Prepare 0.23.0

[ctz]

Release notes (proposed)

• Default cryptography provider changed to aws-lc-rs. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows.
  Support for ring continues to be available: set the ring crate feature.

• Support for FIPS validated mode with aws-lc-rs: see the manual section and aws-lc-rs's FIPS documentation. Note that aws-lc-rs in FIPS mode has further build-time requirements as detailed in the FIPS documentation.

• Support for process-wide selection of CryptoProviders. See the documentation. Note that callers of ClientConfig::builder(), ServerConfig::builder(), WebPkiServerVerifier::builder() and WebPkiClientVerifier::builder() must now ensure that the crate's features are unambiguous or explicitly select a process-level provider using CryptoProvider::install_default(). Otherwise, these calls will panic with:

  no process-level CryptoProvider available -- call CryptoProvider::install_default() before this point

  We recommend that libraries rely on the process-level provider by default, and that applications use this new API to select the provider they wish to use.

• New unbuffered API. UnbufferedClientConnection and UnbufferedServerConnection offer a low-level, event-driven API which does not internally buffer data.
  Thanks to the team from Ferrous Systems.

• New no_std support. A new (enabled by default) std crate feature now gates all APIs that depend on std. The above unbuffered APIs must be used for no_std support. Note that alloc continues to be required. Work is ongoing to reintroduce certain APIs for no_std users (see no-std support phase II #1688) -- please file issues for other no_std use cases.
  Thanks to the team from Ferrous Systems.

• Performance improvement: internal copying while sending data is reduced.
  Thanks to the team from the Sōzu project.

• Performance improvement: write_vectored now produces less on-the-wire overhead, which will dramatically improve throughput if it is used with a large number of small messages.
  Thanks to the team from the Sōzu project.

• Acceptor API error handling improvement. If a TLS alert should be sent to inform the peer of a connection failure, this is now made available in the Err() variant returned from Acceptor::accept and Accepted::into_connection (which is also a breaking change). Applications should write this data to the peer. See the server_acceptor example.

• Support for FFDHE key exchange: custom CryptoProviders can now support FFDHE key exchange, in accordance with RFC7919. Note that the default providers do not do this.
  Thanks to the team from Fortanix.

• Support for servers requiring extended_master_secret support from clients. See ServerConfig::require_ems.
  Thanks to the team from Fortanix.

• Extension ordering in ClientHello messages are now randomised as an anti-fingerprinting measure. We do not foresee any interoperability issues as Chrome has already rolled out the same change.
  Thanks to @GomesGoncalo.

• Breaking change: CipherSuiteCommon::integrity_limit field removed (this was QUIC-specific, it has moved to quic::PacketKey::integrity_limit()).

• Breaking change: crypto::cipher::BorrowedPlainMessage and crypto::cipher::OpaqueMessage have been renamed (to OutboundPlainMessage and OutboundOpaqueMessage) and altered to support performance improvements. See the example code.

• Breaking change: all protocol enum types (eg. CipherSuite) have had their get_u8/get_u16 accessor removed; use u8::from() / u16::from() instead.

[rustls-benchmarking]

Benchmark results

Instruction counts

Significant differences

There are no significant instruction count differences

Other differences

Click to expand

Scenario	Baseline	Candidate	Diff	Threshold
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server	4073656	4031063	-42593 (-1.05%)	3.74%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server	4513597	4493250	-20347 (-0.45%)	3.09%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client	8648728	8680307	31579 (0.37%)	0.91%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server	12689940	12731079	41139 (0.32%)	0.88%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client	4522761	4535436	12675 (0.28%)	1.02%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server	46282632	46160371	-122261 (-0.26%)	0.33%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client	30499019	30431297	-67722 (-0.22%)	0.52%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server	12277150	12302797	25647 (0.21%)	1.09%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client	30318496	30264615	-53881 (-0.18%)	0.49%
handshake_tickets_ring_1.2_rsa_aes_server	4760054	4768126	8072 (0.17%)	0.61%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client	8678384	8664670	-13714 (-0.16%)	0.74%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server	32637742	32590695	-47047 (-0.14%)	0.45%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server	2126225	2128871	2646 (0.12%)	0.38%
handshake_no_resume_ring_1.3_ecdsap256_aes_server	2126771	2124222	-2549 (-0.12%)	0.34%
handshake_no_resume_ring_1.3_ecdsap256_aes_client	3897563	3893514	-4049 (-0.10%)	0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server	32468655	32441364	-27291 (-0.08%)	0.53%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server	32518211	32491020	-27191 (-0.08%)	0.49%
handshake_session_id_ring_1.3_ecdsap256_chacha_server	43421394	43455136	33742 (0.08%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client	30304055	30281749	-22306 (-0.07%)	0.25%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client	3345012	3342849	-2163 (-0.06%)	0.22%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server	12669541	12661934	-7607 (-0.06%)	0.93%
handshake_tickets_ring_1.3_ecdsap256_aes_server	43755083	43729126	-25957 (-0.06%)	0.33%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server	80445176	80491670	46494 (0.06%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client	30269013	30253150	-15863 (-0.05%)	0.45%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server	46254210	46230260	-23950 (-0.05%)	0.33%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client	30467025	30481074	14049 (0.05%)	0.22%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server	32655495	32640722	-14773 (-0.05%)	0.33%
handshake_session_id_ring_1.3_rsa_chacha_client	42117241	42136287	19046 (0.05%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server	43678249	43659094	-19155 (-0.04%)	0.23%
handshake_session_id_ring_1.2_rsa_aes_client	4443367	4445249	1882 (0.04%)	0.85%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server	32454828	32442509	-12319 (-0.04%)	0.30%
handshake_session_id_ring_1.3_ecdsap384_chacha_client	41931208	41917684	-13524 (-0.03%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server	13732891	13737006	4115 (0.03%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client	57984282	57967874	-16408 (-0.03%)	0.23%
handshake_tickets_ring_1.3_ecdsap384_aes_client	42162247	42173997	11750 (0.03%)	0.20%
handshake_tickets_ring_1.2_rsa_aes_client	4706541	4707799	1258 (0.03%)	0.83%
transfer_no_resume_ring_1.3_ecdsap384_aes_server	46302331	46290240	-12091 (-0.03%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client	30436323	30428815	-7508 (-0.02%)	0.30%
transfer_no_resume_ring_1.3_ecdsap256_aes_server	46292999	46304339	11340 (0.02%)	0.25%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client	30659105	30666542	7437 (0.02%)	0.26%
handshake_tickets_ring_1.3_ecdsap384_chacha_client	42103185	42092988	-10197 (-0.02%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server	32482318	32474562	-7756 (-0.02%)	0.25%
transfer_no_resume_ring_1.3_rsa_aes_server	46301270	46290595	-10675 (-0.02%)	0.20%
handshake_session_id_ring_1.3_rsa_aes_client	42201903	42210737	8834 (0.02%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client	30433590	30439717	6127 (0.02%)	0.27%
handshake_session_id_ring_1.3_ecdsap256_aes_server	43539564	43548268	8704 (0.02%)	0.20%
handshake_tickets_ring_1.3_rsa_chacha_client	42311729	42320034	8305 (0.02%)	0.20%
handshake_session_id_ring_1.3_rsa_chacha_server	43435353	43443661	8308 (0.02%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server	32654931	32648835	-6096 (-0.02%)	0.25%
handshake_tickets_ring_1.3_rsa_chacha_server	43710236	43718220	7984 (0.02%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server	43444612	43436929	-7683 (-0.02%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server	32663381	32657654	-5727 (-0.02%)	0.27%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server	1878556	1878881	325 (0.02%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client	42014705	42007754	-6951 (-0.02%)	0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client	3151184	3151694	510 (0.02%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client	3340634	3341160	526 (0.02%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server	1883122	1882846	-276 (-0.01%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server	80355679	80344135	-11544 (-0.01%)	0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client	30445241	30449560	4319 (0.01%)	0.22%
handshake_session_id_ring_1.2_rsa_aes_server	4324997	4325577	580 (0.01%)	0.52%
transfer_no_resume_ring_1.2_rsa_aes_server	46176298	46170404	-5894 (-0.01%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client	35450303	35454800	4497 (0.01%)	0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server	43747492	43742062	-5430 (-0.01%)	0.22%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server	4257101	4257629	528 (0.01%)	0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client	3355077	3355483	406 (0.01%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client	30253250	30256595	3345 (0.01%)	0.22%
handshake_session_id_ring_1.3_rsa_aes_server	43541224	43536586	-4638 (-0.01%)	0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client	58062193	58068292	6099 (0.01%)	0.20%
handshake_tickets_ring_1.3_rsa_aes_server	43781919	43777345	-4574 (-0.01%)	0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client	4547022	4547493	471 (0.01%)	0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server	43545461	43541223	-4238 (-0.01%)	0.20%
handshake_no_resume_ring_1.3_rsa_aes_client	4537579	4537965	386 (0.01%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server	32449206	32451698	2492 (0.01%)	0.31%
handshake_no_resume_ring_1.3_rsa_chacha_server	12246901	12246074	-827 (-0.01%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client	42173168	42175748	2580 (0.01%)	0.20%
handshake_tickets_ring_1.3_rsa_aes_client	42391163	42393616	2453 (0.01%)	0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client	3896969	3897184	215 (0.01%)	0.34%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server	4262060	4262282	222 (0.01%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server	32633351	32635036	1685 (0.01%)	0.35%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client	3365998	3366168	170 (0.01%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server	80347395	80343580	-3815 (-0.00%)	0.20%
handshake_no_resume_ring_1.2_rsa_aes_client	4440016	4440225	209 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client	92425248	92429374	4126 (0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client	92401533	92397410	-4123 (-0.00%)	0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server	32468421	32466997	-1424 (-0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server	13734117	13734669	552 (0.00%)	0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client	4184504	4184663	159 (0.00%)	0.97%
handshake_session_id_ring_1.3_ecdsap256_aes_client	41993997	41995437	1440 (0.00%)	0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client	41919355	41918012	-1343 (-0.00%)	0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server	32703794	32704810	1016 (0.00%)	0.74%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client	92394585	92397109	2524 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client	57964390	57965921	1531 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client	92434727	92437001	2274 (0.00%)	0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client	30677360	30676691	-669 (-0.00%)	0.32%
handshake_no_resume_ring_1.3_rsa_aes_server	12236883	12237133	250 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client	42107622	42108457	835 (0.00%)	0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client	35452028	35452669	641 (0.00%)	0.20%
handshake_no_resume_ring_1.2_rsa_aes_server	12042170	12042369	199 (0.00%)	0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client	30449767	30450240	473 (0.00%)	0.31%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server	46255772	46255372	-400 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server	80343392	80343833	441 (0.00%)	0.20%
transfer_no_resume_ring_1.2_rsa_aes_client	57920396	57920710	314 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client	57986036	57986337	301 (0.00%)	0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server	43685031	43685244	213 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server	46265814	46265648	-166 (-0.00%)	0.25%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client	68386219	68385984	-235 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client	58064169	58063990	-179 (-0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_aes_client	58064548	58064383	-165 (-0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server	80455556	80455745	189 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client	92455708	92455885	177 (0.00%)	0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server	80445021	80445112	91 (0.00%)	0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client	92398322	92398267	-55 (-0.00%)	0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand

Scenario	Baseline	Candidate	Diff	Threshold
handshake_no_resume_ring_1.3_ecdsap256_chacha	504.04 µs	501.85 µs	-2.20 µs (-0.44%)	2.35%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes	5.70 ms	5.67 ms	-0.02 ms (-0.42%)	3.66%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes	5.70 ms	5.68 ms	-0.02 ms (-0.39%)	3.69%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes	5.47 ms	5.45 ms	-0.02 ms (-0.38%)	4.11%
transfer_no_resume_ring_1.3_rsa_aes	7.17 ms	7.15 ms	-0.03 ms (-0.36%)	2.51%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes	473.44 µs	471.76 µs	-1.68 µs (-0.36%)	2.64%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha	472.53 µs	470.89 µs	-1.64 µs (-0.35%)	2.20%
handshake_no_resume_ring_1.3_ecdsap256_aes	506.32 µs	504.85 µs	-1.48 µs (-0.29%)	2.39%
handshake_tickets_aws_lc_rs_1.2_rsa_aes	2.32 ms	2.32 ms	0.01 ms (0.27%)	1.76%
handshake_no_resume_ring_1.3_rsa_chacha	1.08 ms	1.08 ms	-0.00 ms (-0.26%)	1.00%
handshake_no_resume_ring_1.3_rsa_aes	1.08 ms	1.08 ms	-0.00 ms (-0.25%)	1.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes	1.19 ms	1.18 ms	-0.00 ms (-0.25%)	1.15%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes	4.74 ms	4.73 ms	-0.01 ms (-0.23%)	4.70%
transfer_no_resume_ring_1.2_rsa_aes	7.08 ms	7.06 ms	-0.02 ms (-0.23%)	2.94%
transfer_no_resume_ring_1.3_ecdsap256_aes	6.58 ms	6.57 ms	-0.01 ms (-0.21%)	3.52%
handshake_no_resume_ring_1.2_rsa_aes	1.07 ms	1.07 ms	-0.00 ms (-0.20%)	1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes	6.08 ms	6.07 ms	-0.01 ms (-0.17%)	1.98%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha	1.40 ms	1.41 ms	0.00 ms (0.16%)	1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes	5.37 ms	5.36 ms	-0.01 ms (-0.16%)	1.99%
transfer_no_resume_ring_1.3_rsa_chacha	13.83 ms	13.81 ms	-0.02 ms (-0.15%)	1.56%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha	5.37 ms	5.37 ms	-0.01 ms (-0.14%)	2.29%
handshake_tickets_ring_1.3_ecdsap256_chacha	6.85 ms	6.86 ms	0.01 ms (0.13%)	2.05%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha	13.24 ms	13.22 ms	-0.02 ms (-0.13%)	1.59%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes	5.39 ms	5.39 ms	-0.01 ms (-0.13%)	2.26%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes	6.11 ms	6.10 ms	-0.01 ms (-0.12%)	1.87%
handshake_tickets_aws_lc_rs_1.3_rsa_aes	6.39 ms	6.38 ms	-0.01 ms (-0.12%)	1.89%
transfer_no_resume_ring_1.3_ecdsap384_chacha	16.35 ms	16.34 ms	-0.02 ms (-0.11%)	1.62%
handshake_no_resume_ring_1.3_ecdsap384_chacha	3.61 ms	3.61 ms	-0.00 ms (-0.11%)	1.39%
handshake_session_id_ring_1.2_rsa_aes	1.74 ms	1.74 ms	0.00 ms (0.10%)	2.16%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha	14.18 ms	14.16 ms	-0.01 ms (-0.10%)	1.36%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha	6.07 ms	6.06 ms	-0.01 ms (-0.10%)	1.83%
transfer_no_resume_ring_1.3_ecdsap256_chacha	13.24 ms	13.23 ms	-0.01 ms (-0.10%)	1.78%
handshake_tickets_ring_1.2_rsa_aes	1.83 ms	1.83 ms	0.00 ms (0.09%)	1.63%
handshake_session_id_ring_1.3_rsa_aes	7.51 ms	7.52 ms	0.01 ms (0.09%)	1.76%
handshake_session_id_ring_1.3_ecdsap384_aes	9.97 ms	9.98 ms	0.01 ms (0.09%)	1.76%
handshake_tickets_ring_1.3_rsa_chacha	7.49 ms	7.48 ms	-0.01 ms (-0.09%)	2.03%
handshake_tickets_ring_1.3_rsa_aes	7.53 ms	7.53 ms	-0.01 ms (-0.09%)	1.75%
handshake_session_id_aws_lc_rs_1.3_rsa_aes	6.37 ms	6.37 ms	-0.01 ms (-0.08%)	1.79%
transfer_no_resume_ring_1.3_ecdsap384_aes	9.68 ms	9.68 ms	-0.01 ms (-0.08%)	2.64%
handshake_session_id_ring_1.3_ecdsap256_aes	6.87 ms	6.88 ms	0.01 ms (0.08%)	1.81%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha	6.37 ms	6.37 ms	-0.00 ms (-0.08%)	2.11%
handshake_session_id_ring_1.3_ecdsap256_chacha	6.84 ms	6.85 ms	0.01 ms (0.07%)	2.24%
handshake_tickets_ring_1.3_ecdsap256_aes	6.89 ms	6.89 ms	0.00 ms (0.07%)	1.94%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha	13.93 ms	13.93 ms	-0.01 ms (-0.06%)	1.65%
handshake_tickets_ring_1.3_ecdsap384_aes	10.00 ms	10.00 ms	0.01 ms (0.06%)	2.21%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha	1.18 ms	1.18 ms	-0.00 ms (-0.06%)	1.10%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha	6.10 ms	6.11 ms	0.00 ms (0.05%)	2.09%
handshake_session_id_ring_1.3_rsa_chacha	7.47 ms	7.47 ms	0.00 ms (0.05%)	2.26%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha	5.40 ms	5.40 ms	-0.00 ms (-0.05%)	2.53%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes	1.36 ms	1.36 ms	-0.00 ms (-0.05%)	1.02%
handshake_tickets_ring_1.3_ecdsap384_chacha	9.97 ms	9.96 ms	-0.00 ms (-0.04%)	2.27%
handshake_session_id_ring_1.3_ecdsap384_chacha	9.94 ms	9.95 ms	0.00 ms (0.04%)	1.94%
handshake_session_id_aws_lc_rs_1.2_rsa_aes	2.16 ms	2.16 ms	-0.00 ms (-0.04%)	1.50%
handshake_no_resume_ring_1.3_ecdsap384_aes	3.61 ms	3.61 ms	-0.00 ms (-0.03%)	1.15%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha	6.39 ms	6.39 ms	0.00 ms (0.03%)	2.19%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes	1.41 ms	1.41 ms	0.00 ms (0.02%)	1.00%

Additional information

Historical results

Checkout details:

• Base repo: https://github.com/rustls/rustls.git
• Base branch: main (425b527)
• Candidate repo: https://github.com/rustls/rustls.git
• Candidate branch: jbp-prepare-0.23.0 (bc34a4b)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.83%. Comparing base (425b527) to head (bc34a4b).
Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1817   +/-   ##
=======================================
  Coverage   95.83%   95.83%           
=======================================
  Files          84       84           
  Lines       18861    18861           
=======================================
  Hits        18075    18075           
  Misses        786      786           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[ctz]

Note that I tried using cargo semver-checks --release-type minor to get a list of breaking changes. It got 3 of these, but missed the last one. I am sure I've missed others.

[cpu]

Thanks! Here's some initial feedback (sorry, can't do a "real" review for PR description content).

Support for process-wide selection of CryptoProviders. See the documentation.

I think we should explicitly call out that code that was using ClientConfig::builder() or ServerConfig::builder() before will now see a "no process-level CryptoProvider available. call CryptoProvider::install_default() before this point" error unless they're switched to explicitly choose a provider or set the process default. I think this will be very common and since the error happens at runtime and not compile time will bite folks later than other breaking changes might.

Edit: This also applies for WebPkiServerVerifier and WebPkiClientVerifier builders IIRC.

The above unbuffered APIs must be used for no_std support.

Worth mentioning this disables some functionality that will be restored in follow-up work?

Performance improvement: internal copying during sending data is reduced.

Nit: I'd say "while sending data" instead of "during sending data"

"If a TLS should be sent to inform the peer of a connection failure"

Typo: "If a TLS alert ..."

Applications should write this data to the peer.

We've received feedback in the past that it's helpful to point to examples. Maybe put a forward pointer here to the server acceptor example?

Acceptor API error handling improvement.
...
Breaking change: the Result::Err() contents for Acceptor::accept and Accepted::into_connection

I think these are the same change? Could probably fold them both into one listing.

[cpu]

Default cryptography provider changed to aws-lc-rs. Note that this has some implications on [platform support and build-time tool requirements][aws-lc-rs-reqs)]

Maybe worth mentioning a couple of the new reqs up front? I'm thinking the Windows nasm one in particular since I've had to update several Rustls CI configurations to add that on Windows.

[ctz]

OK, I think I have addressed those comments. Thanks!

[cpu]

Here are a few more items for consideration:

• Correct kx group selection #1784 It's not a breaking change per-say, but does seem like a notable bug-fix.
• Add support for FFDHE key exchange #1702 seems worth a mention and a shout-out to the Fortanix folks that authored it. I don't think it had any breaking changes, but might be worth a double check.
• Add config option for requiring peer must support extended_master_secret extension in TLS 1.2 #1754 is another new feature from the Fortanix folks not mentioned presently.
• Randomize ClientHello extensions #1730 - randomizing client hello extension ordering - since there was some concern about interoperability it seems worth an explicit mention.
• Support P521-SHA512 signatures with aws-lc-rs #1706 - support for P512-SHA512 signatures w/ aws-lc-rs
• Implement FromIterator for RootCertStore #1708 - RootCertStore has a FromIterator impl now (maybe not that notable?)
• Re-export the types crate contents #1674 - we backported this to 0.21, but I think it's worth mentioning in this release too (?)
• remove the TLS 1.2 session ticket on DecryptError #1668 - the fix for removing TLS 1.2 session tickets on error, also backported to 0.21.

[djc]

For stuff that landed in 0.21 releases, it doesn't seem very useful to call them out (assuming they were called out appropriately in the earlier releases) -- I think people would intuitively expect them to be part of this release anyway. I also agree with your parenthetical that the FromIterator addition probably isn't worth calling out, but I agree the other ones should probably be included.

[djc]

Release notes (proposed)

• Default cryptography provider changed to aws-lc-rs. Note that this has some implications on platform support and build-time tool requirements such as cmake on all platforms and nasm on Windows.
  Support for ring continues to be available: set the ring crate feature.

• Support for FIPS validated mode with aws-lc-rs: see the manual section and aws-lc-rs's FIPS documentation. Note that aws-lc-rs in FIPS mode has further build-time requirements.

This evokes the question for a link to details on the "further build-time requirements", maybe just mention explicitly "as detailed in the FIPS documentation."?

• Support for process-wide selection of CryptoProviders. See the documentation. Note that callers of ClientConfig::builder(), ServerConfig::builder(), WebPkiServerVerifier::builder() and WebPkiClientVerifier::builder(), must now ensure that the crate's features are unambigious or explicitly select a process-level provider using CryptoProvider::install_default(). Otherwise, these calls will panic with "no process-level CryptoProvider available. call CryptoProvider::install_default() before this point".

I would probably omit the comma before "must now" but this maybe inviting some age-old discussion on the Oxford comma, not sure? Also "unambigious" -> "unambiguous" and not sure what is going on with the last sentence here, which isn't capitalized and ends with a stray "? I also think we should include some guidance here suggesting that libraries depending on rustls 0.23+ should probably rely on the process default, allowing the application to install one.

• New unbuffered API. [UnbufferedClientConnection] and [UnbufferedServerConnection] offer a low-level, event-driven API which does not internally buffer data.
  Thanks to the team from Ferrous Systems.

• New no_std support. A new std crate feature now gates all APIs that depend on std, this is a default feature. The above unbuffered APIs must be used for no_std support. Note that alloc continues to be required. There is some future work to reintroduce some APIs gated under the std feature.
  Thanks to the team from Ferrous Systems.

Would replace ", this is a default feature" with "A new (enabled by default) std crate feature [..]". "There is some future work [..]" feels a bit informal/messy, maybe something like "In order to merge no_std support, some features that could be supported without std support are currently compiled when std support is disabled. Work is ongoing to re-introduce support for some of these features -- please file issues for no_std use cases that need additional work."?

• Performance improvement: write_vectored now produces less on-the-wire overhead, which will dramatically improve throughput if it is used with a large number of small messages.
  Thanks to the team from the Sōzu project.

• Performance improvement: internal copying while sending data is reduced.
  Thanks to the team from the Sōzu project.

Given the wider applicability, should this go before the other one?

• Acceptor API error handling improvement. If a TLS alert should be sent to inform the peer of a connection failure, this is now made available in the Err() variant returned from Acceptor::accept and Accepted::into_connection (which is also a breaking change). Applications should write this data to the peer. See the server_acceptor example.

• Breaking change: CipherSuiteCommon::integrity_limit field removed (this was QUIC-specific, it has moved to quic::PacketKey::integrity_limit()).

• Breaking change: crypto::cipher::BorrowedPlainMessage and crypto::cipher::OpaqueMessage have been renamed (to OutboundPlainMessage and OutboundOpaqueMessage) and altered to support performance improvements. See the example code.

• Breaking change: all protocol enum types (eg. CipherSuite) have had their get_u8/get_u16 accessor removed; use u8::from() / u16::from() instead.

[djc]

Should we also call out the public availability of rustls-platform-verifier somehow?

[ctz]

This evokes the question for a link to details on the "further build-time requirements", maybe just mention explicitly "as detailed in the FIPS documentation."?

Done.

I would probably omit the comma before "must now" but this maybe inviting some age-old discussion on the Oxford comma, not sure? Also "unambigious" -> "unambiguous" and not sure what is going on with the last sentence here, which isn't capitalized and ends with a stray "? I also think we should include some guidance here suggesting that libraries depending on rustls 0.23+ should probably rely on the process default, allowing the application to install one.

Addressed these points.

The last sentence was a quote of the panic message: have blockquoted this to take it out of the flow of the text.

Would replace ", this is a default feature" with "A new (enabled by default) std crate feature [..]". "There is some future work [..]" feels a bit informal/messy, maybe something like "In order to merge no_std support, some features that could be supported without std support are currently compiled when std support is disabled. Work is ongoing to re-introduce support for some of these features -- please file issues for no_std use cases that need additional work."?

Have dropped the "future work" sentence & adapted the "work is ongoing" part.

Given the wider applicability, should this go before the other one?

Swapped.

[djc]

The last sentence was a quote of the panic message: have blockquoted this to take it out of the flow of the text.

I guess I would suggest we use different (from .) punctuation inside the panic message, maybe -- or ;?

[ctz]

Here are a few more items for consideration:

• Correct kx group selection #1784 It's not a breaking change per-say, but does seem like a notable bug-fix.

I think this is functionally invisible really.

• Add support for FFDHE key exchange #1702 seems worth a mention and a shout-out to the Fortanix folks that authored it. I don't think it had any breaking changes, but might be worth a double check.
• Add config option for requiring peer must support extended_master_secret extension in TLS 1.2 #1754 is another new feature from the Fortanix folks not mentioned presently.
• Randomize ClientHello extensions #1730 - randomizing client hello extension ordering - since there was some concern about interoperability it seems worth an explicit mention.

Added these (please review language).

• Support P521-SHA512 signatures with aws-lc-rs #1706 - support for P512-SHA512 signatures w/ aws-lc-rs
• Implement FromIterator for RootCertStore #1708 - RootCertStore has a FromIterator impl now (maybe not that notable?)
• Re-export the types crate contents #1674 - we backported this to 0.21, but I think it's worth mentioning in this release too (?)
• remove the TLS 1.2 session ticket on DecryptError #1668 - the fix for removing TLS 1.2 session tickets on error, also backported to 0.21.

I think these are in 0.22.1 or 0.22.2.

[cpu]

For stuff that landed in 0.21 releases, it doesn't seem very useful to call them out

Fair 👍

Should we also call out the public availability of rustls-platform-verifier somehow?

I vote no - there isn't a release of rustls-platform-verifier you could use with 0.23. I suspect based on how long it took to turn around previous releases that it will be a little bit before one is available.

[cpu]

I did another read through of the proposed text and it looks good to me 👍