bindings(s2n-tls): fix `pq` feature

### Problem:

The `pq` feature is misleading for the `s2n-tls` and `s2n-tls-sys` crates.

The only functionality gated behind this feature is the definition of a few `pq` policies. 

https://github.com/aws/s2n-tls/blob/8dd481501af1ec3c631a8d646e31d7d2403593f5/bindings/rust/s2n-tls/src/security.rs#L108-L112

This is misleading because customer might see that the `pq` feature is off by default and conclude that PQ isn't supported by default.

However, PQ functionality/cryptography _are_ available by default from `aws-lc`.

### Solution:
I think the PQ feature should be removed from s2n-tls-sys and s2n-tls.

There is currently no meaningful functionality to be gated behind the PQ feature. In the future it might be useful to gate certain tests, but I think this could be more simply handled with a runtime feature probe or a env variable.

[//]: #  (NOTE: If you believe this might be a security issue, please email aws-security@amazon.com instead of creating a GitHub issue. For more details, see the AWS Vulnerability Reporting Guide: https://aws.amazon.com/security/vulnerability-reporting/ )


	#[cfg(feature = "pq")]
	pub const TESTING_PQ: Policy = policy!("PQ-TLS-1-0-2021-05-26");

	#[cfg(feature = "pq")]
	pub const DEFAULT_PQ: Policy = policy!("default_pq");

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

bindings(s2n-tls): fix `pq` feature #4887

Problem:

Solution:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

bindings(s2n-tls): fix pq feature #4887

Description