Add Aes128Ccm support for QUIC and update dependencies in Cargo.toml

stevefan1999-personal · stevefan1999-personal · commit 993eceee12f8 · 2025-09-22T00:26:23.000+08:00
diff --git a/src/quic.rs b/src/quic.rs
@@ -9,6 +9,8 @@ use typenum::Unsigned;
 
 use crate::aead::{DecryptBufferAdapter, EncryptBufferAdapter};
 
+#[cfg(feature = "aes-ccm")]
+use crate::aead::aes::Aes128Ccm;
 #[cfg(feature = "aes-gcm")]
 use crate::aead::aes::{Aes128Gcm, Aes256Gcm};
 #[cfg(feature = "chacha20")]
@@ -48,6 +50,16 @@ impl HasHeaderKey for Aes256Gcm {
     }
 }
 
+#[cfg(feature = "aes-ccm")]
+impl HasHeaderKey for Aes128Ccm {
+    fn new(key: AeadKey) -> Result<HeaderProtectionKey, Error> {
+        Ok(HeaderProtectionKey::Aes128Ecb(
+            aes::Aes128::new_from_slice(key.as_ref())
+                .map_err(|_| Error::General("Invalid AES-128-GCM key".into()))?,
+        ))
+    }
+}
+
 #[cfg(feature = "chacha20poly1305")]
 impl HasHeaderKey for ChaCha20Poly1305 {
     fn new(key: AeadKey) -> Result<HeaderProtectionKey, Error> {
diff --git a/src/tls13/suites/aes.rs b/src/tls13/suites/aes.rs
@@ -44,7 +44,7 @@ tls13_cipher_suite!(
     hash::SHA256,
     HkdfUsingHmac(hmac::SHA256),
     AES_128_CCM,
-    None // TODO: add QUIC support
+    feature_eval_expr!([feature = "quic"], Some(&crate::quic::QuicCrypto::<Aes128Ccm>::DEFAULT), else None)
 );
 
 #[cfg(all(feature = "ccm", feature = "hash-sha256"))]
diff --git a/validation/quic-test/Cargo.toml b/validation/quic-test/Cargo.toml
@@ -8,8 +8,7 @@ rust-version = "1.88.0"
 
 [dependencies]
 rustls-rustcrypto = { path = "../..", default-features = false, features = [
-    "aead-chacha20poly1305",
-    "aead-aes-gcm",
+    "aead-full",
     "der",
     "fast",
     "kx-p256",
