Day 19 Basics of Testing

October 6, 2021•83 words

What I did: Basic Testing

Total time: 54.700

Comments:

I got it to successfully generate a shared session secret. However there's a minor problem I just realized, this library just creates a shared session secret but doesn't allow using a long lived public/private key pair to verify the ssl2client is connecting to the correct ssl2server.

The use case is to prevent catfishing or hijacking the domain. However I'm coming up against issues that's making me rethink parts of the protocol.

👍❤️🫶👏👌🤯🤔😂😍😭😢😡😮

Subscribe to the author

You'll only receive email when they publish something new.

More from KitzuneFiles
All posts

Day 18 Monorepo and Security

October 4, 2021•538 words

What I did: Setting up the mono repo + importing library Total time: 54.200 Comments: I got a MR accepted https://github.com/antontutoveanu/crystals-kyber-javascript!!! This feels so good even though it's a tiny change. The reason that I'm going with a monorepo is to avoid as much software security chain violations. We've seen bad code get injected via a 3rd party dependency. By moving the most critical third party dependency as shared libraries directly managed and controlled within the rep...

Read post

Day 20 Short term security fix

October 7, 2021•107 words

What I did: Total time: 56.150 Comments: Setup two layers of security with the public/private key, including a hardcoded expiry requirement and list of pubic and private keys (signed with a primary key to authenticate and verify that changes are authorized). Looked at TweetNacl and realized I'm going to have to wrap it along with Base64 because of how it works. Exploring the places that I'm going to need to use the public/private crypto and designing the 'perfect' api so I understand what I ...