https://git.schokokeks.org/derivepassphrase.git/tree/4b53216d8b2115fb794a23a8b17d9c8a00af4ed2 2025-01-28T14:30:28+01:00 tag:gitlist.org,2012:commit/4b53216d8b2115fb794a23a8b17d9c8a00af4ed2 2025-01-28T14:30:28+01:00 Marco Ricci software@the13thletter.info <pre>* t/equivalent-hmac-keys: Document the vault "interchangable passphrases" artefact in the changelog Reformat "vault" tests Document the vault "interchangable passphrases" artefact as an FAQ Detect (and test for) pairs of interchangable vault passphrases Add hypothesis-based test for service name dependence of derived passphrases &lt;/pre&gt; tag:gitlist.org,2012:commit/e0810c5d6b0cf4f2549c8354bfe020c35b211c41 2025-01-28T14:30:21+01:00 Marco Ricci software@the13thletter.info <pre>* t/documentation-fixes: (24 commits) Move commands' `--help` tests out of transition group Make CLI testing helper functions, data and strategies public Add hypothesis-based service name type tests for the "vault" module Signal failed assumptions instead of passing tests in the "vault" module Document hypothesis examples for "vault" tests the proper way Rearrange hypothesis tests in the `vault` module Rearrange hypothesis tests in the `ssh_agent` module Add more hypothesis tests for the `ssh_agent` module Fix improper `re` escape pattern in `ssh_agent` tests Add hypothesis tests for the `exporter` module Add hypothesis tests for the `sequin` module Remove use of the monkeypatch test fixture in favor of the context manager Prefilter some hypothesis candidate lists before sampling Add a "flaky" hypothesis profile to find flaky tests Fix test output on PyPy 3.9 due to differing error message texts Move repetitive hypothesis strategy definition to separate functions Explicitly test JS truthiness of NaN Allow test key suitability check to be dependent on the connected agent Make multiple private test attributes and functions public Add hypothesis inventory to documentation ... &lt;/pre&gt; tag:gitlist.org,2012:commit/57540d34c623df38829850936d85a6864618938a 2025-01-28T14:09:47+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/5ff8445cd241e69f31093a7848b305f902e2739f 2025-01-28T11:03:57+01:00 Marco Ricci software@the13thletter.info <pre>These tests aren't specific to the v1.0 transition, and if we still want to keep them in some way or another, they should probably outlast v1.0. &lt;/pre&gt; tag:gitlist.org,2012:commit/f3dd59c5f9cb04aad5a979485deea2b2ec30d1fa 2025-01-28T00:15:01+01:00 Marco Ricci software@the13thletter.info <pre>Make these helpers public in the sense that they get picked up by the API documentation generator. &lt;/pre&gt; tag:gitlist.org,2012:commit/6a7423c92f8bda8e46e632f282bce18d4be673d7 2025-01-27T19:46:57+01:00 Marco Ricci software@the13thletter.info <pre>Reformat the "vault" tests. This includes retiring the `Vault` type alias and using the proper Google-style `vault.Vault` instead, because the API documentation does not correctly resolve this type alias otherwise. &lt;/pre&gt; tag:gitlist.org,2012:commit/431cc9945c8a8fc58a2042ceeb20f253028b383c 2025-01-27T19:39:03+01:00 Marco Ricci software@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/470f33abffac488a3c54aeda7c0ca2761404e51e 2025-01-27T15:36:38+01:00 Marco Ricci software@the13thletter.info <pre>The "vault" derivation scheme internally uses PBKDF2-HMAC-SHA1 to generate a pool of random bits from which the derived passphrase is constructed. Here, the master passphrase is passed directly to HMAC-SHA1 as the key; see [RFC 2898][]. By construction, HMAC-SHA1 requires keys to be exactly 64 bytes long (the internal block size of SHA1), so keys larger or smaller than 64 bytes are mapped to equivalent 64-byte keys. This keyspace reduction means that master passphrases under vault are not unique, and since the mapping is simple enough, "master passphrase collisions" have actually been observed during hypothesis testing. Therefore, we implement a new interface to query whether two master passphrases are interchangable under vault. We also test expected interchangability and non-interchangability of master passphrases explicitly with hypothesis-based tests, both for mixed passphrase categories (larger than, smaller than, or exactly 64 bytes) and for each category separately. [RFC 2898]: https://datatracker.ietf.org/doc/html/rfc2898 "See Section 5.2 and Appendix B.1.1." &lt;/pre&gt; tag:gitlist.org,2012:commit/171674c46f598ae2509663d92029d4cb4a1cf51e 2025-01-27T15:23:35+01:00 Marco Ricci software@the13thletter.info <pre>As part of a larger quality assurance effort, explicitly test that derived passphrases depend on the service name. The obvious counterpart, that derived passphrases depend on the master passphrase, it not quite so straightforward, and will be tackled in a later commit. &lt;/pre&gt; tag:gitlist.org,2012:commit/b0038660e3efed0577ad5c08523d69a70a13bfeb 2025-01-27T00:35:36+01:00 Marco Ricci software@the13thletter.info <pre>Check that equivalent service name strings, byte strings and byte arrays all derive the same passphrases. &lt;/pre&gt;