Ouroboros main repository http://www.ouroboros.rocks/cgit/ouroboros/atom?h=master 2026-02-18T06:53:35+00:00 2026-02-18T06:53:35+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-17T21:37:39+00:00 urn:sha1:040bdfb18684d809cb5edacf9867d3378b7e093b This replaces the single HAVE_OPENSSL_PQC/DISABLE_PQC with per-algorithm CMake variables (ML-KEM, ML-DSA, SLH-DSA), gated by the OpenSSL versions: ML-KEM and ML-DSA require >= 3.4, SLH-DSA >= 3.5. SLH-DSA was already working, but now added explicit authentication tests for it with a full certificate chain (root CA, intermediate CA, server) to show full support. Rename PQC test files and cert headers to use algorithm-specific names (ml_kem, ml_dsa, slh_dsa) and move cert headers to include/test/certs/. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-13T08:22:29+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-02T21:50:17+00:00 urn:sha1:3796f6b04b5fce183e5480b57725545cda033f99 This moves the build definitions back to src/ subdirectories (CMakeLists.txt per component). Configuration and dependencies are kept out of tree. Configuration options are bundled into cmake/config/ modules. Dependencies are grouped by component (system/, crypt/, eth/, coverage/, etc.). It now consistently uses target-based commands (target_include_directories, target_link_libraries) instead of global include_directories(). Proper PRIVATE/PUBLIC visibility for executable link libraries. CONFIG_OUROBOROS_DEBUG now properly set based on being a valid debug config (not just checking the string name). It also adds OuroborosTargets export for find_package() support and CMake package config files (OuroborosConfig.cmake) for easier integration with CMake projects. The build logic now follows more idiomatic CMake practices with configuration separated from target definitions. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-26T06:50:33+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-01-20T21:25:41+00:00 urn:sha1:0ca48453a067c7862f0bb6b85f152da826f59af7 This is a first step towards the Secure Shared Memory (SSM) infrastructure for Ouroboros, which will allow proper resource separation for non-privileged processes. This replaces the rdrbuff (random-deletion ring buffer) PoC allocator with a sharded slab allocator for the packet buffer pool to avoid the head-of-line blocking behaviour of the rdrb and reduce lock contention in multi-process scenarios. Each size class contains multiple independent shards, allowing parallel allocations without blocking. - Configurable shard count per size class (default: 4, set via SSM_POOL_SHARDS in CMake). The configured number of blocks are spread over the number of shards. As an example: SSM_POOL_512_BLOCKS = 768 blocks total These 768 blocks are shared among 4 shards (not 768 × 4 = 3072 blocks) - Lazy block distribution: all blocks initially reside in shard 0 and naturally migrate to process-local shards upon first allocation and subsequent free operations - Fallback with work stealing: processes attempt allocation from their local shard (pid % SSM_POOL_SHARDS) first, then steal from other shards if local is exhausted, eliminating fragmentation while maintaining low contention - Round-robin condvar signaling: blocking allocations cycle through all shard condition variables to ensure fairness - Blocks freed to allocator's shard: uses allocator_pid to determine target shard, enabling natural load balancing as process allocation patterns stabilize over time Maintains existing robust mutex semantics including EOWNERDEAD handling for dead process recovery. Internal structures exposed in ssm.h for testing purposes. Adds some tests (pool_test, pool_sharding_test.c. etc) verifying lazy distribution, migration, fallback stealing, and multiprocess behavior. Updates the ring buffer (rbuff) to use relaxed/acquire/release ordering on atomic indices. The ring buffer requires the (robust) mutex to ensure cross-structure synchronization between pool buffer writes and ring buffer index publication. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-26T06:47:51+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-01-23T17:45:34+00:00 urn:sha1:f60b67a6fcbed7329f7d27511e8c572dc252934e The tests were not correct as the library was compiled with the default 1 << 20 epoch. Added a parametere to the sk configuration that specifies the epoch size. Set to 1 << KEY_ROTATION_BIT in dev.c, but lowered to 7 in unit tests. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-23T07:30:11+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-01-22T22:11:58+00:00 urn:sha1:a5d9c04f821b72e27f196ff2015078f87d4d9a5e Implement forward-secret key rotation using HKDF key derivation. The operation is based on QUIC RFC 9001 and wireguard. Keys rotate every 2^KEY_ROTATION_BIT packets, with the current phase (P) signaled via controlling a bit in the IV (bit 7, first bit on the wire). Default 20 (1M packets). The wire format, after the DT header is: [ P | random IV ][ encrypted blob ][ AEAD tag ] Works with and without retransmission, and the FRCT header is fully contained in the encrypted blob if used. The receiver detects phase changes and rotates accordingly, keeping the previous key valid during a grace period. This handles packet reordering in unreliable flows: the 3/4 period protection window prevents premature rotation when late packets arrive, while the 1/2 period grace window ensures the old key remains available for decryption. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-19T07:29:29+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-01-07T15:44:34+00:00 urn:sha1:60b04305d70614580b4f883c0a147507edef3779 This adds initial support for runtime-configurable encryption and post-quantum Key Encapsulation Mechanisms (KEMs) and authentication (ML-DSA). Supported key exchange algorithms: ECDH: prime256v1, secp384r1, secp521r1, X25519, X448 Finite Field DH: ffdhe2048, ffdhe3072, ffdhe4096 ML-KEM (FIPS 203): ML-KEM-512, ML-KEM-768, ML-KEM-1024 Hybrid KEMs: X25519MLKEM768, X448MLKEM1024 Supported ciphers: AEAD: aes-128-gcm, aes-192-gcm, aes-256-gcm, chacha20-poly1305 CTR: aes-128-ctr, aes-192-ctr, aes-256-ctr Supported HKDFs: sha256, sha384, sha512, sha3-256, sha3-384, sha3-512, blake2b512, blake2s256 Supported Digests for DSA: sha256, sha384, sha512, sha3-256, sha3-384, sha3-512, blake2b512, blake2s256 PQC support requires OpenSSL 3.4.0+ and is detected automatically via CMake. A DISABLE_PQC option allows building without PQC even when available. KEMs differ from traditional DH in that they require asymmetric roles: one party encapsulates to the other's public key. This creates a coordination problem during simultaneous reconnection attempts. The kem_mode configuration parameter resolves this by pre-assigning roles: kem_mode=server # Server encapsulates (1-RTT, full forward secrecy) kem_mode=client # Client encapsulates (0-RTT, cached server key) The enc.conf file format supports: kex=<algorithm> # Key exchange algorithm cipher=<algorithm> # Symmetric cipher kdf=<KDF> # Key derivation function digest=<digest> # Digest for DSA kem_mode=<mode> # Server (default) or client none # Disable encryption The OAP protocol is extended to negotiate algorithms and exchange KEX data. All KEX messages are signed using existing authentication infrastructure for integrity and replay protection. Tests are split into base and _pqc variants to handle conditional PQC compilation (kex_test.c/kex_test_pqc.c, oap_test.c/oap_test_pqc.c). Bumped minimum required OpenSSL version for encryption to 3.0 (required for HKDF API). 1.1.1 is long time EOL. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-19T07:14:55+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-01-14T00:07:53+00:00 urn:sha1:8aa6ab4d29df80adde0d512244d43d38264bf32e The test output is a bit polluted with logs originating fomr the logging system, e.g.: 23: test_bind_prog started. 23: ==16636== reg/name(DB): Add prog reg_test to name testname. 23: ==16636== reg(EE): Removing from names. 23: test_bind_prog succeeded. This adds a flag DISABLE_TEST_LOGGING that suppresses log_* output in tests to keep them clean: 23: test_bind_prog started. 23: test_bind_prog succeeded. The status is printed in CMake output: -- Ouroboros logging in test output disabled -- Ouroboros logging in test output enabled By default the flag is ON (clean test output). Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-01-07T09:00:06+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2025-12-23T10:59:45+00:00 urn:sha1:48c294105f5123dc876fbad199ec1e0166d82a18 This moves the CMake build logic out of the source tree and splits it up into a more modular form. The tests now have a CMakeLists.txt file in their respective source directory. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2025-11-21T07:21:38+00:00 Thijs Paelman thijs@ouroboros.rocks 2025-10-20T17:58:01+00:00 urn:sha1:e54be25b524316006d7a36893c8847d438df06e5 This intermediate target only builds all the tests, it doesn't run them. It is added for clarifying the different steps involved in testing. The 'check' target still builds AND runs the tests as before. Signed-off-by: Thijs Paelman <thijs@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2025-11-07T07:36:20+00:00 Thijs Paelman thijs@ouroboros.rocks 2025-11-04T12:35:52+00:00 urn:sha1:535fba02cd27020f9c64dcbe4e97584a145816d4 When BUILD_TESTING=ON, then the default 'all' target will now build also the tests. This behaviour could be controlled by an extra variable (see https://stackoverflow.com/a/42235335), but this increases complexity without many benefits. Signed-off-by: Thijs Paelman <thijs@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>