Skip to content

Instantly share code, notes, and snippets.

absoluteURI = /[A-Za-z](?:[\+\-\.]|[A-Za-z]|\d)*:(?:\/\/(?:(?::|(?:[\-\._~]|[A-Za-z]|\d)|%(?:(?:[A-Fa-f]|\d)){2}|[!$&'\(\)\*\+,;=])*@)?(?:\[(?:(?:(?:(?:(?:[A-Fa-f]|\d)){1,4}:){6}(?:(?:(?:[A-Fa-f]|\d)){1,4}:(?:(?:[A-Fa-f]|\d)){1,4}|(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5]))|::(?:(?:(?:[A-Fa-f]|\d)){1,4}:){5}(?:(?:(?:[A-Fa-f]|\d)){1,4}:(?:(?:[A-Fa-f]|\d)){1,4}|(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5]))|(?:(?:(?:[A-Fa-f]|\d)){1,4})?::(?:(?:(?:[A-Fa-f]|\d)){1,4}:){4}(?:(?:(?:[A-Fa-f]|\d)){1,4}:(?:(?:[A-Fa-f]|\d)){1,4}|(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5])\.(?:\d|[1-9]\d|1(?:\d){2}|2[0-4]\d|25[0-5]))|(?:(?:(?:(?:[A-Fa-f]|\d)){1,4}:)?(?:(?:[A-Fa-f]|\d)){1,4})?::(
@martinthomson
martinthomson / minq_test.go
Created February 26, 2018 09:11
Compare minq and golang TCP IO discipline
package minhq_test
import (
"io"
"net"
"testing"
"github.com/ekr/minq"
"github.com/stvp/assert"
)

Keybase proof

I hereby claim:

  • I am martinthomson on github.
  • I am martinthomson (https://keybase.io/martinthomson) on keybase.
  • I have a public key ASDuem6wah9reI_8gyoUXVgD_mzE5F_JqofPsxvhEKvHFwo

To claim this, I am signing this object:

@martinthomson
martinthomson / pn_test.go
Last active August 2, 2018 06:36
Test of different packet number recovery options
package minq_test
import "testing"
func recoverMinq(expected uint64, pn uint64, size int) uint64 {
// Mask off the top of the expected sequence number
mask := uint64(1)
mask = (mask << (uint8(size) * 8)) - 1
expectedLow := mask & expected
high := ^mask & expected
@martinthomson
martinthomson / example.js
Last active December 24, 2018 07:03
minimal node.js implementation for QUIC test vector
var buffer = require('buffer');
var crypto = require('crypto');
var assert = require('assert');
var INITIAL_SECRET = Buffer.from('ef4fb0abb47470c41befcf8031334fae485e09a0', 'hex');
var SHA256 = 'sha256';
var AES_GCM = 'aes-128-gcm';
var AES_ECB = 'aes-128-ecb';
function log(m, k) {
<dsig:Transform id="selective"
Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:XPath
xmlns:pidf="urn:ietf:params:xml:ns:pidf"
xmlns:gp="urn:ietf:params:xml:ns:pidf:geopriv10"
xmlns:dep="urn:ietf:params:xml:ns:pidf:geopriv10:dsig"
xmlns:dm="urn:ietf:params:xml:ns:pidf:data-model">
<!-- The 'presence' element -->
diff --git a/draft-ietf-quic-http.txt b/draft-ietf-quic-http.mnot.txt
index 922b3770..fdd6cf0e 100644
--- a/draft-ietf-quic-http.txt
+++ b/draft-ietf-quic-http.mnot.txt
@@ -1032,23 +1032,23 @@ Table of Contents
response is important. The server SHOULD send PUSH_PROMISE frames
prior to sending HEADERS or DATA frames that reference the promised
responses. This reduces the chance that a client requests a resource
that will be pushed by the server.
@martinthomson
martinthomson / ohttp-charter.md
Last active March 17, 2021 05:14
Proposed charter for OHTTP working group

Oblivious HTTP Working Group (OHTTP) Charter

In a number of different settings, interactions between clients and servers involve information that could be sensitive when associated with client identity.

Client-server protocols like HTTP reveal aspects of client identity to servers through these interactions, especially source addresses. Even without client identity, a server might be able to build a profile of client activity by correlating requests from the same client over time.

@martinthomson
martinthomson / key-schedule.md
Last active June 13, 2021 07:43
QUIC Key Schedule

The TLS key schedule looks like this:

TLS Key Schedule

QUIC effectively exports the various traffic secrets, so I had assumed that its use of the different base label in HKDF-Expand-Label() would be limited to those uses that were after that export. I forgot key update when writing this up, but that was fixed in #1899.

QUIC Key Schedule

However, in looking at what people implemented, it appears that the base label they use was used for the entirety of the TLS key schedule.

@martinthomson
martinthomson / README
Created December 8, 2021 05:59
Test vector script for QUICv2
Run this with an argument of the version number (in hex).
This is a copy of what I used for QUICv1.