crypto_provider: avoid rand dep for GREASE HPKE#530
Merged
cpu merged 1 commit intorustls:mainfrom Jan 21, 2025
Merged
Conversation
Previously we used the `rand` crate as a convenient way to select a supported HPKE suite at random for ECH when using GREASE. In general it's crummy to take a dep for such a minor need. Instead, adapt the crypto provider CSRNG to this task by performing a truncated uniform sampling. This should be more than sufficient for the use-case and avoids an extra dep.
ctz
approved these changes
Jan 21, 2025
Member
ctz
left a comment
ctz
left a comment
There was a problem hiding this comment.
for my own interest, i checked this fixed #529 and it did:
readelf --wide --symbols target/x86_64-unknown-linux-gnu/release/deps/librustls.so | rustfilt | grep -e chacha
271: 000000000010ddc0 31 FUNC LOCAL DEFAULT 12 aws_lc_rs::cipher::key::SymmetricCipherKey::chacha20
1640: 0000000000048860 6 FUNC LOCAL DEFAULT 12 aws_lc_rs::aead::chacha::init_chacha_aead
2707: 00000000000dc640 6 FUNC LOCAL DEFAULT 12 aws_lc_rs::aead::chacha::init_chacha_aead
2939: 0000000000000000 0 FILE LOCAL DEFAULT ABS chacha.c
2941: 0000000000000000 0 FILE LOCAL DEFAULT ABS e_chacha20poly1305.c
2942: 000000000010fee0 5 FUNC LOCAL DEFAULT 12 aead_chacha20_poly1305_cleanup
2945: 0000000000110080 121 FUNC LOCAL DEFAULT 12 aead_chacha20_poly1305_init
2946: 0000000000110100 995 FUNC LOCAL DEFAULT 12 chacha20_poly1305_seal_scatter
2947: 00000000001104f0 61 FUNC LOCAL DEFAULT 12 aead_chacha20_poly1305_seal_scatter
2948: 0000000000110530 504 FUNC LOCAL DEFAULT 12 aead_chacha20_poly1305_open_gather
2949: 000000000039f680 96 OBJECT LOCAL DEFAULT 22 aead_chacha20_poly1305
3013: 0000000000000000 0 FILE LOCAL DEFAULT ABS 564c5311b313cdb2-chacha20_poly1305_x86_64.o
3014: 000000000015ebc0 0 NOTYPE LOCAL DEFAULT 12 chacha20_poly1305_constants
3016: 0000000000163200 9753 FUNC LOCAL DEFAULT 12 chacha20_poly1305_open_avx2
3017: 0000000000165840 12205 FUNC LOCAL DEFAULT 12 chacha20_poly1305_seal_avx2
3877: 000000000010fd20 443 FUNC LOCAL DEFAULT 12 aws_lc_0_24_0_CRYPTO_chacha_20
3993: 0000000000160f80 8770 FUNC LOCAL DEFAULT 12 aws_lc_0_24_0_chacha20_poly1305_seal
4187: 0000000000110730 12 FUNC LOCAL DEFAULT 12 aws_lc_0_24_0_EVP_aead_chacha20_poly1305
4969: 0000000000087340 6 FUNC LOCAL DEFAULT 12 aws_lc_rs::aead::chacha::init_chacha_aead
5491: 000000000015edc0 8583 FUNC LOCAL DEFAULT 12 aws_lc_0_24_0_chacha20_poly1305_open
6368: 000000000010d560 128 FUNC LOCAL DEFAULT 12 <aws_lc_rs::cipher::chacha::ChaCha20Key as core::ops::drop::Drop>::drop
6492: 000000000010c310 133 FUNC LOCAL DEFAULT 12 aws_lc_rs::aead::aead_ctx::AeadCtx::chacha20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously we used the
randcrate as a convenient way to select a supported HPKE suite at random for ECH when using GREASE. In general it's crummy to take a dep for such a minor need.Instead, adapt the crypto provider CSRNG to this task by performing a truncated uniform sampling. This should be more than sufficient for the use-case and avoids an extra dep.
Resolves #529