Add support for hybrid key exchange protocol x25519mlkem768 for making TLS sessions quantum safe.

This features relies on the netty-tcnative-openssl-dynamic bound to version 3.6 of openssl.

- Add boolean useHybrid field to io.vertx.core.net.SSLOptions and create getters/setters in io.vertx.core.net.SSLOptions as well as every implementation of io.vertx.core.net.TCPSSLOptions.
- If this value is set to true (default false), the ssl handler will be set to use x25519mlkem768 instead of x25519.
- If key exchange protocol is set to x25519mlkem768 but JdkSsl is used instead of OpenSsl, or the version of openssl used at runtime does not suppot x25519mlkem768, the user is informed that hybrid key exchange is impossible channel is closed

Author: anavarr

pom.xml

@@ -20,7 +20,7 @@
   </parent>
 
   <artifactId>vertx-core</artifactId>
-  <version>4.5.27-SNAPSHOT</version>
+  <version>4.5.26</version>
 
   <name>Vert.x Core</name>
 
@@ -204,6 +204,11 @@
       <artifactId>log4j-core</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>io.netty</groupId>
+      <artifactId>netty-tcnative-classes</artifactId>
+      <version>2.0.76.Final</version>
+    </dependency>
     <dependency>
       <groupId>io.netty</groupId>
       <artifactId>netty-tcnative-boringssl-static</artifactId>

src/main/asciidoc/http.adoc

@@ -41,6 +41,10 @@ To handle `h2` requests, TLS must be enabled along with {@link io.vertx.core.htt
 {@link examples.HTTP2Examples#example0}
 ----
 
+The rise of quantum computers will make key exchange protocols such as x25519 obsolete as they will be able to "crack" secret keys quickly.
+Vert.x proposes a quantum-safe key exchange protocol, x25519MLKEM768 (official recommendation of NIST) to ensure sessions over TLS are safe against quantum computers.
+Hybrid key exchange must be enabled along with {@link io.vertx.core.http.HttpServerOptions#setUseHybrid(boolean)} and only works using OpenSsl ({$@link io.vertx.core.http.HttpServerOptions#setSslEngineOptions(SSLEngineOptions)})
+
 ALPN is a TLS extension that negotiates the protocol before the client and the server start to exchange data.
 
 Clients that don't support ALPN will still be able to do a _classic_ SSL handshake.

src/main/generated/io/vertx/core/eventbus/EventBusOptionsConverter.java

@@ -279,6 +279,11 @@ static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, EventBu
             obj.setUseAlpn((Boolean)member.getValue());
           }
           break;
+        case "useHybrid":
+          if (member.getValue() instanceof Boolean) {
+            obj.setUseHybrid((Boolean)member.getValue());
+          }
+          break;
         case "writeIdleTimeout":
           if (member.getValue() instanceof Number) {
             obj.setWriteIdleTimeout(((Number)member.getValue()).intValue());
@@ -388,6 +393,7 @@ static void toJson(EventBusOptions obj, java.util.Map<String, Object> json) {
       json.put("trustStoreOptions", obj.getTrustStoreOptions().toJson());
     }
     json.put("useAlpn", obj.isUseAlpn());
+    json.put("useHybrid", obj.isUseHybrid());
     json.put("writeIdleTimeout", obj.getWriteIdleTimeout());
   }
 }

src/main/generated/io/vertx/core/net/SSLOptionsConverter.java

@@ -69,6 +69,11 @@ static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, SSLOpti
             obj.setUseAlpn((Boolean)member.getValue());
           }
           break;
+        case "useHybrid":
+          if (member.getValue() instanceof Boolean) {
+            obj.setUseHybrid((Boolean)member.getValue());
+          }
+          break;
       }
     }
   }
@@ -103,5 +108,6 @@ static void toJson(SSLOptions obj, java.util.Map<String, Object> json) {
       json.put("sslHandshakeTimeoutUnit", obj.getSslHandshakeTimeoutUnit().name());
     }
     json.put("useAlpn", obj.isUseAlpn());
+    json.put("useHybrid", obj.isUseHybrid());
   }
 }

src/main/generated/io/vertx/core/net/TCPSSLOptionsConverter.java

@@ -179,6 +179,11 @@ static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, TCPSSLO
             obj.setUseAlpn((Boolean)member.getValue());
           }
           break;
+        case "useHybrid":
+          if (member.getValue() instanceof Boolean) {
+            obj.setUseHybrid((Boolean)member.getValue());
+          }
+          break;
         case "writeIdleTimeout":
           if (member.getValue() instanceof Number) {
             obj.setWriteIdleTimeout(((Number)member.getValue()).intValue());
@@ -258,6 +263,7 @@ static void toJson(TCPSSLOptions obj, java.util.Map<String, Object> json) {
       json.put("trustStoreOptions", obj.getTrustStoreOptions().toJson());
     }
     json.put("useAlpn", obj.isUseAlpn());
+    json.put("useHybrid", obj.isUseHybrid());
     json.put("writeIdleTimeout", obj.getWriteIdleTimeout());
   }
 }

src/main/java/io/vertx/core/eventbus/EventBusOptions.java

@@ -475,6 +475,11 @@ public EventBusOptions setUseAlpn(boolean useAlpn) {
     return (EventBusOptions) super.setUseAlpn(useAlpn);
   }
 
+  @Override
+  public EventBusOptions setUseHybrid(boolean useHybrid) {
+    return (EventBusOptions) super.setUseHybrid(useHybrid);
+  }
+
   @Override
   public EventBusOptions setSslEngineOptions(SSLEngineOptions sslEngineOptions) {
     return (EventBusOptions) super.setSslEngineOptions(sslEngineOptions);

src/main/java/io/vertx/core/http/HttpClientOptions.java

@@ -1154,6 +1154,11 @@ public HttpClientOptions setUseAlpn(boolean useAlpn) {
     return (HttpClientOptions) super.setUseAlpn(useAlpn);
   }
 
+  @Override
+  public HttpClientOptions setUseHybrid(boolean useHybrid) {
+    return (HttpClientOptions) super.setUseHybrid(useHybrid);
+  }
+
   @Override
   public HttpClientOptions setSslEngineOptions(SSLEngineOptions sslEngineOptions) {
     return (HttpClientOptions) super.setSslEngineOptions(sslEngineOptions);

src/main/java/io/vertx/core/http/HttpServerOptions.java

@@ -421,6 +421,18 @@ public HttpServerOptions setUseAlpn(boolean useAlpn) {
     return this;
   }
 
+  /*
+  Use X25519MLKEM768 instead of X25519 for key exchange.
+  X25519MLKEM768 is a hybrid protocol exchange ensuring that encryption will resist quantum computers
+   */
+  @Override
+  public HttpServerOptions setUseHybrid(boolean useHybrid) {
+    super.setUseHybrid(useHybrid);
+    return this;
+  }
+
+
+
   @Override
   public HttpServerOptions setKeyCertOptions(KeyCertOptions options) {
     super.setKeyCertOptions(options);

src/main/java/io/vertx/core/http/WebSocketClientOptions.java

@@ -552,6 +552,11 @@ public WebSocketClientOptions setUseAlpn(boolean useAlpn) {
     return (WebSocketClientOptions)super.setUseAlpn(useAlpn);
   }
 
+  @Override
+  public WebSocketClientOptions setUseHybrid(boolean useHybrid) {
+    return (WebSocketClientOptions)super.setUseHybrid(useHybrid);
+  }
+
   @Override
   public WebSocketClientOptions setSslEngineOptions(SSLEngineOptions sslEngineOptions) {
     return (WebSocketClientOptions)super.setSslEngineOptions(sslEngineOptions);

src/main/java/io/vertx/core/http/impl/HttpServerWorker.java

@@ -31,11 +31,14 @@
 import io.vertx.core.http.impl.cgbystrom.FlashPolicyHandler;
 import io.vertx.core.impl.ContextInternal;
 import io.vertx.core.impl.VertxInternal;
+import io.vertx.core.impl.logging.Logger;
+import io.vertx.core.impl.logging.LoggerFactory;
 import io.vertx.core.net.impl.*;
 import io.vertx.core.spi.metrics.HttpServerMetrics;
 
 import java.nio.charset.StandardCharsets;
 import java.util.List;
+import java.util.concurrent.ExecutionException;
 import java.util.function.BiConsumer;
 import java.util.function.Function;
 import java.util.function.Supplier;
@@ -61,6 +64,7 @@ public class HttpServerWorker implements BiConsumer<Channel, SslChannelProvider>
   private final CompressionOptions[] compressionOptions;
   private final Function<String, String> encodingDetector;
   private final GlobalTrafficShapingHandler trafficShapingHandler;
+  private static final Logger log = LoggerFactory.getLogger(SslChannelProvider.class);
 
   public HttpServerWorker(ContextInternal context,
                           Supplier<ContextInternal> streamContextSupplier,
@@ -115,18 +119,28 @@ public void accept(Channel ch, SslChannelProvider sslChannelProvider) {
           if (idle != null) {
             ch.pipeline().remove(idle);
           }
-          configurePipeline(future.getNow(), sslChannelProvider);
+          try {
+            configurePipeline(future.getNow(), sslChannelProvider);
+          } catch (Exception e) {
+            log.error(e.getMessage()+ ", now closing the channel");
+            ch.close();
+          }
         } else {
           //No need to close the channel.HAProxyMessageDecoder already did
           handleException(future.cause());
         }
       });
     } else {
-      configurePipeline(ch, sslChannelProvider);
+      try {
+        configurePipeline(ch, sslChannelProvider);
+      } catch (Exception e) {
+        log.error(e.getMessage()+ ", now closing the channel");
+        ch.close();
+      }
     }
   }
 
-  private void configurePipeline(Channel ch, SslChannelProvider sslChannelProvider) {
+  private void configurePipeline(Channel ch, SslChannelProvider sslChannelProvider) throws Exception {
     ChannelPipeline pipeline = ch.pipeline();
     if (options.isSsl()) {
       pipeline.addLast("ssl", sslChannelProvider.createServerHandler(HttpUtils.socketAddressToHostAndPort(ch.remoteAddress())));