Cooking Summer Rolls

Preparation 45 min, Cooking 5 min, Serves 8 rolls

Ingredients

The rolls

  • 60 grams rice vermicelli noodles
  • 8 rice wrappers (25 cm diameter)
  • 125g boneless, skinless chicken breast cooked and peeled
  • 2 tablespoons chopped fresh Thai basil
  • 3 tablespoons chopped fresh mint leaves
  • 3 tablespoons chopped fresh coriander
  • 2 leaves green leaf lettuce, chopped

The Sauce

  • 125 ml Thai Sweet Chili Sauce
  • 1 tablespoon sugar
  • 125 ml hot water
  • 1 tablespoon fish sauce

Instructions

Bring a medium saucepan of water to boil. Boil rice vermicelli 3 to 5 minutes, or until al dente, and drain.
Fill a large bowl with warm water. Dip one wrapper into the hot water for 1 second to soften. Lay a wrapper flat. In a row across the center, place 2-3 slices of peeled chicken, a small handful of vermicelli, basil, mint, coriander and lettuce, leaving about 5 centimeters uncovered on each side. Fold
uncovered sides inward, then tightly roll the wrapper, beginning at the end with the lettuce.

Repeat with remaining ingredients.

In a small bowl, heat 125 ml water with sugar until completely dissolved. Stir in sweet chili sauce and fish sauce. Mix well. *Optional: Add chopped chilies and
crushed peanuts to your sauce for added spice and crunch.

Yummy yummy into my tummy

How to make Red Curry Paste

Ingredients

  • 3 teaspoons white pepper corns
  • ½ teaspoon cumin powder
  • ½ teaspoon coriander powder
  • 8 dry red spur chilies (soaked in water for about 10 minutes to soften them)
  • ½ teaspoon salt
  • 10 – 14 small cloves of garlic
  • 5 small shallots (Thai shallots are the size of grapes, so it’s about 2 tablespoons worth)
  • 1 tablespoon finely sliced lemongrass
  • 1 tablespoon finely sliced coriander roots
  • 1 tablespoon finely sliced ginger
  • Skin of ½ lime

Instructions

Using a mortar and pestle is the easiest way. If you don’t have one, you can use a blender to make this red curry paste recipe.
First, smash the dry ingredients. Add 3 teaspoons of white pepper corns to your mortar and pound it until it’s a fine powder.
Add ½ teaspoon of cumin and ½ teaspoon of coriander to the pepper and mix it all thoroughly, and then set them aside in a small bowl.

NOTE: If you only have pre-ground white pepper, you can eliminate the first step and just mix these 3 spices together in a small bowl.

Take 8 dry spur chilies (prik chee fa haeng), soak them in water for a few minutes to re-hydrate them, then drain the chilies. Cut off their stems, and you can then chop them into small centimeter pieces. You can take out the seeds to make their red curry paste less spicy.
Add the chopped dry chilies to the mortar along with ½ teaspoon of salt and start pounding. Keep on pounding for about 5 – 10 minutes until most of the chilies are nice and broken, the oils are coming out, and it’s starting to looks almost tomatoey.
Step back over to your chopping board and peel about 10 – 14 cloves of garlic. If the cloves are really big, use about 8.
Next peel 5 small shallots Chop them into small pieces.
Take 1 stalk of lemongrass, pull off and discard the outermost leaf, and then slice it from the bottom into small slivers. You want enough for 1 tablespoon.
Take the fresh coriander roots from about 3 stalks, cut off the roots, slice them into small pieces, and again you want about 1 tablespoon worth of coriander roots
Take your ginger and slice it into pieces, enough for 1 tablespoon worth.
Next take a fresh lime and slice off only the green skin. You want to slice off the skin very delicately, making sure you get mostly green, not cutting off any of the white pith. I used the skin from about ½ of the lime.
Toss all of those ingredients into the already pounded chilies. Pound and pound until you’ve got a buttery, oily, and extremely fragrant Thai red curry paste. This should take anywhere from 15 – 30 minutes, again, you can alternatively use a blender or food processor.
When your paste is buttery and smooth, go back to your bowl of white pepper and dry spices, and mix it into the paste. Mix it all in and smooth it out.
Done :)

JavaScript loop / foreach an object

Coming from PHP I wondered how do to a simple foreach() in JavaScript.

function loopObject($object) {
    for (const [$key, $value] of Object.entries($object)) {
        // dome something
    }
}

Not that once I found the entries function. Why I use the dollar sign $ for the variables? It is a habit and easier to read and it avoids conflicts with language reserved words.

Obsolete key exchange mechanisms alias crypto wars part eleven

Obsolete key exchange mechanisms alias crypto wars part eleven

Especially weak key exchange mechanisms indicated by the cipher suite include those designated as EXPORT or ANON;  cipher suites using these key exchange mechanisms should not be used. Even if the cipher suite used in a TLS session is acceptable, a key exchange mechanism may use weak keys that allow exploitation. TLS key exchange methods include RSA key transport and DH or ECDH key establishment. DH and ECDH include static as well as ephemeral mechanisms. NSA recommends RSA key transport and ephemeral DH (DHE) or ECDH (ECDHE) mechanisms, with RSA or DHE key exchange using at least 3072-bit keys and ECDHE key exchanges using the secp384r1 elliptic curve. For RSA key transport and DH/DHE key exchange,  keys less than 2048 bits should not be used,  and ECDH/ECDHE using custom curves should not be used. The use of custom public key parameters in key exchange messages is deprecated per RFC 8422 Section 5.1.1

The recommended configuration is the following

Header always set Strict-Transport-Security "max-age=15553000; preload"
SSLUseStapling On
SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000)
SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000)
SSLOptions +StrictRequire +StdEnvVars -ExportCertData
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384
SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384

SSLOpenSSLConfCmd ECDHParameters secp521r1
SSLOpenSSLConfCmd Curves sect571r1:sect571k1:secp521r1:sect409k1:sect409r1:secp384r1

H2Direct On

SSLOpenSSLConfCmd SignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256
SSLOpenSSLConfCmd ClientSignatureAlgorithms rsa_pss_rsae_sha512:rsa_pss_rsae_sha256:ECDSA+SHA512:ECDSA+SHA256:RSA+SHA512:RSA+SHA256

The only difference is the behavior of auto escaping in twig

Imagine you have a var variable containing: <div>I'm happy</div>.

On index.twig, {{ var }} will render <div>I'm happy</div>.

On index.html.twig, {{ var }} will render &lt;div&gt;I&#039;m happy&lt;div&gt;

On index.js.twig, {{ var }} will render \x3Cdiv\x3EI\x27m\x20happy\x3Cdiv\x3E

And so on.

Always use the right extension to avoid any XSS vulnerability, and
always use |raw wisely because it overlaps this extension’s implicit protection.

Apache security headers

A good starting point for apache security headers

<IfModule mod_headers.c>
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Expect-CT "max-age=86400, enforce"
    Header always set Feature-Policy "\
        geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; \
        magnetometer 'none'; accelerometer 'none'; vr 'none'; \
        speaker 'none'; ambient-light-sensor 'none'; gyroscope 'none'; \
        microphone 'none'"
    Header always set Content-Security-Policy "\
        default-src 'self' 'unsafe-inline' data:;\
        font-src 'self' 'unsafe-inline' fonts.gstatic.com data:; \
        style-src 'self' 'unsafe-inline' fonts.googleapis.com; \
        script-src 'self' 'unsafe-inline' 'unsafe-eval';"
    Header always set Access-Control-Allow-Origin "*"
    Header always set X-Content-Type-Options nosniff
</IfModule>

Convert pfx certificate for apache

This is more or less a hint for me how to do it. Maybe it helps you, too.

openssl pkcs12 -in example.com.pfx -clcerts -nokeys -out example.com.crt
openssl pkcs12 -in example.com.pfx -nocerts -out example.com-encrypted.key
openssl rsa -in cert-encrypted.key -out example.com.key
openssl pkcs12 -in example.com.pfx -cacerts -nokeys -out ca-cert.ca

Then in the apache config

SSLCertificateFile certs/example.com.crt
SSLCACertificateFile certs/ca-cert.ca
SSLCertificateKeyFile certs/example.com.key

Marios’ version of Kimchi

This is my version of Kimchi. There are gazillion versions of Kimchi and this is mine.

Since I’m lazy and don’t want to browse a special Asian store, I changed some ingredients to fit what I can buy and have a similar result.

Paprika powder
Cayenne pepper powder
120g Salt
2 medium sized Onions
4 Garlic cloves
1 thumb sized piece Ginger
1 kg Chinese cabbage
1 tablespoon sugar
2 tablespoons Rice flour
1 small pot
1.5 Liter Jar mit a closing lit
1 Large bowl

Fill the bowl with2  Liters / 8 cups of water and mix  in the salt. Stir until the .salt is resolved
Cut the Chinese cabbage into 1 inch / 2.5 cm size big pieces. Put it into the bowl and leave it there for 3 to 4 hours.

Chop the onions, the garlic, and the ginger very fine.

The Marinade:

Put 250 ml / 1 cup of cold water into the pot. Stir in the rice flour and the sugar. Cook it for 5 minutes with constant stirring. Now let it cool. Add some paprika powder and the Cayenne pepper. Add as much until it fits your spice level. Add the chopped ingredients. Mix it well.

After the 3 to 4 hours drain the Chinese cabbage as much as possible. Add the marinade and mix it well with your hands. You might use gloves as it might be too spicy for your hand. Fill the jar with the result. Push it down so that no air bubbles are inside. Leave a space about an inch / 2.5 cm, otherwise the jar might explode or the juice will come ot of the jar. Close the lid. Let it stand in your kitchen or wherever, but keep it away from sunlight. Once a day open the lid and let the fermentation gases out of the jar. Push the Chinese cabbage down, that nothing is floating on the surface. After 3 days see if it is sour enough for you. You can wait up to 5 days. Now put the jar into a fridge. After 7 days in the fridge the Kimchi is ready to eat. Kimchi can be stored up to 3 month in the fridge. The fermentation process will continue in the fridge, but much slower.After you took out some of the kimchi to consume it, push the rest of it down into the jar. Never use a spoon or something that has your saliva on the to get something out of the jar, your kimchi would spoil very fast.

Author Archive

Archives by Month: