Skip to content

Instantly share code, notes, and snippets.

View chez14's full-sized avatar

Chris Qiang chez14

View GitHub Profile
@chez14
chez14 / encrypt_openssl.txt
Created June 4, 2017 15:04 — forked from crazybyte/encrypt_openssl.txt
File encryption using OpenSSL
For symmetic encryption, you can use the following:
To encrypt:
openssl aes-256-cbc -salt -a -e -in plaintext.txt -out encrypted.txt
To decrypt:
openssl aes-256-cbc -salt -a -d -in encrypted.txt -out plaintext.txt
For Asymmetric encryption you must first generate your private key and extract the public key.
@chez14
chez14 / Pool.java
Last active October 18, 2017 11:41
GANTENG
import java.util.Random;
public class Pool
{
public static boolean validity(int min, int max){
Random rd = new Random();
int lottery1 = rd.nextInt(max-min)+min;
int lottery2 = rd.nextInt(max-min)+min;
int lottery3 = rd.nextInt(max-min)+min;
System.out.println(lottery1);
System.out.println(lottery2);
@chez14
chez14 / random.md
Created May 19, 2018 16:37 — forked from joepie91/random.md
Secure random values (in Node.js)

Not all random values are created equal - for security-related code, you need a specific kind of random value.

A summary of this article, if you don't want to read the entire thing:

  • Don't use Math.random(). There are extremely few cases where Math.random() is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.
  • Don't use crypto.getRandomBytes directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.
  • If you want to generate random tokens or API keys: Use uuid, specifically the uuid.v4() method. Avoid node-uuid - it's not the same package, and doesn't produce reliably secure random values.
  • If you want to generate random numbers in a range: Use random-number-csprng.

You should seriously consider reading the entire article, though - it's

@chez14
chez14 / signing-gpg-keys.md
Created March 13, 2020 08:15 — forked from F21/signing-gpg-keys.md
Signing someone's GPG key

This is a quick guide of the commands we use to sign someone's GPG key in a virtual key signing party.

Note: The steps cover only the technical aspects of signing someone's key. Before signing someone's key, you must verify their identity. This is usually done by showing government-issued ID and confirming the key's fingerprint

The commands will work for both GPG and GPG2.

I use Julian's key for the examples. His key id is 2AD3FAE3. You should substitute with the appropriate key id when running the commands.

Signing the key

  1. List the keys currently in your keyring: gpg --list-keys.