-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 5730a7a
Showing
3,764 changed files
with
1,221,505 additions
and
0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # TLS-N implementation for NSS | ||
|
|
||
| This is the prototype [TLS-N](https://tls-n.org) implementation based on Mozilla's [NSS](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS) library. | ||
|
|
||
| ## Main Library | ||
| The main library file can be found inside (nss/lib/ssl/tlsproof.c). Here the most important functions are: | ||
|
|
||
| ``` tlsproof_addMessageToProof ``` | ||
| This function adds a record to the evidence calculation. | ||
|
|
||
| ``` SSL_TLSProofRequestProof ``` | ||
| The requester calls this function to trigger the evidence request. | ||
|
|
||
| ``` tlsproof_handleMessageRequest ``` | ||
| The function used by the generator to finalize the evidence. | ||
|
|
||
| ``` tlsproof_handleMessageResponse ``` | ||
| Uses the supplied evidence to create a proof according to the user's wishes. | ||
|
|
||
| ``` SSL_TLSProofCheckProof ``` | ||
| Verifies a given proof. | ||
|
|
||
| ### Test Applications | ||
| We have also provided multiple test applications, such as: | ||
| * A standalone [verifier](nss/cmd/verifier) that verifies proofs. | ||
| * A [client](nss/cmd/randtrafficClient) and [server](randtrafficServer) application to test TLS-N with a specified amount of random traffic. | ||
| * A [bechmarking](nss/cmd/benchmark) app for TLS-N. | ||
|
|
||
| #### Test-CA | ||
| For testing purposes we provide a Test CA with a test certiface for ```tls-n.testserver```. The certificate store has an empty password. You have to resolve this hostname accordingly in DNS. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| ps -ef > noise.txt | ||
| date >> noise.txt | ||
| mkdir server_db | ||
| cd server_db | ||
| certutil -N --empty-password -d . | ||
| echo -e "5\n6\n7\ny\ny\n\ny\n" | certutil -S -s "CN=TLS-N Root CA" -k ec -q secp256r1 -n tlsproofca -x -t "C,C,C" -1 -2 -d . -z ../noise.txt # 5,6,7,y,y,,y | ||
| ps -ef > ../noise.txt | ||
| date >> ../noise.txt | ||
| date "+%N" >> ../noise.txt | ||
| certutil -R -k ec -q secp256r1 -s "CN=tls-n.testserver,O=TLS-N,C=NN" -d . -u V -a -f pwd.txt -o cert.req -z ../noise.txt | ||
| openssl req -in cert.req -out cert.req2 -outform DER | ||
| certutil -C -i cert.req2 -o server.crt -c tlsproofca -f pwd.txt -d . | ||
| certutil -A -n tlsproofserver.com -t "u,u,u" -i server.crt -f pwd.txt -d . | ||
| cd .. | ||
| mkdir client_db | ||
| cp server_db/* client_db | ||
| cd client_db | ||
| certutil -D -d . -f pwd.txt -n tls-n.testserver | ||
| cd .. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
|
|
||
| Certificate request generated by Netscape certutil | ||
| Phone: (not specified) | ||
|
|
||
| Common Name: tls-n.testserver | ||
| Email: (not specified) | ||
| Organization: TLS-N | ||
| State: (not specified) | ||
| Country: NN | ||
|
|
||
| -----BEGIN NEW CERTIFICATE REQUEST----- | ||
| MIH0MIGaAgEAMDgxCzAJBgNVBAYTAk5OMQ4wDAYDVQQKEwVUTFMtTjEZMBcGA1UE | ||
| AxMQdGxzLW4udGVzdHNlcnZlcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKTR | ||
| iNOt2VpeI+llhXEmHXzmAvuhv/OmnbPsDkfI+/HO3EJUVv1E/ad6UWPm/7cSAm20 | ||
| BsVLe95KJ42mPvKMgxWgADAKBggqhkjOPQQDAgNJADBGAiEAwG4kqlSisqkKl1St | ||
| nsBYQYKNPIXD/W0tx3pworFZt+MCIQDn72ZDAAmqs3rH/+ScIT934Z0Vcc4J9kpc | ||
| C4IdQnqXeQ== | ||
| -----END NEW CERTIFICATE REQUEST----- |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
|
|
||
| Certificate request generated by Netscape certutil | ||
| Phone: (not specified) | ||
|
|
||
| Common Name: tls-n.testserver | ||
| Email: (not specified) | ||
| Organization: TLS-N | ||
| State: (not specified) | ||
| Country: NN | ||
|
|
||
| -----BEGIN NEW CERTIFICATE REQUEST----- | ||
| MIH0MIGaAgEAMDgxCzAJBgNVBAYTAk5OMQ4wDAYDVQQKEwVUTFMtTjEZMBcGA1UE | ||
| AxMQdGxzLW4udGVzdHNlcnZlcjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKTR | ||
| iNOt2VpeI+llhXEmHXzmAvuhv/OmnbPsDkfI+/HO3EJUVv1E/ad6UWPm/7cSAm20 | ||
| BsVLe95KJ42mPvKMgxWgADAKBggqhkjOPQQDAgNJADBGAiEAwG4kqlSisqkKl1St | ||
| nsBYQYKNPIXD/W0tx3pworFZt+MCIQDn72ZDAAmqs3rH/+ScIT934Z0Vcc4J9kpc | ||
| C4IdQnqXeQ== | ||
| -----END NEW CERTIFICATE REQUEST----- |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| --- | ||
| Language: Cpp | ||
| # BasedOnStyle: Mozilla | ||
| AccessModifierOffset: -2 | ||
| AlignAfterOpenBracket: true | ||
| AlignEscapedNewlinesLeft: false | ||
| AlignOperands: true | ||
| AlignTrailingComments: true | ||
| AllowAllParametersOfDeclarationOnNextLine: false | ||
| AllowShortBlocksOnASingleLine: false | ||
| AllowShortCaseLabelsOnASingleLine: false | ||
| AllowShortIfStatementsOnASingleLine: false | ||
| AllowShortLoopsOnASingleLine: false | ||
| AllowShortFunctionsOnASingleLine: All | ||
| AlwaysBreakAfterDefinitionReturnType: true | ||
| AlwaysBreakTemplateDeclarations: false | ||
| AlwaysBreakBeforeMultilineStrings: false | ||
| BreakBeforeBinaryOperators: false | ||
| BreakBeforeTernaryOperators: true | ||
| BreakConstructorInitializersBeforeComma: false | ||
| BinPackParameters: true | ||
| BinPackArguments: true | ||
| ColumnLimit: 0 | ||
| ConstructorInitializerAllOnOneLineOrOnePerLine: true | ||
| ConstructorInitializerIndentWidth: 4 | ||
| DerivePointerAlignment: true | ||
| ExperimentalAutoDetectBinPacking: false | ||
| IndentCaseLabels: true | ||
| IndentWrappedFunctionNames: false | ||
| IndentFunctionDeclarationAfterType: false | ||
| MaxEmptyLinesToKeep: 1 | ||
| KeepEmptyLinesAtTheStartOfBlocks: true | ||
| NamespaceIndentation: None | ||
| ObjCBlockIndentWidth: 2 | ||
| ObjCSpaceAfterProperty: true | ||
| ObjCSpaceBeforeProtocolList: false | ||
| PenaltyBreakBeforeFirstCallParameter: 19 | ||
| PenaltyBreakComment: 300 | ||
| PenaltyBreakString: 1000 | ||
| PenaltyBreakFirstLessLess: 120 | ||
| PenaltyExcessCharacter: 1000000 | ||
| PenaltyReturnTypeOnItsOwnLine: 200 | ||
| PointerAlignment: Right | ||
| SpacesBeforeTrailingComments: 1 | ||
| Cpp11BracedListStyle: false | ||
| Standard: Cpp03 | ||
| IndentWidth: 4 | ||
| TabWidth: 8 | ||
| UseTab: Never | ||
| BreakBeforeBraces: Linux | ||
| SpacesInParentheses: false | ||
| SpacesInSquareBrackets: false | ||
| SpacesInAngles: false | ||
| SpaceInEmptyParentheses: false | ||
| SpacesInCStyleCastParentheses: false | ||
| SpaceAfterCStyleCast: false | ||
| SpacesInContainerLiterals: true | ||
| SpaceBeforeAssignmentOperators: true | ||
| ContinuationIndentWidth: 4 | ||
| CommentPragmas: '^ IWYU pragma:' | ||
| ForEachMacros: [ foreach, Q_FOREACH, BOOST_FOREACH ] | ||
| SpaceBeforeParens: ControlStatements | ||
| DisableFormat: false | ||
| SortIncludes: false | ||
| ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| *~ | ||
| *.swp | ||
| *OPT.OBJ/ | ||
| *DBG.OBJ/ | ||
| *DBG.OBJD/ | ||
| out/* | ||
| *.pyc | ||
| *.bak | ||
| *.out | ||
| *.rej | ||
| *.patch | ||
| GPATH | ||
| GRTAGS | ||
| GTAGS | ||
| #* | ||
| .#* | ||
| .ycm_extra_conf.py* | ||
| fuzz/libFuzzer/* | ||
| fuzz/corpus | ||
| fuzz/out |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| repo: 9949429068caa6bb8827a8ceeaa7c605d722f47f | ||
| node: 127d10a77798396fdb659231040bb4b57ec16dc5 | ||
| branch: NSS_3_30_BRANCH | ||
| tag: NSS_3_30_1_RTM |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| syntax: glob | ||
| *~ | ||
| *OPT.OBJ/* | ||
| *DBG.OBJ/* | ||
| *DBG.OBJD/* | ||
| out/* | ||
| *.pyc | ||
| *.bak | ||
| *.out | ||
| *.rej | ||
| *.patch | ||
| GPATH | ||
| GRTAGS | ||
| GTAGS | ||
| #* | ||
| .#* | ||
| .ycm_extra_conf.py* | ||
| fuzz/libFuzzer/* | ||
| fuzz/corpus | ||
| fuzz/out |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| --- | ||
| version: 0 | ||
| metadata: | ||
| name: "NSS Continuous Integration" | ||
| description: "The Taskcluster task graph for the NSS tree" | ||
| owner: "[email protected]" | ||
| source: {{{source}}} | ||
|
|
||
| scopes: | ||
| # Note the below scopes are insecure however these get overriden on the server | ||
| # side to whatever scopes are set by mozilla-taskcluster. | ||
| - queue:* | ||
| - docker-worker:* | ||
| - scheduler:* | ||
|
|
||
| # Available mustache parameters (see the mozilla-taskcluster source): | ||
| # | ||
| # - owner: push user (email address) | ||
| # - source: URL of this YAML file | ||
| # - url: repository URL | ||
| # - project: alias for the destination repository (basename of | ||
| # the repo url) | ||
| # - level: SCM level of the destination repository | ||
| # (1 = try, 3 = core) | ||
| # - revision: (short) hg revision of the head of the push | ||
| # - revision_hash: (long) hg revision of the head of the push | ||
| # - comment: comment of the push | ||
| # - pushlog_id: id in the pushlog table of the repository | ||
| # | ||
| # and functions: | ||
| # - as_slugid: convert a label into a slugId | ||
| # - from_now: generate a timestamp at a fixed offset from now | ||
|
|
||
| tasks: | ||
| - taskId: '{{#as_slugid}}decision task{{/as_slugid}}' | ||
| reruns: 3 | ||
| task: | ||
| created: '{{now}}' | ||
| deadline: '{{#from_now}}1 day{{/from_now}}' | ||
| expires: '{{#from_now}}14 days{{/from_now}}' | ||
|
|
||
| metadata: | ||
| owner: [email protected] | ||
| source: {{{source}}} | ||
| name: "NSS Decision Task" | ||
| description: | | ||
| The task that creates all of the other tasks in the task graph | ||
| workerType: "hg-worker" | ||
| provisionerId: "aws-provisioner-v1" | ||
|
|
||
| tags: | ||
| createdForUser: {{owner}} | ||
|
|
||
| routes: | ||
| - "tc-treeherder-stage.v2.{{project}}.{{revision}}.{{pushlog_id}}" | ||
| - "tc-treeherder.v2.{{project}}.{{revision}}.{{pushlog_id}}" | ||
|
|
||
| payload: | ||
| image: ttaubert/nss-decision:0.0.2 | ||
|
|
||
| env: | ||
| TC_OWNER: {{owner}} | ||
| TC_SOURCE: {{{source}}} | ||
| TC_PROJECT: {{project}} | ||
| TC_COMMENT: '{{comment}}' | ||
| NSS_PUSHLOG_ID: '{{pushlog_id}}' | ||
| NSS_HEAD_REPOSITORY: '{{{url}}}' | ||
| NSS_HEAD_REVISION: '{{revision}}' | ||
|
|
||
| maxRunTime: 1800 | ||
|
|
||
| command: | ||
| - bash | ||
| - -cx | ||
| - > | ||
| bin/checkout.sh && | ||
| nss/automation/taskcluster/scripts/extend_task_graph.sh | ||
| features: | ||
| taskclusterProxy: true | ||
|
|
||
| extra: | ||
| treeherder: | ||
| symbol: D | ||
| build: | ||
| platform: nss-decision | ||
| machine: | ||
| platform: nss-decision |
Oops, something went wrong.