Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Small HPKE trait tweaks #1737

Merged
merged 6 commits into from
Jan 9, 2024
Merged

Small HPKE trait tweaks #1737

merged 6 commits into from
Jan 9, 2024

Conversation

cpu
Copy link
Member

@cpu cpu commented Jan 8, 2024

Pulling out more work from #1718 that can land ahead of the ECH-specific work.

  • reorder seal/open args and use less terse arg names - addresses stylistic feedback from djc.
  • add stateful HPKE interface - this was part of the original work introducing this trait, but we pulled it thinking we could get away with just the simpler "one-shot" interface. In practice ECH requires the stateful interface so we can reuse the HPKE sealer state between initial client hello and hello retry request processing.
  • derive Copy for HpkeSymmetricCipherSuite - small quality of life improvement
  • tighten up HPKE lifetime bounds - this better aligns with the existing crypto provider traits and makes maintaining the sealer/opener state much easier.
  • make EncapsulatedSecret derive Debug - small quality of life improvement, required for holding an encapsulated secret in another type that is Debug.
  • clarify the hpke-rs backend - small comment adjustment to emphasize the hpke-rs example in the larger provider-example uses the Rust Crypt backend in particular.

@cpu cpu self-assigned this Jan 8, 2024
@cpu cpu mentioned this pull request Jan 8, 2024
Merged
djc
djc approved these changes Jan 9, 2024
View reviewed changes
rustls/src/crypto/hpke.rs Outdated Show resolved Hide resolved
provider-example/src/hpke.rs Outdated Show resolved Hide resolved
@rustls-benchmarking Rustls Benchmarking
Copy link

rustls-benchmarking bot commented Jan 9, 2024
edited
Loading

Benchmark results

Instruction counts

Significant differences

⚠️ There are significant instruction count differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 8690668 8731119 ⚠️ 40451 (0.47%) 0.20%

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server 4688736 4629334 -59402 (-1.27%) 2.71%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server 4154735 4122090 -32645 (-0.79%) 4.27%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server 12308955 12334789 25834 (0.21%) 0.71%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client 30972111 30918941 -53170 (-0.17%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client 31119132 31074969 -44163 (-0.14%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server 33539267 33580029 40762 (0.12%) 0.67%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server 12696957 12710549 13592 (0.11%) 0.84%
handshake_no_resume_ring_1.3_ecdsap256_aes_server 2127683 2129778 2095 (0.10%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client 31113966 31143674 29708 (0.10%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client 30946550 30917663 -28887 (-0.09%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 3392971 3395612 2641 (0.08%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 8710870 8704350 -6520 (-0.07%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server 12733396 12724606 -8790 (-0.07%) 0.95%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client 3898273 3900719 2446 (0.06%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 3390534 3392638 2104 (0.06%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 57934858 57965319 30461 (0.05%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server 33530699 33544333 13634 (0.04%) 0.49%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 92453389 92417837 -35552 (-0.04%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server 33306463 33293711 -12752 (-0.04%) 0.48%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server 13737152 13741786 4634 (0.03%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server 33252327 33242204 -10123 (-0.03%) 0.64%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client 31112383 31104827 -7556 (-0.02%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 2045874 2046347 473 (0.02%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 2049422 2049863 441 (0.02%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client 30920447 30915578 -4869 (-0.02%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_server 4417377 4418071 694 (0.02%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server 57147939 57139451 -8488 (-0.01%) 0.36%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client 35451600 35456090 4490 (0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client 4167049 4167550 501 (0.01%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client 42197612 42193191 -4421 (-0.01%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client 30939257 30936239 -3018 (-0.01%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client 42200049 42195964 -4085 (-0.01%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client 42024187 42020120 -4067 (-0.01%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server 43912218 43907995 -4223 (-0.01%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server 43637904 43633785 -4119 (-0.01%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_client 4441683 4442081 398 (0.01%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server 91251968 91243827 -8141 (-0.01%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client 92388838 92380618 -8220 (-0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client 3387985 3388286 301 (0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client 3173377 3173625 248 (0.01%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server 91345486 91339090 -6396 (-0.01%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client 92386339 92379949 -6390 (-0.01%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_server 43628122 43630886 2764 (0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client 31118620 31116652 -1968 (-0.01%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 57974059 57970460 -3599 (-0.01%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client 42019856 42022388 2532 (0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 4854600 4854875 275 (0.01%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client 4548791 4549015 224 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client 4525293 4525513 220 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server 43962704 43960568 -2136 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server 2132580 2132682 102 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client 92467339 92471616 4277 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 4849969 4850186 217 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_client 4538785 4538987 202 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_server 12241347 12241865 518 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_client 4720128 4719954 -174 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client 42071587 42070039 -1548 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_client 3895542 3895679 137 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server 12251532 12251946 414 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server 43698533 43697075 -1458 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client 57949568 57947706 -1862 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server 57088634 57086852 -1782 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server 91253745 91251035 -2710 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client 92382943 92380347 -2596 (-0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_server 4864058 4863939 -119 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server 57170076 57168679 -1397 (-0.00%) 0.28%
handshake_no_resume_ring_1.2_rsa_aes_server 12046869 12047077 208 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 92438900 92437332 -1568 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client 31320042 31320469 427 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client 31115624 31116045 421 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client 31134531 31134950 419 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server 43920316 43920843 527 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client 57949369 57950064 695 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server 33278814 33279206 392 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server 33549189 33548848 -341 (-0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_server 43693951 43693537 -414 (-0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server 33274499 33274812 313 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_client 42389656 42390042 386 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server 33266565 33266269 -296 (-0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_server 44000341 43999954 -387 (-0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_client 4454915 4454949 34 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client 42067127 42066827 -300 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server 43952181 43952482 301 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_client 42424831 42425117 286 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client 35452555 35452791 236 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_client 42202216 42202456 240 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server 33248107 33248286 179 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server 33546776 33546609 -167 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client 31307740 31307895 155 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server 57083039 57083295 256 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 57178400 57178152 -248 (-0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_server 56953704 56953947 243 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_server 57083488 57083269 -219 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 57179161 57178957 -204 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client 42235900 42235754 -146 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server 91247974 91247709 -265 (-0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server 33570934 33571028 94 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client 3376753 3376761 8 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 91368495 91368302 -193 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server 13737920 13737945 25 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_client 57833558 57833455 -103 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server 43699508 43699580 72 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_server 43627905 43627836 -69 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client 57974852 57974934 82 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_client 57943842 57943916 74 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server 33531045 33531024 -21 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 91347891 91347939 48 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_client 42249046 42249065 19 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client 68451409 68451385 -24 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client 42232432 42232423 -9 (-0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_server 43960161 43960154 -7 (-0.00%) 0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_session_id_aws_lc_rs_1.2_rsa_aes 2.10 ms 2.08 ms -0.01 ms (-0.63%) 1.61%
handshake_no_resume_ring_1.2_rsa_aes 1.08 ms 1.07 ms -0.01 ms (-0.57%) 1.15%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes 5.42 ms 5.45 ms 0.03 ms (0.55%) 5.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha 5.39 ms 5.42 ms 0.03 ms (0.54%) 5.00%
handshake_no_resume_ring_1.3_ecdsap384_chacha 3.62 ms 3.60 ms -0.02 ms (-0.53%) 5.00%
handshake_no_resume_ring_1.3_ecdsap384_aes 3.61 ms 3.60 ms -0.02 ms (-0.50%) 5.00%
handshake_no_resume_ring_1.3_ecdsap256_aes 506.88 µs 504.44 µs -2.44 µs (-0.48%) 5.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes 6.17 ms 6.20 ms 0.03 ms (0.47%) 5.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha 6.14 ms 6.16 ms 0.03 ms (0.45%) 5.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha 5.38 ms 5.40 ms 0.02 ms (0.43%) 5.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha 6.11 ms 6.13 ms 0.03 ms (0.43%) 5.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes 6.13 ms 6.16 ms 0.03 ms (0.43%) 5.00%
handshake_no_resume_ring_1.3_ecdsap256_chacha 504.88 µs 502.79 µs -2.09 µs (-0.41%) 5.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes 5.39 ms 5.41 ms 0.02 ms (0.40%) 5.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes 487.18 µs 485.51 µs -1.67 µs (-0.34%) 5.00%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha 6.38 ms 6.40 ms 0.02 ms (0.33%) 1.00%
handshake_session_id_ring_1.3_ecdsap384_chacha 9.93 ms 9.89 ms -0.03 ms (-0.31%) 5.00%
handshake_tickets_aws_lc_rs_1.3_rsa_aes 6.41 ms 6.42 ms 0.02 ms (0.30%) 1.30%
handshake_session_id_aws_lc_rs_1.3_rsa_aes 6.37 ms 6.39 ms 0.02 ms (0.29%) 1.22%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 484.96 µs 483.55 µs -1.41 µs (-0.29%) 5.00%
handshake_session_id_ring_1.3_ecdsap384_aes 9.95 ms 9.92 ms -0.03 ms (-0.28%) 5.00%
handshake_session_id_ring_1.3_rsa_chacha 7.45 ms 7.43 ms -0.02 ms (-0.25%) 1.52%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha 6.35 ms 6.37 ms 0.02 ms (0.25%) 1.09%
handshake_tickets_ring_1.2_rsa_aes 1.81 ms 1.81 ms 0.00 ms (0.22%) 1.80%
handshake_tickets_ring_1.3_ecdsap384_chacha 9.93 ms 9.92 ms -0.02 ms (-0.19%) 5.00%
handshake_session_id_ring_1.2_rsa_aes 1.72 ms 1.72 ms -0.00 ms (-0.18%) 2.15%
handshake_session_id_ring_1.3_rsa_aes 7.48 ms 7.47 ms -0.01 ms (-0.18%) 1.14%
handshake_tickets_ring_1.3_ecdsap384_aes 9.97 ms 9.95 ms -0.02 ms (-0.18%) 5.00%
transfer_no_resume_ring_1.3_ecdsap384_aes 9.82 ms 9.81 ms -0.02 ms (-0.17%) 5.00%
handshake_session_id_ring_1.3_ecdsap256_chacha 6.83 ms 6.82 ms -0.01 ms (-0.16%) 5.00%
transfer_no_resume_ring_1.3_ecdsap384_chacha 16.54 ms 16.52 ms -0.03 ms (-0.15%) 5.00%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes 5.87 ms 5.87 ms 0.01 ms (0.15%) 4.67%
handshake_tickets_ring_1.3_rsa_aes 7.50 ms 7.49 ms -0.01 ms (-0.15%) 1.32%
transfer_no_resume_ring_1.3_ecdsap256_chacha 13.43 ms 13.41 ms -0.02 ms (-0.15%) 5.00%
transfer_no_resume_ring_1.3_rsa_chacha 14.02 ms 14.00 ms -0.02 ms (-0.14%) 2.42%
handshake_tickets_aws_lc_rs_1.2_rsa_aes 2.27 ms 2.26 ms -0.00 ms (-0.13%) 1.95%
handshake_session_id_ring_1.3_ecdsap256_aes 6.85 ms 6.84 ms -0.01 ms (-0.12%) 5.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha 1.40 ms 1.39 ms -0.00 ms (-0.12%) 1.14%
transfer_no_resume_ring_1.2_rsa_aes 7.20 ms 7.21 ms 0.01 ms (0.10%) 3.83%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes 1.35 ms 1.35 ms -0.00 ms (-0.09%) 1.00%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 14.18 ms 14.17 ms -0.01 ms (-0.09%) 5.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes 1.40 ms 1.40 ms -0.00 ms (-0.07%) 1.05%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes 4.96 ms 4.95 ms -0.00 ms (-0.06%) 5.00%
transfer_no_resume_ring_1.3_ecdsap256_aes 6.71 ms 6.72 ms 0.00 ms (0.06%) 5.00%
handshake_no_resume_ring_1.3_rsa_chacha 1.08 ms 1.08 ms -0.00 ms (-0.06%) 1.32%
handshake_tickets_ring_1.3_ecdsap256_aes 6.86 ms 6.86 ms -0.00 ms (-0.05%) 5.00%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 13.43 ms 13.42 ms -0.01 ms (-0.04%) 5.00%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes 5.88 ms 5.88 ms 0.00 ms (0.04%) 5.61%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 1.22 ms 1.22 ms 0.00 ms (0.03%) 5.00%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha 14.35 ms 14.35 ms -0.00 ms (-0.02%) 2.36%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes 5.71 ms 5.71 ms 0.00 ms (0.02%) 5.00%
handshake_tickets_ring_1.3_ecdsap256_chacha 6.83 ms 6.83 ms -0.00 ms (-0.02%) 5.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes 1.23 ms 1.23 ms -0.00 ms (-0.01%) 5.00%
transfer_no_resume_ring_1.3_rsa_aes 7.29 ms 7.29 ms -0.00 ms (-0.01%) 4.21%
handshake_no_resume_ring_1.3_rsa_aes 1.08 ms 1.08 ms 0.00 ms (0.01%) 1.51%
handshake_tickets_ring_1.3_rsa_chacha 7.46 ms 7.46 ms 0.00 ms (0.01%) 1.67%

Additional information

Historical results

Checkout details:

@cpu
hpke: reorder seal/open args, less terse arg names
4ffae93 
* Move the public key/secret key arguments to be last, since they are
  "long lived".
* Rename `pk_r` -> `pub_key` and `sk_r` to `secret_key`. Reference RFC
  9180's terse names.
@cpu
crypto: add stateful HPKE interfaces
087f8a7 
Encrypted Client Hello support requires that clients maintain the HPKE
sealer context between sending an initial client hello, and processing
a hello retry request, such that the subsequent client hello can re-use
the HPKE state.

This commit updates the HPKE trait to add `setup_sealer` and
`setup_opener` fns in addition to the "one-shot" APIs. New
`HpkeSealer` and `HpkeOpener` traits are used to represent the
stateful sender/receiver contexts in a backend neutral way.

The existing hpke-rs provider example is updated to implement the new
required traits and fns.
@cpu
msgs: derive Copy for HpkeSymmetricCipherSuite
752a830 
This type holds simple numeric identifiers and can be cheaply copied.
@cpu
crypto: tighten up HPKE lifetime bounds
334cbee 
In practice we need `'static` here to be able to easily hold `Box<dyn
HpkeSender>` and friends. Our existing provider implementation already
matches this lifetime bound.
@cpu
crypto: make EncapsulatedSecret derive Debug
023d579
@cpu
provider-example: clarify the hpke-rs backend
cfcc825
ctz
ctz approved these changes Jan 9, 2024
View reviewed changes
rustls/src/crypto/hpke.rs Show resolved Hide resolved
@codecov Codecov
Copy link

codecov bot commented Jan 9, 2024

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (20ac87f) 96.16% compared to head (cfcc825) 96.15%.
Report is 3 commits behind head on main.

Files Patch % Lines
rustls/src/crypto/hpke.rs 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1737      +/-   ##
==========================================
- Coverage   96.16%   96.15%   -0.01%     
==========================================
  Files          80       80              
  Lines       17337    17338       +1     
==========================================
  Hits        16672    16672              
- Misses        665      666       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@cpu cpu added this pull request to the merge queue Jan 9, 2024
Merged via the queue into rustls:main with commit 1a2405a Jan 9, 2024
22 of 23 checks passed
@cpu cpu deleted the cpu-hpke-tweaks branch January 9, 2024 15:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djc djc djc approved these changes

@ctz ctz ctz approved these changes

Assignees

@cpu cpu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@cpu @djc @ctz