Design implementations with little to no JavaScript

As some of you may know I've been writing articles on Medium on a variety of topics. The past week or two I've had a running theme of "do ___ without JavaScript", and today I put up one that requires minimal scripting.

Just thought you folks might find these techniques handy.

Tabbed Interfaces Without JavaScript:
https://levelup.gitconnected.com/tabbed-interfaces-without-javascript-661bab1eaec8

Modal Dialog Driven Websites Without JavaScript…

Design implementations with little to no JavaScript

(Co)-monads and terminating implementations

Suppose we set $ \mathbb{M} \alpha := r \to \alpha$ , where $ r$ is some fixed type, and $ \alpha$ an arbitrary type, of the STLC (Simply-Typed Lambda Calculus)

Suppose we want to define a co-monad, which contains Co-unit and Co-join, with the following types (where $ \mathbb{M}$ binds more tightly than $ \to$ and $ \mathbb{M}$ is as stated above):

  1. Co-unit $ \;\;\;\; \mathbb{M} \alpha \to \alpha$
  2. Co-join $ \;\;\;\;\mathbb{M}\mathbb{M} \alpha \to \mathbb{M} \alpha$

I have been told that this will not work and that we could not create a co-monad in this way, since there is no terminating implementation for the type $ (e \to a) \to a$ .

But in the pure STLC all terms are "terminating"(i.e, reductions always lead to a (unique) normal form). So I don’t understand how this comment can be relevant in the case of the STLC.

Is there some link between (co)-monads and terminating implementations? Or is this just about creating a co-monad in Haskell?

Why would we not be able to construct a co-monad in the way described above?

Quantum Cryptography Algorithms Implementations

The Post Quantum Cryptography is a type of cryptography that lies on physics properties instead of mathematics , it has many algorithms and implementations like NTRU , McEliece , SIDH … etc

But there is a difference between Post Quantum Cryptography and Quantum Cryptography , i’d like to know some algorithms of that and also if they have implementations for example on Github or any thing like that

Thank you

Java KeyStore vs OpenSSL implementations of pkcs12 files -They seem to differ. Do they?

I generated a pkcs12 keystore in Java and wanted to inspect it with OpenSSL, but OpenSSL threw back an error. After a bit of head scratching I realized that the KeyStore format in Java allows you to have different passwords on the store itself and the pkcs8 encrypted key inside, while OpenSSL seems to assume that both passwords have to be the same. I can easily inspect a pkcs12 file created in Java if both the file and key passwords are the same, but get an error when they differ:

Bag Attributes     friendlyName: usercert     localKeyID: 54 69 6D 65 20 31 35 38 38 30 32 32 30 31 38 30 37 31  Error outputting keys and certificates 139815467680960:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:570: 139815467680960:error:23077074:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error:../crypto/pkcs12/p12_decr.c:62: 139815467680960:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:../crypto/pkcs12/p12_decr.c:93:  

Have I missed something or is it correct to say that the pkcs12 impementations differ slightly?

I’m looking for a way to be able to inspect pkcs12 files with OpenSSL where the two passwords differ. Any help would be appreciated.

What are some unusual or creative implementations of ADTs you’ve seen?

While learning about ADTs in a data structures course, we learned that the List ADT is most commonly implemented using linked nodes or arrays. Are there any other fundamentally different and unusual implementations of the List ADT or any others that are ever used in practice or even ones that might satisfy all of the properties? If so, what are some benefits and drawbacks of these?

Packaging Local and Remote Implementations

I’m looking for advice on packaging a local and remote implementation of an interface. (For the record this Python code that I’m releasing via pip)

I have a few methods for performing heavy math operations on a large data-set. This dataset can be sourced remotely or from the local system. Due to the architecture/ memory constraints on certain systems, I will be unable to install the methods on every system which needs these methods.

For the most part, callers of the method will use datasets sourced over the network, and therefore are eligible to have the entire method performed remotely, however, I still need to provide a solution for local execution of the methods on some systems.

The first idea that comes to mind is to create a general interface, and implement a local implementation and a remote implementation which calls out to some service on the network. The service would then use the local implementation to satisfy the requirements:

remote interface

What would be the most sane way to package such a system of software in Python?

I was considering placing the Interface, Client, and Impl in the same package and having the Service depend on this package. That seems kind of funky though because the Service has reference to the Client code. As well some systems which install the Client will also install the Impl which is unusable by these systems.

Another option is placing the Interface and Impl in one package and separate packages for the Client and Service (3 packages total). This feels somewhat cleaner, but still has the issue where some systems implicitly install the Impl which is unusable by these systems.

The last option I considered is having 4 packages, one for each part. This ensures that every system only contains the software that is relevant to them, but is the most tedious to maintain.

Any thoughts on the design, or tips on solving a problem like this would be much appreciated.

Using enum for singleton implementations to choose way of doing something

I have this service that reads emails from a mailbox as they come and I want to extract its contents in a map structure. For now I am interested only in the actual email (no images or attachments).

I started by using an enum when I wanted something simple and then extended the enum to implement an interface when I noticed that I needed some complexity and at the end because the method extracting the content was a few lines long and the enum was getting hard to read I extracted the implementation to their own interface implementations and just assigned an instance of each in the enum.

It doesn’t feel wrong, I actually think that this is what Spring looks like (very simply for conceptual purposes) when it creates singletons for autowiring but wanted to get an opinion by the community and if this is a valid approach, is there something I missed or something to consider

This is the interface of the extractor with a default method for something that is common to the implementations

public interface ContentExtractor {     Map<String, String> extract(Message mimeMessage) throws IOException, MessagingException;      default String extract(BodyPart bodyPart) {         try {             return (String)bodyPart.getContent();         }         catch (IOException | MessagingException e) {             LOGGER.warn("Couldn't cast part to a String. It's either a multipart body part or probably a content type that resolves to a stream.");             return null;         }     } } 

The abstract class for a base. I am actually divided on whether I need this, I don’t actually remember why I added it…

@Getter public abstract class MimeContentExtractor implements ContentExtractor {     private final String mimeType;     MimeContentExtractor(String mimeType) {this.mimeType = mimeType;}      static String getContentType(Part part) {         try {             return part.getContentType();         } catch (MessagingException e) {             LOGGER.warn("Couldn't get the content type of the part");             return "N/A";         }     } } 

The enum

@Getter public enum MimeType {     MULTIPART(new MultipartContentExtractor("multipart/")),     TEXT(new TextContentExtractor("text/plain")),     HTML(new TextContentExtractor("text/html"));      private final MimeContentExtractor contentExtractor;      MimeType(MimeContentExtractor contentExtractor) {         this.contentExtractor = contentExtractor;     }      public static Optional<MimeContentExtractor> getExtractor(Part part) {         return determineMimeType(part)                 .map(MimeType::getContentExtractor);     }      private static Optional<MimeType> determineMimeType(Part part) {         return Arrays.stream(values())                 .filter(ct -> ct.matchesContentType(part))                 .findFirst();     }      private boolean matchesContentType(Part part) {         try {             return part.getContentType().startsWith(getMimeType());         } catch (MessagingException e) {             LOGGER.warn("Failed to determine content type of {}", part);             return false;         }     }      public String getMimeType() {         return contentExtractor.getMimeType();     } } 

I have two implementations for content. The text/plain and text/html just override extract and return the content forcing it to be a string (Java mail, this is how it works) and the multipart/mixed is a bit more complex but basically goes through the parts, and uses the enum again to determine what extractor to use. For now it will recognise the text and use the aforementioned implementations.

public class MultipartContentExtractor extends MimeContentExtractor {     MultipartContentExtractor(String mimeType) {         super(mimeType);     }      @Override     public Map<String, String> extract(Message mimeMessage) throws IOException, MessagingException {         Multipart content = (Multipart)mimeMessage.getContent();         return extract(content);     }      private Map<String, String> extract(Multipart content) throws MessagingException {         int numberOfBodyParts = content.getCount();         LOGGER.info("The content has {} parts", numberOfBodyParts);          Map<String, String> bodyPartContents = new HashMap<>();         IntStream.range(0, numberOfBodyParts)                 .boxed()                 .peek(i -> LOGGER.info("Attempting to get body part {}", i))                 .map(wrapWithOptional(content::getBodyPart))                 .peek(bp -> LOGGER.info("Body part was {} retrieved", bp.isPresent() ? "" : "not"))                 .filter(Optional::isPresent)                 .map(Optional::get)                 .forEach(bodyPart -> {                     LOGGER.info("Content type of body part is {}", getContentType(bodyPart));                     MimeType.getExtractor(bodyPart)                             .ifPresent(ce -> bodyPartContents.put(ce.getMimeType(), ce.extract(bodyPart)));                 });         return unmodifiableMap(bodyPartContents);     } }  @Getter public class TextContentExtractor extends MimeContentExtractor {     TextContentExtractor(String mimeType) {         super(mimeType);     }      @Override     public Map<String, String> extract(Message mimeMessage) throws IOException, MessagingException {         return singletonMap(getMimeType(), (String)mimeMessage.getContent());     } } 

Finally this is how it is used

@Component public class BackofficeMailProcessor implements Processor {     ...     @Override     public void process(Exchange exchange) {         MailMessage mailMessage = (MailMessage)exchange.getMessage();          Map<String, String> contents = getContents(mailMessage);         if (contents.isEmpty()) {             throw new BackofficeMailProcessorException("Couldn't get any of the contents of the email. Stopped processing!");         }         ...     }      private Map<String, String> getContents(MailMessage mailMessage) {         final Message mailMessageBody = mailMessage.getMessage();         Optional<MimeContentExtractor> extractor = MimeType.getExtractor(mailMessageBody);         if (extractor.isPresent()) {             try {                 return extractor.get().extract(mailMessageBody);             }             catch (IOException | MessagingException e) {                 LOGGER.error("Failed to extract contents of email", e);             }         }          return emptyMap();     }     ... } 

The fact that is an enum doesn’t make it optimal for unit testing. This is part of a larger project and I did something similar for extracting reply for different kind of email clients (yahoo, gmail, etc) but there I also made a factory where I used the enum in the supplier (not a static one) and wired the factory where I would use the Enum in the above example.

Securing shared key in TOTP Implementations

I’m currently learning about Time-based One-Time Password implementations (see RFC6283). I see that a shared secret is part of the algorithm.

This shared secret is exposed to the user (see example with Google Authenticator).

So I’d like to ask:

  1. Why is this okay? Is this not risky in that the secret key can be inadvertently shared from there and end up in the wrong hands?
  2. Would the secret key be per user, or for all users of the backend application (I suppose the latter is the case as I’ve see it as a configuration setting in implementations)?
  3. What steps are recommended to ensure that this secret key does not fall into the wrong hands?

How do different implementations of the Bitcoin Cash client know which type of coin they’re processing?

TL;DR: Where in this code does the SV client figure out that it’s not processing an ABC blockchain?


This image prompted my question.

There are a couple different mutually incompatible (I am assuming anyway) implementations of the Bitcoin Cash cryptocurrency client software…

  1. Bitcoin Cash ABC
  2. Bitcon Cash SV

My question assumes that each implementation processes their respective transactions using similar but mutually-incompatible blockchain processing rules.

Is it normal to run a Bitcoin Cash SV client implementation in a Bitcoin Cash ABC network? And vise versa? How, then, does one implementation know that the network it is running in, is (in)compatible with its particular processing rules?