Differential D101050

Bug 1681585 - Add ECH support to selfserv.
ClosedPublic
Actions

Authored by kjacobs on Jan 7 2021, 7:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 24, 10:00 PM
Unknown Object (File)
Tue, Nov 4, 2:50 PM
Unknown Object (File)
Oct 18 2025, 9:33 AM
Unknown Object (File)
Sep 18 2025, 2:42 PM
Unknown Object (File)
Aug 7 2025, 2:41 AM
Unknown Object (File)
Aug 6 2025, 12:19 AM
Unknown Object (File)
Aug 4 2025, 6:09 PM
Unknown Object (File)
Jul 26 2025, 9:37 AM
View All Files
Subscribers
None

Details

Reviewers
mt
Commits
rNSS92dcda94c1d4: Bug 1681585 - Add ECH support to selfserv. r=mt
Bugzilla Bug ID
1681585
Summary

Usage example:
mkdir dbdir && cd dbdir
certutil -N -d .
certutil -S -s "CN=ech-public.com" -n ech-public.com -x -t "C,C,C" -m 1234 -d .
certutil -S -s "CN=ech-private-backend.com" -n ech-private-backend.com -x -t "C,C,C" -m 2345 -d .
../dist/Debug/bin/selfserv -a ech-public.com -a ech-private-backend.com -n ech-public.com -n ech-private-backend.com -p 8443 -d dbdir/ -X publicname:ech-public.com
(Copy echconfig from selfserv output and paste into the below command)
../dist/Debug/bin/tstclnt -D -p 8443 -v -A tests/ssl/sslreq.dat -h ech-private-backend.com -o -N <echconfig> -v

Diff Detail

Repository
rNSS nss
Branch
default

Event Timeline

kjacobs created this revision.Jan 7 2021, 7:18 PM
Herald added a project: secure-revision. · View Herald TranscriptJan 7 2021, 7:18 PM
Harbormaster completed remote builds in B274569: Diff 383867.Jan 7 2021, 7:18 PM
phab-bot published this revision for review.Jan 7 2021, 7:18 PM
phab-bot changed the visibility from "Custom Policy" to "Public (No Login Required)".
phab-bot changed the edit policy from "Custom Policy" to "Restricted Project (Project)".
phab-bot removed a project: secure-revision.
kjacobs updated this revision to Diff 385407.Jan 12 2021, 5:46 PM
kjacobs edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B275889: Diff 385407.Jan 12 2021, 5:46 PM
kjacobs updated this revision to Diff 385408.Jan 12 2021, 5:47 PM
Harbormaster completed remote builds in B275890: Diff 385408.Jan 12 2021, 5:47 PM
kjacobs added a reviewer: mt.Jan 12 2021, 5:48 PM
kjacobs planned changes to this revision.Jan 12 2021, 8:41 PM

For the interop runner, we need to take the HPKE keypair and echconfigs as input rather than generating them. I'm going to revise this accordingly.

kjacobs updated this revision to Diff 387412.Jan 16 2021, 12:41 AM
kjacobs edited the summary of this revision. (Show Details)
Harbormaster completed remote builds in B277511: Diff 387412.Jan 16 2021, 12:41 AM
mt accepted this revision.Jan 17 2021, 10:34 PM
This revision is now accepted and ready to land.Jan 17 2021, 10:34 PM
Closed by commit rNSS92dcda94c1d4: Bug 1681585 - Add ECH support to selfserv. r=mt (authored by kjacobs). · Explain WhyJan 25 2021, 5:52 PM
This revision was automatically updated to reflect the committed changes.
kjacobs added a commit: rNSS92dcda94c1d4: Bug 1681585 - Add ECH support to selfserv. r=mt.

Revision Contents
Changeset List

PathSize
cmd/
selfserv/
111 lines

Diff 385407

View Options

cmd/selfserv/selfserv.c

Loading...
Privacy · Cookies · Legal