<feed xmlns='http://www.w3.org/2005/Atom'>
<title>ouroboros/src/irmd/oap/tests, branch be</title>
<subtitle>Ouroboros main repository</subtitle>
<id>http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be</id>
<link rel='self' href='http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be'/>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/'/>
<updated>2026-06-29T06:33:00+00:00</updated>
<entry>
<title>oap: Rename kex_config loaders to sec_config</title>
<updated>2026-06-29T06:33:00+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T12:18:38+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=4b16f7b9ba95f7e24ff443e5b215c2823c1387f7'/>
<id>urn:sha1:4b16f7b9ba95f7e24ff443e5b215c2823c1387f7</id>
<content type='text'>
Leftover from the kex_config-&gt;enc_config-&gt;sec_config rename. Finished
by renames load_kex_config and the cli/srv variants to
load_sec_config, the kcfg variables to scfg, and fixes the "KEX
config"/"encryption config" comments.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Harden OAP handshake and add cert-less re-key</title>
<updated>2026-06-29T06:33:00+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T12:07:00+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=55a8136859d82d9bdb8f85abb25290177ca7e561'/>
<id>urn:sha1:55a8136859d82d9bdb8f85abb25290177ca7e561</id>
<content type='text'>
Adds support for:

Server key confirmation: the session key is bound to the
negotiated algorithm via the HKDF info. The server returns a
key-confirmation tag (rsp_tag, replacing the bare request-hash echo),
so a cipher downgrade or key desync is detected. The cleartext path
keeps a request echo, compared in constant time.

Sealed server identity: AEAD-seal the certificate, signature and
piggybacked data in the encrypted response (kex and rsp_tag move
ahead as AAD), hiding the server identity and response sizes.

Cert-less re-key: let the client omit its certificate, verifying the
peer against the cached certificate. On PQC flows, ephemeral
server-encap KEX (preserving forward secrecy) is used, even if the
original flow allocation was client-encap.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Group sec_config authentication fields</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T11:18:35+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=a169a1cef5332a409efc2db07bcc1ae9b72f217e'/>
<id>urn:sha1:a169a1cef5332a409efc2db07bcc1ae9b72f217e</id>
<content type='text'>
Nest the flat req_auth and cacert members of struct sec_config into a
sub-struct a { req; cacert; }, keeping the authentication settings
together.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Bound the OAP replay cache</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T19:11:06+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=89807593faaa0472372fb267e12b03a2d6485805'/>
<id>urn:sha1:89807593faaa0472372fb267e12b03a2d6485805</id>
<content type='text'>
Replace the linked-list cache with three timestamp-generation hash
buckets, each capped at OAP_REPLAY_MAX entries.

A bucket is an open-addressed hash set whose slots count as live only
while slot.gen equals the bucket generation, so a stale bucket clears
in O(1) by bumping its generation instead of being scanned and pruned.

On overflow the cache fails closed - it rejects the header rather than
evicting the oldest entry. Under flood, dropping a genuine entry would
let that header be replayed, so refusing new entries is the safer
degradation than evict-oldest (fail-open) behaviour.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Add issuer and digest pinning to OAP</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T17:34:27+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=977bcac2d56a8793ed93b4aac7016ef36b51a07f'/>
<id>urn:sha1:977bcac2d56a8793ed93b4aac7016ef36b51a07f</id>
<content type='text'>
A peer certificate that verifies against the CA store could have
been issued by any trusted CA, and a peer could pick any supported
digest for its signature. Tighten the authentication contract with
two local policies.

cacert= pins the issuing CA: a peer certificate, if presented, must
chain through the pinned CA. Whether a certificate is mandatory at
all remains controlled by auth= alone.

digest= now also pins the signature digest: a classical peer must sign
with the locally configured digest, and may not omit the digest NID to
fall back to the key's default digest. PQC signatures (ML-DSA,
SLH-DSA) have an intrinsic digest and may be NID_undef.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Specify peer authentication contract</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-11T10:03:14+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=67c55d5869d5473e5139614637f31ea37746181d'/>
<id>urn:sha1:67c55d5869d5473e5139614637f31ea37746181d</id>
<content type='text'>
OAP accepted requests and responses without a certificate even when
the peer was expected to authenticate. An on-path attacker could
strip the certificate and signature from a flow allocation response
and substitute its own key exchange, silently downgrading the
handshake to unauthenticated.

Add an auth=required|optional policy to enc.conf, enforced per role: a
client config requires the server to present a valid certificate, a
server config requires the same from the client. Default is required
for client side (https), optional server side. The client side default
can be changed via OAP_CLIENT_AUTH_DEFAULT for testing.

Replace the bare 'none' keyword with encryption=none, which disables
encryption only: the digest and the authentication policy are kept, so
authenticated but unencrypted flows can be configured. Configs using
bare 'none' are now rejected.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Drop replayed flow alloc requests</title>
<updated>2026-05-20T06:17:05+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-05-01T21:41:49+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=2ddcad3989cd8d2314453ed31ff43e122118663f'/>
<id>urn:sha1:2ddcad3989cd8d2314453ed31ff43e122118663f</id>
<content type='text'>
A duplicating link could deliver the same alloc request twice.
OAP detected the replay but still replied over the wire, so the
requester saw a second flow_alloc_reply on an already-allocated
flow and reg_respond_alloc tripped its PENDING-state assertion.

Add EREPLAY so the OAP server can signal replays distinctly;
flow_accept drops them silently. As a safety net, reg_respond_alloc
warn-drops late replies instead of asserting.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Fix missing cleanup in authentication path</title>
<updated>2026-03-14T10:23:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-03-03T08:00:18+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=369d1c90453be23270a30229cbf4f731e4080407'/>
<id>urn:sha1:369d1c90453be23270a30229cbf4f731e4080407</id>
<content type='text'>
When auth_verify_crt fails (e.g., missing root CA),
crypt_get_pubkey_crt has already allocated pk but only crt was freed.

Adds a crypt_cleanup() function to wrap OpenSSL_cleanup(), as OpenSSL
lazily initializes a global decoder/provider registry the first time
PEM_read_bio or OSSL_DECODER_CTX_new_for_pkey is called, and this
leaves some memory owned by OpenSSL that triggers the leak sanitizer.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Add tests for missing root CA</title>
<updated>2026-03-14T10:23:18+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-03-02T23:19:05+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=4ec416e77395df1cccee39a57a826ff751cbecd7'/>
<id>urn:sha1:4ec416e77395df1cccee39a57a826ff751cbecd7</id>
<content type='text'>
This adds authentication tests to verify flows are rejected with a
missing root CA certificate in the store. Also adds one for the OAP
protocol.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>build: Update copyright to 2026</title>
<updated>2026-02-18T06:54:56+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-02-15T09:21:02+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=0d72b59c2964208ea34ce2322978344d7ff1a223'/>
<id>urn:sha1:0d72b59c2964208ea34ce2322978344d7ff1a223</id>
<content type='text'>
Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
</feed>
