Tag: crypto

Using Java signatures in Clojure

June 23, 2018
valeblog
0 Comment

A while back I was trying to implement HTTP signatures to use with ActivityPub interactions with Mastodon. In Clojure. There is a go-to library for Clojure when it comes to crypto stuff, but I couldn’t get it to do the specific thing I needed: SHA-256 / RSA signatures. I looked at other options too, but as I’m not familiar with NaCl, that was just a confusing mess of wrappers around Java wrapped around C.

In the end I went with using Java interop to call Bouncy Castle stuff directly. I hate Java and interop in Clojure just feels wrong, but at least I could get it to work. Not to mention if something, Bouncy Castle is maintained. It wasn’t exactly a joyride, but it works. Check out the source if you’re interested (or want to use it). I didn’t make it stand-alone or put it up on Clojars (yet).

Read More

Ubuntu 18.04 L2TP IPsec VPN

May 19, 2018
valeblog
3 Comments

Occasionally I work from home, and access to certain development resources is restricted to either the office IP or the use of a secure VPN. Since everyone uses Macs or Windows at the office there are no manuals or guides to set it up on linux, so I had to figure stuff out myself.

First of all, Ubuntu doesn’t have L2TP support out of the box currently, but luckily Ask Ubuntu has plenty of questions on the topic. Apparently L2TP was removed at 16.04 for some dependency reason, and replaced with a package called StrongSwan. Luckily it’s in the main repository, so it can be installed without much hassle. (However, I tried it on 18.04 and I was unable to add a VPN as the Save/Apply button simply wouldn’t work.)

Read More

Plaintext

July 22, 2012
valeblog
0 Comment

I just applied for a summer internship at one of my credit card providers (Mitsui-Sumitomo) and guess what, they sent me my username and the password i set in a plaintext email.

The only single time i can accept that they email me my password after registration is when the initial pass is random generated and i’m required to change it at the first login. But sending me the password i set myself and been using for the past month? What the hell?

Read More