Update rustls to 0.23 and tokio-rustls to 0.26 and add support for tl…

…s-aws-lc
rwf2 · Mar 26, 2024 · 58d5816 · 58d5816
1 parent bd26ca4
commit 58d5816
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/core/lib/Cargo.toml b/core/lib/Cargo.toml
@@ -50,8 +50,8 @@ rmp-serde = { version = "1", optional = true }
 uuid_ = { package = "uuid", version = "1", optional = true, features = ["serde"] }
 
 # Optional TLS dependencies
-rustls = { version = "0.22", optional = true }
-tokio-rustls = { version = "0.25", optional = true }
+rustls = { version = "0.23", default-features = false, features = ["ring", "logging", "std", "tls12"], optional = true }
+tokio-rustls = { version = "0.26", default-features = false, features = ["logging", "tls12", "ring"], optional = true }
 rustls-pemfile = { version = "2.0.0", optional = true }
 
 # Optional MTLS dependencies

diff --git a/core/lib/src/listener/tls.rs b/core/lib/src/listener/tls.rs
@@ -31,7 +31,7 @@ impl TlsConfig {
     pub(crate) fn server_config(&self) -> Result<ServerConfig, Error> {
         let provider = rustls::crypto::CryptoProvider {
             cipher_suites: self.ciphers().map(|c| c.into()).collect(),
-            ..rustls::crypto::ring::default_provider()
+            ..rustls::crypto::CryptoProvider::get_default()
         };
 
         #[cfg(feature = "mtls")]

diff --git a/core/lib/src/tls/util.rs b/core/lib/src/tls/util.rs
@@ -33,7 +33,7 @@ pub fn load_key(reader: &mut dyn io::BufRead) -> Result<PrivateKeyDer<'static>>
 
     // Ensure we can use the key.
     let key = keys.remove(0);
-    rustls::crypto::ring::sign::any_supported_type(&key).map_err(KeyError::Unsupported)?;
+    rustls::crypto::CryptoProvider::get_default().key_provider.load_private_key(&key).map_err(KeyError::Unsupported)?
     Ok(key)
 }