1·
1 month agoThat’s what NodeJS and Deno are.
The point of the browser support means it runs on modern Web technologies and doesn’t need external binaries (eg: OpenSSL). It can literally run on any JS, even a browser.
- 0 Posts
- 18 Comments
Joined 1 year ago
Cake day: July 1st, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Just going to mention my zero-dependency ACME (Let’s Encrypt) library: https://github.com/clshortfuse/acmejs
It runs on Chrome, Safari, FireFox, Deno, and NodeJS.
I use it to spin up my wildcard and HTTP certificates. I’ve personally automated it by having the certificate upload to S3 buckets and AWS Certificates. I wrote a helper for Name.com for DNS validation. For HTTP validation, I use HTTP PUT.
I can spend 2 minutes scanning a page for a certain word every time I need to search for something.
But I’m very happy somebody spent the time to code Ctrl+F.
4·3 months agoWindows 10 and it’s not a good idea
Upmouse
I’ve been using uBOLite for about a year and I’m pretty happy with it. You don’t have to give the extension access to the content on the page and all the filtering on the browser engine, not over JavaScript.
Yeah, except for the first few bytes. PKCS8 has some initial header information, but most of it is the OCTET_STRING of the private key itself.
The PEM (human “readable”) version is Base64, so you can craft up a string and make that your key. DER is that converted to binary again:
/** * @see https://datatracker.ietf.org/doc/html/rfc5208#section-5 * @see https://datatracker.ietf.org/doc/html/rfc2313#section-11 * Unwraps PKCS8 Container for internal key (RSA or EC) * @param {string|Uint8Array} pkcs8 * @param {string} [checkOID] * @return {Uint8Array} DER */ export function privateKeyFromPrivateKeyInformation(pkcs8, checkOID) { const der = derFromPrivateKeyInformation(pkcs8); const [ [privateKeyInfoType, [ [versionType, version], algorithmIdentifierTuple, privateKeyTuple, ]], ] = decodeDER(der); if (privateKeyInfoType !== 'SEQUENCE') throw new Error('Invalid PKCS8'); if (versionType !== 'INTEGER') throw new Error('Invalid PKCS8'); if (version !== 0) throw new Error('Unsupported PKCS8 Version'); const [algorithmIdentifierType, algorithmIdentifierValues] = algorithmIdentifierTuple; if (algorithmIdentifierType !== 'SEQUENCE') throw new Error('Invalid PKCS8'); const [privateKeyType, privateKey] = privateKeyTuple; if (privateKeyType !== 'OCTET_STRING') throw new Error('Invalid PKCS8'); if (checkOID) { for (const [type, value] of algorithmIdentifierValues) { if (type === 'OBJECT_IDENTIFIER' && value === checkOID) { return privateKey; } } return null; // Not an error, just doesn't match } return privateKey; }I wrote a “plain English” library in Javascript to demystify all the magic of Let’s Encrypt, ACME, and all those certificates. (Also to spin up my own certs in NodeJS/Chrome).
Edit: To be specific, PKCS8 is usually a PKCS1 (RSA) key with some wrapping to identify it (the OID). The integers (BigInts) you pick for RSA would have to line up in some way, but I would think it’s doable. At worst there is maybe a character or two of garbage at the breakpoints for the RSA integers. And if you account for which ones are absent in the public key, then anybody reading it could get a kick out of reading your public certificate.
There is no section 15 or 16 in GPLv3, but I did find section 7 saying:
Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
But that’s an optional thing that you must add onto the GPLv3 license. I’ll have to keep that in mind for the future.
That would explain why what I’ve read mentioned it’s not guaranteed in GPLv3 (when comparing to MIT). I’ll have to figure out what that notice would look like.
GPL has no requirements for author attribution which is contrary to the entire point of an MIT license.
That’s why I described it as joining the Borg. You release individualism and freely give it to the collective. That’s cool, and I get the ethos behind all that, but I don’t want to add any of those constraints to my code. I just don’t want credit for my work or the others to get lost. I don’t think it’s a hard ask.
Regardless, we ended up ultimately being a full replacement for the other project.
I don’t care if people make money to use my code. I just want my name attached to it somehow, even if you make it closed sourced which is MIT and OpenBSD. I hope you do use my code and even if you heavily reference it to make something new, carry that forward so more can learn and benefit.
I also don’t understand “better for the end user” arguments either. I have a library that people want to be included in another project, but that project is GPL. They won’t merge my code unless I change my code to be GPL. So everyone who wants them merged is out of luck. I can’t merge their code either with mine. What is supposed to happen is I freely give up my name to the code and restrict it to only being GPL and for GPL projects. Essentially, assimilate and join with the Borg. No, thanks.
And while that’s from my experience, I’ve also seen good projects get traction, have excitement over it, and fall off the earth because they end up making it GPL. Everyone interested in adopting it, personal or business, just disappear. Then something with less restrictions comes along and gets adopted.
End-users move to what’s better for them, and if you have a library that is only for GPL, you can end up limiting your options with a wasteful purity test. If you want it to be free you’d give freely with no restrictions. And if you think, “You can contact me to discuss licensing” that doesn’t happen. It’s still a restriction and almost nobody actually bothers.
No, but they’ll mention in their commercials how many millions they helped donate to charity. They’ll include a shot of somebody in a wheelchair or with some sort of injury smiling. Then they’ll show one of their workers smiling. Then, for some reason, the sun blowing out the camera lens. Finally they’ll show their logo and the charity’s logo, maybe with a line saying how much they care.
standard keyboard
That’s easy: Alt+130
But for a tenkeyless one, that’s what Wikipedia highlighting is for.
2.54cm is easier for me because I do
2.04x + ½x.8 inches?
16.32 + 4 = 20.3212?
24.48 + 6 = 30.4830?
61.20 + 15 = 76.2060?
122.40 + 30 = 152.40I don’t know why, but I find this easier. Maybe because it’s 4x, 2x, and ½ and my brain doesn’t like adding 32 and working in 1.8.
Judkins said that after the finger test, a lead cybertruck engineer at Tesla said he did the video wrong.
Exactly. Hence the filter.
I have just dumped code into a Chrome console and saved a cert while in a pinch. It’s not best practices of course, but when you need something fast for one-time use, it’s nice to have something immediately available.
You could make your own webpage that works in the browser (no backend) and make a cert. I haven’t published anything publicly because you really shouldn’t dump private keys in unknown websites, but nothing is stopping you from making your own.