Or, rather, something to remind me of all the assorted nooks and crannies for next time.
Wednesday 11 January 2017
By JuroV on Wednesday 11 January 2017, 00:48 - BOFH
Sunday 11 December 2016
By JuroV on Sunday 11 December 2016, 00:10 - Rants
The post prompted me to consider . While I don't reject py3k out of hand, there is some foul smell.
Thursday 2 June 2016
By JuroV on Thursday 2 June 2016, 22:07 - Programming
All snippets are for Python 2.
Extracting parameters from SSH key.
The format is blessedly simple, so we can do this without additional libraries. For anything beyond, paramiko probably has it.
import base64 import struct import binascii def parsersakey(data): """:param data: RSA ssh pubkey string in rfc4253 ssh-rsa format :returns tuple exponent,modulus,comment. """ data = data.encode('ascii').split(b' ',2) x = base64.b64decode(data) res =  start = 0 while(start < len(x)-4): l = struct.unpack('>l',x[start:start+4]) r = struct.unpack('%ds' % l, x[start+4:start+4+l]) start = start+4+l res.append(r) if(len(res) != 3): raise Exception("unexpected # of pieces: %d" % len(res)) if(start != len(x)): print("len got: %d expected: %d" % (len(x),start)) res.append(x[start:]) else: res.append() if res != b"ssh-rsa": raise Exception("not rsa key: %s" % binascii.hexlify(res)) e = 0 for i in res: e = (e<<8) + ord(i) N = 0 for i in res: N = (N<<8) + ord(i) return (e,N,data if len(data) == 3 else '')
Creating an PGP pubkey from the parameters
Uses PGPy 0.4.0. There is no API for creating keys from known RSA parameters, so the classes need some massaging. YMMV using other PGPy version.
The resulting key can be converted to rfc4880 form just by applying str() on it.
import pgpy from pgpy.packet.fields import RSAPub,MPI from pgpy.packet.packets import PubKeyV4 from pgpy.constants import PubKeyAlgorithm def custRSAPub(n,e): res = RSAPub() res.n = MPI(n) res.e = MPI(e) return res def custPubKeyV4(custkey): res = PubKeyV4() res.pkalg = PubKeyAlgorithm.RSAEncryptOrSign res.keymaterial = custkey res.update_hlen() return res def rsatogpg(e,N,name,**idargs): """ :param e,N: RSA parameters as Python integers or longints :param name: Identity name :param idargs: PGP Identity parameters, such as comment,email :return: PGPy pubkey object """ rsakey = custPubKeyV4(custRSAPub(N,e)) pgpkey = pgpy.PGPKey() pgpkey._key = rsakey uid = pgpy.PGPUID.new(name, **idargs) uid._parent = pgpkey pgpkey._uids.append(uid) return pgpkey
Sunday 10 April 2016
By JuroV on Sunday 10 April 2016, 23:43 - Rants
This blog, as any blog, attracts plenty of comment spam. But so far there's not much traffic and I was filtering it manually. There is lot of repeated spam, which should be easy to filter automatically.
Wednesday 2 March 2016
By JuroV on Wednesday 2 March 2016, 00:23 - Rants
I had problems to find stuff in deedbot archive, so decided to make a mirror to be able to grep things in. Such a simple website would be an ideal job for wget, no?
Tuesday 1 March 2016
By JuroV on Tuesday 1 March 2016, 17:26 - F.MPIF
The trading was not very eventful, so I ceased to blog the report every month and they were published only via deedbot. But having some TOC for them is in order.
Monday 29 February 2016
By JuroV on Monday 29 February 2016, 16:41 - Eulora
I have not commented on Eulora here yet, afraid it would come out as rambling and swearing. Mostly due to need for repetitive tasks and barely adequate bots in existence. I play it quite much anyway, even became official dealer of game currency.
Wednesday 2 December 2015
By JuroV on Wednesday 2 December 2015, 20:25 - Rants
I have found myself in the middle of depressing discussion about XSS. A security company released scary video how it is used in practice to hijack admin session. And the reactions? As usual.
"This won't happen with $magicunicornframework, ain't no shitty PHP."
"Easy, just tie it to user's browser version, system version, IP address, geo location, shoe size...."
"That's banal bug, we only need proper sanitation of user input."
As it happens to me more and more often recently, such situations ring my "let's invent us an profitable hard problem" sense. In this case.. really there is no option how application A running on computer AA can uniquely authenticate to application B running on server BB? I thought this is solved problem in crypto, we have Diffie-Hellman, PKI,...
But it's impossible when A may run rogue code and access these secrets! We can't do much about it!
Oh really, then why do you have that shit code manage secrets?
Update: got a reply from security company owner, and it's really symptomatic:
Sunday 2 August 2015
By JuroV on Sunday 2 August 2015, 13:18 - F.MPIF
Wednesday 1 July 2015
By JuroV on Wednesday 1 July 2015, 21:31 - F.MPIF
Friday 5 June 2015
By JuroV on Friday 5 June 2015, 23:09 - Bitcoin
My fateful involvement with #bitcoin-assets was today sealed with another achievement.
Monday 1 June 2015
By JuroV on Monday 1 June 2015, 14:48 - F.MPIF
Saturday 2 May 2015
By JuroV on Saturday 2 May 2015, 23:23 - F.MPIF
Wednesday 1 April 2015
By JuroV on Wednesday 1 April 2015, 20:07 - F.MPIF
Sunday 1 March 2015
By JuroV on Sunday 1 March 2015, 23:59 - F.MPIF
Monday 2 February 2015
By JuroV on Monday 2 February 2015, 20:31 - F.MPIF
Tuesday 2 December 2014
By JuroV on Tuesday 2 December 2014, 14:14 - Foundation
By JuroV on Tuesday 2 December 2014, 00:56 - F.MPIF
Sunday 2 November 2014
By JuroV on Sunday 2 November 2014, 22:11 - F.MPIF
Wednesday 29 October 2014
By JuroV on Wednesday 29 October 2014, 16:22 - Bitcoin
Somebody someday, got a dangerous idea to procure bound hardcopy of Satoshi source code. As there is a printer in chan, discussion soon ensued about which version and which files to include. The particular somebody was very insistent that the font were legible and the volume properly bound. Inquiries about human skin binding and art illuminations aside, main question was what to exclude to preserve minimal working code. Also, the book ought to not be too thick to handle.
« previous entries - page 1 of 2