Conversation
|
Firefox is reusing the x25519 part for its X25519 and X25519MLKEM768 keyshares, different from the chrome behavior in #342 |
|
@mingyech 其实我觉得 Chrome 的做法有点浪费,但我猜是实现方式不同的原因,Chromium 里现在可能是每个密钥交换方式都对应着单独的函数,为未来某一天去掉 X25519 做准备 |
mingyech
force-pushed
the
ff141
branch
3 times, most recently
from
91b8012 to
ba7fabc
Compare
For browsers that sends pq hybrid and classical keyshare pairs, it may or may not choose to reuse the classical part between them. Add a helper to be used when crafting the spec to signify that the reuse should happen, and implement the reuse when generating keyshares. Existing specs will still generate keys independently. Add Firefox 148 spec that uses this reuse.
There was a problem hiding this comment.
Pull request overview
Adds support for Firefox 148’s TLS 1.3 hybrid PQ/classical key share behavior where the classical X25519 share is reused between the standalone classical entry and the hybrid entry, and makes Firefox 148 the default “auto” Firefox fingerprint.
Changes:
- Extend
KeySharewith an internal reuse marker and addReuseHybridAndClassicalKeyShareshelper for specs. - Implement hybrid/classical classical-key reuse during
UConn.ApplyPresetkeyshare generation. - Add
HelloFirefox_148spec and updateHelloFirefox_Autoto point to it; add tests validating reuse and default independence.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
u_public.go |
Adds a reuse marker on KeyShare plus a helper to mark hybrid/classical pairs for reuse during ApplyPreset. |
u_parrots.go |
Implements the reuse behavior in ApplyPreset and adds the HelloFirefox_148 parrot spec using it. |
u_common.go |
Introduces HelloFirefox_148 ID and updates HelloFirefox_Auto default to 148. |
u_parrots_test.go |
Adds tests verifying reuse for Firefox 148 and that hybrid/classical shares remain independent by default. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
For browsers that sends pq hybrid and classical keyshare pairs, it may or may not choose to reuse the classical part between them. Add a helper to be used when crafting the spec to signify that the reuse should happen, and implement the reuse when generating keyshares. Existing specs will still generate keys independently.
Add Firefox 148 spec that uses this reuse.