Posts

A collection of 67 articles

How to Verify JoyID WebAuthn Signature

JoyID is a multichain, cross-platform, passwordless and mnemonic-free wallet solution based on FIDO WebAuthn protocol and Nervos CKB. This post shows how to verify the signature from the method signChallenge of the @joyid/ckb package. The method reference page has a demo. I use the demo to obtain an example response then verify the response using the OpenSSL command line and the Python library PyCryptodome. The JoyID follows the WebAuthn specification and employs secp256r1 for signing. Although the guide references section 6.3.3 of the WebAuthn specification, titled “The authenticatorGetAssertion Operation”, I discovered that the example in this repository provided me much more helps.

Updated  •  5 min read

Transforming Markdown to Attractive PDFs: A Guide to Using Pandoc with Xelatex

I used to read lengthy and complex articles in the PDF format. Despite the abundance of PDF exporting options, the resulting files often appear unappealing. However, there is a solution. With the pandoc tool and the xelatex backend, you can transform Markdown files into aesthetically pleasing PDFs. In this tutorial, I will guide you through the steps of using pandoc with xelatex and share the lessons I’ve learned.

Updated  •  4 min read

SSH Authentication Using a YubiKey on Windows And the OpenSSH Client

As mentioned in ♯ Yubico for Windows, I used PuTTY/Plink instead of the OpenSSH client together with YubiKey because the OpenSSH Client does not support the socket file created by GnuPG. Plink does not work well in Windows Terminal. The Visual Studio Code SSH Remote does not support Plink as well, because it will pass some command line arguments that are not supported by Plink. So I decide to switch back to the OpenSSH client. Fortunately, the utility wsl-ssh-pageant can create a tunnel between a Windows pipe and the pageant socket, and the OpenSSH client can use the Windows pipe as SSH_AUTH_SOCK. This article is a tutorial to set up wsl-ssh-pageant.

Updated  •  2 min read