Rob Stradling robstradling
robstradling
/ heartbleed.c
Last active
August 29, 2015 13:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* History: | |
| * v1.0 - (Rob Stradling) Original version. | |
| * v1.1 - (Tim Hudson) Use SSL_get_ssl_method() instead of ssl3_write_bytes(). | |
| * | |
| * gcc -ansi -pedantic -o heartbleed heartbleed.c -lssl -lcrypto | |
| */ | |
| #include <stdio.h> | |
| #include "openssl/rand.h" | |
| #include "openssl/ssl.h" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN PUBLIC KEY----- | |
| MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOfifIGLUV1Voou9JLfA5LZreRLSU | |
| MOCeeic8q3Dw0fpRkGMWV0Gtq20fgHQweQJeLVmEByQj9p81uIW4QkWkTw== | |
| -----END PUBLIC KEY----- |
robstradling
/ symantec_partner_ct_email_may2016.txt
Last active
May 25, 2016 13:55
Symantec email to their Partners regarding CT
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From: Symantec Alert Notification [mailto:updates@news.symantec.com] | |
| Sent: 21 May 2016 | |
| Subject: Urgent! Your Immediate Response Is Required | |
| Dear Partner, | |
| Your immediate response is required to avoid triggering "Untrusted" | |
| warnings from Chrome for your customers' websites. | |
| We would like to inform you about a new requirement in Google Chrome |
robstradling
/ wosign_log_entries_109153_to_109405.tsv
Created
September 8, 2016 10:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Entry ID | Entry Timestamp (UTC) | Not Before (UTC) | Not Before (CST) | |
|---|---|---|---|---|
| 109153 | 2016-09-02 04:50:53.767 | 2015-12-20 12:02:09 | 2015-12-20 18:02:09+00 | |
| 109154 | 2016-09-02 04:50:54.079 | 2015-12-31 09:42:24 | 2015-12-31 15:42:24+00 | |
| 109155 | 2016-09-02 04:50:54.858 | 2015-12-31 10:02:07 | 2015-12-31 16:02:07+00 | |
| 109156 | 2016-09-02 04:50:55.065 | 2015-12-31 10:29:36 | 2015-12-31 16:29:36+00 | |
| 109157 | 2016-09-02 04:50:55.784 | 2015-12-31 10:10:11 | 2015-12-31 16:10:11+00 | |
| 109158 | 2016-09-02 04:50:56.062 | 2015-12-31 10:21:42 | 2015-12-31 16:21:42+00 | |
| 109159 | 2016-09-02 04:50:56.264 | 2015-12-31 10:26:07 | 2015-12-31 16:26:07+00 | |
| 109160 | 2016-09-02 04:50:56.467 | 2015-12-31 10:15:16 | 2015-12-31 16:15:16+00 | |
| 109161 | 2016-09-02 04:50:56.775 | 2015-12-20 08:07:49 | 2015-12-20 14:07:49+00 |
robstradling
/ gen_json_for_add_chain.sh
Created
July 19, 2017 20:30
Generate add-chain JSON (assume no chain is needed)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo -n "{\"chain\":[\"" | |
| INPUT_FILE=`mktemp` | |
| echo $1 | sed "s/^/openssl base64 -d -in /g" | sed "s/$/ | base64 -w0/g" > $INPUT_FILE | |
| chmod 755 $INPUT_FILE | |
| $INPUT_FILE | |
| rm $INPUT_FILE | |
| echo "\"]}" |
robstradling
/ roca.c
Last active
December 28, 2018 22:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* roca.c - ROCA (CVE-2017-15361) fingerprint checker. | |
| * Written by Rob Stradling (based on https://github.com/crocs-muni/roca/blob/master/roca/detect.py) | |
| * Copyright (C) 2017-2018 Sectigo Limited | |
| * | |
| * This program is free software: you can redistribute it and/or modify | |
| * it under the terms of the GNU General Public License as published by | |
| * the Free Software Foundation, either version 2 of the License, or | |
| * (at your option) any later version. | |
| * | |
| * This program is distributed in the hope that it will be useful, |
robstradling
/ how_many_cas_are_there.txt
Last active
May 1, 2020 21:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AC Camerfirma, S.A. | |
| Actalis | |
| ADACOM S.A. | |
| Agencia Notarial de Certificación (ANCERT) | |
| Amazon Trust Services | |
| AOL | |
| Apple Inc. | |
| Asseco Data Systems S.A. (previously Unizeto Certum) | |
| Athens Exchange S.A. (Athex) | |
| Atos |
robstradling
/ mozilla_ca_certs_with_ocspsigning_eku.sql
Last active
July 3, 2020 14:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WITH mozilla_server_cas AS ( | |
| SELECT DISTINCT ctp.CA_ID | |
| FROM ca_trust_purpose ctp | |
| WHERE ctp.TRUST_CONTEXT_ID = 5 /* Mozilla */ | |
| AND ctp.TRUST_PURPOSE_ID = 1 /* Server Authentication */ | |
| ) | |
| SELECT c.ID, | |
| coalesce(cc.CA_OWNER, cc.INCLUDED_CERTIFICATE_OWNER) as CA_OWNER, | |
| CASE WHEN mo.CERTIFICATE_ID IS NOT NULL THEN 'Revoked' ELSE 'Unrevoked' END as ONECRL_STATUS, | |
| x509_signatureHashAlgorithm(c.CERTIFICATE) as SIG_HASH_ALG, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chrome_ev: | |
| gcc -o chrome_ev chrome_ev.cc |
robstradling
/ unexpired_server_certs_key_sizes_20210107.csv
Last active
January 7, 2021 11:24
Survey of key sizes in unexpired publicly-trusted server certs, as of 2021-01-07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Count | Key Algorithm | Key Size | min(crt.sh ID) | max(crt.sh ID) | |
|---|---|---|---|---|---|
| 403267520 | RSA | 2048 | 14 | 3887788878 | |
| 67076276 | EC | 256 | 2771492 | 3887788865 | |
| 57012579 | RSA | 4096 | 398 | 3887788867 | |
| 6467447 | EC | 384 | 2771491 | 3887788832 | |
| 3098147 | RSA | 3072 | 12070670 | 3887788756 | |
| 4658 | RSA | 8192 | 242899024 | 3886849719 | |
| 695 | RSA | 1024 | 42 | 3702550713 | |
| 116 | RSA | 3456 | 1237838607 | 3882686786 | |
| 103 | RSA | 4048 | 1112885148 | 3815023853 |
OlderNewer