Skip to content

Support _ABSENT_PARAMS PKCS#1 signature algorithms #2505

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 19, 2025
Merged

Support _ABSENT_PARAMS PKCS#1 signature algorithms #2505

merged 2 commits into from
Jun 19, 2025

Conversation

ctz
Copy link
Member

@ctz ctz commented Jun 19, 2025

This is the final part of #2448

ctz added 2 commits June 19, 2025 06:22
@ctz
Omit RSA_PKCS1_3072_8192_SHA384 in calls to webpki
bd049c5 
This is a more-restricted version of `RSA_PKCS1_2048_8192_SHA384`,
so supplying it alongside that doesn't make sense.
@ctz
Add PKCS#1 _ABSENT_PARAMS algorithms to webpki calls
7ef940a 
Requires rustls-webpki 0.103.3
@rustls-benchmarking Rustls Benchmarking
Copy link

rustls-benchmarking bot commented Jun 19, 2025
edited
Loading

Benchmark results

Instruction counts

Significant differences

⚠️ There are significant instruction count differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 2673947 2700385 ⚠️ 26438 (0.99%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 2671047 2696502 ⚠️ 25455 (0.95%) 0.77%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 9497001 9572345 ⚠️ 75344 (0.79%) 0.60%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client 64516545 64283448 -233097 (-0.36%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client 64533693 64734907 ⚠️ 201214 (0.31%) 0.28%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server 48275906 48159357 -116549 (-0.24%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client 64431308 64280754 -150554 (-0.23%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server 49527531 49628493 ⚠️ 100962 (0.20%) 0.20%

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server 11331937 11369564 37627 (0.33%) 1.56%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server 10441292 10472881 31589 (0.30%) 0.98%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client 64627619 64474158 -153461 (-0.24%) 0.28%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client 64525418 64660825 135407 (0.21%) 0.27%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client 64500264 64618331 118067 (0.18%) 0.25%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server 48226579 48150052 -76527 (-0.16%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server 48380053 48303423 -76630 (-0.16%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client 64584767 64684910 100143 (0.16%) 0.39%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server 49495951 49563430 67479 (0.14%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client 3305361 3301045 -4316 (-0.13%) 0.29%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server 49484541 49543309 58768 (0.12%) 0.20%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server 49554465 49604524 50059 (0.10%) 0.20%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client 64442114 64382116 -59998 (-0.09%) 0.28%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client 64754603 64804920 50317 (0.08%) 0.24%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client 64360723 64312139 -48584 (-0.08%) 0.22%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client 64368709 64322893 -45816 (-0.07%) 0.45%
handshake_no_resume_ring_1.3_ecdsap256_aes_client 3304105 3301896 -2209 (-0.07%) 0.27%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server 48280969 48251003 -29966 (-0.06%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server 48200878 48176288 -24590 (-0.05%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server 49629493 49653056 23563 (0.05%) 0.20%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server 48253321 48230423 -22898 (-0.05%) 0.37%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 4275845 4277745 1900 (0.04%) 0.96%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 1768700 1768167 -533 (-0.03%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 9514962 9512285 -2677 (-0.03%) 0.92%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 4280311 4279394 -917 (-0.02%) 0.26%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server 11360768 11362754 1986 (0.02%) 1.06%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client 3114361 3114805 444 (0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client 64620971 64627944 6973 (0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client 3107411 3107179 -232 (-0.01%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server 49534515 49536745 2230 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client 1718590 1718609 19 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 1765710 1765698 -12 (-0.00%) 1.23%
handshake_no_resume_ring_1.3_ecdsap256_aes_server 1294873 1294877 4 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_server 46005129 46005138 9 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client 58008826 58008836 10 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_client 58019654 58019663 9 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 58133718 58133725 7 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client 34733902 34733898 -4 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client 58070821 58070827 6 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 80367038 80367046 8 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 80356027 80356020 -7 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client 58016679 58016684 5 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client 92534913 92534906 -7 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 92593885 92593878 -7 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server 46015090 46015093 3 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 46176182 46176185 3 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client 92544037 92544043 6 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server 80249978 80249973 -5 (-0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_client 57914799 57914802 3 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client 58128459 58128462 3 (0.00%) 0.20%
transfer_no_resume_1.2_no_crypto_client 117308748 117308742 -6 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server 46128684 46128686 2 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 46186565 46186563 -2 (-0.00%) 0.20%
transfer_no_resume_1.2_no_crypto_server 104989080 104989076 -4 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 58123759 58123757 -2 (-0.00%) 0.20%
transfer_no_resume_1.3_no_crypto_client 117355944 117355940 -4 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server 80361098 80361100 2 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_server 45922131 45922130 -1 (-0.00%) 0.20%
transfer_no_resume_1.3_no_crypto_server 105032247 105032245 -2 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client 92545742 92545741 -1 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 92583913 92583912 -1 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client 92589899 92589900 1 (0.00%) 0.20%
handshake_session_id_1.2_no_crypto_server 1149724 1149724 0 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server 46180620 46180620 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server 32338732 32338732 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client 30831131 30831131 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server 32003200 32003200 0 (0.00%) 0.20%
handshake_session_id_1.3_no_crypto_client 2197255 2197255 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client 31130537 31130537 0 (0.00%) 0.20%
handshake_tickets_1.3_no_crypto_server 2219015 2219015 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_server 32439580 32439580 0 (0.00%) 0.20%
handshake_no_resume_1.2_no_crypto_client 99572 99572 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_server 31881220 31881220 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client 30834070 30834070 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client 4197640 4197640 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_server 31879502 31879502 0 (0.00%) 0.20%
handshake_no_resume_1.2_no_crypto_server 83949 83949 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server 31881263 31881263 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client 30742390 30742390 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_client 2331124 2331124 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_server 11124144 11124144 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_client 30838268 30838268 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server 7220273 7220273 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server 32440972 32440972 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_server 10996408 10996408 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server 11129905 11129905 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server 1296059 1296059 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client 2336775 2336775 0 (0.00%) 0.20%
handshake_tickets_1.2_no_crypto_server 1311738 1311738 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_client 30746588 30746588 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server 80245476 80245476 0 (0.00%) 0.20%
handshake_no_resume_1.3_no_crypto_client 112260 112260 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server 46009959 46009959 0 (0.00%) 0.20%
handshake_no_resume_1.3_no_crypto_server 102885 102885 0 (0.00%) 0.20%
handshake_session_id_1.3_no_crypto_server 2255135 2255135 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_server 4252216 4252216 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client 31062278 31062278 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_server 32337295 32337295 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server 32441189 32441189 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server 32338904 32338904 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server 7218304 7218304 0 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server 3846827 3846827 0 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server 80240657 80240657 0 (0.00%) 0.20%
handshake_tickets_1.3_no_crypto_client 2215824 2215824 0 (0.00%) 0.20%
handshake_session_id_1.2_no_crypto_client 1176713 1176713 0 (0.00%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_client 4261362 4261362 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_client 4522443 4522443 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_server 32001482 32001482 0 (0.00%) 0.20%
handshake_tickets_1.2_no_crypto_client 1272590 1272590 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client 30739481 30739481 0 (0.00%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_server 4707790 4707790 0 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_client 2244009 2244009 0 (0.00%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client 3857786 3857786 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client 31058927 31058927 0 (0.00%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server 4982714 4982714 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_client 31066187 31066187 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client 34735628 34735628 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client 31133933 31133933 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server 32003243 32003243 0 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_client 31137842 31137842 0 (0.00%) 0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_session_id_1.3_no_crypto 669.21 µs 677.03 µs 7.81 µs (1.17%) 5.00%
handshake_tickets_1.3_no_crypto 652.54 µs 658.27 µs 5.73 µs (0.88%) 5.00%
handshake_session_id_1.2_no_crypto 358.58 µs 360.23 µs 1.65 µs (0.46%) 5.00%
handshake_tickets_1.2_no_crypto 390.63 µs 392.32 µs 1.69 µs (0.43%) 5.00%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes 1.28 ms 1.28 ms 0.01 ms (0.40%) 5.24%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha 9.31 ms 9.33 ms 0.03 ms (0.32%) 2.50%
handshake_no_resume_1.3_no_crypto 86.11 µs 85.85 µs -0.26 µs (-0.31%) 5.00%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha 9.14 ms 9.16 ms 0.02 ms (0.27%) 2.54%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha 1.26 ms 1.26 ms 0.00 ms (0.26%) 5.69%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha 8.42 ms 8.44 ms 0.02 ms (0.24%) 2.38%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha 8.60 ms 8.62 ms 0.02 ms (0.23%) 2.41%
handshake_tickets_ring_1.2_rsa_aes 1.57 ms 1.57 ms 0.00 ms (0.23%) 1.17%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes 9.14 ms 9.16 ms 0.02 ms (0.23%) 1.31%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha 9.28 ms 9.30 ms 0.02 ms (0.23%) 2.39%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha 9.09 ms 9.11 ms 0.02 ms (0.22%) 2.01%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes 8.46 ms 8.48 ms 0.02 ms (0.22%) 1.61%
handshake_tickets_aws_lc_rs_1.3_rsa_aes 9.33 ms 9.35 ms 0.02 ms (0.22%) 2.74%
handshake_tickets_aws_lc_rs_1.2_rsa_aes 1.81 ms 1.82 ms 0.00 ms (0.21%) 3.28%
handshake_session_id_aws_lc_rs_1.3_rsa_aes 9.19 ms 9.21 ms 0.02 ms (0.20%) 2.42%
handshake_session_id_ring_1.3_ecdsap256_aes 5.46 ms 5.47 ms 0.01 ms (0.19%) 1.41%
handshake_tickets_ring_1.3_rsa_chacha 5.97 ms 5.98 ms 0.01 ms (0.18%) 1.22%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 575.13 µs 576.11 µs 0.98 µs (0.17%) 3.29%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes 8.63 ms 8.65 ms 0.01 ms (0.17%) 2.30%
handshake_no_resume_1.2_no_crypto 77.37 µs 77.25 µs -0.13 µs (-0.16%) 5.00%
handshake_tickets_ring_1.3_ecdsap256_chacha 5.48 ms 5.49 ms 0.01 ms (0.16%) 1.56%
handshake_session_id_ring_1.3_ecdsap384_chacha 8.51 ms 8.52 ms 0.01 ms (0.16%) 1.29%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes 9.32 ms 9.34 ms 0.01 ms (0.15%) 1.78%
handshake_session_id_ring_1.3_ecdsap256_chacha 5.43 ms 5.44 ms 0.01 ms (0.15%) 1.71%
handshake_tickets_ring_1.3_rsa_aes 6.01 ms 6.02 ms 0.01 ms (0.14%) 1.08%
handshake_session_id_ring_1.3_rsa_aes 5.96 ms 5.97 ms 0.01 ms (0.14%) 1.09%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes 4.53 ms 4.53 ms -0.01 ms (-0.13%) 8.41%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes 5.22 ms 5.21 ms -0.01 ms (-0.13%) 7.01%
handshake_session_id_ring_1.2_rsa_aes 1.49 ms 1.49 ms 0.00 ms (0.13%) 1.00%
handshake_tickets_ring_1.3_ecdsap256_aes 5.52 ms 5.52 ms 0.01 ms (0.13%) 1.27%
handshake_session_id_ring_1.3_rsa_chacha 5.92 ms 5.92 ms 0.01 ms (0.12%) 1.72%
handshake_tickets_ring_1.3_ecdsap384_chacha 8.57 ms 8.58 ms 0.01 ms (0.12%) 1.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes 577.80 µs 578.49 µs 0.68 µs (0.12%) 3.72%
handshake_session_id_ring_1.3_ecdsap384_aes 8.55 ms 8.56 ms 0.01 ms (0.12%) 1.00%
handshake_tickets_ring_1.3_ecdsap384_aes 8.61 ms 8.62 ms 0.01 ms (0.11%) 1.00%
transfer_no_resume_ring_1.3_rsa_aes 5.79 ms 5.78 ms -0.01 ms (-0.10%) 4.27%
handshake_no_resume_ring_1.3_ecdsap256_aes 459.48 µs 459.05 µs -0.43 µs (-0.09%) 3.69%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes 1.10 ms 1.10 ms -0.00 ms (-0.09%) 4.40%
transfer_no_resume_ring_1.3_ecdsap384_aes 8.39 ms 8.39 ms -0.01 ms (-0.09%) 4.41%
transfer_no_resume_ring_1.2_rsa_aes 5.73 ms 5.72 ms -0.00 ms (-0.06%) 4.92%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 13.69 ms 13.68 ms -0.01 ms (-0.06%) 2.44%
handshake_no_resume_ring_1.2_rsa_aes 941.13 µs 940.67 µs -0.46 µs (-0.05%) 1.40%
transfer_no_resume_1.3_no_crypto 11.87 ms 11.86 ms -0.01 ms (-0.05%) 5.00%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 13.00 ms 13.00 ms -0.01 ms (-0.05%) 2.52%
transfer_no_resume_ring_1.3_rsa_chacha 13.34 ms 13.35 ms 0.01 ms (0.04%) 1.95%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes 5.03 ms 5.02 ms -0.00 ms (-0.04%) 6.36%
transfer_no_resume_ring_1.3_ecdsap384_chacha 15.95 ms 15.95 ms -0.01 ms (-0.04%) 2.06%
transfer_no_resume_1.2_no_crypto 11.67 ms 11.67 ms 0.00 ms (0.04%) 5.00%
handshake_session_id_aws_lc_rs_1.2_rsa_aes 1.64 ms 1.64 ms 0.00 ms (0.03%) 4.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes 1.26 ms 1.26 ms 0.00 ms (0.03%) 1.79%
transfer_no_resume_ring_1.3_ecdsap256_chacha 12.85 ms 12.86 ms 0.00 ms (0.03%) 2.13%
handshake_no_resume_ring_1.3_ecdsap256_chacha 456.32 µs 456.20 µs -0.12 µs (-0.03%) 3.94%
handshake_no_resume_ring_1.3_ecdsap384_aes 3.55 ms 3.55 ms -0.00 ms (-0.03%) 1.00%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 1.25 ms 1.25 ms -0.00 ms (-0.03%) 1.56%
handshake_no_resume_ring_1.3_rsa_aes 948.81 µs 948.56 µs -0.24 µs (-0.03%) 1.65%
handshake_no_resume_ring_1.3_rsa_chacha 948.93 µs 949.14 µs 0.21 µs (0.02%) 1.82%
handshake_no_resume_ring_1.3_ecdsap384_chacha 3.55 ms 3.55 ms -0.00 ms (-0.02%) 1.00%
transfer_no_resume_ring_1.3_ecdsap256_aes 5.29 ms 5.30 ms 0.00 ms (0.02%) 4.80%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha 13.69 ms 13.69 ms -0.00 ms (-0.01%) 2.53%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes 5.22 ms 5.22 ms -0.00 ms (-0.01%) 6.10%

Additional information

Historical results

Checkout details:

@codecov Codecov
Copy link

codecov bot commented Jun 19, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.40%. Comparing base (834cb11) to head (7ef940a).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2505   +/-   ##
=======================================
  Coverage   95.40%   95.40%           
=======================================
  Files          97       97           
  Lines       21881    21881           
=======================================
  Hits        20875    20875           
  Misses       1006     1006

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

cpu
cpu approved these changes Jun 19, 2025
View reviewed changes
Copy link
Member

@cpu cpu left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems reasonable but I'm also not sure I follow what you mean by the commit message for the first commit w.r.t RSA_PKCS1_3072_8192_SHA384 being a "more-restricted" version of the 2048 equivalent.

Can you expand on that a little bit for my own education?

@ctz
Copy link
Member Author

ctz commented Jun 19, 2025

This seems reasonable but I'm also not sure I follow what you mean by the commit message for the first commit w.r.t RSA_PKCS1_3072_8192_SHA384 being a "more-restricted" version of the 2048 equivalent.

Can you expand on that a little bit for my own education?

ring's RSA_PKCS1_2048_8192_SHA384 is basically what TLS1.3 calls SignatureScheme rsa_pkcs1_sha384, with the added restriction that public keys must be 2048-8192 bits in size. RSA_PKCS1_3072_8192_SHA384 is the same thing, but public key size restriction is 3072-8192 bits. This is, I assume, intended to meet CNSA standards which require minimum 3072-bit RSA.

So, my argument here is that there are no signatures that are accepted by RSA_PKCS1_3072_8192_SHA384 that are not also accepted by RSA_PKCS1_2048_8192_SHA384. Since this list is additive (every algorithm is allowed a chance to match and verify the signature, and first one accepting the signature wins) having both in the list doesn't make sense.

@cpu
Copy link
Member

cpu commented Jun 19, 2025

So, my argument here is that there are no signatures that are accepted by RSA_PKCS1_3072_8192_SHA384 that are not also accepted by RSA_PKCS1_2048_8192_SHA384.

That makes sense. Thanks for the explanation!

@ctz ctz added this pull request to the merge queue Jun 19, 2025
Merged via the queue into main with commit 6509aa1 Jun 19, 2025
34 checks passed
@ctz ctz deleted the jbp-rsa-no-params branch June 19, 2025 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djc djc djc approved these changes

@cpu cpu cpu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ctz @cpu @djc