https://git.schokokeks.org/derivepassphrase.git/tree/1c7c7a74a26be17815a5de3c20375a98400a1d2e Recent commits feed provided by GitList. In particular, include type guard functions here as well. https://git.schokokeks.org/derivepassphrase.git/commit/1c7c7a74a26be17815a5de3c20375a98400a1d2e m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 1c7c7a74a26be17815a5de3c20375a98400a1d2e Some level of awareness is necessary to support passphrases stored in (JSON) config files. We reject the passphrase if there are multiple Unicode representations (and thus UTF-8 representations) of the same text but with different normalizations. In such a case, a byte string must be used, and the value cannot currently be stored in the JSON config file. https://git.schokokeks.org/derivepassphrase.git/commit/fc134c9aa5519d8cf5b394a0036af8be2a0ecaff m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 fc134c9aa5519d8cf5b394a0036af8be2a0ecaff In vault(1), the passphrase derived from an SSH key signature is *not* just the (framed, binary) SSH signature of the vault UUID. Instead, the payload part of the signature, in binary, is converted to base64, yielding the passphrase. Rewrite the `Vault.phrase_from_signature` method to match vault's behavior, and rename it to `phrase_from_key` to better match the *actual* interface (which takes an SSH key, not a signature). (This design – emitting an SSH signature as payload only, in base64 – is hard-coded into the SSH agent client library used by vault, and likely not a conscious design by vault's primary author.) https://git.schokokeks.org/derivepassphrase.git/commit/d3bdff5889f148f85d644ecfcb3fc9787b0a1aef m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 d3bdff5889f148f85d644ecfcb3fc9787b0a1aef Expose some functionality from `derivepassphrase.Vault` as interal methods, to facilitate testing and to avoid reimplementing the same functionality again in the command-line interface. This includes hash length estimation and SSH key suitability checking. https://git.schokokeks.org/derivepassphrase.git/commit/81f902f6a37fc585684b6fc375ffcb5f2ae964c6 m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 81f902f6a37fc585684b6fc375ffcb5f2ae964c6 The new function `ssh_agent_client.unstring_prefix` does not abort if there is trailing data after the SSH framed byte string. https://git.schokokeks.org/derivepassphrase.git/commit/3d09a07f18a46b597808e3f2030a566d4ef7d1e2 m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 3d09a07f18a46b597808e3f2030a566d4ef7d1e2 https://git.schokokeks.org/derivepassphrase.git/commit/18198578dc3148566fde6e7767a3a1584f338175 m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 21:19:30 +0200 18198578dc3148566fde6e7767a3a1584f338175 https://git.schokokeks.org/derivepassphrase.git/commit/23390bc56a135d2c97a3e54d3b08bf5e117f32f0 m@the13thletter.info (Marco Ricci) Sat, 22 Jun 2024 19:54:19 +0200 23390bc56a135d2c97a3e54d3b08bf5e117f32f0 For those familiar with SSH protocol messages, make the data more readable by aligning the hex view on the data boundaries according to the protocol. https://git.schokokeks.org/derivepassphrase.git/commit/e999bd54e5f32c3bdb1600b86b43740f14e535b3 m@the13thletter.info (Marco Ricci) Sat, 08 Jun 2024 19:14:35 +0200 e999bd54e5f32c3bdb1600b86b43740f14e535b3 Apparently, this is a `hatch` convention/tradeoff, but one that doesn't appear sensible to a project like this. On that note, since we're starting with a clear target API in mind, start directly at release 0.1.0 instead of the `hatch` default 0.0.1. https://git.schokokeks.org/derivepassphrase.git/commit/6eab62ca9f46c2caf2172c6558e26f7cef8f02d5 m@the13thletter.info (Marco Ricci) Sat, 08 Jun 2024 19:07:53 +0200 6eab62ca9f46c2caf2172c6558e26f7cef8f02d5 These "emergency exits" are code paths rooted in defensive programming (of both code and of tests), and are not intended to be reached in practice. https://git.schokokeks.org/derivepassphrase.git/commit/85fcc667bbe6a3efb47e11c46a67c959d2419e86 m@the13thletter.info (Marco Ricci) Sat, 08 Jun 2024 19:06:56 +0200 85fcc667bbe6a3efb47e11c46a67c959d2419e86