diff options
author | Joe Birr-Pixton <jpixton@gmail.com> | 2024-08-29 16:02:04 +0100 |
---|---|---|
committer | Joe Birr-Pixton <jpixton@gmail.com> | 2024-09-05 12:59:06 +0000 |
commit | 37af3c14cadae3c3ecde4d1b686413bb6a12c507 (patch) | |
tree | d3337a2d0a3fcd3710831df09e762f8e771894b5 | |
parent | 92ff3d8485885b0a948d1192e925f6cd21ba1711 (diff) |
Override default `ffdhe_group()` for all kx impls
This prevents these impls linking in `FfdheGroup::from_named_group`,
which is a ~60KB function.
-rw-r--r-- | provider-example/src/kx.rs | 9 | ||||
-rw-r--r-- | rustls-post-quantum/src/lib.rs | 9 | ||||
-rw-r--r-- | rustls/src/crypto/ring/kx.rs | 10 |
3 files changed, 27 insertions, 1 deletions
diff --git a/provider-example/src/kx.rs b/provider-example/src/kx.rs index 93e1540d..80fb235b 100644 --- a/provider-example/src/kx.rs +++ b/provider-example/src/kx.rs @@ -2,6 +2,7 @@ use alloc::boxed::Box; use crypto::SupportedKxGroup; use rustls::crypto; +use rustls::ffdhe_groups::FfdheGroup; pub struct KeyExchange { priv_key: x25519_dalek::EphemeralSecret, @@ -25,6 +26,10 @@ impl crypto::ActiveKeyExchange for KeyExchange { self.pub_key.as_bytes() } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + fn group(&self) -> rustls::NamedGroup { X25519.name() } @@ -44,6 +49,10 @@ impl crypto::SupportedKxGroup for X25519 { })) } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + fn name(&self) -> rustls::NamedGroup { rustls::NamedGroup::X25519 } diff --git a/rustls-post-quantum/src/lib.rs b/rustls-post-quantum/src/lib.rs index 9816bc1a..d1a1717c 100644 --- a/rustls-post-quantum/src/lib.rs +++ b/rustls-post-quantum/src/lib.rs @@ -55,6 +55,7 @@ use rustls::crypto::aws_lc_rs::{default_provider, kx_group}; use rustls::crypto::{ ActiveKeyExchange, CompletedKeyExchange, CryptoProvider, SharedSecret, SupportedKxGroup, }; +use rustls::ffdhe_groups::FfdheGroup; use rustls::{Error, NamedGroup, PeerMisbehaved}; /// A `CryptoProvider` which includes `X25519Kyber768Draft00` key exchange. @@ -119,6 +120,10 @@ impl SupportedKxGroup for X25519Kyber768Draft00 { }) } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + fn name(&self) -> NamedGroup { NAMED_GROUP } @@ -153,6 +158,10 @@ impl ActiveKeyExchange for Active { &self.combined_pub_key } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + fn group(&self) -> NamedGroup { NAMED_GROUP } diff --git a/rustls/src/crypto/ring/kx.rs b/rustls/src/crypto/ring/kx.rs index 55dcd2c0..8c267e9e 100644 --- a/rustls/src/crypto/ring/kx.rs +++ b/rustls/src/crypto/ring/kx.rs @@ -5,7 +5,7 @@ use core::fmt; use super::ring_like::agreement; use super::ring_like::rand::SystemRandom; -use crate::crypto::{ActiveKeyExchange, SharedSecret, SupportedKxGroup}; +use crate::crypto::{ActiveKeyExchange, FfdheGroup, SharedSecret, SupportedKxGroup}; use crate::error::{Error, PeerMisbehaved}; use crate::msgs::enums::NamedGroup; use crate::rand::GetRandomFailed; @@ -46,6 +46,10 @@ impl SupportedKxGroup for KxGroup { })) } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + fn name(&self) -> NamedGroup { self.name } @@ -108,6 +112,10 @@ impl ActiveKeyExchange for KeyExchange { .map_err(|_| PeerMisbehaved::InvalidKeyShare.into()) } + fn ffdhe_group(&self) -> Option<FfdheGroup<'static>> { + None + } + /// Return the group being used. fn group(&self) -> NamedGroup { self.name |