High Availability Boot processes and only using code-signing certificates

High Availability Boot (HAB) is a technique described here in an NxP application note. This is best summarised as:

HAB authentication is based on public key cryptography using the RSA algorithm in which image data is signed offline using a series of private keys. The resulting signed image data is then verified on the i.MX processor using the corresponding public keys. This key structure is known as a PKI tree. Super Root Keys, or SRK, are components of the PKI tree. HAB relies on a table of the public SRKs to be hashed and placed in fuses on the target.

The procedure burns Super Root Key (SRK) fuses using a software tool called srktool. In it’s proper use, I would use an SSL certificate with the OID set for code-signing. This would have an oid of 1.3.6.1.5.5.7.3.3.

However, there doesn’t appear to be anything that stops me from using a certificate that is created for other purposes, e.g. for client authentication with the OID of 1.3.6.1.5.5.7.3.2.

The problem is that if I have two certificates from the same CA:

  1. Code-signing certificate
  2. Client certificate

I could sign the image with the code-signing certificate. If I could update the public key on the target device, then it would be possible to sign it with the client certificate and it would be accepted as valid.

The only option is use different CAs for both code-signing and client certs. I’m wondering if there’s some way to check the OIDs?

File uploaded to SharePoint library using JQuery and SharePointPlus js lib only from second click

I’m using createFile() method of SharepointPlus 5.2 js library to upload a file to a SharePoint 2013 library. It works perfect on most of the SP libraries. But on newly created SP libraries it throws an error (the file content is required) on first click, and then makes a proper upload on the second click. How to solve this issue?

The Header section includes:

<script type="text/javascript" src="/_layouts/15/MicrosoftAjax.js"></script> <script type="text/javascript" src="/_layouts/15/sp.runtime.js"></script> <script type="text/javascript" src="/_layouts/15/sp.js"></script> <script type="text/javascript" src="/_layouts/15/init.js"></script> <script type="text/javascript" src="/_layouts/15/core.js"></script> <script type="text/javascript" src="/_layouts/15/1049/strings.js"></script> <script type="text/javascript" src="/_layouts/15/sp.ui.dialog.js"></script> <script type="text/javascript" src="/SiteAssets/_js/jquery-3.3.1.min.js"></script> <script type="text/javascript" src="/SiteAssets/_js/bootstrap.min.js"></script> <script type="text/javascript" src="/SiteAssets/_js/sharepointplus-5.2.min.js"></script> 

The HTML body:

<div data-role="form" class="container form">      <div data-field="Title">             <label class="form_label required">Title:</label><br>             <input class="form_field required" value=""></input>         </div>          <div id="fileUploadControl" >          <label class="form_label required">Document selection:</label><br/>          <input id="fileUploadInput" class="form_field" type="file"/>          </div>      <hr>      <div class="btn_panel">         <input type="button" class="btn" id="save_btn" name="Save" value="Save" onclick="_uploadFile();">          <input type="button" class="btn" id="cancel_btn" name="Cancel" value="Cancel">     </div>  </div> 

The JS function:

function _uploadFile() {    var Title = $  ('div[data-field="Title"] input').val();    var files = document.querySelector('#fileUploadInput').files;    files = Array.prototype.slice.call(files);   // read the files   Promise.all(files.map(function(file) {     return new Promise(function(prom_res, prom_rej) {       // use fileReader       var fileReader = new FileReader();       fileReader.onloadend = function(e) {         file.content = e.target.result;         prom_res(file);       }       fileReader.onerror = function(e) {         prom_rej(e.target.error);       }       fileReader.readAsArrayBuffer(file);     });   })).then(function(files) {     // upload files     return Promise.all(files.map(function(file) {       return $  SP().list("8D5132D2-A458-4961-BCD6-FFD9CE964C0F").createFile({ //Doc lib UID         content:file.content,         filename:file.name,         fields:{             "Title":Title           }       });     }))   }).then(function(file) {         alert(file[0].Name+" has been uploaded");         console.log("Document " + file[0].Name+" has been uploaded to the Outgoing documents library");     }, function(error) {         console.log("Error: ",error);     }); } 

The error in Firefox console is

uncaught exception: [SharepointPlus ‘createFile’]: the file content is required.

Debugging the file object contents shows that it exists (the size in bytes is shown). Error handler doesn’t return an error text message. On the second click on the same form (without page refresh) uploads the file and gives success message. I’m stuck, if it is a SharePoint, JQuery or SharepointPlus issue, or some conflict. Normally, the file upload from the first click is expected as the same code works on other existing libraries.

File uploaded to SharePoint library using JQuery and SharePointPlus js lib only from second click

I’m using createFile() method of SharepointPlus 5.2 js library to upload a file to a SharePoint 2013 library. It works perfect on most of the SP libraries. But on newly created SP libraries it throws an error (the file content is required) on first click, and then makes a proper upload on the second click. How to solve this issue?

The Header section includes:

<script type="text/javascript" src="/_layouts/15/MicrosoftAjax.js"></script> <script type="text/javascript" src="/_layouts/15/sp.runtime.js"></script> <script type="text/javascript" src="/_layouts/15/sp.js"></script> <script type="text/javascript" src="/_layouts/15/init.js"></script> <script type="text/javascript" src="/_layouts/15/core.js"></script> <script type="text/javascript" src="/_layouts/15/1049/strings.js"></script> <script type="text/javascript" src="/_layouts/15/sp.ui.dialog.js"></script> <script type="text/javascript" src="/SiteAssets/_js/jquery-3.3.1.min.js"></script> <script type="text/javascript" src="/SiteAssets/_js/bootstrap.min.js"></script> <script type="text/javascript" src="/SiteAssets/_js/sharepointplus-5.2.min.js"></script> 

The HTML body:

<div data-role="form" class="container form">      <div data-field="Title">             <label class="form_label required">Title:</label><br>             <input class="form_field required" value=""></input>         </div>          <div id="fileUploadControl" >          <label class="form_label required">Document selection:</label><br/>          <input id="fileUploadInput" class="form_field" type="file"/>          </div>      <hr>      <div class="btn_panel">         <input type="button" class="btn" id="save_btn" name="Save" value="Save" onclick="_uploadFile();">          <input type="button" class="btn" id="cancel_btn" name="Cancel" value="Cancel">     </div>  </div> 

The JS function:

function _uploadFile() {    var Title = $  ('div[data-field="Title"] input').val();    var files = document.querySelector('#fileUploadInput').files;    files = Array.prototype.slice.call(files);   // read the files   Promise.all(files.map(function(file) {     return new Promise(function(prom_res, prom_rej) {       // use fileReader       var fileReader = new FileReader();       fileReader.onloadend = function(e) {         file.content = e.target.result;         prom_res(file);       }       fileReader.onerror = function(e) {         prom_rej(e.target.error);       }       fileReader.readAsArrayBuffer(file);     });   })).then(function(files) {     // upload files     return Promise.all(files.map(function(file) {       return $  SP().list("8D5132D2-A458-4961-BCD6-FFD9CE964C0F").createFile({ //Doc lib UID         content:file.content,         filename:file.name,         fields:{             "Title":Title           }       });     }))   }).then(function(file) {         alert(file[0].Name+" has been uploaded");         console.log("Document " + file[0].Name+" has been uploaded to the Outgoing documents library");     }, function(error) {         console.log("Error: ",error);     }); } 

The error in Firefox console is

uncaught exception: [SharepointPlus ‘createFile’]: the file content is required.

Debugging the file object contents shows that it exists (the size in bytes is shown). Error handler doesn’t return an error text message. On the second click on the same form (without page refresh) uploads the file and gives success message. I’m stuck, if it is a SharePoint, JQuery or SharepointPlus issue, or some conflict. Normally, the file upload from the first click is expected as the same code works on other existing libraries.

Is Progressive Web Apps accessible only from mobile, how to deploy

Hey guys,

Have you ever heard about Progressive Web Apps? I just hear about it today and I scoured every web corner to understand what it is. The information is so scant.

All I know is it's standalone app on the web and accessible via mobile.

The example of this feature is https://www.washingtonpost.com/pwa/

It cannot be accessed via desktop. Data on the web seems to fetch instantly once you tap on the link.

Do you have any idea how to they deployed it.

Thanks,

Will using CTR mode with unique IVs, but only one password for encrypting multiple files, leak data or keys?

I’m working on a project to encrypt many files with a single password.

The steps I will employ to encrypt the files are:

  1. user will execute a command similar to tool --encrypt --recurse directories/to/recurse and-other-files.txt
  2. the user will be prompted for a password
  3. two 64 byte crypto random salts and a 16 byte crypto random IV will be generated
  4. no 2 files will ever use the same salts or IV
  5. each individual salt will be combined with the password to create to 2 separate argon2id keys
  6. one key will be 32 bytes long and is used for the AES-256 cipher block
  7. the other will be 64 bytes long and will be used as the key for a sha-512 hmac
  8. the resulting encrypted file will be written as 2ByteVersion:64ByteHMACSalt:64ByteCipherBlockSalt:16ByteIV:EncryptedData:64ByteHMACSignature

I believe this would result in a reasonably secure, set of encrypted files. My main concern though, is that because of the way that users will use this tool, there is a good chance that they will accidentally encrypt small, easily guessed files.

And since CTR mode doesn’t require padding, anyone with access to the encrypted file will know the length of the plaintext file. It seems that CTR mode is considered secure for files, provided the IV is unique for each encryption run and the file is authenticated.

Is there a chance that the cipher key, HMAC key, or password could be derived through a known plaintext attack from enough small guessable files? Are there any other glaring flaws in my methodology that could leak data?

How can I tweak the Lost Mine of Phandelver for only 2 player characters?

I’m going to DM Lost Mine of Phandelver tomorrow for 2 friends who’ve never played the game before. I’ve never DM’d before either.

Would starting them off at level 2 be enough to compensate for the imbalance? Should I still scale the enemies down, and keep them at level 1, or maybe do both? Should I give them many more healing potions than what is suggested in the treasure sections?

I just don’t know. What’s the most effective way to scale this adventure down?

Can a wizard transcribe spells for which they only have spell slots? [duplicate]

This question already has an answer here:

  • Can a multiclass Wizard copy any Wizard spell they find into their spellbook? 4 answers

In a campaign that i’m playing in, my my Wizard 3/Cleric 2 has come across some new spells, the one in question being a 3rd level spell. Because of multi classing rules, he has 3rd level slots, but no spells of that level. Would it be possible to transcribe this spell into his spell book because he has spell slots, even though he does not currently have any of that level? If it matters, the subclasses are Bladesinger and Light Domain, and the spell is Animate Dead.

Content Approval on few columns only

I have one document library where there is content approval enabled.

I have one MS Flow that is triggered when property of document is modified. (for example someone opened option->approve/Reject the document).

The flow checks that if document is approved then I want to update one column in that document library.

but when my flow update that column the content approval status is changed to “Pending” again.

Can I create exception column that does not update the content approval status.

Why I am using content approval : 1. whenever anybody the changes any important columns the status is immediately changed to “pending” from “approved” (no need of MS Flow/Workflow/Event Receivers) 2. Approve/reject items from list view

Font only works in parts of LibreOffice

I am making charts in LibreOffice Calc — I’ve been able to set the font on the axes and titles to Times New Roman, but when I try to change the font on a text box I have inserted in to the chart, it tells me “This font has not been installed. The closest available font will be used.”

I’ve tried making sure the microsoft fonts are installed, ran the fc-cache command. Any ideas of what to try next?