AlanSite

Raise a self hosted PKI (CA) on JavaCard using IsoApplet and OpenSSL

We have handle the fundamentals to JavaCard in last two articles, and completely setup a decentralized cryptography system (OpenPGP). So, in this, we’re going to raise up out PKI (CA) system so that we can issue certificates such as TLS and PIV on our JavaCard. The security and reliability of asymmetric cryptography depends crucially on the confidentiality of the private key. While the public key can be sent to anyone, it is absolutely important that the private key is not compromised. Smartcards have its own processor, RAM and even operating system. They are hermetically sealed from the rest of the system (i.e. the host computer that might be compromised). Also, the developers and manufacturers of smartcards take a huge effort to ensure that no confidential data can be extracted from the card when it is not intended, even by using costly and time-consuming methods such as electron microscopy. Read more

2026-03-22 Cryptography

OpenPGP, PIV, FIDO, NDEF on NXP J3R180 JavaCard and usage principles to ensure safety

In fact, in modern cryptographic systems, the most insecure element is humans; therefore, secure usage guidelines are essential. There’s a joke that describes this scenario: : What if I lose my key and an attacker knows my PIN? : The attacker is you. Do it better next time. Read more

2026-03-18 Cryptography

Introduction to JavaCard and Futhermore (NXP J3R180)

Simply Saying, JavaCard is a kind of SmartCard with JavaCard VM, which can run any JavaCard applet.The opening of Java Card specification makes JavaCard really easy to program instead of old-style Proprietary CPU Card that requires signing up for NDK. In that case, due to the cost of sharing their confidential documents, technical support and production, most of the Manufacturers will not even make a contract with you a little company!So that the JavaCard is the only way we can customize and program SmartCard as safe as CC EAL6+ at low cost. Read more

2026-03-16 Cryptography

Remote Control Relay Based on ESPHome and ESP8685

Driven by the lazy to turn off the lights when in bed, an attempt was made to upgrade the existing lighting fixtures to be intelligent. Choose ESP8685-WROOM-3 (i.e., ESP32-C3), the smallest vertically mounted ESP32 module, was selected. The power supply section uses an LS05-13B05R3 flyback module. Read more

2026-03-03 HomeAssistantEmbedded

Make a Bluetooth LE Coded PHY BTHomev2 Temperature and Humidity Sensor Using nRF52832

Since deploying Home Assistant, I’ve been compelled to measure and automate everything, so I urgently wanted to create a Bluetooth sensor. This project also marks my first attempt at using nRF and Zephyr with low-power optimization. The schematic is quite simple — just an nRF52832 and an SHT4x sensor, powered by a CR2032 battery. Therefore, stacking capacitors are needed to prevent restarts caused by voltage drops due to high internal resistance at low temperatures. Read more

2026-03-02 HomeAssistantEmbedded

Using the EmoePulse Avalanche Fast-Edge Generator to Generate True Random Numbers

In today’s world, cryptography has become the foundation of most digital infrastructure. The randomness in private key generation is a crucial prerequisite for modern cryptographic systems. Recently, I was gifted an EmoePulse transistor avalanche fast-edge generator by friend. Although this generator is designed primarily for rise-time testing or TDR (Time Domain Reflectometry) measurements, the intrinsic noise from such transistors can also be effectively used to generate cryptographically secure true random numbers. The following describes how we can build a true random number generator with no post-processing based on this device. Read more

2025-11-30 Cryptography

Build a Stratum 1 NTP Server using GNSS PPS Signal and chronyd

Recently, I bought a Wyse 5070 thin client and planned to turn it into an internal network comprehensive server. One of the goals is to set up a precise internal NTP server. Therefore, I used the existing GNSSDO’s PPS signal output through RS-232 DCD input to the thin client and used it as a PPS signal source to tame chronyd. The date and time information can be obtained either via NEMA messages or other NTP servers. Read more

2025-11-24 Time&Frequency

Narrowband 1:8 10MHz Reference Clock Distribution Amplifier

With the increasing number of time and frequency instruments in the laboratory, the two 10MHz reference outputs built into the GNSSDO are no longer sufficient for simultaneous operation. Therefore, a 1:8 10MHz clock distribution amplifier was designed and fabricated. Thanks to @滚筒洗衣机 for soldering most of the circuitry; this design is partly derived from the SRS FS730. Read more

2025-10-20 Time&Frequency

Construct an USB488 instrument with TinyUSB and scpi-parser on ESP32

IEEE 488, as well GP-IB, is an actual standard of communication and controling in electrical test and measuring devices, USB TMC USB488 device class implements multiple characters which IEEE 488 have. We are going to support following capabilities on ESP32: All MANDATORY SCPI SR1 - Support for SRQ DT1 - Support for device trigger RL0 - Not support for Local/Remote operations, this device designed to accept commands from an queue, there is no need for switching between two modes. Also, TinyUSB not supports that. Read more

2025-09-22 EmbeddedTest&Measure

Zynq7020 Flyby topology DDR3 Memory Test Results

Two and a half years ago, I drew my first flyby ddr3 memory layout when I first came into contact with high-speed PCBs. Later, although I have debugged many DDR3/DDR4 designs, I never tested this board that was already assembled. One reason is that the JTAG pin headers reserved are 1.27mm, making debugging inconvenient. Another reason is that this hardware needs several modifications to run normally. Finally, I got around to testing it, and here are the results: Read more

2025-09-06 VerilogHighspeedLayout