frood, an Alpine initramfs NAS
More from Filippo Valsorda
RSA key generation is conceptually simple, but extremely tricky. Even benchmarking involves math: we generated a stable but representative “average case” instead of using the ordinary statistical approach.
Accumulated test vectors make it possible to run large sets of random known-answer tests without checking in large assets.
The FIPS compliance of HKDF is a somewhat confusing and controversial topic, partially because the normative reference is split over at least four separate documents, but in practice it’s approved for almost any purpose.
ML-KEM private key seeds are vastly preferable to expanded decapsulation keys as a storage format. A plea to standardize on them.
The age plugin system allows integrating third-party recipient types at the CLI level. A new framework makes it easy to implement plugins.