Code for QUIC support#24
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds QUIC support to the wolfcrypt provider by implementing the necessary cryptographic operations and packet protection algorithms required by the QUIC protocol.
- Adds QUIC-specific header protection and packet encryption/decryption algorithms
- Implements support for AES-128/256-GCM and ChaCha20-Poly1305 ciphers for QUIC
- Configures cipher suites with QUIC key factories when the "quic" feature is enabled
Reviewed Changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| wolfcrypt-rs/src/bindings.rs | Adds lint allowance for unnecessary transmutes |
| rustls-wolfcrypt-provider/src/types/mod.rs | Adds ChaCha cipher object type definition |
| rustls-wolfcrypt-provider/src/lib.rs | Reorganizes imports and adds conditional QUIC support to cipher suites |
| rustls-wolfcrypt-provider/src/hkdf.rs | Adds spacing for formatting |
| rustls-wolfcrypt-provider/src/error.rs | Adds spacing for formatting |
| rustls-wolfcrypt-provider/src/aead/quic.rs | Implements complete QUIC header protection and packet encryption |
| rustls-wolfcrypt-provider/Cargo.toml | Adds "quic" feature flag |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
julek-wolfssl
left a comment
julek-wolfssl
left a comment
There was a problem hiding this comment.
Good stuff. Does quic get tested in the current CI workflows?
gasbytes
left a comment
gasbytes
left a comment
There was a problem hiding this comment.
Nice work.
There seems to be some formatting issues that the CI detected, please fix those.
Also address the github copilot reports (mainly some unwraps that need to be refactored to handle errors).
Run clippy locally before committing too, the CI should detect some lints with the newest version.
Thank you.
Thank you. maybe we need to add --features quic in order for quic code to be compiled.
Thank you. I have corrected the mentioned issues. Hopefully CI tests will runs without errors |
|
Hello @helkoulak, there are still some clippy reports in the CI/CD apparently, it would be great if you could try and fix them.
Yes, please feel free to update the current workflows to test that too. |
|
julek-wolfssl
left a comment
julek-wolfssl
left a comment
There was a problem hiding this comment.
Great work. Still need to dive into src/aead.
gasbytes
left a comment
gasbytes
left a comment
There was a problem hiding this comment.
Really nice work Hosam, I left a couple of comments.
gasbytes
left a comment
gasbytes
left a comment
There was a problem hiding this comment.
Great work Hosam, LGTM.
|
Contributor agreement signed, approved and filed. |
|
@helkoulak please rebase your work against the latest main. |
Will do ASAP. Thank you |
|
Branch has been rebased against the latest main |
- Cryptography code to support QUIC for header and packet protection. - Adds function extract_key_pair() to extract ED25519 private and if available public key values from a PKCS#8 DER formatted key. - Few bug fixes for the rustls provider. - The test suite to test WolfCrypt provider against rustls version 0.23.35. - Adds related workflows for building and testing.
.github/test-workspace - run the rustls testsuite job against the pr's own provider replacing external fork checkouts
No description provided.