min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,417 Commits 2 Branches 0 Tags 16 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
0x676e67 f08c7cf8b7
test(boring): fix ech test (#77) 2025-06-17 22:26:23 +08:00
hev fbad63bb8c
feat: Add basic support for LoongArch (#67) 2025-04-27 17:11:58 +08:00
0x676e67 d69d6b9cb3
feat: Allow overriding AES encryption for Encrypted Client Hello (#57) 2025-03-07 11:02:38 +08:00
0x676e67 372501ffc2
fix(patch): Fix alps use new codepoint negotiation (#53) 2025-02-23 19:34:37 +08:00
0x676e67 46aeed7868
boring(patch): Fix `alps_use_new_codepoint` not initialized, may lead to undefined behavior, then get any value (#52) 2025-02-16 21:04:33 +08:00
0x676e67 3c63f0b24e
fix: Fix `key share` patch (#46) 2025-02-11 17:18:10 +08:00
0x676e67 5d33987600
feat: Removal of `rpk` support (#41) 2025-02-07 11:36:39 +08:00
0x676e67 30c6bedc4d
feat: Add ALPS use new endpoint (#39) 2025-02-02 19:29:29 +08:00
0x676e67 bed5243775
feat: Add `kDHE` && `ffdhe2048`/`ffdhe3072` curves working implement (#36) 
* RTG-3333 Support X25519MLKEM768 by default, but don't sent it as client

X25519MLKEM768 is the standardised successor of the preliminary
X25519Kyber768Draft00. Latest browsers have switched to X25519MLKEM768.
Cloudflare supports both on the edge.

We've had support for X25519MLKEM768 in this crate for a while, but
didn't enable by default. We're now enabling serverside support by
default. We also let clients advertise support when set
to kx-client-pq-supported.

We don't enable support by default yet for clients set to
kx-client-pq-preferred, as that would cause an extra round-trip due to
HelloRetryRequest if the server doesn't support X25519MLKEM768 yet.

BoringSSL against which we build must support X25519MLKEM768, otherwise
this will fail.

* feat: Add kDHE && ffdhe2048/ffdhe3072 curves working implement

* Update

---------

Co-authored-by: Bas Westerbaan <bas@cloudflare.com>
 2025-01-22 13:08:20 +08:00
0x676e67 b875e49daf
boring-sys: Optional SSL_OP_NO_RENEGOTIATION to disable client renegotiation extension (#33) 2025-01-10 16:16:41 +08:00
0x676e67 0e6b794ead
feat(boring): Add optional disable `PSK_DHE_KE` (#32) 2025-01-05 11:54:25 +08:00
0x676e67 f8e01e3d0c
feat: Expose extended sorting from indices (#29) 2024-12-20 14:18:16 +08:00
0x676e67 66cc25a270
feat: Add setup extension permutation (#28) 2024-12-19 23:21:31 +08:00
0x676e67 292b2a1513
refactor: refactor `key_shares` length limit (#27) 2024-12-19 18:17:40 +08:00
0x676e67 928968947a
boring-sys: Add TLS extension zstd cert compression (#24) 2024-12-18 19:34:06 +08:00
0x676e67 b4c46bb8a1
patch: Add enable three `key_shares` limit (#23) 2024-12-18 18:58:41 +08:00
0x676e67 abd65310ba
patch: Add option enable delegated_credentials (#22) 2024-12-18 16:32:38 +08:00
0x676e67 39914a641c
patch: Add option enable record_size_limit (#21) 2024-12-18 14:57:23 +08:00
0x676e67 6ef0ca379e
boring: Add SslCurve `FFDHE2048`/`FFDHE3072` NID support (#20) 2024-12-18 13:14:02 +08:00
0x676e67 30cadfb1eb
boring: Add SslCurve `FFDHE2048`/`FFDHE3072` support (#19) 2024-12-17 23:22:56 +08:00
0x676e67 0ee30f7487
boring: update old ciphers patch (#18) 2024-12-17 20:12:33 +08:00
0x676e67 b0fe60dcf6 Merge remote-tracking branch 'upstream/master' 2024-09-22 07:57:47 +08:00
Bas Westerbaan b1a7434c19 boring-pq.patch Fix by not updating crypto_test_data.cc 
crypto_test_data.cc is not included anymore since 2475ef386b
 2024-09-19 00:17:37 +02:00
Bas Westerbaan 6d3639f173 Add post-quantum key agreement X25519MLKEM768 
This is the successor of X25519Kyber768Draft00.

Spec:

https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/02/

IANA has assigned the codepoint.

https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8

Upstream BoringSSL support landed in.

7fb4d3da50

The version of BoringSSL we patch does not include it, so we add it manually.

Chrome and Firefox are planning to enable in October.

This PR is based on the IPD-Wing patch reviewed here:

https://github.com/cloudflare/boring/pull/243

There are two changes. First we simplify the patch a bit as we do not
need IPD-Wing. Secondly, we perform the encapsulation key check, which
was a last minute addition of NIST. We perform this check also for Kyber.
 2024-09-18 12:00:27 +02:00
Bas Westerbaan 2c0a14253a Revert "PQ: fix timing sidechannels and add IPDWing" 
For TLS, early adopters prefer X25519MLKEM768. Remove IPDWing in
preparation for adding X25519MLKEM768.

https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/

This reverts commit 4725a930d5.
 2024-09-18 12:00:27 +02:00
0x676e67 9523ac82c9
Merge patch (#8) 2024-08-12 09:56:42 +08:00
Bas Westerbaan 4725a930d5 PQ: fix timing sidechannels and add IPDWing 
Fix three potential timing sidechannels. These don't affect ephemeral
usage of Kyber as in TLS, but it's good practice to get rid of them anyway.

Also adds IPDWing, a preliminary version of X-Wing using the initial public
draft (IPD) of ML-KEM. Don't use it.
 2024-07-08 19:47:43 +01:00
Rushil Mehra 5aed467dcb Fix building with non bazel commits of boringssl 
We need to add `/build/crypto` and `/build/ssl` to the library search
path to handle the case where we pass `BORING_BSSL_SOURCE_PATH` when
building without enabling any fips features. Otherwise, non bazel
commits will not work because `/build/` itself will not contain any
crypto libraries to link with
 2024-02-02 14:56:55 +00:00
Anthony Ramine a8dea4a22c Introduce X509CheckFlags::UNDERSCORE_WILDCARDS 2024-01-02 15:37:36 +01:00
Ivan Nikulin 2475ef386b Reduce release bundle size by excluding PQ test data 2023-08-01 17:51:44 +01:00
Ivan Nikulin 0b542999d4 Address review comments 2023-07-10 14:00:52 +01:00
Ivan Nikulin d59d170c4d Update docs 2023-07-10 12:29:30 +01:00
Ivan Nikulin d1ee9bfd86 Use workspace metadata for crates 2023-07-10 11:38:18 +01:00
Ivan Nikulin c4e8a94a69 Add RPK and PQ crypto features 2023-07-07 13:50:36 +01:00