• 0 Posts
  • 72 Comments
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle

  • I have just dumped code into a Chrome console and saved a cert while in a pinch. It’s not best practices of course, but when you need something fast for one-time use, it’s nice to have something immediately available.

    You could make your own webpage that works in the browser (no backend) and make a cert. I haven’t published anything publicly because you really shouldn’t dump private keys in unknown websites, but nothing is stopping you from making your own.








  • Firefox, unfortunately, has been lagging behind. Safari is close to surpassing Firefox if they haven’t already. Safari really made a big shift for actually implementing web standards around 16.4.

    • No HDR - relevant for me because I mod PC games for HDR
    • Dropped PWA on desktop - even Apple went full 180° and embraced it now on Mac OS X. Chrome really gets a good push from this from Microsoft constantly helping push more app manifest stuff since it appears one of their goals is to render more things over Edge PWAs (eg: like the title bar), and resort less to having to use electron.
    • No masked borders - can’t do custom element borders like corner cutting or perfect squircles. Rounded edges only

    Chrome is still the absolute best for accessibility. Neither Firefox nor Safari properly parse the aria labels when it comes to how things are rendered. Chrome will actually render text in accessibility nodes as presented on screen (ie: with spacing). Safari and Firefox only use .textContent which can have words beingmergedwhentheyshouldn’t.

    Chrome also has Barcode and NFC scanning built right in. I’ve had to use fake keyboard emulators for iOS. Though, Chrome on Mac OS X also supports it. Safari has native support for Barcode behind a flag, so it’ll likely come in the future. Barcode scanning is still possible with Firefox through direct reading of the camera bitmap, which is slower but still good. There’s no solution for NFC for Safari, but if Chrome ever comes iOS, that would possibly be solved. I believe Face Detection is similar, but I’ve never used it.





  • I just recently started working with ImGui. Rewrite compiled game engines to add support for HDR into games that never supported it? Sure, easy. I can mod most games in an hour if not minutes.

    Make the UI respond like any modern flexible-width UI in the past 15 years? It’s still taking me days. All of the ImGui documentation is hidden behind closed GitHub issues. Like, the expected user experience is to bash your head against something for hours, then submit your very specific issue and wait for the author to tell you what to do if you’re lucky, or link to another issue that vaguely resembles your issue.

    I know some projects, WhatWG for one, follow the convention of, if something is unclear in the documentation, the issue does not get closed until that documentation gets updated so there’s no longer any ambiguity or lack of clarity.




  • Either do a left join and repeat all the post values for every tag or do two round-trip queries and manually join them in code.

    JSON_ARRAYAGG. You’ll get the object all tidied up by database in one trip with no need to manipulate on the receiving client.

    I recently tried MariaDB for a project and it was kinda neat, having only really messed with DynamoDB and 2012 era MsSQL. All the modern SQL languages support it, though MariaDB and MySQL don’t exactly follow the spec.


  • Officials said that at the police station, Love admitted to being involved in the attack and said he had become acquainted with the victim beforehand.

    “The defendant added he was possibly drugged and someone inserted an unknown object in his rectum,” the report says. “Although the defendant is not certain the victim is responsible for this, the defendant made a statement indicating he needed to hurt whoever hurt him and was prompted to purchase the knife at a Target store near Miami International Airport.”


  • ShortFuse@lemmy.worldtolinuxmemes@lemmy.world-----BEGIN PRIVATE KEY-----
    link
    fedilink
    arrow-up
    15
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Yeah, except for the first few bytes. PKCS8 has some initial header information, but most of it is the OCTET_STRING of the private key itself.

    The PEM (human “readable”) version is Base64, so you can craft up a string and make that your key. DER is that converted to binary again:

    /**
     * @see https://datatracker.ietf.org/doc/html/rfc5208#section-5
     * @see https://datatracker.ietf.org/doc/html/rfc2313#section-11
     * Unwraps PKCS8 Container for internal key (RSA or EC)
     * @param {string|Uint8Array} pkcs8
     * @param {string} [checkOID]
     * @return {Uint8Array} DER
     */
    export function privateKeyFromPrivateKeyInformation(pkcs8, checkOID) {
      const der = derFromPrivateKeyInformation(pkcs8);
      const [
        [privateKeyInfoType, [
          [versionType, version],
          algorithmIdentifierTuple,
          privateKeyTuple,
        ]],
      ] = decodeDER(der);
      if (privateKeyInfoType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
      if (versionType !== 'INTEGER') throw new Error('Invalid PKCS8');
      if (version !== 0) throw new Error('Unsupported PKCS8 Version');
      const [algorithmIdentifierType, algorithmIdentifierValues] = algorithmIdentifierTuple;
      if (algorithmIdentifierType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
      const [privateKeyType, privateKey] = privateKeyTuple;
      if (privateKeyType !== 'OCTET_STRING') throw new Error('Invalid PKCS8');
      if (checkOID) {
        for (const [type, value] of algorithmIdentifierValues) {
          if (type === 'OBJECT_IDENTIFIER' && value === checkOID) {
            return privateKey;
          }
        }
        return null; // Not an error, just doesn't match
      }
    
      return privateKey;
    }
    

    I wrote a “plain English” library in Javascript to demystify all the magic of Let’s Encrypt, ACME, and all those certificates. (Also to spin up my own certs in NodeJS/Chrome).

    https://github.com/clshortfuse/acmejs/blob/96fcbe089f0f949f9eb6830ed2d7bc257ea8dc32/utils/certificate/privateKeyInformation.js#L40

    Edit: To be specific, PKCS8 is usually a PKCS1 (RSA) key with some wrapping to identify it (the OID). The integers (BigInts) you pick for RSA would have to line up in some way, but I would think it’s doable. At worst there is maybe a character or two of garbage at the breakpoints for the RSA integers. And if you account for which ones are absent in the public key, then anybody reading it could get a kick out of reading your public certificate.



  • There is no section 15 or 16 in GPLv3, but I did find section 7 saying:

    Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or

    But that’s an optional thing that you must add onto the GPLv3 license. I’ll have to keep that in mind for the future.

    That would explain why what I’ve read mentioned it’s not guaranteed in GPLv3 (when comparing to MIT). I’ll have to figure out what that notice would look like.