Skip to content

Instantly share code, notes, and snippets.

View agl's full-sized avatar

Adam Langley agl

1.4k followers · 0 following
View GitHub Profile
@agl
agl / NSS patch for cut-through.diff
Created October 15, 2009 23:03
diff --git a/mozilla/security/nss/lib/ssl/ssl.h b/mozilla/security/nss/lib/ssl/ssl.h
index 3026b48..94935a0 100644
--- a/mozilla/security/nss/lib/ssl/ssl.h
+++ b/mozilla/security/nss/lib/ssl/ssl.h
@@ -97,40 +97,42 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (on by default) */
#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
#define SSL_NO_CACHE 9 /* don't use the session cache */
/* (off by default) */
#define SSL_REQUIRE_CERTIFICATE 10 /* (SSL_REQUIRE_FIRST_HANDSHAKE */
@agl
agl / gist:212066
Created October 16, 2009 20:45
diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c
index 4c3d8e3..8e6acf8 100644
--- a/mozilla/security/nss/cmd/selfserv/selfserv.c
+++ b/mozilla/security/nss/cmd/selfserv/selfserv.c
@@ -200,6 +200,7 @@ Usage(const char *progName)
"-u means enable Session Ticket extension for TLS.\n"
"-v means verbose output\n"
"-x means use export policy.\n"
+"-z mean enable compression.\n"
"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
@agl
agl / nss-ocsp.diff
Created January 26, 2010 14:45
diff --git a/mozilla/security/nss/lib/certhigh/ocsp.c b/mozilla/security/nss/lib/certhigh/ocsp.c
index 0ffdb34..4a225df 100644
--- a/mozilla/security/nss/lib/certhigh/ocsp.c
+++ b/mozilla/security/nss/lib/certhigh/ocsp.c
@@ -4797,6 +4797,112 @@ CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
}
/*
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function caches the OCSP cache to see if a positive response
@agl
agl / nss-check-cert-in-shd.diff
Created January 26, 2010 16:22
diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/ssl/ssl3con.c
index 8d4b05d..414707e 100644
--- a/mozilla/security/nss/lib/ssl/ssl3con.c
+++ b/mozilla/security/nss/lib/ssl/ssl3con.c
@@ -5607,7 +5607,36 @@ ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
return rv;
}
+static SSL3AlertDescription
+ssl3_CertErrorToAlert(PRBool isTLS, int errCode)
@agl
agl / goimports.go
Created October 17, 2010 15:36
Go program to generate a dot file from the packages. Run from src/pkg.
package main
import (
"container/vector"
"fmt"
"go/ast"
"go/parser"
"go/token"
"io/ioutil"
"os"
@agl
agl / gist:876829
Created March 18, 2011 21:00
Proxy server for testing revocation
package main
import (
"bufio"
"fmt"
"io"
"net"
"strings"
)
@agl
agl / gen.go
Created April 15, 2012 17:34
GPG/X.509 certificates
package main
import (
"bytes"
"code.google.com/p/go.crypto/openpgp"
"crypto/rand"
"crypto/rsa"
"crypto/x509/pkix"
"encoding/pem"
"fmt"
@agl
agl / cacerts.go
Created March 31, 2013 20:44
package main
import (
"crypto/x509"
"fmt"
"io/ioutil"
"sync"
"strconv"
)
@agl
agl / test.c
Created September 13, 2014 15:21
VST forward issue.
#include <stdint.h>
typedef int64_t limb;
typedef int32_t s32;
void product(limb out[19], const limb *a, const limb *b) {
s32 t1, t2;
t1 = a[0];
t2 = b[0];
@agl
agl / gist:aac39429601667c588cc
Created October 4, 2014 15:14
1024-bit key, generated with OpenSSL, for purported factorisation.
If anyone can publish the two, non-trivial factors of this number (where neither is 1!) then they'll have my attention:
0xe5c30e1286c41c7137dc06194199dde641120de591c1b7392de35ef6a961d6d29faa3bcdb7603d42768a90322197a7a46fa2cf23f6f10de5554db6e7322ba35e858f576f840347c795c8782c3f4ef9f530d2fd1f6b5c275ce49404958f0decddd0b53386d12c745891d5eeca1f265bdf87bfe258cc7999dd1b21c570dddf1b33
In standard form:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlww4ShsQccTfcBhlBmd3mQRIN
5ZHBtzkt4172qWHW0p+qO823YD1CdoqQMiGXp6Rvos8j9vEN5VVNtucyK6NehY9X
b4QDR8eVyHgsP0759TDS/R9rXCdc5JQElY8N7N3QtTOG0Sx0WJHV7sofJlvfh7/i