Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add opt-in post-quantum KX feature flag #520

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Conversation

cpu
Copy link
Member

@cpu cpu commented Dec 29, 2024

Note to reviewers: this is a draft while it takes a dep. override to use unreleased rustls-post-quantum, blocked on a release w/ rustls/rustls#2288 See rustls/rustls#2293 for more context.

When librustls is built with a new post-quantum feature flag the default aws-lc-rs cryptography provider will be augmented to offer the hybrid X25519MLKEM768 key exchange by default in addition to the pre-existing classical KX algorithms using rustls-post-quantum.

Similar support is added to the rustls_default_fips_provider() provider when both fips and post-quantum are enabled. When the post-quantum feature is available a rustls_post_quantum_provider() function is also provided to explicitly construct the PQ-enabled provider.

Since the default provider is augmented the existing client.c and server.c examples benefit transparently when the -DPOST_QUANTUM=on CMake option is provided. CI is updated to test a post-QC secure key exchange using client.c and pq.cloudflareresearch.com, checking that the output reports the correct KX on Windows/MacOS/Linux. This is done in the daily tests job since it relies on an external host. Here's an exemplar run from a manual invocation on this branch.

Resolves #507

@cpu cpu self-assigned this Dec 29, 2024
@cpu cpu mentioned this pull request Dec 29, 2024
19 tasks
.github/workflows/test.yaml Outdated Show resolved Hide resolved
When librustls is built with the `post-quantum` feature flag, the
default `aws-lc-rs` cryptography provider will be augmented to offer
the hybrid `X25519MLKEM768` key exchange by default in addition to the
pre-existing classical KX algorithms. Similar support is added to the
`rustls_default_fips_provider()` provider when both `fips` and
`post-quantum` are enabled.

When the `post-quantum` feature is available
a `rustls_post_quantum_provider()` function is also provided to
explicitly construct the PQ-enabled provider.

Since the default provider is augmented the existing `client.c` and
`server.c` examples benefit transparently when the `-DPOST_QUANTUM=on`
CMake option is provided.

Connect-test CI is updated to test a post-QC secure key exchange with
`pq.cloudflareresearch.com` reports the correct KX on
Windows/MacOS/Linux.
@cpu
Copy link
Member Author

cpu commented Jan 8, 2025

I think this should be updated to take the same approach as the last update in rustls#2288 - e.g. including the hybrid KX by default at the end of the supported KX list, and then promoting it to most-preferred with the feature flag enabled.

I'll do that shortly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

FFI for rustls-post-quantum provider crate
1 participant