Remove chacha feature (#13)

detect chacha availability using openssl config

Author: tofay

Cargo.toml

@@ -17,9 +17,8 @@ rustls = { version = "0.23.0", default-features = false }
 rustls-webpki = { version = "0.102.2", default-features = false }
 
 [features]
-default = ["tls12", "chacha", "x25519"]
+default = ["tls12", "x25519"]
 x25519 = []
-chacha = []
 tls12 = ["rustls/tls12", "foreign-types-shared"]
 
 [dev-dependencies]

README.md

@@ -11,6 +11,7 @@ See the [rustls documentation]((https://docs.rs/rustls/latest/rustls/crypto/stru
 ## Supported Ciphers
 
 Supported cipher suites are listed below, in descending order of preference.
+If OpenSSL is compiled with the `OPENSSL_NO_CHACHA` option, the ChaCha20-Poly1305 ciphers will not be available.
 
 ### TLS 1.3
 
@@ -19,7 +20,7 @@ The following cipher suites are supported for TLS 1.3. These support QUIC.
 ```
 TLS13_AES_256_GCM_SHA384
 TLS13_AES_128_GCM_SHA256
-TLS13_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+TLS13_CHACHA20_POLY1305_SHA256
 ```
 
 ### TLS 1.2
@@ -28,10 +29,10 @@ TLS13_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
 ```
 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 ```
 ## Supported Key Exchanges
 

build.rs

@@ -2,7 +2,10 @@
 
 use std::env;
 
+const OPENSSL_NO_CHACHA: &str = "OPENSSL_NO_CHACHA";
+
 fn main() {
+    println!("cargo:rustc-check-cfg=cfg(chacha)");
     // Determine whether to work around https://github.com/openssl/openssl/issues/23448
     // according to the OpenSSL version
     println!("cargo:rustc-check-cfg=cfg(bugged_add_hkdf_info)");
@@ -13,4 +16,12 @@ fn main() {
             println!("cargo:rustc-cfg=bugged_add_hkdf_info");
         }
     }
+
+    // Enable the `chacha` cfg if the `OPENSSL_NO_CHACHA` OpenSSL config is not set.
+    if std::env::var("DEP_OPENSSL_CONF")
+        .map(|conf_string| !conf_string.split(",").any(|conf| conf == OPENSSL_NO_CHACHA))
+        .unwrap_or(true)
+    {
+        println!("cargo:rustc-cfg=chacha");
+    }
 }

src/aead.rs

@@ -18,7 +18,7 @@ pub(crate) struct MessageCrypter {
 pub(crate) enum Algorithm {
     Aes128Gcm,
     Aes256Gcm,
-    #[cfg(feature = "chacha")]
+    #[cfg(chacha)]
     ChaCha20Poly1305,
 }
 
@@ -30,7 +30,7 @@ impl Algorithm {
         match self {
             Self::Aes128Gcm => Cipher::aes_128_gcm(),
             Self::Aes256Gcm => Cipher::aes_256_gcm(),
-            #[cfg(feature = "chacha")]
+            #[cfg(chacha)]
             Self::ChaCha20Poly1305 => Cipher::chacha20_poly1305(),
         }
     }

src/lib.rs

@@ -5,24 +5,25 @@
 //! ## Supported Ciphers
 //!
 //! Supported cipher suites are listed below, ordered by preference. IE: The default configuration prioritizes `TLS13_AES_256_GCM_SHA384` over `TLS13_AES_128_GCM_SHA256`.
+//! If OpenSSL is compiled with the `OPENSSL_NO_CHACHA` option, the ChaCha20-Poly1305 ciphers will not be available.
 //!
 //! ### TLS 1.3
 //!
 //! ```ignore
 //! TLS13_AES_256_GCM_SHA384
 //! TLS13_AES_128_GCM_SHA256
-//! TLS13_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+//! TLS13_CHACHA20_POLY1305_SHA256
 //! ```
 //!
 //! ### TLS 1.2
 //!
 //! ```ignore
 //! TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 //! TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-//! TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+//! TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 //! TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 //! TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-//! TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 // Requires the `chacha` feature
+//! TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 //! ```
 //! ## Supported Key Exchanges
 //!
@@ -97,7 +98,6 @@
 //!
 //! # Features
 //! The following non-default features are available:
-//! - `chacha`: Enables ChaCha20-Poly1305 cipher suites for TLS 1.2 and TLS 1.3.
 //! - `x25519`: Enables X25519 key exchange group.
 
 // Mimic rustls code no_std usage.
@@ -131,11 +131,11 @@ pub mod cipher_suite {
         TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
         TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
     };
-    #[cfg(all(feature = "tls12", feature = "chacha"))]
+    #[cfg(all(feature = "tls12", chacha))]
     pub use super::tls12::{
         TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
     };
-    #[cfg(feature = "chacha")]
+    #[cfg(chacha)]
     pub use super::tls13::TLS13_CHACHA20_POLY1305_SHA256;
     pub use super::tls13::{TLS13_AES_128_GCM_SHA256, TLS13_AES_256_GCM_SHA384};
 }
@@ -265,19 +265,19 @@ pub static DEFAULT_CIPHER_SUITES: &[SupportedCipherSuite] = ALL_CIPHER_SUITES;
 pub static ALL_CIPHER_SUITES: &[SupportedCipherSuite] = &[
     tls13::TLS13_AES_256_GCM_SHA384,
     tls13::TLS13_AES_128_GCM_SHA256,
-    #[cfg(feature = "chacha")]
+    #[cfg(chacha)]
     tls13::TLS13_CHACHA20_POLY1305_SHA256,
     #[cfg(feature = "tls12")]
     tls12::TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     #[cfg(feature = "tls12")]
     tls12::TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-    #[cfg(all(feature = "tls12", feature = "chacha"))]
+    #[cfg(all(feature = "tls12", chacha))]
     tls12::TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
     #[cfg(feature = "tls12")]
     tls12::TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
     #[cfg(feature = "tls12")]
     tls12::TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-    #[cfg(all(feature = "tls12", feature = "chacha"))]
+    #[cfg(all(feature = "tls12", chacha))]
     tls12::TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
 ];
 

src/quic.rs

@@ -26,7 +26,7 @@ struct PacketKey {
 pub(crate) enum HeaderProtectionAlgorithm {
     Aes128,
     Aes256,
-    #[cfg(feature = "chacha")]
+    #[cfg(chacha)]
     ChaCha20,
 }
 
@@ -175,7 +175,7 @@ impl HeaderProtectionAlgorithm {
         match self {
             HeaderProtectionAlgorithm::Aes128 => Cipher::aes_128_ecb(),
             HeaderProtectionAlgorithm::Aes256 => Cipher::aes_256_ecb(),
-            #[cfg(feature = "chacha")]
+            #[cfg(chacha)]
             HeaderProtectionAlgorithm::ChaCha20 => Cipher::chacha20(),
         }
     }
@@ -191,7 +191,7 @@ impl HeaderProtectionKey {
                     .map_err(|e| Error::General(format!("OpenSSL error: {e}")))?;
                 mask.copy_from_slice(&block[..5]);
             }
-            #[cfg(feature = "chacha")]
+            #[cfg(chacha)]
             // https://datatracker.ietf.org/doc/html/rfc9001#section-5.4.4
             HeaderProtectionAlgorithm::ChaCha20 => {
                 let block = encrypt(
@@ -277,7 +277,7 @@ mod test {
         assert_eq!(server_packet[..], expected_server_packet[..]);
     }
 
-    #[cfg(feature = "chacha")]
+    #[cfg(chacha)]
     #[test]
     fn test_short_packet_length() {
         use rustls::crypto::cipher::AeadKey;

src/tls12.rs

@@ -21,15 +21,15 @@ const GCM_EXPLICIT_NONCE_LENGTH: usize = 8;
 const GCM_IMPLICIT_NONCE_LENGTH: usize = 4;
 const GCM_TAG_LENGTH: usize = 16;
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 const CHACHA_TAG_LENGTH: usize = 16;
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 const CHAHCA_NONCE_LENGTH: usize = 12;
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 const CHACHA_KEY_LENGTH: usize = 32;
 
 /// The TLS1.2 ciphersuite `TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256`.
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub static TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: SupportedCipherSuite =
     SupportedCipherSuite::Tls12(&Tls12CipherSuite {
         common: CipherSuiteCommon {
@@ -44,7 +44,7 @@ pub static TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: SupportedCipherSuite =
     });
 
 /// The TLS1.2 ciphersuite `TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256`
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub static TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: SupportedCipherSuite =
     SupportedCipherSuite::Tls12(&Tls12CipherSuite {
         common: CipherSuiteCommon {
@@ -122,16 +122,16 @@ pub static TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: SupportedCipherSuite =
         prf_provider: &Prf(SHA384),
     });
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub(crate) struct Tls12ChaCha;
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub(crate) struct Tls12ChaCha20Poly1305 {
     key: [u8; CHACHA_KEY_LENGTH],
     iv: Iv,
 }
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 impl Tls12AeadAlgorithm for Tls12ChaCha {
     fn encrypter(&self, key: AeadKey, iv: &[u8], _: &[u8]) -> Box<dyn MessageEncrypter> {
         // The caller ensures that the key is the correct length.
@@ -176,7 +176,7 @@ impl Tls12AeadAlgorithm for Tls12ChaCha {
     }
 }
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 impl MessageEncrypter for Tls12ChaCha20Poly1305 {
     fn encrypt(
         &mut self,
@@ -213,7 +213,7 @@ impl MessageEncrypter for Tls12ChaCha20Poly1305 {
     }
 }
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 impl MessageDecrypter for Tls12ChaCha20Poly1305 {
     fn decrypt<'a>(
         &mut self,

src/tls13.rs

@@ -14,11 +14,11 @@ use rustls::{
 };
 
 /// The TLS1.3 ciphersuite `TLS_CHACHA20_POLY1305_SHA256`
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub static TLS13_CHACHA20_POLY1305_SHA256: SupportedCipherSuite =
     SupportedCipherSuite::Tls13(TLS13_CHACHA20_POLY1305_SHA256_INTERNAL);
 
-#[cfg(feature = "chacha")]
+#[cfg(chacha)]
 pub static TLS13_CHACHA20_POLY1305_SHA256_INTERNAL: &Tls13CipherSuite = &Tls13CipherSuite {
     common: CipherSuiteCommon {
         suite: CipherSuite::TLS13_CHACHA20_POLY1305_SHA256,
@@ -108,7 +108,7 @@ impl Tls13AeadAlgorithm for aead::Algorithm {
         Ok(match self {
             aead::Algorithm::Aes128Gcm => ConnectionTrafficSecrets::Aes128Gcm { key, iv },
             aead::Algorithm::Aes256Gcm => ConnectionTrafficSecrets::Aes256Gcm { key, iv },
-            #[cfg(feature = "chacha")]
+            #[cfg(chacha)]
             aead::Algorithm::ChaCha20Poly1305 => {
                 ConnectionTrafficSecrets::Chacha20Poly1305 { key, iv }
             }

tests/0001-Patch-openssl-into-rustls.patch

@@ -25,7 +25,7 @@ index 2192377f..071d9036 100644
 +
  [features]
 -default = ["aws_lc_rs", "logging", "std", "tls12"]
-+default = ["aws_lc_rs", "logging", "std", "tls12", "chacha", "x25519", "read_buf", "fips", "zlib"]
++default = ["aws_lc_rs", "logging", "std", "tls12", "x25519"]
  std = ["webpki/std", "pki-types/std", "once_cell/std"]
  logging = ["log"]
  aws_lc_rs = ["dep:aws-lc-rs", "webpki/aws_lc_rs"]

tests/it.rs

@@ -196,7 +196,7 @@ fn test_with_custom_config_to_internet(
     CipherSuite::TLS13_AES_256_GCM_SHA384
 )]
 #[cfg_attr(
-    feature = "chacha",
+    chacha,
     case::tls13_chacha20_poly1305_sha256(
         rustls_openssl::cipher_suite::TLS13_CHACHA20_POLY1305_SHA256,
         rustls_openssl::kx_group::SECP256R1,
@@ -233,7 +233,7 @@ fn test_with_custom_config_to_internet(
     CipherSuite::TLS13_AES_256_GCM_SHA384
 )]
 #[cfg_attr(
-    all(feature = "tls12", feature = "chacha"),
+    all(feature = "tls12", chacha),
     case::tls_ecdhe_rsa_with_chacha20_poly1305_sha256(
         rustls_openssl::cipher_suite::TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
         rustls_openssl::kx_group::SECP256R1,
@@ -264,7 +264,7 @@ fn test_tls(
 
 #[rstest]
 #[cfg_attr(
-    feature = "chacha",
+    chacha,
     case(
         rustls_openssl::cipher_suite::TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
         rustls_openssl::kx_group::SECP384R1,