Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deprecate 0xFE30 X25519/Kyber512 code point #4347

Merged
merged 1 commit into from
Oct 1, 2024
Merged

Deprecate 0xFE30 X25519/Kyber512 code point #4347

merged 1 commit into from
Oct 1, 2024

Conversation

reneme
Copy link
Collaborator

@reneme reneme commented Sep 23, 2024

This code point falls into the 'private code point' region (RFC 8446 4.2.3) and was used by pq.cloudflareresearch.com for hybrid key exchange using X25519+KyberR3-512.

By disabling this code point in test_cli.py [...] pqc_hybrid_tests it should fix the currently failing nightly build.

We plan to provide support for X25519+ML-KEM-768 as well as secp256r1+ML-KEM-768 (draft-kwiatkowski-tls-ecdhe-mlkem-02) soon after #3893 is merged.

@reneme reneme added this to the Botan 3.6.0 milestone Sep 23, 2024
@reneme reneme self-assigned this Sep 23, 2024
@coveralls
Copy link

coveralls commented Sep 23, 2024
edited
Loading

Coverage Status

coverage: 91.281% (+0.002%) from 91.279%
when pulling b5df358 on reneme:chore/retire_0xFE30
into 0639e82 on randombit:master.

randombit
randombit approved these changes Sep 23, 2024
View reviewed changes
src/lib/tls/tls_algos.h Show resolved Hide resolved
@reneme
Copy link
Collaborator Author

reneme commented Sep 23, 2024

Todo: CI failure is relevant, I believe.

@reneme
Deprecate 0xFE30 X25519/Kyber512 code point
b5df358 
This code point falls into the 'private code point' region (RFC 8446 4.2.3)
and was used by pq.cloudflareresearch.com for hybrid key exchange using
X25519+KyberR3-512.
@reneme
Copy link
Collaborator Author

reneme commented Oct 1, 2024

Todo: CI failure is relevant, I believe.

In is_pqc_hybrid() we're using the deprecated enum value in a public header. The method is marked constexpr and I therefore don't want to move its implementation into the compilation unit. Hence, the 'ignore deprecation' macro. 😞

@reneme reneme merged commit 7f256a0 into randombit:master Oct 1, 2024
40 checks passed
@reneme reneme deleted the chore/retire_0xFE30 branch October 1, 2024 15:41
@reneme
Copy link
Collaborator Author

reneme commented Oct 2, 2024

image

🥳

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@randombit randombit randombit approved these changes

@FAlbertDev FAlbertDev FAlbertDev approved these changes

Assignees

@reneme reneme

Labels
None yet
Projects
None yet
Milestone
Botan 3.6.0
Development

Successfully merging this pull request may close these issues.
4 participants
@reneme @coveralls @randombit @FAlbertDev