String Splitting in C

For a project I’ve been working on I needed to split a string into it’s component parts. There is `strtok` which I find useless for pretty much any task. It is not thread-safe, nor is it re-entrant, which makes it impossible to parse two strings (in a loop) at once. Yet another issue with `strtok` […]

Constant Time String Comparison in C

Comparing strings in C is typically handled with `strncmp`. This is fine in most cases but if you need to compare sensitive information, such as a message digest, it’s a really bad choice. `strncmp` is susceptible to timing attacks because it will stop comparing once the first difference is encountered. The overall design of constant […]

Efficient C String Builder

One task that always annoys me when I work with C is building strings. `snprintf` is all well and good if I know exactly the format I want. It falls down with anything that needs to be build iteratively and dynamically. Other languages that have built in strings will automatically create a new string when […]

Interop Objective-C Objects In C Using ARC

Introduction Using C functions from Objective-C is very easy but going the other way isn’t so easy. Especially with ARC which can destroy the object out from under you because C code is outside of ARC. With ARC Objective-C objects are no longer allowed in C structs for this very reason. Here is a situation […]

Client Side Session Cache in OpenSSL

Building on Server Side Session Cache in OpenSSL we need to deal with the Client side. The OpenSSL documentation for SSL_CTX_set_session_cache_mode has an option for client caching. However, it states that, “the application must select the session to be reused by using the SSL_set_session(3) function.” It also states that the client cache is not enabled […]

Server Side Session Cache in OpenSSL

At work (information posed with permission from my employer) we’ve been looking into session caching with OpenSSL. We started this by looking at the server and found that by default OpenSSL will enable and use a session cache when acting as the server. However, there are two major things we found in how it works. […]

Enable DH and ECDH in OpenSSL (Server)

Recently at work we were looking into Forward Secrecy (FS). We were using Qualys SSL Server Test and noticed that Forward Secrecy was showing as NO. We decided to look into this because we want to use the most robust security we can. What we found was none of the supported cipher suites showed Diffie–Hellman […]

Extending an Application with Lua Plugins

Introduction A very common use of the Lua language (which is a very versatile) is using Lua to extend an application via plugins. Many popular games use Lua for this very purpose. Adding a plugin framework to an existing application is trivial with Lua. Also, Lua provides a very capable and easy to use language […]

My SixAxis Pairing Tool

I was looking for a way to use a PlayStation Dual Sock 3 SixAxis controller (that is a mouthful of a name) with my Android phone. I found Dancing Pixel Studios Sixaxis Controller app which looked like the only real solution. It requires root which isn’t a problem because for me because I have Cyanogenmod […]

Using Lua as a Templating Engine

Introduction There are a lot of templating engines to choose from. The vast majority of which are primarily geared toward the web. Meaning they’re specially designed for outputting HTML/XML documents. Lua provides more flexibility and can easily be used as a general templating engine. Also, Lua is very easy to embed and use from a […]