Austria
From Armin Preiml to ~sircmpwn/hare-dev
Pushed
From Armin Preiml to ~apreiml/hare-tls
Six months have already passed since the last update so I guess it's time for another one. Since then the elliptic curve crypto patches have been merged upstream. With that I've implemented signature support for the newly added curves (p256, p384, p521) in the x509 module. Besides that I've also worked on the RSA PSS signature support, which is the last missing mandatory signature algorithm as defined in the TLS 1.3 RFC 8446. A patch has been send upstream, which is pending for review. Meanwhile the work here continues on the rsa-pss branch, until the patch is accepted. The openssl s_server is now used for testing, which allows me to more
From Armin Preiml to ~sircmpwn/himitsu-devel
I'm not in favor of introducing multiline field support into hiq, since it breaks the query format once applied. Multiline values do not play well with other unix tools. There are some other cases this can fail easily: * When the value contains already an "\0" before adding it as a multiline value, it will introduce another unintended line break. * When your query returns more than one entry with a multiline value You won't be able to tell where one begins and the next one stops. Also how can one store an entry with more than one multiline fields? The intended way to store values, that contain control characters, is to
From Armin Preiml to ~sircmpwn/hare-dev
On 29.08.24 19:19, Roland Paterson-Jones wrote: > Yup, I'm pretty sure - the above sporadic failure run was definitely > without any other interference (including switching off wifi and > closing everything else; I was getting perf stats). I kinda suspect > hardware issues (again) but the sporadic nature of the failure under > the same conditions is (still) confusing. Random failure is very strange indeed, since this is a deterministic algorithm. I'd bet that maybe the memory allocation sometimes fails in between. But this is just a wild guess.
From Armin Preiml to ~sircmpwn/hare-dev
Signed-off-by: Armin Preiml <apreiml@strohwolke.at> --- v2: make the linter happy crypto/rsa/+test/pss_test.ha | 133 +++++++++++++++++++++++ crypto/rsa/pss.ha | 203 +++++++++++++++++++++++++++++++++++ 2 files changed, 336 insertions(+) create mode 100644 crypto/rsa/+test/pss_test.ha create mode 100644 crypto/rsa/pss.ha diff --git a/crypto/rsa/+test/pss_test.ha b/crypto/rsa/+test/pss_test.ha new file mode 100644 index 00000000..fa04fa11 [message trimmed]
From Armin Preiml to ~sircmpwn/hare-dev
Signed-off-by: Armin Preiml <apreiml@strohwolke.at> --- This is afaik the last remaining signature algorithm that is required for basic TLS 1.3. crypto/rsa/+test/pss_test.ha | 134 +++++++++++++++++++++++ crypto/rsa/pss.ha | 203 +++++++++++++++++++++++++++++++++++ 2 files changed, 337 insertions(+) create mode 100644 crypto/rsa/+test/pss_test.ha create mode 100644 crypto/rsa/pss.ha diff --git a/crypto/rsa/+test/pss_test.ha b/crypto/rsa/+test/pss_test.ha new file mode 100644 [message trimmed]
From Armin Preiml to ~sircmpwn/hare-rfc
I really like this approach. Good Idea! On 8/12/24 3:53 AM, Sebastian wrote: > fmt::error("Error: "): void; > write_error(os::stderr, err): void; > fmt::fatal(); // print newline + terminate Can fmt be extended to allow such an error function to be passed as formattable argument so that the following would be possible? fmt::fatal("Error:", &write_error); fmt::fatalf("Error: {}", &write_error);
From Armin Preiml to ~sircmpwn/hare-dev
to catch accidental breakages or format changes during build. Signed-off-by: Armin Preiml <apreiml@strohwolke.at> --- ecs: thanks for the hint. It's way cleaner this way. .builds/alpine.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.builds/alpine.yml b/.builds/alpine.yml index b9c95cce..6e5b9a3d 100644 --- a/.builds/alpine.yml +++ b/.builds/alpine.yml [message trimmed]
From Armin Preiml to ~sircmpwn/hare-dev
to catch accidental breakages or format changes during build. Signed-off-by: Armin Preiml <apreiml@strohwolke.at> --- .builds/alpine.yml | 3 +++ scripts/test-genoiddb | 6 ++++++ 2 files changed, 9 insertions(+) create mode 100755 scripts/test-genoiddb diff --git a/.builds/alpine.yml b/.builds/alpine.yml index b9c95cce..1c484fde 100644 --- a/.builds/alpine.yml +++ b/.builds/alpine.yml @@ -60,6 +60,9 @@ tasks: [message trimmed]
From Armin Preiml to ~sircmpwn/hare-dev
This allows looking up oids in generated databases with haredoc. Signed-off-by: Armin Preiml <apreiml@strohwolke.at> --- v2: rebased on top of the genoiddb bugfix cmd/genoiddb/main.ha | 9 ++- encoding/asn1/stdoid/README | 5 ++ encoding/asn1/stdoid/db.ha | 123 ++++++++++++++++++++++++++++++++++++ 3 files changed, 135 insertions(+), 2 deletions(-) create mode 100644 encoding/asn1/stdoid/README diff --git a/cmd/genoiddb/main.ha b/cmd/genoiddb/main.ha index 7f0027dd..95f3eb4d 100644 [message trimmed]