| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement forward-secret key rotation using HKDF key derivation. The
operation is based on QUIC RFC 9001 and wireguard.
Keys rotate every 2^KEY_ROTATION_BIT packets, with the current phase
(P) signaled via controlling a bit in the IV (bit 7, first bit on the
wire). Default 20 (1M packets).
The wire format, after the DT header is:
[ P | random IV ][ encrypted blob ][ AEAD tag ]
Works with and without retransmission, and the FRCT header is fully
contained in the encrypted blob if used.
The receiver detects phase changes and rotates accordingly, keeping
the previous key valid during a grace period. This handles packet
reordering in unreliable flows: the 3/4 period protection window
prevents premature rotation when late packets arrive, while the
1/2 period grace window ensures the old key remains available for
decryption.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
This adds a BUILD_CONTAINER option that disables some features that
require elevated privileges like setting thread priorities, which
might not be supported in docker environments.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds initial support for runtime-configurable encryption and
post-quantum Key Encapsulation Mechanisms (KEMs) and authentication
(ML-DSA).
Supported key exchange algorithms:
ECDH: prime256v1, secp384r1, secp521r1, X25519, X448
Finite Field DH: ffdhe2048, ffdhe3072, ffdhe4096
ML-KEM (FIPS 203): ML-KEM-512, ML-KEM-768, ML-KEM-1024
Hybrid KEMs: X25519MLKEM768, X448MLKEM1024
Supported ciphers:
AEAD: aes-128-gcm, aes-192-gcm, aes-256-gcm, chacha20-poly1305
CTR: aes-128-ctr, aes-192-ctr, aes-256-ctr
Supported HKDFs:
sha256, sha384, sha512, sha3-256, sha3-384, sha3-512,
blake2b512, blake2s256
Supported Digests for DSA:
sha256, sha384, sha512, sha3-256, sha3-384, sha3-512,
blake2b512, blake2s256
PQC support requires OpenSSL 3.4.0+ and is detected automatically via
CMake. A DISABLE_PQC option allows building without PQC even when
available.
KEMs differ from traditional DH in that they require asymmetric roles:
one party encapsulates to the other's public key. This creates a
coordination problem during simultaneous reconnection attempts. The
kem_mode configuration parameter resolves this by pre-assigning roles:
kem_mode=server # Server encapsulates (1-RTT, full forward secrecy)
kem_mode=client # Client encapsulates (0-RTT, cached server key)
The enc.conf file format supports:
kex=<algorithm> # Key exchange algorithm
cipher=<algorithm> # Symmetric cipher
kdf=<KDF> # Key derivation function
digest=<digest> # Digest for DSA
kem_mode=<mode> # Server (default) or client
none # Disable encryption
The OAP protocol is extended to negotiate algorithms and exchange KEX
data. All KEX messages are signed using existing authentication
infrastructure for integrity and replay protection.
Tests are split into base and _pqc variants to handle conditional PQC
compilation (kex_test.c/kex_test_pqc.c, oap_test.c/oap_test_pqc.c).
Bumped minimum required OpenSSL version for encryption to 3.0
(required for HKDF API). 1.1.1 is long time EOL.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test output is a bit polluted with logs originating fomr the
logging system, e.g.:
23: test_bind_prog started.
23: ==16636== reg/name(DB): Add prog reg_test to name testname.
23: ==16636== reg(EE): Removing from names.
23: test_bind_prog succeeded.
This adds a flag DISABLE_TEST_LOGGING that suppresses log_* output in
tests to keep them clean:
23: test_bind_prog started.
23: test_bind_prog succeeded.
The status is printed in CMake output:
-- Ouroboros logging in test output disabled
-- Ouroboros logging in test output enabled
By default the flag is ON (clean test output).
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
| |
The DEBUG_PROTO_DHT and DEBUG_PROTO_LS build options were not
correctly migrated to the new CMake modules. This adds them back.
There was a non-implemented DEBUG_PROTO_OEP option. This removes that
stale code.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
This adds a 'make coverage' option to conveniently summarize test
coverage. If lcov is installed, it will also automatically generate
the HTML summary.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
The "lockless" rbuff was mixing paradigms as it still has mutexes and
condvars to avoid spinning on blocking behaviour. This was a bad
idea. We'll add proper lockless implementations later.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
This moves the CMake build logic out of the source tree and splits it
up into a more modular form. The tests now have a CMakeLists.txt file
in their respective source directory.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
Since protobuf-c version 1.5.1 using protoc-c is deprecated:
https://github.com/protobuf-c/protobuf-c/pull/758
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
Fixes warnings in CMake 3.28 and newer related to CMP0153.
https://cmake.org/cmake/help/latest/policy/CMP0153.html
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
| |
This deprecates the version generation from git tags. The version is
now set in the CMakeLists.txt. This avoids wrong versions when
checking out old commits and building the repository inside another
repository.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
| |
This adds the sort command with the version sort to GitVersionGen so
the latest version is used when running cmake.
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
|
| |
|
|
|
|
|
| |
This adds a patchlevel to the Ouroboros version.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
This sets the cmake variable CMAKE_REQUIRED_FLAGS to the compiler
flags that are being tested so that the linker doesn't fail when
trying the compile flag.
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
|
| |
|
|
|
| |
This simplifies the macro GitVersionGen so that it doesn't need to
rely on the sort executable.
|
| |
|
|
|
|
| |
This removes some of the log messages spewed out during a check of a
compiler flag. It also makes the SWIG compiler flag for C99
independent of the compiler.
|
| |
|
|
| |
The CMakeLists files are now properly indented.
|
| |
|
|
|
|
| |
Disables robust mutexes and clock attributes for condition variables
for compatibility with OSX (SUSv2). Implements clock_gettime and adds
some defines for OSX compatibility in time_utils.
|
| |
|
|
|
|
| |
The protobuf include directory was not being correctly handed to the
compiler when building. Now the include directory is added
project-wide. And the protobuf package is searched for only once.
|
| |
|
|
|
|
| |
Removes rina_name_t from that API. Passing ap_name and api_id as
params instead. The IRM tool has been updated accordingly. Some errors
in the build related to protobuf-c have also been resolved.
|
| |
|
|
|
|
| |
This adds a cmake file so that the build can ask to generate
protobuf-c files from .proto files. The messages between the IRM and
the library are compiled into the library.
|
| |
|
|
|
|
| |
This requires the usage of the C89 standard for all source files. It
also fixes a wrong check for the compiler flags (was checking this for
CXX compiler instead of the C compiler).
|
|
|
Contains the initial build infrastructure. Cmake was chosen for
portability reasons.
|
