<feed xmlns='http://www.w3.org/2005/Atom'>
<title>ouroboros/src/irmd/oap, branch be</title>
<subtitle>Ouroboros main repository</subtitle>
<id>http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be</id>
<link rel='self' href='http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be'/>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/'/>
<updated>2026-06-29T06:33:00+00:00</updated>
<entry>
<title>oap: Rename kex_config loaders to sec_config</title>
<updated>2026-06-29T06:33:00+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T12:18:38+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=4b16f7b9ba95f7e24ff443e5b215c2823c1387f7'/>
<id>urn:sha1:4b16f7b9ba95f7e24ff443e5b215c2823c1387f7</id>
<content type='text'>
Leftover from the kex_config-&gt;enc_config-&gt;sec_config rename. Finished
by renames load_kex_config and the cli/srv variants to
load_sec_config, the kcfg variables to scfg, and fixes the "KEX
config"/"encryption config" comments.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Harden OAP handshake and add cert-less re-key</title>
<updated>2026-06-29T06:33:00+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T12:07:00+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=55a8136859d82d9bdb8f85abb25290177ca7e561'/>
<id>urn:sha1:55a8136859d82d9bdb8f85abb25290177ca7e561</id>
<content type='text'>
Adds support for:

Server key confirmation: the session key is bound to the
negotiated algorithm via the HKDF info. The server returns a
key-confirmation tag (rsp_tag, replacing the bare request-hash echo),
so a cipher downgrade or key desync is detected. The cleartext path
keeps a request echo, compared in constant time.

Sealed server identity: AEAD-seal the certificate, signature and
piggybacked data in the encrypted response (kex and rsp_tag move
ahead as AAD), hiding the server identity and response sizes.

Cert-less re-key: let the client omit its certificate, verifying the
peer against the cached certificate. On PQC flows, ephemeral
server-encap KEX (preserving forward secrecy) is used, even if the
original flow allocation was client-encap.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Reject unsupported OAP kex and cipher</title>
<updated>2026-06-29T06:33:00+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T11:58:39+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=552a4c4469db1cedacc02eb4f9969afe73e0fb42'/>
<id>urn:sha1:552a4c4469db1cedacc02eb4f9969afe73e0fb42</id>
<content type='text'>
Validate the configured key exchange and cipher against the supported
ranks (returning ENOTSUP) instead of only rejecting an undefined
cipher NID, so an unsupported algorithm is caught at config load.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Group sec_config authentication fields</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T11:18:35+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=a169a1cef5332a409efc2db07bcc1ae9b72f217e'/>
<id>urn:sha1:a169a1cef5332a409efc2db07bcc1ae9b72f217e</id>
<content type='text'>
Nest the flat req_auth and cacert members of struct sec_config into a
sub-struct a { req; cacert; }, keeping the authentication settings
together.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>config: Rename enc.conf to sec.conf</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T11:03:36+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=47034834790e778f28b082842b3ed1c7bd44f29a'/>
<id>urn:sha1:47034834790e778f28b082842b3ed1c7bd44f29a</id>
<content type='text'>
The per-name config file holds more than encryption settings (KEX,
cipher, KDF, peer authentication), so renamed it from enc.conf to
sec.conf and the code internals to match.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Fail OAP config load on read errors</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T19:19:25+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=df14e6cc81c296d91e9124cd09f25a83defb522f'/>
<id>urn:sha1:df14e6cc81c296d91e9124cd09f25a83defb522f</id>
<content type='text'>
load_sec_config_file() treated any fopen() failure as an absent
config and silently disabled encryption.

file_exists() similarly lumped non-ENOENT stat() errors in with
"present".

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Bound the OAP replay cache</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T19:11:06+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=89807593faaa0472372fb267e12b03a2d6485805'/>
<id>urn:sha1:89807593faaa0472372fb267e12b03a2d6485805</id>
<content type='text'>
Replace the linked-list cache with three timestamp-generation hash
buckets, each capped at OAP_REPLAY_MAX entries.

A bucket is an open-addressed hash set whose slots count as live only
while slot.gen equals the bucket generation, so a stale bucket clears
in O(1) by bumping its generation instead of being scanned and pruned.

On overflow the cache fails closed - it rejects the header rather than
evicting the oldest entry. Under flood, dropping a genuine entry would
let that header be replayed, so refusing new entries is the safer
degradation than evict-oldest (fail-open) behaviour.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Reject OAP peer crt with unusable CN</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T18:26:27+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=dce27129b74f906e0d1c086858f360228d5cbc83'/>
<id>urn:sha1:dce27129b74f906e0d1c086858f360228d5cbc83</id>
<content type='text'>
Added checks for CN &gt; NAME_SIZE.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Add issuer and digest pinning to OAP</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T17:34:27+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=977bcac2d56a8793ed93b4aac7016ef36b51a07f'/>
<id>urn:sha1:977bcac2d56a8793ed93b4aac7016ef36b51a07f</id>
<content type='text'>
A peer certificate that verifies against the CA store could have
been issued by any trusted CA, and a peer could pick any supported
digest for its signature. Tighten the authentication contract with
two local policies.

cacert= pins the issuing CA: a peer certificate, if presented, must
chain through the pinned CA. Whether a certificate is mandatory at
all remains controlled by auth= alone.

digest= now also pins the signature digest: a classical peer must sign
with the locally configured digest, and may not omit the digest NID to
fall back to the key's default digest. PQC signatures (ML-DSA,
SLH-DSA) have an intrinsic digest and may be NID_undef.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Specify peer authentication contract</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-11T10:03:14+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=67c55d5869d5473e5139614637f31ea37746181d'/>
<id>urn:sha1:67c55d5869d5473e5139614637f31ea37746181d</id>
<content type='text'>
OAP accepted requests and responses without a certificate even when
the peer was expected to authenticate. An on-path attacker could
strip the certificate and signature from a flow allocation response
and substitute its own key exchange, silently downgrading the
handshake to unauthenticated.

Add an auth=required|optional policy to enc.conf, enforced per role: a
client config requires the server to present a valid certificate, a
server config requires the same from the client. Default is required
for client side (https), optional server side. The client side default
can be changed via OAP_CLIENT_AUTH_DEFAULT for testing.

Replace the bare 'none' keyword with encryption=none, which disables
encryption only: the digest and the authentication policy are kept, so
authenticated but unencrypted flows can be configured. Configs using
bare 'none' are now rejected.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
</feed>
