<feed xmlns='http://www.w3.org/2005/Atom'>
<title>ouroboros/src/lib/tests, branch be</title>
<subtitle>Ouroboros main repository</subtitle>
<id>http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be</id>
<link rel='self' href='http://www.ouroboros.rocks/cgit/ouroboros/atom?h=be'/>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/'/>
<updated>2026-07-08T09:02:24+00:00</updated>
<entry>
<title>lib: Separate rekey replay from epoch conflict</title>
<updated>2026-07-08T09:02:24+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-02T17:05:25+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=942e4c64ad03e537a77366c6bf1309241b71f1e8'/>
<id>urn:sha1:942e4c64ad03e537a77366c6bf1309241b71f1e8</id>
<content type='text'>
keyrot_rekey() treated any re-key attempt against a live epoch
(current or previous) the same way, whether the offered root key
matched the live one (a replay) or was genuinely different (a
conflict). Compare the offered key against the live batch's root
and return -EREPLAY for a match, keeping -1/-ECRYPT for an actual
conflict, so callers can handle replayed re-keys distinctly from
real ones.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Harden crypto unit tests</title>
<updated>2026-07-08T09:02:23+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-01T23:12:51+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=92258b43691a7c8fa420941a4d3b3f870e05d55f'/>
<id>urn:sha1:92258b43691a7c8fa420941a4d3b3f870e05d55f</id>
<content type='text'>
Stop the non-OpenSSL runners from masking a real failure as SKIP by
only downgrading to SKIP if they passed.

Fix a stray call that ran test_kex_dhe_wrong_algo in the skip branch.

Fix double free + free of an uninitialised pointer in test_store_add.

Test that a KDF- less derive must fail.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Reject re-key to a live epoch</title>
<updated>2026-07-08T09:02:23+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-01T23:03:45+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=a16482e4d85394314553c27afcc37c0036b6d506'/>
<id>urn:sha1:a16482e4d85394314553c27afcc37c0036b6d506</id>
<content type='text'>
A re-key epoch arrives from the peer, so we need to reject duplicates
to avoid two batches sharing a wire epoch with different keys.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>build: Fix OpenSSL version check for PQC</title>
<updated>2026-07-08T09:02:12+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-07-01T22:57:58+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=2f9fdfa5ae2749f10d9ebc805e388ab9962d9faa'/>
<id>urn:sha1:2f9fdfa5ae2749f10d9ebc805e388ab9962d9faa</id>
<content type='text'>
ML-KEM, ML-DSA and SLH-DSA all landed in OpenSSL 3.5.0, not 3.4.0.

ML-KEM+ML-DSA and SLH-DSA can be disabled by DISABLE_ML / DISABLE_SLH.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Group sec_config authentication fields</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T11:18:35+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=a169a1cef5332a409efc2db07bcc1ae9b72f217e'/>
<id>urn:sha1:a169a1cef5332a409efc2db07bcc1ae9b72f217e</id>
<content type='text'>
Nest the flat req_auth and cacert members of struct sec_config into a
sub-struct a { req; cacert; }, keeping the authentication settings
together.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Harden OpenSSL crypto backend</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T10:55:17+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=8499436b4673ac2e2026879a95d97162ba2e8cbc'/>
<id>urn:sha1:8499436b4673ac2e2026879a95d97162ba2e8cbc</id>
<content type='text'>
This contains a few improvements and fixes in the OpenSSL backed. We
now zeroize shared secrets with OPENSSL_clear_free. The i2d_PUBKEY
output is bound against CRYPT_KEY_BUFSZ. We now return NULL rather
than silently falling back to SHA-256 when a digest is unknown. FILE
handles are now closed via pthread cleanup so a cancelled thread
cannot leak them. The DHE kex tests now set the KDF NID explicitly,
since the SHA-256 fallback is gone.

Also refactors the PEM string loaders to clean up some code duplication.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Add MurmurHash3 hash_mix64 for hash tables</title>
<updated>2026-06-29T06:32:59+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-21T10:38:06+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=b46359c11b879d610997eb1e9069e943e19c4244'/>
<id>urn:sha1:b46359c11b879d610997eb1e9069e943e19c4244</id>
<content type='text'>
Adds a (non-cryptographic) MurmurHash3 fmix64 finalizer for hashing an
integer key to a table index, replacing the MD5-based bucket hashing
in the pft.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>lib: Harden symmetric-key rotation</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-13T08:18:17+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=22e2380b09730a2f18deefd688585edb430d3299'/>
<id>urn:sha1:22e2380b09730a2f18deefd688585edb430d3299</id>
<content type='text'>
Flow crypto signalled rotation with a single phase-parity bit, so a
loss burst that hid an even number of rotations went unnoticed and
wedged the flow for good.

Each packet now carries a small cleartext selector naming its key
directly, so a receiver that falls behind recovers on the next packet
instead of getting stuck.

The selector also serves as the AEAD nonce and is authenticated as
associated data (AAD). Key rotation moves into a new backend-agnostic
keyrot module that rotates sub-keys to bound AEAD usage while
preserving forward secrecy.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Reject OAP peer crt with unusable CN</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T18:26:27+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=dce27129b74f906e0d1c086858f360228d5cbc83'/>
<id>urn:sha1:dce27129b74f906e0d1c086858f360228d5cbc83</id>
<content type='text'>
Added checks for CN &gt; NAME_SIZE.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
<entry>
<title>irmd: Add issuer and digest pinning to OAP</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-12T17:34:27+00:00</published>
<link rel='alternate' type='text/html' href='http://www.ouroboros.rocks/cgit/ouroboros/commit/?id=977bcac2d56a8793ed93b4aac7016ef36b51a07f'/>
<id>urn:sha1:977bcac2d56a8793ed93b4aac7016ef36b51a07f</id>
<content type='text'>
A peer certificate that verifies against the CA store could have
been issued by any trusted CA, and a peer could pick any supported
digest for its signature. Tighten the authentication contract with
two local policies.

cacert= pins the issuing CA: a peer certificate, if presented, must
chain through the pinned CA. Whether a certificate is mandatory at
all remains controlled by auth= alone.

digest= now also pins the signature digest: a classical peer must sign
with the locally configured digest, and may not omit the digest NID to
fall back to the key's default digest. PQC signatures (ML-DSA,
SLH-DSA) have an intrinsic digest and may be NID_undef.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
</feed>
