Skip to content

Instantly share code, notes, and snippets.

View raycoll's full-sized avatar

Steven Collison raycoll

19 followers · 10 following
View GitHub Profile
@raycoll
raycoll / ecdh_microbenchmark.c
Created May 1, 2021 15:55
ecdhe + ec_key_check_key microbenchmark
#include <openssl/opensslv.h>
#include <openssl/ecdh.h>
#include <openssl/evp.h>
#include <sys/time.h>
#include <stdio.h>
#include <stdint.h>
#include <sys/utsname.h>
#include <time.h>
struct curve_testcase
@raycoll
raycoll / aes.md
Last active March 7, 2020 19:40
Unacelerated AES Detection

High level test setup:

apache-bench <-> s2nd <-> python SimpleHTTPServer (serving ~1GB file)
  • Start up a simple webserver, this may limit overall thruput because it's a slow webserver but bulk encryption differences should dominate. This listens on port 8000 by default.
> python3 -m http.server
@raycoll
raycoll / gist:bb1cd91c8480be414809c5b77db5df88
Created May 30, 2019 17:59
FROM ubuntu:trusty
RUN mkdir -p /workplace/s2n
COPY s2n-master /workplace/s2n
RUN ls /workplace/s2n
RUN apt-get update
RUN apt-get -y install git \
python-software-properties \
software-properties-common
@raycoll
raycoll / gist:62a660602b9ec9fb67b6443f16732080
Last active November 22, 2023 11:39
ChaCha20 vs AES256-GCM with and without AES-NI
## Tested using Openssl 1.1.x dev
# Includes AES-NI instructions
> openssl speed -evp aes-256-gcm
Doing aes-256-gcm for 3s on 16 size blocks: 30117671 aes-256-gcm's in 3.00s
Doing aes-256-gcm for 3s on 64 size blocks: 22859303 aes-256-gcm's in 2.99s
Doing aes-256-gcm for 3s on 256 size blocks: 9684550 aes-256-gcm's in 3.00s
Doing aes-256-gcm for 3s on 1024 size blocks: 2922877 aes-256-gcm's in 3.00s
Doing aes-256-gcm for 3s on 8192 size blocks: 387788 aes-256-gcm's in 3.00s
Doing aes-256-gcm for 3s on 16384 size blocks: 194832 aes-256-gcm's in 3.00s
@raycoll
raycoll / gist:31eb527a9ceef3866fae3866847c0e98
Created October 15, 2017 18:39
This file has been truncated, but you can view the full file.
> find . -type f -print0 -name '*.c' -o -name '*.h' | pbcopy
./.git/COMMIT_EDITMSG./.git/config./.git/description./.git/FETCH_HEAD./.git/HEAD./.git/hooks/applypatch-msg.sample./.git/hooks/commit-msg.sample./.git/hooks/post-update.sample./.git/hooks/pre-applypatch.sample./.git/hooks/pre-commit.sample./.git/hooks/pre-push.sample./.git/hooks/pre-rebase.sample./.git/hooks/prepare-commit-msg.sample./.git/hooks/update.sample./.git/index./.git/info/exclude./.git/info/refs./.git/logs/HEAD./.git/logs/refs/heads/1024_dh_param./.git/logs/refs/heads/2017_chacha_prefs./.git/logs/refs/heads/apps_debug./.git/logs/refs/heads/bssl./.git/logs/refs/heads/cert_helper./.git/logs/refs/heads/chacha20-poly1305./.git/logs/refs/heads/chacha20_poly1305./.git/logs/refs/heads/chacha_prefs./.git/logs/refs/heads/chain_parsing./.git/logs/refs/heads/client_ext_fail_fix./.git/logs/refs/heads/client_pref./.git/logs/refs/heads/copyright./.git/logs/refs/heads/curve_name_tmp./.git/logs/refs/heads/custom_io_pipe./.g
@raycoll
raycoll / gist:055e0875e724c91ac27a149d2759634a
Created May 7, 2017 17:53
force rebuild docker compose
docker-compose rm --all && docker-compose build --no-cache
@raycoll
raycoll / gist:d364d20ec77c9ea3db0a99d84bb5d7dc
Created March 24, 2017 22:00
wire to s2n_cipher_preferences
sed -i 's/TLS_NULL_WITH_NULL_NULL/s2n_null_cipher_suite/g; s/TLS_RSA_WITH_RC4_128_MD5/s2n_rsa_with_rc4_128_md5/g; s/TLS_RSA_WITH_RC4_128_SHA/s2n_rsa_with_rc4_128_sha/g; s/TLS_RSA_WITH_3DES_EDE_CBC_SHA/s2n_rsa_with_3des_ede_cbc_sha/g; s/TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA/s2n_dhe_rsa_with_3des_ede_cbc_sha/g; s/TLS_RSA_WITH_AES_128_CBC_SHA/s2n_rsa_with_aes_128_cbc_sha/g; s/TLS_DHE_RSA_WITH_AES_128_CBC_SHA/s2n_dhe_rsa_with_aes_128_cbc_sha/g; s/TLS_RSA_WITH_AES_256_CBC_SHA/s2n_rsa_with_aes_256_cbc_sha/g; s/TLS_DHE_RSA_WITH_AES_256_CBC_SHA/s2n_dhe_rsa_with_aes_256_cbc_sha/g; s/TLS_RSA_WITH_AES_128_CBC_SHA256/s2n_rsa_with_aes_128_cbc_sha256/g; s/TLS_RSA_WITH_AES_256_CBC_SHA256/s2n_rsa_with_aes_256_cbc_sha256/g; s/TLS_DHE_RSA_WITH_AES_128_CBC_SHA256/s2n_dhe_rsa_with_aes_128_cbc_sha256/g; s/TLS_DHE_RSA_WITH_AES_256_CBC_SHA256/s2n_dhe_rsa_with_aes_256_cbc_sha256/g; s/TLS_RSA_WITH_AES_128_GCM_SHA256/s2n_rsa_with_aes_128_gcm_sha256/g; s/TLS_RSA_WITH_AES_256_GCM_SHA384/s2n_rsa_with_aes_256_gcm_sha384/g; s/TLS_DHE_RSA_WITH_
@raycoll
raycoll / keybase.md
Created March 3, 2017 05:21
keybase.md

Keybase proof

I hereby claim:

  • I am raycoll on github.
  • I am raycoll (https://keybase.io/raycoll) on keybase.
  • I have a public key ASCyTV1B49KeLoQj4KFYmOd0pJFJa91-4ELKCKxvo-C5QAo

To claim this, I am signing this object:

@raycoll
raycoll / gist:0af27b88562b12b980e93dc6d977580f
Created December 12, 2016 07:08
x25519 vs p-256
/w/x25519_test ❯❯❯ ../s2n/libcrypto-root-1.1.0-master/bin/openssl s_server -cipher $(../s2n/libcrypto-root-1.1.0-master/bin/openssl ciphers ECDHE) -curves X25519 -ign_eof -quiet -nbio
...
/w/s2n ❯❯❯ ./libcrypto-root-1.1.0-master/bin/openssl s_time -new -cipher ECDHE-RSA-AES256-GCM-SHA384
Collecting connection statistics for 30 seconds
**************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************