profile
viewpoint
nodejs Spring Boot React Rust tensorflow
Dumitru Uzun duzun Google Poland https://duzun.me https://buymeacoffee.com/duzun

repos

229

gists

46

followers

43

following

18

duzun/base64util 7

base64 encode/decode utility for browsers and node.js

duzun/classifyed.js 2

A tiny yet powerful lib for creating extensible JS Classes.

duzun/crypt-equals 2

Timing attack safe string/buffer comparison

duzun/array.php 1

Useful array methods in PHP

duzun/asyncSeries.js 1

Asynchronously process a list of items consecutively

duzun/Bak.Bat 1

A Windows batch Version Control Script

duzun/bcache-scripts 1

Scripts to monitor and control bcache state

duzun/callback-promise 1

Convert callback style APIs to Promise based APIs

duzun/ab 0

A benchmark tool.

duzun/adaptivepayments-sdk-php 0

PHP SDK for integrating with PayPal's AdaptivePayments API

issue commentacmesh-official/acme.sh

No output in kubernetes with `shareProcessNamespace: true`

@github-actions sure, here is the output as seen from k8s logging:

duzun

comment created time in 19 hours

issue openedacmesh-official/acme.sh

No output in kubernetes with `shareProcessNamespace: true`

Steps to reproduce

I'm running neilpang/acme.sh container next to the official nginx container in the same Pod in Kubernetes. The Pod has shareProcessNamespace: true, thus the PID of the first process in neilpang/acme.sh is not 1. Now I see no output from the acme container.

I've figured out that > /proc/1/fd/1 2>/proc/1/fd/2 is the reason why.

created time in a day

push eventduzun/manjaro-setup

Dumitru Uzun

commit sha bca29394d769bf425770d39b029edfd7a3e851c9

fd, fzf, thefuck, zoxide

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha a71f367813ae950ea7fb1e96b996e80356a4252c

Quote `gw^` alias

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha f713c0343d2996e6561aaece734c45c860adc9f2

Fix for _shell var

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha 424e5df71a66ec701c6d354e3d737eda7b331386

Alias when kdialog present

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha 1c38555cc511f59a91021bc6861e7d0d041777d6

apt & systemctl command aliases

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha d52eb158ec001b63ecdd22284965a9a2e7d6a18e

sudoif, fzfb

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha bc243fbc146ad102fd2f1943caa1778afc97a71e

No eval in fs

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha be462ad946748496ab4aa96d12634727d29fe9a5

init fzf, thefuck, zocide commands

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha ef23fd048429dfa36355ef926bd068b4c9e94a24

Refactoring, add ~/.aliasrc.dotfiles

view details

push time in 18 days

push eventduzun/dotfiles

Dumitru Uzun

commit sha 1ecb1c9cf9541282a8e96b39c943e246c91231fc

conditionally load some aliases when the command exists

view details

push time in 20 days

startedgabrielecirulli/2048

started time in 2 months

PullRequestReviewEvent
PullRequestReviewEvent

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

IMU you need a password-based crypto-secure PRNG.

alpominth

comment created time in 3 months

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

You use case is valid usage of cycle-crypt as a secure PRNG. I did not think of it in this way :) You could even combine cycle-crypt with another PRNG for even higher unpredictability:

Here is some un-testet bash function to generate arbitrary pseudo-random bytes:

cc_prng() {
    len="${1}"
    local keysize key salt len
    # default key size 40Kb
    keysize="${2:-40960}"
    salt="${3}"
    [ -z "$salt" ] && salt="0x$(dd if=/dev/urandom count=1 bs="$keysize" 2>/dev/null | xxd -p -c "$keysize")"
    key="$(dd if=/dev/random count=1 bs="$keysize" 2>/dev/null | xxd -p -c "$keysize")"

    if [ -z "$len" ]; then cat; else head -c "$len"; fi \
        < /dev/urandom | ./bin/cycry.js -k "0x$key" -s "$salt" > "$i";
}

# generate 64 random bytes
cc_prng 64 | xxd -p
alpominth

comment created time in 3 months

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

But if the key and the initial state can be any size, a (maybe non-cryptographic) hash function can be built out of the modified Xorshift+ used by cycle-crypt, right?

You have the right intuition here. The internal function that generates the state from the key and the seed is a keyed hash function, somewhat resembling the PBKDF2.

alpominth

comment created time in 3 months

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

P.S. XorShift+ is not a hash function. Nor cycle-crypt is.

alpominth

comment created time in 3 months

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

If by input you mean the key and by the output - the initial state, then yes, the same CPU cycles would be use as when computing the full size initial state.

alpominth

comment created time in 3 months

issue commentduzun/cycle-crypt

Question: Is there a seed preprocessing in cycle-crypt?

It's difficult to compare SHAKE-256 with cycle-crypt, because the concepts are different.

To answer your question, cycle-crypt has a state initialization stage at the beginning, which is based on the seed and the key. There is no seed processing afterwards. The size of the state equals the size of the key, which could have an impact on processing speed, because the state is mutated after it is "consumed" during encryption. The smaller the state, the more mutations are required.

Encrypting a 1Gb input using a 32Kb key (and state), thus 1Gb / 32Kb = 32 768 state updates:

> key32k="0x$(dd if=/dev/random count=32768 bs=1 2>/dev/null | xxd -p -c 32768)";
> time dd if=/dev/zero count=32768 bs=32768 | ./bin/cycry.js -k "$key32k" -so /tmp/salt32k | wc -c
32768+0 records in
32768+0 records out
1073741824 bytes (1,1 GB, 1,0 GiB) copied, 3,45846 s, 310 MB/s
1073741824

real	0m3,472s
user	0m2,674s
sys	0m1,019s

> cat /tmp/salt32k | wc -c # auto-generated salt
32768

Encrypting a 1Gb input using a 4b key (and state), thus 1Gb / 4b = 268 435 456 state updates:

> key4b="0x$(dd if=/dev/random count=4 bs=1 2>/dev/null | xxd -p -c 4)";
> time dd if=/dev/zero count=32768 bs=32768 | ./bin/cycry.js -k "$key4b" -so /tmp/salt4b | wc -c
32768+0 records in
32768+0 records out
1073741824 bytes (1,1 GB, 1,0 GiB) copied, 4,21396 s, 255 MB/s
1073741824

real	0m4,229s
user	0m3,183s
sys	0m1,182s

> cat /tmp/salt4b | wc -c # auto-generated salt
4

If trying to compute number of state updates per second (even though this is not exact calculation, using user time): (268 435 456 - 32 768) / (3.183s - 2.674s) = 527 313 728 Hz

I'm running these command on a VM. For comparison, here is shake256sum for 1Gb input & 1Gb output on the same VM:

> time dd if=/dev/zero count=32768 bs=32768 | shake256sum -N 8589934592 -b | wc -c
32768+0 records in
32768+0 records out
1073741824 bytes (1,1 GB, 1,0 GiB) copied, 5,48213 s, 196 MB/s
1073741824

real	0m11,695s
user	0m9,800s
sys	0m2,252s
alpominth

comment created time in 3 months

startedgoogle/keep-sorted

started time in 3 months

more