Native Weave Client

Braindump about the native weave client

Goal

This is all about creating a native (C or C++) weave implementation to make it easier to port to other (mobile) platforms.

We currently have two official implementation: JavaScript and Objective-C. Both are pretty much limited to the host platforms that they were initially written for.

The goal is not to create a full weave client. This project will only provide a library that can be embedded in a larger work to enable sync functionality.

Components

HTTP REST Client

The Weave protocol is HTTP based. We need a client that will handle:

• HTTPS
• Basic Auth
• GET
• PUT
• DELETE

JSON

All Weave data is serialized as JSON. We need to both parse and generate JSON.

Cryptographic primitives

We need the following cryptograhic functions:

• AES256/CBC/PKCS7 for record encryption/decryption
• SHA-160 for encoding email addresses as usernames
• HDKFSHA256 for deriving keys
• HMAC-SHA-256 for record validation

Data encoding & decoding

The following data encoding functions are used in Weave:

• Base16 for hashes
• Base32 for usernames
• Base32 with alternative characters for keys
• Base64 for data

Storage / Database

I think storage of records should be delegated to the application that is embedding the Native Weave Client. However, we can do a default implementation using SQLite.

SQLite is extremely portable and probably runs on all platforms that we are thinking of. It is also license compatible with both open source and closed source projects.