private network (1,373 views)

Private Network is a WordPress plug-in that allows Administrators at different WordPress installations, for example www.alice.com and www.bob.com, to share remotely their private and public posts and pages.

How does it work:

Say that Alice, the Administrator of www.alice.com wants to share her private posts with her best friend Bob that is the Administrator of www.bob.com;
this are the steps that both Alice and Bob would have to follow:

  • Install Private Network plug-in and create the Certificate as per instructions below.
  • Go to the admin section of Private Network and click “Contacts”
  • Alice will have to enter Bob’s URL (www.bob.com) and Bob’s user-name (this is by default “admin”) in the provided text fields.
  • Bob contact will appear in Alice’s contacts list with status “Awaiting Confirmation”
  • Next time Bob logs-in to his site’s (www.bob.com) admin section and checks his contact list will notice Alice request with status “Confirm Contact”
  • Bob approves Alice request by pressing the “Confirm Contact” button and then enables her to view his private posts by setting the status to “Enabled”
  • Then Bob edits Alice’s Access Control List (ACL) adding items (categories, tags,posts,pages) that he wants to share with Alice
  • Alice checks her contacts again and sees that Bob has confirmed her as a contact. She copies and paste the tag in her contact list associated with “Bob” into a new post (preferably a private post), saves the post and she can now view, from her blog, the items that Bob has shared with her.

Installation

  1. Upload `private-network` to the `/wp-content/plugins/` directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Create your certificate from `Settings`=> `Private Network` => `Certificate`
  4. Add contacts from `Settings` => `Private Network` => `Contacts`
  5. Edit contact’s Access Control List (Edit ACL), adding items to share with contact

Requirements

  • PHP 5 with OpenSSL support

Certificate fields

The Certificate is in X.509 format and includes the following fields:

  • name => WP user login (i.e. “admin”, this could be hashed to make it invisible ? feedback welcome)
  • commonName => WP user display name
  • organizationName => WP url address
  • subjectAltName => user email address
  • countryName => a 2 letter code of country (i.e. GB, US etc.)
  • stateOrProvinceName => state or province (if not provided by the user the countryName is used)
  • localityName => city

The following assumes that Alice and Bob are two principals, administrators of their own blogs at www.alice.com and www.bog.com respectively, have Private Network installed and have created their Certificates.

Certificate Exchange

Certificate exchange happens at the moment that one of two principals adds the other as a contact, lets say that Alice wants to add Bob as a contact, the following will happen:

  1. Alice adds the url of bob (www.bob.com) into the field in the contacts section of Private Network and presses the Add button
  2. A post request containing Bob user-name and Alice X.509 Certificate in PEM format is sent to www.bob.com
  3. as www.bob.com receives the post request several validity check are carried out including: the certificate is a valid X.509 certificate, it contains all the required fields, the request comes from the ip address that the certificate claims to be belonging to
  4. if the request passes all the validity checks, the PEM certificate is hashed (sha256) to be used as an identity key of Alice and stored as a new record with other details including: the IP address, contact display name (extracted from the certificate), certificate in PEM format, email address (extracted from certificate)
  5. At this stage Bob will need to Confirm Alice’s contact request. Before confirming the request it is recommended (but not necessary) that Bob confirms with Alice her identity key, the identity key can be seen by Alice on her Certificate summary page, while bob can see it next to Alice record in his contact list. Note that it is strongly advisable to confirm the identity key in the case when the IP address shows as NOT verified.
  6. Upon Bob pressing the “Confirm Contact” button a post request is sent to Alice containing Bob’s X.509 Certificate in PEM format and Alice user name
  7. as www.alice.com receives the request the same validity check as point 3 are carried out on Bob’s request paramters
  8. As the validity check pass, Bob’s contact is updated on Alice contact table
  9. At this stage both contacts appears on each other box with status “Disabled”
  10. Bob will have to change Alice contact status to “Enabled” to let Alice retrieve his private posts, in the same manner Alice will have to change Bob contact status to “Enabled” to let Bob retrieve her private posts.
  11. Principals can disable or delete a contact at any moment to stop the other from viewing their own private posts.

Authentication Protocol

Context: it is assumed that Alice and Bob have already exchanged their certificates (i.e. they appear as a contact in each other contacts list) and Alice wants to start viewing Bob private posts.
Alice will have created a post (better if private) an pasted into it Bob’s tag that appears next to Bob’s record on Alice contacts list. As Alice is viewing Bob’s private posts the following authentication protocol would have taken place:

  1. www.alice.com will send a post request to www.bob.com containing bob’s identity key and alice identity key.
  2. Upon www.bob.com receiving the request, it will pull out Alice contact details, do various checks including, IP address of request compared with stored Alice IP address
  3. www.bob.com will create 2 fresh 256 bits random number, lets call them nonce and secret
  4. nonce and secret will be combined as follow nonce:secret then encrypted with Alice public key and signed with Bob’s private key
  5. The nonce, the secret and other details including the timestamp and the identity keys will be stored in a session table for later use
  6. The encrypted nonce:secret combination together with the signature are sent back to www.alice.com base64 encoded.
  7. Upon www.alice.com receiving www.bob.com ‘s request, it will validate www.bob.com signature using Bob’s public key, (Effectively authenticating Bob) then will decrypt the nonce:secret combination
  8. At this stage www.alice.com will generate her half of the secret, another 256 bit fresh random number which combined with the decrypted Bob’s secret can be used (although is not used on this implementation) to encrypt subsequent transactions between www.alice.com and www.bob.com.
  9. www.alice.com will combine the nonce received from www.bob.com with her half of the secret in the following manner: nonce:secret then it will encrypt both using Bob’s public key and sign it using Alice’s Private key
  10. www.alice.com will send a post request to www.bob.com containing the nonce in the clear, acting as session identifier, the signature and the encrypted nonce:secret combination
  11. www.bob.com will extract session details keyed by session identifier (sessions older than 1 minute are discarded), and do various checks including IP address comparison between current request and previous request stored in session table, then will verify www.alice.com signature using Alice’s public key (Effectively authenticating Alice), then will decrypt the nonce:secret combination, and concatenate his half of the secret with Alice’s half (again this can be used as key to encrypt subsequent messages from www.alice.com and www.bob.com, but it is not used on this implementation)
  12. at this state both www.alice.com and www.bob.com have authenticate each other and www.bob.com will send a response that includes the current session and Bob’s private posts.
  13. lastly www.alice.com upon receiving the response will compare the session received with the stored one and if they match it will output Bob’s private posts to Alice.

Considerations

The above descriptions of Certificates exchange and Authentication Protocol, are to be seen as a very high level description, a much more detailed view can be seen by looking at the actual code.
Furthermore I like to clarify that by no means I am a cryptographic expert, I enjoy security issues and cryptology in general, I had fun reading Bruce Schneier book “Practical Cryptography” but this doesn’t make me an expert.
I agree with Schneier claim that secure cryptographic algorithms are easier to implement then secure cryptographic protocols.

Download

Short disclaimer first:
Private Network plug-in is provided to you without any warranties, representations or gurantees of any kind, INCLUDING, WITHOUT LIMITATION THE WARRANTY OF MERCHANTABILITY AND WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE.

BY USING THE PLUG-IN YOU EXPRESSLY ASSUME ALL RISK OF LOSS ASSOCIATED WITH ANY DATA LOSS OR ANY DAMAGE ALLEDGED TO HAVE BEEN CAUSED BY THE PLUG-IN.

Provided you are happy with the above disclaimer please download the plug-in Private Network and enjoy !

In the future
In future versions of the plug-in I would like to:

  • Revise the Authentication Protocol
  • Add support for SSL (i.e. https)
  • Maybe share single attachments

Feedbacks and bugs

Please leave any feedback or bug report using the comment box below.

18 Responses to “private network”

  1. Very nice sounding plugin Andrea – lots of potential scope for other forms of private communication between blogs too. I’m looking forward to diving into your code :)

  2. Thanks John, I must admit I had fun, the code is very OO but not very commented I am afraid.

    OAuth and of course OpenID have a great momentum at the moment, and for good reasons, however I like the good old X.509 and I think that there are circumstances where a pair of RSA keys and a certificate perfectly fit the bill.

    Having said that I am itching to put OAuth into practice, maybe on the second release of this plug-in… while the current protocol could take care of authentication OAuth could be used for granting access to resources (posts, whole categories, pages, etc.), but we might see all of this in action soon (OAuth) from the diso guys (http://diso-project.org/).

    Anyway thanks again for your feedback is very appreciated.
    Andrea

  3. cool! u have a screenshots or video tour? :)

  4. Hi Tiago,
    yes you can find screenshots here: http://wordpress.org/extend/plugins/private-network/screenshots/

    I am currently working on version 1.1 that will allow Administrators to share entire categories, posts with particular tags, or single posts or pages.
    Will also be possible to share public items.

    Thank you for your feedback.
    Andrea

  5. P Smith says:

    Can anyone confirm getting this to work on godaddy or host gator? I have installed on both and receive errors when clicking on contact.

    Fatal error: Class ‘FormProcessor_pnProcessContact’ not found in /home/content/p/h/i/phillipsmithsr/html/BLOG/wp-content/plugins/private-network/controller/pnAdminController.php on line 56

  6. Hi P Smith,

    did you do an upgrade from version 1.0 to 1.1 ?

    it seems to be an error related with some kind of code mix-up between version 1.0 and 1.1. This class ‘FormProcessor_pnProcessContact’ does not exists in v1.1 of the plug-in.

    I double checked the code of v1.1 currently on WP, and it looks fine.

    I suggest the following:
    1) deactivate the plug-in from you admin section
    2) totally remove the private-network directory from you server i.e: rm -rf /home/content/p/h/i/phillipsmithsr/html/BLOG/wp-content/plugins/private-network
    3) download a new fresh version of private-network from WP here: http://wordpress.org/extend/plugins/private-network/
    4) installation and activation as usual

    Let me know if you still have problems after the new fresh installation.

  7. DjZoNe says:

    Your plugin sounds amazing, I can’t wait to try it out :)

  8. The description sounds like a dream come true – I maintain lots of sites and I have tried many solutions to providing WordPress/plugins/server information to each of the site admins. If I can get this to work it should be a perfect solution to posting common (but private) information once on my main site and Private Networking the appropriate posts / pages to each of the admins.

    Here’s the problem:

    I followed the instructions –

    1. created, exchanged, and verified certificates;
    2. created a category and several tags, then created a page and two posts which I tagged and categorized;
    3. Edited the ACL of my contact and selected the category, tags, posts, and page, and checked to share public and private – which now all appear under “Shared Items”
    4. logged into my contact site, got the tag from Settings => Private Network, and created a private post into which I inserted the tag “[pn-Z ... JK0=]” (without the quotes).
    5. I saved and viewed post, but all I get is the message:

    “No posts from: (my central test and admin site)”

    As a test, I also tried going the other way, but got the same results:

    “No posts from: http://iconicwoman.com

    Clearly it is finding the name of the source website in both directions, but it is not finding the selected pages and posts.

    I am running WordPress 2.8.2, and PHP 5.2.5 with openssl extension.

    Is this a bug, or am I doing something wrong?

  9. Hi Nicholas,

    thank you very much for your comment.

    Each contact has a “Status” field, this field is just before the “Tag” field, the status should be set to “Enabled”.

    Please let me know if that was not the problem, I have the plug-in working with similar settings as yours, so I am confident we should be able to make it work in your environment too.

  10. Graham Lee says:

    I have to give this a try, it sounds brilliant for content distribution

  11. Thanks Graham,

    please post your feedback when you get to try it.

  12. Michel says:

    bonjour, je suis passer par hasard sur votre blog, et je le trouver super bien fait, je tenais a vous laissez un petit commentaire pour vous souhaitez une bonne continuation, amicalement.

  13. @Michel
    Je vous remercie beaucoup pour vos commentaires

  14. Graham Lee says:

    I have the plugin installed, contacts verified and they are enabled and IP saying verified. I have allowed setup access to some private post ob both sides but I cannot nothing nada, zilch.I’m not exact sure how I see should view the post, will they be posted from one admin account to the next or should I view the post remotely?I can see some great use for this so I’m very keen to get it workingthank youGraham

  15. Hi Graham,
    to be able to see your contact posts you need to create a post with your contact “Tag” in it.
    The “Tag” to add to your post looks something similar to this “[pn-jAXbrnGz/8Ev51v6hj7ySD22D06dNZW8wuMC8nGCuGQ=]” and you find it in the “contacts” page of the admin section of the plug-in, next to the “Enable” button.
    let me know if it does not help.

    andrea

  16. It’s loads of fun. I do wish people would just leave comments so we can all have fun together! I simply have got to find a way for them to speak up! =)

  17. [...] not about to code that monstrosity myself, but I am going to see how well Andrea Belvedere’s Private Network can scale to my own social network (you [...]

Leave a Reply