Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 10 commits
- 83 files changed
- 4 contributors
Commits on Apr 16, 2024
Commits on Apr 25, 2024
Commits on Apr 26, 2024
-
ENV vars for OPENSSL_NO_ASM (#377)
* ENV vars for OPENSSL_NO_ASM * Fix CI checks
Commits on Apr 29, 2024
-
hkdf: increase MAX_HKDF_INFO_LEN (#411)
* hkdf: increase MAX_HKDF_INFO_LEN Encrypted client hello (ECH) offer confirmation requires computing an 8 byte confirmation value: ``` accept_confirmation = HKDF-Expand-Label( HKDF-Extract(0, ClientHelloInner.random), "ech accept confirmation", transcript_ech_conf, 8) ``` Similarly, in the hello-retry request confirmation case we compute: ``` hrr_accept_confirmation = HKDF-Expand-Label( HKDF-Extract(0, ClientHelloInner1.random), "hrr ech accept confirmation", transcript_hrr_ech_conf, 8) ``` The HKDF-Expand-Label and HKDF-Extract algorithms are unmodified from RFC 8446. For a handshake using SHA-384, or SHA-512, as the digest algorithm it's possible for the `info` parameter to the HKDF expand step to exceed 80 bytes. ``` 2 bytes for the output len 1 byte for the label len 6 bytes for the label prefix 23 bytes for the ECH confirmation label (or 27 for HRR) 1 byte for the context len 48 bytes for the context (SHA-384), or 64 bytes (SHA-512) ------------------------------------------ = 81 or 97 bytes total, SHA-384, non-hrr = 85 or 101 bytes total, SHA-512, hrr Both would exceed the existing `MAX_HKDF_INFO_LEN` limit of 80 bytes, and so produce `Unspecified` errors. This commit increase the limit to 102 bytes (it seemed a nicer value than 101), allowing the use of aws-lc-rs HKDF for ECH confirmation purposes without panic. * Improve docs on 'Prk::expand' errors --------- Co-authored-by: Justin Smith <justsmth@amazon.com>
Commits on May 2, 2024
-
-
-
* Updates for User Guide * Note about AWS_LC_SYS_NO_ASM * Satisfy clippy * Per PR feedback
-
Align aws-lc-sys v0.16.0 with AWS-LC 1.26.0 (#417)
* Update to AWS-LC 1.26.0 * Symbols from ubuntu-latest * Symbols from macos-13-xlarge * Symbols for aarch64-unknown-linux-gnu * Symbols for x86_64-unknown-linux-musl * Symbols for aarch64-unknown-linux-musl * Symbols for i686-unknown-linux-gnu * Symbols from macos-12 * Generated headers * Generated bindings from macos-13-xlarge * Generated bindings from ubuntu-latest * Generated bindings for aarch64-unknown-linux-gnu * Generated bindings for i686-unknown-linux-gnu * Generated bindings for aarch64-unknown-linux-musl * Generated bindings for x86_64-unknown-linux-musl * Generated bindings from macos-12 * Collected source files for x86_64-unknown-linux-musl * Collected source files from macos-13-xlarge * Collected source files from ubuntu-latest * Collected source files from macos-12 * Collected source files for i686-unknown-linux-gnu * Collected source files for aarch64-unknown-linux-gnu * Collected source files for aarch64-unknown-linux-musl --------- Co-authored-by: aws-lc-sys-bindings-generator <aws-lc-github-bot@amazon.com>
Commits on May 3, 2024
-
Build/test with
--releasebuild for MinGW, iOS (#399)* Perform release build when cross-compiling * Also build/test with dev profile
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v1.7.0...v1.7.1