ouroboros/src/lib, branch be

lib: Rename ssm_pk_buff_get_idx to ssm_pk_buff_get_off

2026-05-06T07:06:04+00:00

The shared memory pool is now offset based instead of block index-based like the old shm_rdrbuff allocator. This renames the API more consistently. Also changes variables names to off instead of idx for consistency. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix pool_copy_spb and np1_flow_write

2026-05-06T07:05:58+00:00

The pool_copy_spb function was consuming the packet buffer on error, causing double free errors. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix and clean up crc implementation

2026-05-06T07:05:08+00:00

Fixes detection of PMULL on aarch64 without crypto extensions. Adds a crc64_nvme_step helper function in CRC64 to avoid code duplication and cleans up the comments. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Move CRC implementations to a subfolder

2026-05-06T07:05:02+00:00

Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Add CRC-8 and CRC-16 checksums

2026-05-06T07:04:48+00:00

These checksum will be handy for header checksums. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Add CRC-64/NVMe checksum

2026-05-06T07:04:41+00:00

Add CRC-64/NVMe implementation with compile-time hardware backend selection: x86 PCLMUL+SSE4.1 fold-by-16 (HAVE_PCLMUL) aarch64 PMULL fold-by-16 when (HAVE_PMULL) and a byte-table fallback. It's added as HASH_CRC64 to enum hash_algo (in the internal-use-only section after HASH_MD5). Both mem_hash() and hash_len() early-return for HASH_CRC64 because libgcrypt has no CRC-64/NVMe. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

cmake: Add CPU feature detection helper

2026-05-06T07:04:22+00:00

Add cmake/utils/CPUUtils.cmake providing detect_cpu_feature() plus detect_pclmul() and detect_pmull() that compile-test for x86 PCLMULQDQ+SSE4.1 and aarch64 FEAT_PMULL respectively. This will be useful for hardware accelerated CRC64/NVMe integrity checks. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix certificate DER encoding and key buffers

2026-03-14T10:23:59+00:00

i2d_X509() allocated buf->data via OPENSSL_malloc(), but callers free it with freebuf() which uses free(). Fix by allocating with malloc() and encoding directly into the buffer. Also replaces MSGBUFSZ with CRYPT_KEY_BUFSZ (4096) for key material buffers and removes leftover debug logging. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix initialization when listing names

2026-03-14T10:23:52+00:00

Now uses calloc to zero the previously uninitialized security path fields. Also fixes a check in protobuf.c Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

lib: Fix missing cleanup in authentication path

2026-03-14T10:23:24+00:00

When auth_verify_crt fails (e.g., missing root CA), crypt_get_pubkey_crt has already allocated pk but only crt was freed. Adds a crypt_cleanup() function to wrap OpenSSL_cleanup(), as OpenSSL lazily initializes a global decoder/provider registry the first time PEM_read_bio or OSSL_DECODER_CTX_new_for_pkey is called, and this leaves some memory owned by OpenSSL that triggers the leak sanitizer. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders