Skip to content

Instantly share code, notes, and snippets.

Nov Matake nov

Block or report user

Report or block nov

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@nov
nov / globalsign_root_cert_expired.rb
Created Jan 30, 2014
GlobalSign Root Certificate (expired)
View globalsign_root_cert_expired.rb
require 'openssl'
root_cert = <<-CERT
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
View globalsign_public_key.rb
require 'openssl'
expired = <<-CERT
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
View SSL Error
nov-matake@nov ~$ curl https://userinfo.yahooapis.jp
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
View openssl s_client
nov.matake@tovl ~$ openssl s_client -connect userinfo.yahooapis.jp:443 -showcerts
CONNECTED(00000003)
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - G2
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=JP/ST=Tokyo/L=Minato-Ku/O=Yahoo Japan Corporation/CN=*.yahooapis.jp
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2
-----BEGIN CERTIFICATE-----
@nov
nov / globalsign_root_cert_latest.rb
Last active Aug 29, 2015
GlobalSign Root Certificate (latest)
View globalsign_root_cert_latest.rb
require 'openssl'
root_cert = <<-CERT
-----BEGIN CERTIFICATE-----
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
View gist:10152621
if (!crypto.subtle) {
crypto.subtle = crypto.webkitSubtle
}
// Encrypt some data using AES-CBC and alert() the result:
// ----------------------------------------
var keyBytes1 = asciiToArrayBufferView("raw key bytes 1.");
crypto.subtle.importKey('raw', keyBytes1, {name: 'aes-cbc'}, false, ['encrypt', 'decrypt']).then(function(key) {
// Initialization vector of all zeros.
var iv = asciiToArrayBufferView("16 bytes of iv..");
View gist:c702782baa98c75702dc
nov.matake@tovl ~$ curl -I https://www.iknow.jp/open_ids
HTTP/1.1 302 Moved Temporarily
Content-length: 160
Content-Type: text/html
Date: Thu, 08 May 2014 03:53:33 GMT
Location: https://iknow.jp/open_ids
Server: nginx/1.4.4
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
View gist:67c491166bed6f9cdb7e
nov.matake@tovl ~$ curl -I https://iknow.jp/open_ids
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-length: 248
Content-Type: text/html; charset=utf-8
Date: Thu, 08 May 2014 03:00:19 GMT
ETag: "d7f555eab7c746d1f7d362f1188832cc"
P3P: CP="CAO CURa ADMa DEVa TAIa IVAa HISa OUR BUS UNI NAV INT"
Server: nginx/1.4.4
Set-Cookie: csid=cffb1060b88a013140000a18ce984607; path=/; expires=Sun, 08-Jun-2014 03:00:19 GMT
View gist:b6173c3195fa49e1c668
nov.matake@tovl ~$ curl https://iknow.jp/discovery.xrds
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="0">
<Type>http://specs.openid.net/auth/2.0/return_to</Type>
<URI>https://iknow.jp/open_ids?_method=GET</URI>
</Service>
<Service priority="10">
<Type>http://specs.openid.net/extensions/ui/icon</Type>
View self_issued_device_token.rb
require 'openid_connect'
private_key = OpenSSL::PKey::RSA.generate(2048)
client = Rack::OAuth2::Client.new(
identifier: 'client.example.com',
host: 'server.example.com',
redirect_uri: 'myapp://callback'
)
You can’t perform that action at this time.