Expose an SSLNamedGroup for mlkem768x25519 (#2102)

* Replace xyber768 with mlkem768x25519 * rustfmt --------- Co-authored-by: Lars Eggert <lars@eggert.org>
mozilla · Sep 16, 2024 · 259a15f · 259a15f
1 parent 5410bd0
commit 259a15f
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 15 deletions.
diff --git a/neqo-crypto/min_version.txt b/neqo-crypto/min_version.txt
@@ -1 +1 @@
-3.103
+3.105
diff --git a/neqo-crypto/src/constants.rs b/neqo-crypto/src/constants.rs
@@ -63,6 +63,7 @@ remap_enum! {
         TLS_GRP_EC_SECP521R1 = ssl_grp_ec_secp521r1,
         TLS_GRP_EC_X25519 = ssl_grp_ec_curve25519,
         TLS_GRP_KEM_XYBER768D00 = ssl_grp_kem_xyber768d00,
+        TLS_GRP_KEM_MLKEM768X25519 = ssl_grp_kem_mlkem768x25519,
     }
 }
 

diff --git a/neqo-crypto/src/lib.rs b/neqo-crypto/src/lib.rs
@@ -146,13 +146,6 @@ fn init_once(db: Option<PathBuf>) -> Res<NssLoaded> {
     };
 
     secstatus_to_res(unsafe { nss::NSS_SetDomesticPolicy() })?;
-    secstatus_to_res(unsafe {
-        p11::NSS_SetAlgorithmPolicy(
-            p11::SECOidTag::SEC_OID_XYBER768D00,
-            p11::NSS_USE_ALG_IN_SSL_KX,
-            0,
-        )
-    })?;
 
     #[cfg(debug_assertions)]
     enable_ssl_trace()?;

diff --git a/neqo-transport/src/crypto.rs b/neqo-transport/src/crypto.rs
@@ -21,7 +21,7 @@ use neqo_crypto::{
     TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_CT_HANDSHAKE,
     TLS_EPOCH_APPLICATION_DATA, TLS_EPOCH_HANDSHAKE, TLS_EPOCH_INITIAL, TLS_EPOCH_ZERO_RTT,
     TLS_GRP_EC_SECP256R1, TLS_GRP_EC_SECP384R1, TLS_GRP_EC_SECP521R1, TLS_GRP_EC_X25519,
-    TLS_GRP_KEM_XYBER768D00, TLS_VERSION_1_3,
+    TLS_GRP_KEM_MLKEM768X25519, TLS_VERSION_1_3,
 };
 
 use crate::{
@@ -78,9 +78,10 @@ impl Crypto {
         ])?;
         match &mut agent {
             Agent::Server(c) => {
-                // Clients do not send xyber shares by default, but servers should accept them.
+                // Clients do not send mlkem768x25519 shares by default, but servers should accept
+                // them.
                 c.set_groups(&[
-                    TLS_GRP_KEM_XYBER768D00,
+                    TLS_GRP_KEM_MLKEM768X25519,
                     TLS_GRP_EC_X25519,
                     TLS_GRP_EC_SECP256R1,
                     TLS_GRP_EC_SECP384R1,

diff --git a/neqo-transport/tests/connection.rs b/neqo-transport/tests/connection.rs
@@ -275,12 +275,12 @@ fn overflow_crypto() {
 }
 
 #[test]
-fn handshake_xyber() {
+fn handshake_mlkem768x25519() {
     let mut client = default_client();
     let mut server = default_server();
 
     client
-        .set_groups(&[neqo_crypto::TLS_GRP_KEM_XYBER768D00])
+        .set_groups(&[neqo_crypto::TLS_GRP_KEM_MLKEM768X25519])
         .ok();
     client.send_additional_key_shares(0).ok();
 
@@ -289,10 +289,10 @@ fn handshake_xyber() {
     assert_eq!(*server.state(), State::Confirmed);
     assert_eq!(
         client.tls_info().unwrap().key_exchange(),
-        neqo_crypto::TLS_GRP_KEM_XYBER768D00
+        neqo_crypto::TLS_GRP_KEM_MLKEM768X25519
     );
     assert_eq!(
         server.tls_info().unwrap().key_exchange(),
-        neqo_crypto::TLS_GRP_KEM_XYBER768D00
+        neqo_crypto::TLS_GRP_KEM_MLKEM768X25519
     );
 }