ASN.1 Decoder

Lapo Luchini created a useful decoder for ASN.1. For me it’s useful for doing in-depth inspection of X.509 certificates and signing requests.

<span title='2023-11-10 08:52:25 +0100 +0100'>November 10, 2023</span>

TLS Illustrated

Michael Driscoll created a very nice illustrated guide on how the TLS 1.2 and TLS 1.3 handshakes work, including how the various cryptographic primitives are used to secure the connection. TLS 1.3: TLS 1.2: Bonus: An animated explanation on how elliptic curve crypto works:

<span title='2023-11-10 08:42:53 +0100 +0100'>November 10, 2023</span>

Writing a basic Flask webapp

The Idea 💡 The app is a simple “quote generator”, similar to fortune. It will display a different line of text every time you load the page. I wanted to build this for displaying some quotes and catchphrases from my colleagues. From the initial idea to the first prototype took me about 1 hour. First, make it work The app in the most basic form consists of two python files: app....

<span title='2022-11-25 17:00:00 +0100 +0100'>November 25, 2022</span>

Certreq command snippets for AD CS

This is a brief overview of how to issue certificates with certreq commands. It might be of use for someone administrating an ADCS instance. Issuing a leaf certificate This will create a certificate of the CertTemplateName template. certreq -submit -attrib "CertificateTemplate:CertTemplateName" .\signing_request.csr Issuing an issuing CA template This assumes that the root CA is not running in enterprise CA mode. This command will create an issuing CA certificate valid for 1 (one) year....

<span title='2022-11-14 13:55:00 +0100 +0100'>November 14, 2022</span>

The First Line's Prayer

The ever-repeating prayer of end-user support

<span title='2022-04-14 13:01:15 +0200 +0200'>April 14, 2022</span>

Encryption Adventures in SQL Server

When calling EncryptByKey() in SQL server you will get a bunch of bytes in return. This article from Microsoft describes the structure of these bytes. If you pay close attention, it is even possible to work with this format outside of SQL server. Both decrypting and encrypting is possible, given that you can get the encryption key available outside of SQL Server. Using a HSM with the EKM integration is one way to do this, as SQL server has no native integration for exporting and importing keys....

<span title='2022-04-14 11:08:07 +0200 +0200'>April 14, 2022</span>