profile
viewpoint
Mara Bos m-ou-se Fusion Engineering Delft, Netherlands https://m-ou.se/ she/her

fusion-engineering/inline-python 426

Inline Python code directly in your Rust code

de-vri-es/assert2-rs 30

assert!() and check!() macros for Rust, inspired by Catch2

fusion-engineering/setup-git-credentials 27

GitHub action to clone private respositories.

m-ou-se/config 19

The one and only perfect configuration for Vim, Zsh, Bash, Git, etc.

fusion-engineering/rust-git-version 17

Compile the Git version (tag name, or hash otherwise) and dirty state into your Rust program.

m-ou-se/bootlib 17

A minimalistic library to help making your x86 assembly program bootable.

m-ou-se/floatconv 5

Fast implementations of integer/floating point conversion operations.

m-ou-se/git-prompt-path 5

Display git information next to every path component in your prompt.

m-ou-se/cloudabi-cpp 2

C++ bindings for CloudABI.

m-ou-se/blog 1

My blog. https://blog.m-ou.se/

push eventrust-lang/team

Deploy from CI

commit sha ba9f518add49ca95b9cf1dd62029fe5464e0530e

Deploy 702292ee93d19f0e93e4327c461a98fc0abf6620 to gh-pages

view details

push time in 6 hours

push eventrust-lang/team

Oli Scherer

commit sha 93a10171dcf9c185b84389021dc7397882afb83b

Update wg-mir-opt.toml

view details

Oliver Scherer

commit sha ce466b50551ff6f50aa7cb5440f73c07cb1be993

Add tmiasko as a person

view details

Pietro Albini

commit sha 702292ee93d19f0e93e4327c461a98fc0abf6620

Merge pull request #517 from oli-obk/patch-2 Add tmiasko to wg-mir-opt

view details

push time in 6 hours

PR merged rust-lang/team

Add tmiasko to wg-mir-opt

cc @tmiasko @wesleywiser

+4 -1

1 comment

2 changed files

oli-obk

pr closed time in 6 hours

push eventrust-lang/team

Deploy from CI

commit sha 9da5552ed7e71081840de298f5b6686dbf964c83

Deploy 540b0321e227a249ac943f6d0f4645951abdea17 to gh-pages

view details

push time in a day

push eventrust-lang/team

Pietro Albini

commit sha c71be319fedcaba205a0f42b7b5f926ea19cbf64

migrate Cargo.lock to the new format No dependency update performed during this step.

view details

Pietro Albini

commit sha 486e390c2e44d1bcdf5e6607f5e615d55fb08e9b

rust_team_data: add support for email encryption There are cases (especially for the foundation) where we want the members of a mailing list not to be public. This commit implements optional encryption support to temporarily address the problem while the infra team works on a more permanent approach.

view details

Pietro Albini

commit sha 6fa24161530af25ec2c218c6d1b42b5219892997

ci: run tests for rust_team_data too

view details

Pietro Albini

commit sha 540b0321e227a249ac943f6d0f4645951abdea17

Merge pull request #515 from pietroalbini/email-encryption Add optional email encryption support

view details

push time in a day

PR merged rust-lang/team

Add optional email encryption support

There are cases (especially for the foundation) where we want the members of a mailing list not to be public. This commit implements optional encryption support to temporarily address the problem while the infra team works on a more permanent approach.

Another PR to rust-lang/sync-team will need to be opened before we can start using encrypted email addresses.

r? @Mark-Simulacrum

+950 -617

1 comment

8 changed files

pietroalbini

pr closed time in a day

push eventrust-lang/team

Deploy from CI

commit sha 323e1d3a0046897278a2ccbb858462dde6e99ee4

Deploy 62cd3b0e0683ddae7f4fd7d48af18e0bf90f7a40 to gh-pages

view details

push time in a day

push eventrust-lang/team

Pietro Albini

commit sha 284c5da8f3d198fb98b3d9bf948ceb031175c65a

add an email alias for pietro There is urgent need for a @rust-lang.org email address for Ashley in order to unblock some work for setting up the Rust Foundation. This is a hacky way to set it up until the Infrastructure Team makes a decision on how and whether to support such aliases.

view details

Pietro Albini

commit sha 62cd3b0e0683ddae7f4fd7d48af18e0bf90f7a40

Merge pull request #518 from pietroalbini/pietro-alias Add an email alias for me

view details

push time in a day

PR merged rust-lang/team

Add an email alias for me

There is urgent need for a @rust-lang.org email address for me in order to unblock some work for setting up the Rust Foundation. This is a hacky way to set it up until the Infrastructure Team makes a decision on how and whether to support such aliases.

+6 -2

0 comment

1 changed file

pietroalbini

pr closed time in a day

PR opened rust-lang/team

Add an email alias for me

There is urgent need for a @rust-lang.org email address for me in order to unblock some work for setting up the Rust Foundation. This is a hacky way to set it up until the Infrastructure Team makes a decision on how and whether to support such aliases.

+6 -2

0 comment

1 changed file

pr created time in a day

pull request commentrust-lang/team

Add tmiasko to wg-mir-opt

oh oops, I first have to add them to the general user list

oli-obk

comment created time in a day

PR opened rust-lang/team

Add tmiasko to wg-mir-opt

cc @tmiasko @wesleywiser

+1 -1

0 comment

1 changed file

pr created time in a day

pull request commentrust-lang/libs-team

MCP: API Guidelines

There's also some discussion now about bringing the Patterns in to rust-lang as a complement to the Guidelines (so we can shift patterns-related discussion over to it). I don't think that would affect us FCPing guidelines changes, and I don't think we'd need to FCP patterns (at least not at this stage) but it seems worth dropping a comment here about it!

KodrAus

comment created time in 2 days

push eventrust-lang/team

Deploy from CI

commit sha 2531c6b83185ce3060455a1c59f88934af020e28

Deploy 037a35f998feec808970b2d86645e21125229da5 to gh-pages

view details

push time in 2 days

push eventrust-lang/team

Joshua Nelson

commit sha 23818677a1058fad242c7349145e609dcea942bc

Add my zulip ID

view details

Mark Rousskov

commit sha 037a35f998feec808970b2d86645e21125229da5

Merge pull request #516 from jyn514/me Add my zulip ID

view details

push time in 2 days

PR merged rust-lang/team

Add my zulip ID

@triagebot was being very rude to me.

+1 -0

0 comment

1 changed file

jyn514

pr closed time in 2 days

PR opened rust-lang/team

Add my zulip ID

@triagebot was being very rude to me.

+1 -0

0 comment

1 changed file

pr created time in 2 days

pull request commentrust-lang/team

Add optional email encryption support

This is again ready for review.

pietroalbini

comment created time in 2 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid

Done!

pietroalbini

comment created time in 2 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;

Switched algorithm.

pietroalbini

comment created time in 2 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;

We discussed a little on Zulip, and after some consideration it felt like we should probably switch to https://crates.io/crates/chacha20poly1305 - some random googling seems to say that AES256-GCM is not the best thing to use (though likely it doesn't matter for us); libsodium's docs also recommend the use of this primitive.

https://doc.libsodium.org/secret-key_cryptography/aead/chacha20-poly1305/xchacha20-poly1305_construction

pietroalbini

comment created time in 3 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid

Maybe you want to put this in a code block so the docs are rendered correctly?

pietroalbini

comment created time in 3 days

push eventrust-lang/team

Deploy from CI

commit sha d49711b894e0904eb51613e1af7804d157a112db

Deploy 89941cdd35f84ba907428aa438b8207973a2a5de to gh-pages

view details

push time in 3 days

push eventrust-lang/team

Mark Rousskov

commit sha 89941cdd35f84ba907428aa438b8207973a2a5de

Add zulip ID

view details

push time in 3 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;

AES256-GCM is a secure AEAD cipher, and it's definitely good for our use case. There is no particular reason why I chose it compared to other secure AEAD ciphers.

The crate is part of the RustCrypto project and received a security audit. In general I find the maintenance policy of RustCrypto crates to be better for downstream users compared to ring.

pietroalbini

comment created time in 3 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;++const PREFIX: &str = "encrypted+";+const SUFFIX: &str = "@rust-lang.invalid";+const KEY_LENGTH: usize = 32;+const NONCE_LENGTH: usize = 12;++/// Encrypt an email address with the provided key.+pub fn encrypt(key: &str, email: &str) -> Result<String, Error> {+    // Generate a random nonce every time something is encrypted.+    let mut nonce = [0u8; NONCE_LENGTH];+    getrandom::getrandom(&mut nonce).map_err(Error::GetRandom)?;+    let nonce = GenericArray::from_slice(&nonce);++    let mut encrypted = init_aes(key)?+        .encrypt(&nonce, email.as_bytes())+        .map_err(|_| Error::EncryptionFailed)?;++    // Concatenate both the nonce and the payload, as both will be needed for decryption.+    let mut payload = nonce.to_vec();

GenericArray is required by the aes_gcm crate's API.

pietroalbini

comment created time in 3 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;

Was there some particular reason to choose this particular crate and cipher?

pietroalbini

comment created time in 3 days

Pull request review commentrust-lang/team

Add optional email encryption support

+//! This module implements the encryption scheme used to safely include private email addresses in+//! the team repository. It generates encrypted content that looks like this:+//!+//! encrypted+a371d1d65dcc697d000826e4bd59dcbfb16ad73eceb1139caaaab795737bb3a54403f0ec69f3d40c8965a5f4bc52f67c94ec538a8a2fea710cabdaaf27661f9a62b0121db7d229@rust-lang.invalid+//!+//! The hex-encoded part of the email address is a concatenation of a 12-byte random nonce and the+//! AES256-GCM-encrypted email address. Utilities are provided to both encrypt and decrypt.++use aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead};+use aes_gcm::Aes256Gcm;++const PREFIX: &str = "encrypted+";+const SUFFIX: &str = "@rust-lang.invalid";+const KEY_LENGTH: usize = 32;+const NONCE_LENGTH: usize = 12;++/// Encrypt an email address with the provided key.+pub fn encrypt(key: &str, email: &str) -> Result<String, Error> {+    // Generate a random nonce every time something is encrypted.+    let mut nonce = [0u8; NONCE_LENGTH];+    getrandom::getrandom(&mut nonce).map_err(Error::GetRandom)?;+    let nonce = GenericArray::from_slice(&nonce);++    let mut encrypted = init_aes(key)?+        .encrypt(&nonce, email.as_bytes())+        .map_err(|_| Error::EncryptionFailed)?;++    // Concatenate both the nonce and the payload, as both will be needed for decryption.+    let mut payload = nonce.to_vec();

If we're converting to a vec, why the GenericArray::from_slice? Can we just initially create the nonce via vec!?

pietroalbini

comment created time in 3 days

PR opened rust-lang/team

Add optional email encryption support

There are cases (especially for the foundation) where we want the members of a mailing list not to be public. This commit implements optional encryption support to temporarily address the problem while the infra team works on a more permanent approach.

Another PR to rust-lang/sync-team will need to be opened before we can start using encrypted email addresses.

r? @Mark-Simulacrum

+989 -616

0 comment

7 changed files

pr created time in 3 days

PR opened m-ou-se/config

Add skip option for installing vim plugins.
+5 -1

0 comment

1 changed file

pr created time in 3 days

more