As professional developers, we constantly try to make our code readable for all to understand. We use the term “fluent code” to describe that line of thought. But beginners may find that a bit of an abstract notion… In this post I propose you to examine a concrete case I have recently encountered, and one solution for turning that bit of code into something I am proud(er) of.
So far in this series of posts we have examined how to handle PGP encryption’s core tasks in Java. We now move to the front end side and examine the incredible power of OpenPGP.js !
Say you want to test your automated scripts on your local machine before deploying on the cloud. Ideally, you’d need some kind of virtualized environment to emulate the production situation as closely as possible. In this post, we’ll set up such an environment using the trusty and venerable VirtualBox.
You’re working on a new project, which uses a framework requiring strong random number generation. Typically, this could be Spring Security’s BCryptPasswordEncoder. You run your application on a Linux machine: your local Linux Mint for development or some Ubuntu Server instance, for example. And then… nothing happens. The application seems to be hanging! What gives?
In the previous installment we examined how to generate PGP keys using Java. Now that we have those, we can start encrypting! This post examines how to leverage the excellent Bouncy GPG library to make Java PGP encryption as easy as it gets.
Last time we examined whether Efail and SigSpoof were a game breaker or not. Spoiler: it’s not half as bad as it was claimed. Today we will get our hands dirty: we will implement OpenPGP key generation in Java with BouncyCastle’s seminal library.
You may have noticed: encryption has received some bad rap lately. I’m talking about Efail and SigSpoof of course, two flaws that impacted OpenPGP-based applications such as GnuPG, Enigmail, etc. Does it mean that OpenPGP is broken?
Oh you noticed, didn’t you? Indeed, I have decided to update my blog’s presentation a little bit, make it more readable and mobile-friendly. The old …
To complete this series about stateless security, I decided to take a bow and list all the blogs posts and websites I’ve studied to get here. If you’re looking for more information on stateless authentication and JWTs, this might be a good place to start from!
After a small pause, I resume our exploration of stateless RESTful security by asking THE big question everyone should consider when deciding to go stateless: is it worth it?