Usman Saleem usmansaleem

## JGit.kt
package info.usmans.blog.vertx

import org.eclipse.jgit.api.Git
import org.eclipse.jgit.revwalk.RevCommit
import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider
import java.io.File

internal const val GIST_REPO_URL = "https://gist.github.com/someid.git"

fun gitCredentialProvider(gistToken: String = System.getenv("GITHUB_GIST_TOKEN")) = UsernamePasswordCredentialsProvider(gistToken, "")

## yubihsm.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                usmansaleem
                / yubihsm.md
            
            
              Last active
              December 12, 2023 00:58
            
              
                YubiHSM setup for Web3Signer
              
          
    YubiHSM


Install YubiHSM tools https://developers.yubico.com/YubiHSM2/Releases/
Set up a new key (id=3, password=password3) for opaque data management, using the YubiHSM default credentials (authkey=1, password=password)

yubihsm-shell --connector=yhusb:// --authkey=1 --password=password \
--action=put-authentication-key --new-password=password3 --object-id=3 --domains=1,2,3 \
--capabilities=get-opaque,put-opaque,delete-opaque,export-wrapped,get-pseudo-random,put-wrap-key,import-wrapped \
--delegated=exportable-under-wrap,export-wrapped,import-wrapped

  
## sample_multiline.yml
environment:
    SERVER_NAME: "myserver.doma.in"
    # Dummy key, cert
    SSL_KEY: |-
        -----BEGIN RSA PRIVATE KEY-----
        MIICXQIBAAKBgQD272jYrLm8Ph5QpMWFcWUO9Ua1EviykalP+tkMIg12yZ3GvezF
        y8aayxdztB5vu68jqMeg6mOJlscWqFUhmAxj4mDknYenVzVX2CKzCgHlGninTKxY
        61rXDaDZVpSZ+XIESJkaB0z9HHYtrSLr0coKmq4cT5TRptOnkpDlJxIRaQIDAQAB
        AoGATcTYoGTFmiN2KK+8BWrRCQT2X9C5woNdb3LxKIEQ/HhC2HS4PRMQWW/c0vPH
        IilZ30EoneUztAFochpRtWLNg4lJoLy04X/eNjEiC/imp0KSwWXmnuLhDcWcb0+M

## DecryptKeystore.java
/*
 * Copyright 2020 ConsenSys AG.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
 * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                usmansaleem
                / README.md
            
            
              Last active
              June 13, 2023 00:21
            
              
                Compile jblst on Raspbian OS 32 bit (to be used by Web3Signer)
              
          
    Update apt cache

sudo apt-get update && sudo apt-get -y upgrade

Install dependencies

sudo apt-get install -y git autoconf libpcre3 libpcre3-dev bison flex gcc make gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf binutils-arm-linux-gnueabihf


## readme.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                usmansaleem
                / readme.md
            
            
              Created
              March 7, 2023 02:12
            
              
                Check SSL certificate or sha256 fingerprint of a host
              
          
    openssl s_client -connect localhost:8200 </dev/null 2>/dev/null | openssl x509 -inform pem -noout -fingerprint

Or
openssl s_client -connect localhost:8200 </dev/null 2>/dev/null | openssl x509 -inform pem -text


## initVault.sh
#! /bin/bash

# Initialize Hashicorp vault with KV-V2 secrets enginer mounted at /secret
# Assuming Hashicorp vault is running in docker and jq utility is available to parse json output
# See https://gist.github.com/usmansaleem/891d8b3de03786b89b45e62f97fdefa9 which launches Vault server with TLS support.

# exit when any command fails
set -e

echo "Init Hashicorp vault"

## launchVaultServer.sh
#! /bin/bash
set -e #exit if any command fails

# Run Hashicorp Vault in server mode with inmem storage and TLS enabled

VAULT_IMAGE="vault:latest"
VAULT_MOUNT="./vault/tls"
mkdir -p "$VAULT_MOUNT"

#Generate SSL certificates

## rpi2vpngateway.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              5 stars
            
          
                usmansaleem
                / rpi2vpngateway.md
            
            
              Last active
              March 3, 2023 11:23
            
              
                Raspberry pi as PP2P vpn gateway
              
          
    Goal
In Progress
Use Raspberry PI 2 as a PP2P VPN gateway so that devices on the network can be configure to use PI as gateway which should direct the internet traffic through VPN.
Setup

Modify main router to issue DHCP address so that PI can be assigned an IP address outside the range.
Connect PI using ethernet cable. WIFI may also be used, however, following instructions assume eth.
Setup PI with static IP address. Modify /etc/dhcpcd.conf with following contents (192.168.1.2 is PI ip address, 192.168.1.1 is the WAN router IP address):


## release.yml
name: "Release"

permissions:
  contents: "write"

on:
  workflow_run:
    workflows: ["Tag"]
    types:
      - "completed"
	package info.usmans.blog.vertx

	import org.eclipse.jgit.api.Git
	import org.eclipse.jgit.revwalk.RevCommit
	import org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider
	import java.io.File

	internal const val GIST_REPO_URL = "https://gist.github.com/someid.git"

	fun gitCredentialProvider(gistToken: String = System.getenv("GITHUB_GIST_TOKEN")) = UsernamePasswordCredentialsProvider(gistToken, "")
	environment:
	SERVER_NAME: "myserver.doma.in"
	# Dummy key, cert
	SSL_KEY: \|-
	-----BEGIN RSA PRIVATE KEY-----
	MIICXQIBAAKBgQD272jYrLm8Ph5QpMWFcWUO9Ua1EviykalP+tkMIg12yZ3GvezF
	y8aayxdztB5vu68jqMeg6mOJlscWqFUhmAxj4mDknYenVzVX2CKzCgHlGninTKxY
	61rXDaDZVpSZ+XIESJkaB0z9HHYtrSLr0coKmq4cT5TRptOnkpDlJxIRaQIDAQAB
	AoGATcTYoGTFmiN2KK+8BWrRCQT2X9C5woNdb3LxKIEQ/HhC2HS4PRMQWW/c0vPH
	IilZ30EoneUztAFochpRtWLNg4lJoLy04X/eNjEiC/imp0KSwWXmnuLhDcWcb0+M
	/*
	* Copyright 2020 ConsenSys AG.
	*
	* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
	* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
	#! /bin/bash

	# Initialize Hashicorp vault with KV-V2 secrets enginer mounted at /secret
	# Assuming Hashicorp vault is running in docker and jq utility is available to parse json output
	# See https://gist.github.com/usmansaleem/891d8b3de03786b89b45e62f97fdefa9 which launches Vault server with TLS support.

	# exit when any command fails
	set -e

	echo "Init Hashicorp vault"
	#! /bin/bash
	set -e #exit if any command fails

	# Run Hashicorp Vault in server mode with inmem storage and TLS enabled

	VAULT_IMAGE="vault:latest"
	VAULT_MOUNT="./vault/tls"
	mkdir -p "$VAULT_MOUNT"

	#Generate SSL certificates
	name: "Release"

	permissions:
	contents: "write"

	on:
	workflow_run:
	workflows: ["Tag"]
	types:
	- "completed"