Skip to content

Instantly share code, notes, and snippets.

View kousu's full-sized avatar

Nick Guenther kousu

59 followers · 60 following
  • ÉTS
  • Canada
View GitHub Profile
@kousu
kousu / README.md
Last active April 14, 2024 00:55
Using jose-util with ed25519 (aka EdDSA), PEM-formatted, keys

Using jose-util with ed25519 (aka EdDSA), PEM-formatted, keys

Using go-jose takes a bit of a knack. And it turns out there's a snag if you want to use the latest and greatest crypto.

I installed jose-util from the latest git version:

$ pwd
/Users/kousu/src/go-jose
anaesthetic-mac:go-jose kousu$ git log HEAD~1..HEAD
@kousu
kousu / README.md
Created May 4, 2019 01:35
Bridging WhatsApp to XMPP
@kousu
kousu / base64.js
Last active March 31, 2019 03:46
nu-book's zxing demo, updated to use a webcam
// https://gist.github.com/jonleighton/958841
// bytes: Uint8Array
function uint8ArrayToBase64(bytes) {
var base64 = ''
var encodings = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
var byteLength = bytes.byteLength
var byteRemainder = byteLength % 3
var mainLength = byteLength - byteRemainder
var a, b, c, d
var chunk
@kousu
kousu / yubikey4-pkcs11-tool-keygen.log
Created August 8, 2018 17:42
$ OPENSC_DEBUG=10 pkcs11-tool --keypairgen -v
0x7f0cb5988780 13:07:16.819 [opensc-pkcs11] ctx.c:703:process_config_file: Used configuration file '/etc/opensc.conf'
0x7f0cb5988780 13:07:16.820 [opensc-pkcs11] ctx.c:825:sc_context_create: ===================================
0x7f0cb5988780 13:07:16.820 [opensc-pkcs11] ctx.c:826:sc_context_create: opensc version: 0.18.0
0x7f0cb5988780 13:07:16.820 [opensc-pkcs11] reader-pcsc.c:815:pcsc_init: PC/SC options: connect_exclusive=0 disconnect_action=0 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1
0x7f0cb5988780 13:07:16.821 [opensc-pkcs11] reader-pcsc.c:1282:pcsc_detect_readers: called
0x7f0cb5988780 13:07:16.821 [opensc-pkcs11] reader-pcsc.c:1301:pcsc_detect_readers: Probing PC/SC readers
0x7f0cb5988780 13:07:16.822 [opensc-pkcs11] reader-pcsc.c:1329:pcsc_detect_readers: Establish PC/SC context
0x7f0cb5988780 13:07:16.822 [opensc-pkcs11] reader-pcsc.c:1241:pcsc_add_reader: Adding new PC/SC reader 'Yubico Yubikey 4 CCID 00 00'
0x7f0cb5988780
@kousu
kousu / mod_auth_external.patch
Created January 12, 2018 10:32
diff -r 933049a60ce6 mod_auth_external/mod_auth_external.lua
--- a/mod_auth_external/mod_auth_external.lua Thu Jan 04 11:41:54 2018 +0100
+++ b/mod_auth_external/mod_auth_external.lua Fri Jan 12 05:26:22 2018 -0500
@@ -75,6 +75,15 @@
log("debug", "Started auth process");
end
+ -- Hotfix: lpty has a glitch in some versions: no_local_echo=true is not respected until *after*
+ -- the first read happens, it seems. The first do_query() therefore fails because it reads
+ -- back the query that was sent in, so the first login after restarting prosody -- or after
@kousu
kousu / .procmailrc
Created December 17, 2017 19:43
procmail snippet for auto-binning / auto-filtering mailing lists
# mailing lists
#
# This automatically sorts mail from mailing lists into folders named after the list
# [email protected] will go into your IMAP Lists/misc folder
# [email protected] will go into Lists/fanciness
# (if you need more specific rules, you can tweak or add a rule for your specific lists *ahead* of this rule)
#
# Now, procmail doesn't(?) have capturing groups, closest it has a capturing \/,
# which grabs everything from itself *to the end* of the line* of the match
# (thanks https://serverfault.com/questions/660159/procmail-recipe-with-capturing-group/660571);
@kousu
kousu / google_outbound_smtp
Last active December 17, 2017 07:44
#!/bin/sh
# extract Google's published list of outbound-going smtp servers, for purposes of whitelisting them
# from https://support.google.com/a/answer/60764?hl=en
# the results come back in CIDR notation, so be sure to handle that
# subtlety: i="" on the first iteration, because there is (currently) no _netblocks1, there's just _netblocks
(for i in "" `jot 3 1 3`; do
dig TXT _netblocks$i.google.com @8.8.8.8 +short;
done) |
awk -F ":" -v RS=" " '/^ip4:/ { print $2 }'
@kousu
kousu / journal
Last active August 19, 2017 19:26
Handy personal journal script
#!/bin/sh
# journal
#
# Usage: journal [date]
#
# Spawn your plain-text $EDITOR open to your diary.
# Journal files are arranged in a simple tree hiearchy by date under ~/Journal/.
# If date is given, it is a date string as understood by GNU date;
# you can say for example,
# journal yesterday
@kousu
kousu / README.md
Last active March 3, 2017 21:03
Pare down font files for web use

Sometimes** (**I'm thinking of the web, here, really) you only need a subset of glyphs in a font. A full font file can be pretty bandwidth-heavy.

cut_font will snip a font down to only the characters given on the command line. It will use the same output format as input format. It doesn't handle glyph variations (like italics or bold versions of a font) nor let you choose the output file; sorry about that; patches welcome.

Example

$ ./cut_font Symbola.ttf ≄ a b C D \`
@kousu
kousu / Guide.md
Last active March 2, 2017 06:28
Debugging mailservers by self-MITM

Debugging mail is hard. It's even harder when there's SSL in the way. But we can use unix elbow grease to get around this!

Run socat as a proxy, offloading the SSL processing to openssl in a subshell:

$ socat -v TCP-LISTEN:5877 EXEC:'openssl s_client -connect mail.your.server\:587 -starttls smtp'

Test this is working by, in parallel session