Skip to content

Correct calculation of ServerHello ECH confirmation #2545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 7, 2025
Merged

Correct calculation of ServerHello ECH confirmation #2545

merged 1 commit into from
Jul 7, 2025

Conversation

ctz
Copy link
Member

@ctz ctz commented Jul 4, 2025

This was another case where we were relying on the ability to round-trip received messages. That assumption as abandoned in 692f981. This meant that we calculated the ECH confirmation based on a different extension ordering than the one the server sent, which meant it didn't match.

bogo and the cloudflare test server continued to work, as they just happened to choose the same extension ordering as us. But OpenSSL didn't.

@ctz ctz force-pushed the jbp-fix-ech-confirmation branch from fd1d3c1 to e8dfe95 Compare July 4, 2025 13:55
@rustls-benchmarking Rustls Benchmarking
Copy link

rustls-benchmarking bot commented Jul 4, 2025
edited
Loading

Benchmark results

Instruction counts

Significant differences

⚠️ There are significant instruction count differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 1781053 1755991 -25062 (-1.41%) 0.57%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 4319275 4271896 -47379 (-1.10%) 0.32%
handshake_no_resume_ring_1.3_ecdsap256_aes_client 3291684 3298284 ⚠️ 6600 (0.20%) 0.20%

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_server 10423473 10517542 94069 (0.90%) 0.99%
handshake_session_id_1.3_no_crypto_server 2107254 2100894 -6360 (-0.30%) 1.51%
handshake_tickets_1.3_no_crypto_server 2071164 2064924 -6240 (-0.30%) 1.54%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_client 64079232 64252494 173262 (0.27%) 0.54%
handshake_session_id_1.3_no_crypto_client 2219372 2214002 -5370 (-0.24%) 1.81%
handshake_tickets_1.3_no_crypto_client 2237918 2232548 -5370 (-0.24%) 1.80%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 9503072 9480328 -22744 (-0.24%) 1.02%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_client 64290335 64152089 -138246 (-0.22%) 0.69%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha_server 47771941 47871223 99282 (0.21%) 0.51%
handshake_session_id_1.2_no_crypto_server 1045521 1047471 1950 (0.19%) 0.57%
handshake_session_id_1.2_no_crypto_client 1151902 1154032 2130 (0.18%) 0.45%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_client 64342786 64454121 111335 (0.17%) 0.49%
handshake_tickets_1.2_no_crypto_client 1239584 1241714 2130 (0.17%) 1.92%
handshake_tickets_1.2_no_crypto_server 1205861 1207931 2070 (0.17%) 0.49%
handshake_no_resume_1.3_no_crypto_server 98204 98037 -167 (-0.17%) 0.92%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_client 64308979 64414127 105148 (0.16%) 0.82%
handshake_no_resume_1.3_no_crypto_client 111663 111481 -182 (-0.16%) 1.23%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_client 64430869 64332505 -98364 (-0.15%) 0.58%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_client 64148935 64245750 96815 (0.15%) 0.58%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes_server 47926099 47857001 -69098 (-0.14%) 0.40%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_client 64329161 64418320 89159 (0.14%) 0.55%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_client 64172128 64093986 -78142 (-0.12%) 0.22%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_client 64212920 64137285 -75635 (-0.12%) 0.64%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes_server 49148977 49204779 55802 (0.11%) 0.34%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_server 11333654 11320941 -12713 (-0.11%) 0.87%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 4273408 4268635 -4773 (-0.11%) 1.10%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha_server 49104106 49156936 52830 (0.11%) 0.58%
handshake_no_resume_1.2_no_crypto_server 74674 74751 77 (0.10%) 0.36%
handshake_session_id_aws_lc_rs_1.3_rsa_aes_server 47847087 47895486 48399 (0.10%) 0.39%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha_server 49152237 49103192 -49045 (-0.10%) 0.49%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha_server 49112071 49156728 44657 (0.09%) 0.51%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha_server 47822220 47782976 -39244 (-0.08%) 0.26%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_client 64131919 64177118 45199 (0.07%) 0.55%
handshake_no_resume_1.2_no_crypto_client 98547 98600 53 (0.05%) 0.25%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha_server 47819070 47794019 -25051 (-0.05%) 0.50%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes_server 47850484 47873199 22715 (0.05%) 0.50%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha_client 3106590 3107781 1191 (0.04%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_client 3831857 3833267 1410 (0.04%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_server 11323922 11320048 -3874 (-0.03%) 1.50%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_client 4164181 4165591 1410 (0.03%) 0.20%
handshake_session_id_aws_lc_rs_1.2_rsa_aes_server 3751431 3752661 1230 (0.03%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_client 4238976 4240296 1320 (0.03%) 0.20%
handshake_tickets_ring_1.2_rsa_aes_client 4492301 4493621 1320 (0.03%) 0.20%
handshake_tickets_aws_lc_rs_1.2_rsa_aes_server 4885648 4886998 1350 (0.03%) 0.20%
handshake_session_id_ring_1.2_rsa_aes_server 4159220 4160360 1140 (0.03%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_client 64406940 64424526 17586 (0.03%) 0.68%
handshake_tickets_ring_1.2_rsa_aes_server 4613444 4614664 1220 (0.03%) 0.20%
handshake_tickets_aws_lc_rs_1.3_rsa_aes_server 49167924 49177146 9222 (0.02%) 0.47%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_client 64422830 64411716 -11114 (-0.02%) 0.69%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 1758130 1757841 -289 (-0.02%) 1.33%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 2661215 2660819 -396 (-0.01%) 0.20%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 2664452 2664798 346 (0.01%) 0.22%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes_server 49186578 49181283 -5295 (-0.01%) 0.35%
handshake_no_resume_aws_lc_rs_1.3_rsa_aes_client 3101286 3101057 -229 (-0.01%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_client 3299479 3299320 -159 (-0.00%) 0.23%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 9482988 9482639 -349 (-0.00%) 0.75%
handshake_no_resume_ring_1.2_rsa_aes_client 2243095 2243169 74 (0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_client 2325299 2325254 -45 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_client 2330950 2330905 -45 (-0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_server 31507773 31507383 -390 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_server 31510654 31510264 -390 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_server 31510962 31510572 -390 (-0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_server 31629753 31629363 -390 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_server 31632634 31632244 -390 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_server 31632942 31632552 -390 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_client 58119641 58120289 648 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_client 57900716 57901357 641 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_client 58109676 58110319 643 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_client 58005574 58006214 640 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_client 57994750 57995388 638 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_client 58002604 58003242 638 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_client 58056747 58057384 637 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_client 58114383 58115019 636 (0.00%) 0.20%
handshake_no_resume_ring_1.2_rsa_aes_server 10987546 10987644 98 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_server 31965310 31965040 -270 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_server 31968098 31967828 -270 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_server 31968111 31967841 -270 (-0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_server 32067550 32067280 -270 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_server 32070338 32070068 -270 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_server 32070351 32070081 -270 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_aes_server 1285071 1285062 -9 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap256_chacha_server 1286263 1286254 -9 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_client 92529959 92530605 646 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_client 92579796 92580442 646 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_client 92575819 92576460 641 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_client 92520834 92521474 640 (0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_client 92531661 92532294 633 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_client 92569842 92570475 633 (0.00%) 0.20%
transfer_no_resume_1.2_no_crypto_client 117294664 117295305 641 (0.00%) 0.20%
transfer_no_resume_1.3_no_crypto_client 117341867 117342499 632 (0.00%) 0.20%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes_client 1717589 1717594 5 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_chacha_client 30855832 30855864 32 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_chacha_client 30859940 30859972 32 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_client 34728002 34727966 -36 (-0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap256_aes_client 30927487 30927519 32 (0.00%) 0.20%
handshake_tickets_ring_1.3_rsa_aes_client 30931595 30931627 32 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_aes_server 7208732 7208725 -7 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_client 34729708 34729678 -30 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_aes_server 11108613 11108604 -9 (-0.00%) 0.20%
handshake_no_resume_ring_1.3_rsa_chacha_server 11114374 11114365 -9 (-0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_chacha_client 30533107 30533121 14 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap384_aes_client 30624757 30624771 14 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_chacha_client 30852531 30852545 14 (0.00%) 0.20%
handshake_tickets_ring_1.3_ecdsap384_aes_client 30924141 30924155 14 (0.00%) 0.20%
transfer_no_resume_ring_1.2_rsa_aes_server 45917934 45917925 -9 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes_server 46176181 46176188 7 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_aes_server 46010593 46010598 5 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha_server 80356950 80356942 -8 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha_server 80367048 80367040 -8 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_aes_server 46013172 46013169 -3 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap384_chacha_server 80249968 80249973 5 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha_server 80356027 80356023 -4 (-0.00%) 0.20%
transfer_no_resume_1.2_no_crypto_server 104985039 104985034 -5 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes_server 46124480 46124478 -2 (-0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes_server 46186561 46186563 2 (0.00%) 0.20%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes_server 46176464 46176463 -1 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_chacha_server 80238176 80238177 1 (0.00%) 0.20%
transfer_no_resume_ring_1.3_ecdsap256_chacha_server 80245478 80245477 -1 (-0.00%) 0.20%
transfer_no_resume_ring_1.3_rsa_aes_server 46003288 46003288 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_chacha_client 30536005 30536005 0 (0.00%) 0.20%
handshake_no_resume_ring_1.3_ecdsap384_chacha_server 7210684 7210684 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_aes_client 30631807 30631807 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_rsa_chacha_client 30540127 30540127 0 (0.00%) 0.20%
transfer_no_resume_1.3_no_crypto_server 105032246 105032246 0 (0.00%) 0.20%
handshake_session_id_ring_1.3_ecdsap256_aes_client 30627685 30627685 0 (0.00%) 0.20%

Wall-time

Significant differences

There are no significant wall-time differences

Other differences

Click to expand
Scenario Baseline Candidate Diff Threshold
handshake_no_resume_aws_lc_rs_1.3_rsa_aes 1.28 ms 1.25 ms -0.03 ms (-2.46%) 8.52%
handshake_no_resume_aws_lc_rs_1.2_rsa_aes 1.09 ms 1.07 ms -0.02 ms (-1.96%) 8.62%
handshake_no_resume_1.2_no_crypto 76.52 µs 77.92 µs 1.40 µs (1.83%) 9.61%
handshake_tickets_aws_lc_rs_1.2_rsa_aes 1.79 ms 1.76 ms -0.03 ms (-1.70%) 5.05%
handshake_no_resume_aws_lc_rs_1.3_rsa_chacha 1.26 ms 1.24 ms -0.02 ms (-1.65%) 6.66%
handshake_tickets_1.3_no_crypto 639.07 µs 630.33 µs -8.74 µs (-1.37%) 4.29%
handshake_session_id_aws_lc_rs_1.2_rsa_aes 1.62 ms 1.60 ms -0.02 ms (-1.23%) 6.45%
handshake_no_resume_1.3_no_crypto 85.97 µs 86.92 µs 0.95 µs (1.10%) 10.54%
transfer_no_resume_1.3_no_crypto 11.86 ms 11.75 ms -0.11 ms (-0.95%) 2.66%
handshake_session_id_1.3_no_crypto 658.13 µs 652.02 µs -6.11 µs (-0.93%) 5.16%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 574.72 µs 579.59 µs 4.87 µs (0.85%) 2.43%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_aes 4.54 ms 4.57 ms 0.03 ms (0.72%) 4.27%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_aes 9.28 ms 9.34 ms 0.06 ms (0.66%) 1.00%
transfer_no_resume_ring_1.2_rsa_aes 5.72 ms 5.76 ms 0.04 ms (0.65%) 2.78%
transfer_no_resume_ring_1.3_ecdsap256_aes 5.30 ms 5.33 ms 0.03 ms (0.63%) 3.71%
handshake_no_resume_ring_1.3_ecdsap256_chacha 453.89 µs 456.69 µs 2.81 µs (0.62%) 2.64%
transfer_no_resume_ring_1.3_rsa_aes 5.79 ms 5.83 ms 0.03 ms (0.60%) 3.45%
handshake_no_resume_aws_lc_rs_1.3_ecdsap256_aes 577.15 µs 580.53 µs 3.38 µs (0.59%) 2.45%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_aes 5.23 ms 5.26 ms 0.03 ms (0.57%) 3.26%
handshake_no_resume_ring_1.3_ecdsap256_aes 457.02 µs 459.62 µs 2.60 µs (0.57%) 2.44%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_aes 8.60 ms 8.65 ms 0.05 ms (0.56%) 1.00%
handshake_tickets_ring_1.2_rsa_aes 1.55 ms 1.55 ms 0.01 ms (0.55%) 1.30%
handshake_tickets_ring_1.3_rsa_aes 5.96 ms 5.99 ms 0.03 ms (0.49%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_aes 9.11 ms 9.15 ms 0.04 ms (0.49%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_aes 8.43 ms 8.47 ms 0.04 ms (0.49%) 1.19%
handshake_tickets_aws_lc_rs_1.3_ecdsap256_chacha 8.56 ms 8.60 ms 0.04 ms (0.47%) 1.18%
handshake_tickets_ring_1.3_rsa_chacha 5.92 ms 5.95 ms 0.03 ms (0.47%) 1.00%
handshake_tickets_aws_lc_rs_1.3_ecdsap384_chacha 9.24 ms 9.28 ms 0.04 ms (0.43%) 1.05%
handshake_tickets_ring_1.3_ecdsap256_aes 5.47 ms 5.50 ms 0.02 ms (0.39%) 1.04%
handshake_session_id_ring_1.3_rsa_chacha 5.87 ms 5.90 ms 0.02 ms (0.38%) 1.01%
transfer_no_resume_1.2_no_crypto 11.67 ms 11.71 ms 0.04 ms (0.38%) 2.03%
handshake_session_id_1.2_no_crypto 344.49 µs 345.77 µs 1.28 µs (0.37%) 4.10%
transfer_no_resume_ring_1.3_ecdsap384_aes 8.40 ms 8.43 ms 0.03 ms (0.37%) 2.40%
handshake_tickets_aws_lc_rs_1.3_rsa_aes 9.29 ms 9.33 ms 0.03 ms (0.37%) 1.56%
handshake_session_id_ring_1.3_rsa_aes 5.91 ms 5.93 ms 0.02 ms (0.36%) 1.00%
handshake_tickets_ring_1.3_ecdsap256_chacha 5.44 ms 5.46 ms 0.02 ms (0.35%) 1.00%
handshake_session_id_ring_1.3_ecdsap256_aes 5.41 ms 5.43 ms 0.02 ms (0.33%) 1.13%
handshake_tickets_ring_1.3_ecdsap384_chacha 8.53 ms 8.56 ms 0.03 ms (0.33%) 1.00%
handshake_session_id_ring_1.3_ecdsap256_chacha 5.39 ms 5.41 ms 0.02 ms (0.31%) 1.21%
handshake_tickets_ring_1.3_ecdsap384_aes 8.56 ms 8.58 ms 0.03 ms (0.31%) 1.00%
handshake_session_id_aws_lc_rs_1.3_ecdsap384_chacha 9.06 ms 9.09 ms 0.03 ms (0.29%) 1.00%
transfer_no_resume_aws_lc_rs_1.3_ecdsap256_chacha 13.01 ms 13.05 ms 0.03 ms (0.27%) 1.17%
transfer_no_resume_ring_1.3_rsa_chacha 13.35 ms 13.39 ms 0.03 ms (0.26%) 1.32%
handshake_session_id_ring_1.3_ecdsap384_aes 8.50 ms 8.52 ms 0.02 ms (0.26%) 1.00%
transfer_no_resume_ring_1.3_ecdsap256_chacha 12.86 ms 12.89 ms 0.03 ms (0.25%) 1.65%
handshake_session_id_aws_lc_rs_1.3_ecdsap256_chacha 8.40 ms 8.42 ms 0.02 ms (0.24%) 1.00%
handshake_session_id_ring_1.3_ecdsap384_chacha 8.48 ms 8.50 ms 0.02 ms (0.24%) 1.00%
handshake_no_resume_ring_1.3_rsa_chacha 947.23 µs 949.45 µs 2.22 µs (0.23%) 1.00%
handshake_tickets_aws_lc_rs_1.3_rsa_chacha 9.26 ms 9.28 ms 0.02 ms (0.22%) 1.02%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_aes 1.26 ms 1.27 ms 0.00 ms (0.19%) 1.10%
transfer_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 13.70 ms 13.72 ms 0.03 ms (0.18%) 1.10%
transfer_no_resume_ring_1.3_ecdsap384_chacha 15.96 ms 15.99 ms 0.03 ms (0.18%) 1.23%
transfer_no_resume_aws_lc_rs_1.3_rsa_aes 5.23 ms 5.23 ms 0.01 ms (0.14%) 3.63%
handshake_no_resume_ring_1.2_rsa_aes 941.57 µs 942.88 µs 1.31 µs (0.14%) 1.00%
handshake_session_id_aws_lc_rs_1.3_rsa_aes 9.15 ms 9.16 ms 0.01 ms (0.12%) 1.46%
handshake_no_resume_ring_1.3_rsa_aes 947.44 µs 948.58 µs 1.14 µs (0.12%) 1.00%
handshake_session_id_aws_lc_rs_1.3_rsa_chacha 9.10 ms 9.11 ms 0.01 ms (0.06%) 1.24%
transfer_no_resume_aws_lc_rs_1.2_rsa_aes 5.02 ms 5.03 ms 0.00 ms (0.06%) 3.48%
handshake_tickets_1.2_no_crypto 374.32 µs 374.12 µs -0.20 µs (-0.05%) 4.01%
handshake_no_resume_aws_lc_rs_1.3_ecdsap384_chacha 1.25 ms 1.25 ms 0.00 ms (0.05%) 1.00%
transfer_no_resume_aws_lc_rs_1.3_rsa_chacha 13.70 ms 13.71 ms 0.01 ms (0.05%) 1.26%
handshake_session_id_ring_1.2_rsa_aes 1.47 ms 1.47 ms 0.00 ms (0.03%) 1.20%
handshake_no_resume_ring_1.3_ecdsap384_aes 3.55 ms 3.55 ms 0.00 ms (0.03%) 1.00%
handshake_no_resume_ring_1.3_ecdsap384_chacha 3.55 ms 3.55 ms -0.00 ms (-0.00%) 1.00%

Additional information

Historical results

Checkout details:

@ctz
Copy link
Member Author

ctz commented Jul 4, 2025

https://github.com/rustls/rustls/actions/runs/16075349921/job/45369135745

@codecov Codecov
Copy link

codecov bot commented Jul 4, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 89.28571% with 6 lines in your changes missing coverage. Please review.

Project coverage is 95.29%. Comparing base (7bc3052) to head (7f8b0f3).
Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
rustls/src/client/ech.rs 91.48% 4 Missing ⚠️
rustls/src/client/tls13.rs 75.00% 1 Missing ⚠️
rustls/src/msgs/handshake.rs 80.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2545      +/-   ##
==========================================
- Coverage   95.31%   95.29%   -0.02%     
==========================================
  Files          97       97              
  Lines       21565    21607      +42     
==========================================
+ Hits        20555    20591      +36     
- Misses       1010     1016       +6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

cpu
cpu approved these changes Jul 4, 2025
View reviewed changes
Copy link
Member

@cpu cpu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch

cpu
cpu reviewed Jul 4, 2025
View reviewed changes
@ctz
Correct calculation of ServerHello ECH confirmation
7f8b0f3 
This was another case where we were relying on the ability to round-trip
received messages.  That assumption as abandoned in 692f981.
This meant that we calculated the ECH confirmation based on a different
extension ordering than the one the server sent, which meant it didn't
match.

bogo and the cloudflare test server continued to work, as they just
happened to choose the same extension ordering as us.  But OpenSSL
didn't.
@ctz ctz force-pushed the jbp-fix-ech-confirmation branch from e8dfe95 to 7f8b0f3 Compare July 7, 2025 08:55
@ctz ctz added this pull request to the merge queue Jul 7, 2025
Merged via the queue into main with commit a5433a1 Jul 7, 2025
33 of 34 checks passed
@ctz ctz deleted the jbp-fix-ech-confirmation branch July 7, 2025 10:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpu cpu cpu approved these changes

@djc djc djc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ctz @djc @cpu