tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: initial support for X25519Kyber768Draft00 PQC

Browse source
This commit is contained in:
Jun Kurihara 2024-10-31 18:21:04 +09:00
commit a887750075
No known key found for this signature in database
GPG key ID: D992B3E3DE1DED23
8 changed files with 37 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
rpxy-certs/Cargo.toml
View file

@ -12,6 +12,7 @@ publish.workspace = true
[features]
default = ["http3"]
post-quantum = ["rustls-post-quantum"]
http3 = []
[dependencies]
@ -21,7 +22,7 @@ derive_builder = { version = "0.20.2" }
thiserror = { version = "1.0.65" }
hot_reload = { version = "0.1.6" }
async-trait = { version = "0.1.83" }
rustls = { version = "0.23.15", default-features = false, features = [
rustls = { version = "0.23.16", default-features = false, features = [
"std",
"aws_lc_rs",
] }
@ -30,6 +31,7 @@ rustls-webpki = { version = "0.102.8", default-features = false, features = [
"std",
"aws_lc_rs",
] }
rustls-post-quantum = { version = "0.1.0", optional = true }
x509-parser = { version = "0.16.0" }
[dev-dependencies]

7
rpxy-certs/src/lib.rs
View file

@ -12,7 +12,7 @@ mod log {
use crate::{error::*, log::*, reloader_service::DynCryptoSource};
use hot_reload::{ReloaderReceiver, ReloaderService};
use rustc_hash::FxHashMap as HashMap;
use rustls::crypto::{aws_lc_rs, CryptoProvider};
use rustls::crypto::CryptoProvider;
use std::sync::Arc;
/* ------------------------------------------------ */
@ -44,8 +44,11 @@ where
T: CryptoSource<Error = RpxyCertError> + Send + Sync + Clone + 'static,
{
info!("Building certificate reloader service");
#[cfg(not(feature = "post-quantum"))]
// Install aws_lc_rs as default crypto provider for rustls
let _ = CryptoProvider::install_default(aws_lc_rs::default_provider());
let _ = CryptoProvider::install_default(rustls::crypto::aws_lc_rs::default_provider());
#[cfg(feature = "post-quantum")]
let _ = CryptoProvider::install_default(rustls_post_quantum::provider());
let source = crypto_source_map
.iter()

3
rpxy-certs/src/server_crypto.rs
View file

@ -179,7 +179,10 @@ mod tests {
#[tokio::test]
async fn test_server_crypto_base_try_into() {
#[cfg(not(feature = "post-quantum"))]
let _ = CryptoProvider::install_default(rustls::crypto::aws_lc_rs::default_provider());
#[cfg(feature = "post-quantum")]
let _ = CryptoProvider::install_default(rustls_post_quantum::provider());
let mut server_crypto_base = ServerCryptoBase::default();