the debate got a little "heated", and one of the moderators decided to create a "shitty programming death match". This will go down 8PM EST tonight, on the 22nd of June 2018. If you're interested in watching the contest, feel free to check out "Issues" here at the project's GitHub website, since I will be posting a URL from where you can watch the contest being streamed live. The contest will probably last for some 2-3 hours, and you can see the time for the contest in your local time here.
The idea of the contest is to implement some sort of application specification, which neither me nor my opponent will get to know, before the contest starts. The winner is the guy who has finished first. My opponent is the guy who implemented Lily.
The winner will be actively promoted on the sub-reddit, while the looser will be banned from the group. However, I have already told them that I'll leave the group anyway, since my sole reasons for being there in the first place, was to prove them wrong.
Using the Source Code version
IMPORTANT - Please download the Source-Complete-With-Submodules.zip file, which includes all submodules. If you get a blank page when debugging, this is highly likely your problem!
Visual Studio for Windows - Make sure you turn OFF the "Browser sync" features of Visual Studio before you start your debugging session.
Please make sure you have installed Visual Studio, Mono Develop, or Xamarin. In addition, you'll need to have access to a MySQL database, and edit your "/core/p5.webapp/web.config" file, such that your connection string points to your MySQL instance. If you don't have MySQL installed, Phosphorus Five will still function partially, such as Hyper IDE, and some of the other modules - But you will not get the full experience.
Installation process (for non-geeks)
- Install Visual Studio Community Edition - You can skip this if you already have Visual Studio, Mono Develop or Xamarin installed.
- Install MySQL Community Server - You can skip this if you have access to an (other) MySQL server somewhere
- Download and unzip Phosphorus Five
- Edit your "/core/p5.webapp/web.config" file from Visual Studio, and supply your MySQL password in the "MYSQL_GENERIC_CONNECTION_STRING" section. Below is an example of how your entire connection string setting should look like.
- Turn OFF Browser Sync in Visual Studio if you are using the Windows version. This is a toolbar button, that looks like a "round arrow".
- Start debugging by clicking "F5" or the "play" button in Visual Studio
- Have fun :)
Example MySQL connection string setting from "web.config".
server=127.0.0.1;SslMode=none;User Id=root;Password=YOUR_MYSQL_PASSWORD_GOES_HERE;charset=utf8mb4;allowPublicKeyRetrieval=true;
Exchange the YOUR_MYSQL_PASSWORD_GOES_HERE parts above with your actual MySQL password, which you chose during installation of MySQL.
Notice - The above connection string allows retrieval of the public encryption key over a non-secure connection. This is probably what you want for your local source code and development machine - But you'd probably want to change this for your production website.
Installing binaries on a Linux/Ubuntu server
Important - Currently the installation script only works on Linux Ubuntu version 16.04. Sorry for the inconvenience, I am trying my best to fix this though, and will shortly hopefully provide a fix allowing you to install it also on later versions.
To install a new binary release on a Ubuntu server, type in the following to download the installation script in a terminal window. Make sure you don't have an old "install.sh" file in the same folder from before.
wget https://github.com/polterguy/phosphorusfive/releases/download/v8.4/install.sh
Then execute the following command to make your installation script become an executable.
chmod +x install.sh
Then start the installation process with the following.
sudo ./install.sh
The above "install.sh" script have only been tested on Ubuntu Server, version 16.04.4, but it might work on other versions. You can probably easily edit the actual script yourself, if you'd like to make it work with other Debian based systems.
Documentation
The system is largely literate, and contains its own documentation. However, for convenience purposes, I have included the PDF documentation as a separate file here. You can also generate this file yourself, from within the system.