mundane
shib-sp
Our great sponsors
mundane | shib-sp | |
---|---|---|
4 | 1 | |
1,070 | 1 | |
0.4% | - | |
0.0 | 1.6 | |
10 months ago | about 1 year ago | |
Rust | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mundane
-
Crates for helping with C FFI?
I'm the author of Mundane, which wraps BoringSSL, which is written in C. We have some internal utilities which make it safer to work with C objects by doing a certain amount of automatic memory management and lifecycle tracking.
-
SAML Is Insecure by Design
Most problems with security specs and libraries that implement them are communication problems. They involve people incompletely describing or understanding their requirements, capabilities, or threat model. Usually this also involves providing/using interfaces that are not ergonomic (https://github.com/google/mundane/blob/master/DESIGN.md), which in turn comes from the spec trying to do too much (as XML Signature does).
I don't know how GPT could help with that. If anything I would expect it to bias toward things it has already seen, which is the opposite of what you want when writing a new spec/library aiming to avoid past mistakes.
-
Void Linux: "Switching back to OpenSSL"
I'm quite intrigued by mundane which is cryptography library with a Rust interface that contains lots of code from OpenSSL (via BoringSSL, which is a fork of OpenSSL).
-
How to implement a simple password-based encryption with ring?
(https://sequoia-pgp.org/, https://github.com/google/mundane, etc)
shib-sp
-
SAML Is Insecure by Design
How is Shibboleth SP's track record on SAML vulnerabilities, either patching them quickly or avoiding them altogether?
My company needed to implement SAML SP support in one of our products so we could get academic customers, particularly those that are part of the InCommon federation. We contracted with a company that specializes in SAML and Shibboleth to help us get it right. We decided to use Shibboleth SP running in a container; that container also has Apache httpd (as practically required by Shib SP) and a little Python shim app that generates a JWT and passes it back to our main app. Hopefully that's a good way of using the nearest thing to a canonical SAML SP implementation, without running our whole application through Apache httpd. In case anyone's interested, our Shib SP container setup, with the Python shim app, is here:
https://github.com/PneumaSolutions/shib-sp
It's probably still too specific to our application, but might be useful as a starting point for others.
What are some alternatives?
saml-idp - Simple SAML Identity Provider (IdP)
RustCrypto - Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers
fusionauth-samlv2 - SAML v2.0 bindings in Java using JAXB
ASP.NET SAML - Very simple SAML 2.0 consumer module for ASP.NET/C#
orion - Usable, easy and safe pure-Rust crypto [Moved to: https://github.com/orion-rs/orion]
rage - A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
reqwest-impersonate - Impersonating the Chrome browser made easy
void-packages - The Void source packages collection