min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

RTG-3333 Support X25519MLKEM768 by default, but don't sent it as client (#35) 

X25519MLKEM768 is the standardised successor of the preliminary
X25519Kyber768Draft00. Latest browsers have switched to X25519MLKEM768.
Cloudflare supports both on the edge.

We've had support for X25519MLKEM768 in this crate for a while, but
didn't enable by default. We're now enabling serverside support by
default. We also let clients advertise support when set
to kx-client-pq-supported.

We don't enable support by default yet for clients set to
kx-client-pq-preferred, as that would cause an extra round-trip due to
HelloRetryRequest if the server doesn't support X25519MLKEM768 yet.

BoringSSL against which we build must support X25519MLKEM768, otherwise
this will fail.

Co-authored-by: Bas Westerbaan <bas@cloudflare.com>
This commit is contained in:
0x676e67 2025-01-14 22:17:57 +08:00 committed by GitHub
parent 038c5b2105
commit 5da88184f1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
boring/src/ssl/mod.rs
View File

@ -2890,7 +2890,7 @@ impl SslRef {
if cfg!(feature = "kx-client-nist-required") { if cfg!(feature = "kx-client-nist-required") {
"P-256:P-384:P-521:P256Kyber768Draft00" "P-256:P-384:P-521:P256Kyber768Draft00"
} else { } else {
"X25519:P-256:P-384:P-521:X25519Kyber768Draft00:P256Kyber768Draft00" "X25519:P-256:P-384:P-521:X25519MLKEM768:X25519Kyber768Draft00:P256Kyber768Draft00"
} }
} else { } else {
if cfg!(feature = "kx-client-nist-required") { if cfg!(feature = "kx-client-nist-required") {
@ -2906,8 +2906,10 @@ impl SslRef {
#[cfg(feature = "kx-safe-default")] #[cfg(feature = "kx-safe-default")]
fn server_set_default_curves_list(&mut self) { fn server_set_default_curves_list(&mut self) {
self.set_curves_list("X25519Kyber768Draft00:P256Kyber768Draft00:X25519:P-256:P-384") self.set_curves_list(
.expect("invalid default server curves list"); "X25519MLKEM768:X25519Kyber768Draft00:P256Kyber768Draft00:X25519:P-256:P-384",
)
.expect("invalid default server curves list");
} }
/// Returns the [`SslCurve`] used for this `SslRef`. /// Returns the [`SslCurve`] used for this `SslRef`.