diff --git a/etc/cipher-mapping.txt b/etc/cipher-mapping.txt
index 1125f87..275b301 100644
--- a/etc/cipher-mapping.txt
+++ b/etc/cipher-mapping.txt
@@ -139,6 +139,8 @@
0x13,0x01 - TLS_AES_128_GCM_SHA256 TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD
0x13,0x04 - TLS_AES_128_CCM_SHA256 TLS_AES_128_CCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESCCM(128) Mac=AEAD
0x13,0x05 - TLS_AES_128_CCM_8_SHA256 TLS_AES_128_CCM_8_SHA256 TLSv1.3 Kx=any Au=any Enc=AESCCM8(128) Mac=AEAD
+ 0x00,0xC6 - TLS_SM4_GCM_SM3 TLS_SM4_GCM_SM3 TLSv1.3 Kx=any Au=any Enc=SM4GCM(128) Mac=AEAD
+ 0x00,0xC7 - TLS_SM4_CCM_SM3 TLS_SM4_CCM_SM3 TLSv1.3 Kx=any Au=any Enc=SM4CCM(128) Mac=AEAD
0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
diff --git a/etc/curves-mapping.txt b/etc/curves-mapping.txt
index 627c54a..a70a768 100644
--- a/etc/curves-mapping.txt
+++ b/etc/curves-mapping.txt
@@ -51,4 +51,5 @@
0x11,0xeb - SecP256r1MLKEM768 SecP256r1MLKEM768
0x11,0xec - X25519MLKEM768 X25519MLKEM768
0x11,0xed - SecP384r1MLKEM1024 SecP384r1MLKEM1024
+ 0x11,0xee - curveSM2MLKEM768 curveSM2MLKEM768
0x63,0x99 - X25519Kyber768Draft00 X25519Kyber768Draft00
diff --git a/etc/curves.txt b/etc/curves.txt
index cbb7595..5576e30 100644
--- a/etc/curves.txt
+++ b/etc/curves.txt
@@ -31,4 +31,5 @@
30, curve448,
31, brainpoolP256r1tls13,
32, brainpoolP384r1tls13,
-33, brainpoolP512r1tls13
+33, brainpoolP512r1tls13,
+41, curveSM2
diff --git a/etc/tls_data.txt b/etc/tls_data.txt
index 093b041..da41815 100644
--- a/etc/tls_data.txt
+++ b/etc/tls_data.txt
@@ -3,9 +3,9 @@
# see #807 and #806 (especially
# https://github.com/testssl/testssl.sh/issues/806#issuecomment-318686374)
-# 7 ciphers defined for TLS 1.3 in RFCs 8446 and 9150
+# 9 ciphers defined for TLS 1.3 in RFCs 8446, 8998, and 9150
readonly TLS13_CIPHER="
-13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5"
+13,01, 13,02, 13,03, 13,04, 13,05, 00,c6, 00,c7, c0,b4, c0,b5"
# 113 standard cipher + 4x GOST for TLS 1.2 and SPDY/NPN HTTP2/ALPN
declare TLS12_CIPHER="
@@ -146,7 +146,15 @@ xS6XqyNhhqGBhQOBggAEDjRvgELV732xXBsz5NJuirkmran6haJy2Phqqc4qPROm
79ZjkNvTbrsL9GVNvOmyUJv+PyxG1Zn6OsIxck747cJ/IGeOv7hcA+/J728TfWk=
-----END PRIVATE KEY-----
"
- "22" "23" "24" "25" "26" "27" "28" "29" "2a" "2b" "2c" "2d" "2e" "2f"
+ "22" "23" "24" "25" "26" "27" "28"
+ "29" # OpenSSL does not support key derivation with curveSM2
+# "-----BEGIN PRIVATE KEY-----
+# MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQgEbF8017wu8z9hM6R
+# yyzdXvRLH72yLFwKtuvuMh2gf8KhRANCAAR2NofXnIdTmLZF93KUGLek9CimS+Ft
+# NjHGzG7f+5hic6kauGfQ1+IIetrqZn9zUirs/PO99zmLDUYHo2krOLT0
+# -----END PRIVATE KEY-----
+# "
+ "2a" "2b" "2c" "2d" "2e" "2f"
"30" "31" "32" "33" "34" "35" "36" "37" "38" "39" "3a" "3b" "3c" "3d" "3e" "3f"
"40" "41" "42" "43" "44" "45" "46" "47" "48" "49" "4a" "4b" "4c" "4d" "4e" "4f"
"50" "51" "52" "53" "54" "55" "56" "57" "58" "59" "5a" "5b" "5c" "5d" "5e" "5f"
@@ -681,7 +689,72 @@ dw2uLhtVpkl8Doh/wNPKoTLnAiFRih6ivuz24oY3Gp9fa6gsi/wXfgnHaHRsBQeB
iUk=
-----END PRIVATE KEY-----
---END HYBRID PRIV KEY---
-" )
+"
+# OpenSSL does not support key derivation with curveSM2
+# [4590]="---BEGIN HYBRID PRIV KEY---
+# -----BEGIN PRIVATE KEY-----
+# MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQgx6wXUaQJu3IxLcyf
+# 0QZGKhUuTfJJEf/Rus0NAXPHFy6hRANCAARjmUu5EHJr/uoXG1beSvs1j99Eo/iI
+# umHdgXXEHIC+b+q+cKqrQDi8ODhVzOcE54FGLxbCX3LIOcBDLgi8J9yn
+# -----END PRIVATE KEY-----
+# -----BEGIN PRIVATE KEY-----
+# MIIJvgIBADALBglghkgBZQMEBAIEggmqMIIJpgRAi/aIz5Gow3kZmVmVyvfFs1Hj
+# abvukCyEWbAyJ/3iNnuCFdFascAmnBbKkfEX6alNYSHYOpb5uoAqYhuwpMmpbgSC
+# CWD/IVoZtFvprFv0uG691T5fUc+EEAskVr4/rL+ACLO6BBF6shdqgKwGQ37j0mN0
+# 92sHQsBrArj/Ob9cRq+0kLwyJxWSZ3baGqMxhZRy2JUd7BFIpBVEEb+riZ62Ob2g
+# cGZWcKSTM8/R17EmB4ZYLCcTqFa7MwMFIRzM4k9Aoq3FlWb2lscPEa5QsCR9sjU5
+# 6avzl7XM2r5y0XimGEmGpmoOvLyZRo5lOzGxU0Si9T+o8bPIBMpVN0t4tF1XTF+o
+# WyzelREtd1ueuHSK0S0YIJeFeQXSJHe5Sa9Gp6CZ84fA+m6+CCHkEDVCw4THwgow
+# 8ihihTsIFjnIhzXMgDc814j6+Ll1hJppUbRXym48mh4BiJ+YSCbkAByUJj1uzDls
+# cbDNiHdXRABjUSOXkIHK6V9x9DQzKbXC2xxElAMBBADVIMzQdhe4qB7Kyz2jYhpb
+# tFNZyQxmqTOQ0sZ0coqyp8abvEZkpl6c8J6M8ohn603qNjvkrMsK5WHXOhqnu8CI
+# DFBmKDm4sIhNp5KY+2ufdz9DtAsYCktiZIb7Fszn60bHQDJ7aRDgOMuihkQ3am1M
+# ET/c4jyPB0LCtg5J9lJ3do9MW5OstwIeu1ka1hHGWcY+G8tVuHrpGbHC8s4HUIM6
+# Gmv6MV6uwMAJFTV1OWdp+2TxA7jWg78Hw0ucpGbu5UiAdaBfIAh6AxCf5LJlDKTz
+# 9JdYKsbJEhMkYqdfyG21AVm9Gxyp12EHY0wZemGYclktlbg8cYcSK1DF6yb3TEXR
+# g4SvYXbl6LYt5EiFKlcVanbiILykBih4JVJvAcvZ8aWB13cQ+DkINV7kSFjIMhgU
+# NpVI8st19XLWer2uwV79MbWydMxSOCjRswXOiXvlxJ1rebI3ysJKEiYQ6wg82Frv
+# pMOT8gtJY2i8mnWyiXoEWB6kHCQWELncGa22cwk8iVeRJHyht56PRR1Igj6ZxR9g
+# XCzcEw39S2/z+g2sulk86seLhCb39F8oBY0SCW5rw2rkYjQP8kCgNq/Z9YHT5L7G
+# uFVS4llGLGtMl1tmi6EkemMfehD5QU9wi65z563kw332FDa4oBrkGYej4W4ra5Kh
+# C8KwmihCmc5bo5IhnDIKRFgTYwkg9IbJwMa0kSds4iU3AZDrgYIq7E1kWxT9A5iQ
+# UmiPK6UrecMPaqUbokt+SMIsJwD/KcxCtMlcYbw5Wlf6A7ix+gjz+X30pwwe2oBy
+# jFPbCEA3cEhMJilgtkU/tYiFBlEwuMVJ6US05i1H9GP9rILbTIJxJBpCaTfd8aw+
+# yYVdQFHZhrmEqV2+ZhyahZggA2EmZrIyF5iawK0PFzRUkwX/IWCPLB9iQIyFmDFy
+# wICQu7DNMbO4SpFDM7NeMKxciadXo3JT6AkRkBhGy0JanBGsFC/FfCyaW2z0NVYm
+# 7BH1GC9G13MGNh6qIAt4o6BUosS6IXfsB0ZyoAgaNKlUsM38CjGT8zTv12KQyV6G
+# WzVpyUmaM28ousdGiFPx8YPiUhabKpRq2F/Xp5kscD40lx6OoSZjRILgc34IVTTU
+# YS2n028LaH/x1WKJmoZVCyml7LPiqQMbWmfJq1herJfU1zS6UQLwpWiYc4Vh+S2j
+# Ka7H+wj4AJvR9F0zQo8hhz7h4oesw8Op4VzbpMXSksbhMxgLtgPsKDkFaaJNkcHI
+# ArgfyadDjAnfhxNsLH6aZpct+kbP8Cjl2KVWW52Im4T8eUEqFwxE8kJc4BxkZMAH
+# 56AsJwXypZ3a6zNm5Uo1GgjgUF46hiN+bB+hlosOlEFDSqVSGLAV9ZuGwMtluACj
+# KcwEmwvX0iJjC06KM1ypCLyQQisp+3+r+2/qun3BdzzkqAH1ppR/aK5xwBOPUXaE
+# ch7KfHSbxFo0mj0WgrKCmnlpcFM5hCtvipaUxDTZqb3d9aYtXERfkXjlcy8P3C1X
+# iZ/7m3O0ARJlxWRJS5aGeDVeFCj/Ob7R6CX2irxi9AccRh4i0XSxEaXkcSvo2CaS
+# mmt0wnJXA8vNkalBQQs/Vb458yZWrM/OwagLaBv7VRA8gVuZWD9fc3Nt2k07pkGx
+# 0SaREUUSOEwsuFj8UnEfSQDmQ7Qt9o5D813WFCtJtniM5SBO6yoz/AdiuwANq3kl
+# 2MPNywb9FsnTMyGAAj4dHCRgtmk0dnZbrAIbbAfUeCHzIckYwiwwjBt522OxlYLw
+# 8InDZJJ7i0rvCV72SFPG57r0qJxLoE9UY5xLOzwNq7KGWIaEJnd3gHeQ8TAiOx5t
+# JRHSo5FmInajPLtA9pTT6qP+pTLSmahJSzVVdp+7hprROCePW1MlVWJydhtTeo3K
+# uAX7kh+Wx1VYNbBV539LKTUAMYHYNALQGoQxt7GMp8DYWm95OX6r1UvOEIMc61z2
+# kxNNl6ashYOBuHtboiTnqZb6JQa6xUU4u6qWa2c6yxHp0Qr4Z5Db1HJ/NRvI0XKV
+# yR7UrGfng0EYiQ3gtCqwZ1WTmj5vEHRM4K/5ERvexRWEuKeAzKEcsL+PyiCWcGub
+# nDrbp4tN3MVbmAPVsKr6c6IR4F898Q2euzpTGnoTYHiaNopqmT/yZ6zLdaScBCY3
+# XG0PGW34Rm0bvEXW2F4+URNQ+w86Ci6ICGv82K0rVFIlek0kLMlHm1m10nGENnuq
+# VSzXS5WbCIXNsT93GkZKy6SCR7gvrLTh98QdpK/NOK0Bs8vIGGdII1/ddrNfQCf0
+# YVqBeL9omQ926rce+DbZgyTf3A4mwYlAWpiGimQgSqh/mHEmkIhywECw+UKatIBG
+# UX3BMXgs6yyWIlnjZxQdlFynSsn8hSvbCKvn3J/rmB/0MFt+4Wxf+0vqMTmkdIhT
+# 9YP4UQ+lQDAHNLj7qZ1stDZmcDl5MTTfVYzeSRmnZn6s+Z1XACkmbF6UWpEPtpLi
+# GrEIhXM07H1DRMXDQBdsyA/k4grwxRiY+GxvRmaNN4J4WDvEMp0ikaWxVh9ipMsq
+# hXuMyL80dCV0ZSzz4KDAXLIgtIGNtU4G9rDI1JPW9BBUyyfc5TpCJ7qTICfeHIXq
+# 54oLuUsxQEJEax79+6z5mLl0domstGaN1RoqnIUDNZMJdwSK0JkIuCZNPJjQ6i51
+# LIS6SqDC+5r0TDEqVHErkSB/vSwNlwFU1hLmjGtNg8ZSrAkRxEjCCVQQhdYxTPJu
+# sdNbnyLJlymKCiL2JeUOdW6jghXRWrHAJpwWypHxF+mpTWEh2DqW+bqAKmIbsKTJ
+# qW4=
+# -----END PRIVATE KEY-----
+# ---END HYBRID PRIV KEY--
+# "
+ )
# Public keys corresponding to the keys in TLS13_KEY_SHARES
readonly -a TLS13_PUBLIC_KEY_SHARES=(
@@ -698,7 +771,9 @@ readonly -a TLS13_PUBLIC_KEY_SHARES=(
"00,1f,00,41,04,76,4e,e2,fd,65,8d,47,ce,f7,99,59,5f,7d,42,ff,5d,83,d6,d3,87,dd,79,57,f6,2a,57,d1,52,2f,1a,a0,83,5f,93,1b,30,ff,25,55,3a,e5,5f,4f,c1,a2,be,b1,2c,d6,44,f6,8a,2c,b4,67,e8,32,5c,3a,d8,89,2a,8f,d7"
"00,20,00,61,04,03,f3,4d,78,58,a7,ba,43,90,a5,7f,80,96,97,1c,77,43,67,44,be,7d,61,d6,26,84,8e,55,49,d4,04,08,3c,94,ca,6e,21,1f,62,fb,b8,75,dd,39,96,82,fe,ac,6f,3d,0c,73,40,36,37,9e,a7,ab,0e,4c,08,07,ea,c5,8f,5a,96,38,ac,ea,c9,9b,76,2a,55,64,da,31,37,3a,6b,2b,86,ea,3d,d8,08,bd,e1,7d,0b,c9,6d,92,31,1c,a1"
"00,21,00,81,04,0e,34,6f,80,42,d5,ef,7d,b1,5c,1b,33,e4,d2,6e,8a,b9,26,ad,a9,fa,85,a2,72,d8,f8,6a,a9,ce,2a,3d,13,a6,d2,25,23,a5,23,ab,ab,40,d5,e4,c5,04,ff,41,e1,bf,3b,ce,4a,a9,12,5a,be,e7,01,e7,ce,d5,ba,2f,9a,5f,85,a3,96,13,f8,a5,2c,64,93,18,2b,b0,e5,0e,d0,9b,ef,d6,63,90,db,d3,6e,bb,0b,f4,65,4d,bc,e9,b2,50,9b,fe,3f,2c,46,d5,99,fa,3a,c2,31,72,4e,f8,ed,c2,7f,20,67,8e,bf,b8,5c,03,ef,c9,ef,6f,13,7d,69"
- "22" "23" "24" "25" "26" "27" "28" "29" "2a" "2b" "2c" "2d" "2e" "2f"
+ "22" "23" "24" "25" "26" "27" "28"
+ "00,29,00,41,04,76,36,87,d7,9c,87,53,98,b6,45,f7,72,94,18,b7,a4,f4,28,a6,4b,e1,6d,36,31,c6,cc,6e,df,fb,98,62,73,a9,1a,b8,67,d0,d7,e2,08,7a,da,ea,66,7f,73,52,2a,ec,fc,f3,bd,f7,39,8b,0d,46,07,a3,69,2b,38,b4,f4"
+ "2a" "2b" "2c" "2d" "2e" "2f"
"30" "31" "32" "33" "34" "35" "36" "37" "38" "39" "3a" "3b" "3c" "3d" "3e" "3f"
"40" "41" "42" "43" "44" "45" "46" "47" "48" "49" "4a" "4b" "4c" "4d" "4e" "4f"
"50" "51" "52" "53" "54" "55" "56" "57" "58" "59" "5a" "5b" "5c" "5d" "5e" "5f"
@@ -723,5 +798,6 @@ readonly -a TLS13_PUBLIC_KEY_SHARES=(
[4587]="11,eb,04,e1,04,8f,b0,68,58,17,4b,90,09,0b,6f,6e,98,fc,80,b4,10,cf,ce,78,1f,89,62,7e,fe,a8,8e,bb,35,a8,0f,31,0d,35,ef,25,64,0c,b0,88,b5,49,64,95,15,1c,62,78,ff,7d,1d,b1,7e,26,6c,39,5b,dc,ca,31,04,fe,80,f5,f9,03,82,02,1c,17,80,4f,6b,74,98,09,03,48,b6,8e,b0,34,99,8e,96,1c,09,d6,1c,02,9c,68,27,c3,4b,10,25,82,67,47,88,92,e5,c8,df,b7,15,b5,17,b7,84,a6,50,f2,98,35,fc,23,25,03,95,0b,fe,11,5d,0f,52,0f,2d,47,91,d3,57,c1,02,9a,87,f5,19,37,b2,52,a9,2f,a6,56,58,0c,c9,51,7c,5e,49,19,4a,33,f0,aa,79,83,1c,1a,9c,34,bc,a8,79,61,fb,43,a3,78,2d,6a,03,81,92,c8,0f,f0,9a,2d,b8,e6,a5,89,14,49,3d,50,94,b6,41,ac,8e,e7,95,0a,12,83,02,a9,7e,c1,5a,63,71,71,45,5d,b4,9c,3e,80,7d,17,f2,a0,68,f0,12,6f,aa,39,d7,26,30,66,4b,9b,31,6a,c5,35,25,83,c2,04,94,f8,c2,70,60,21,4d,13,32,57,24,c4,a8,92,a5,18,d2,7c,ae,f4,91,79,3b,46,92,d0,62,af,e0,37,07,a3,99,71,0f,e4,c8,61,60,15,e3,3b,89,29,a2,34,89,c3,7a,a5,14,05,6e,6c,5b,9a,10,39,de,e8,a5,90,6b,aa,9a,bc,03,e1,91,71,f7,84,38,ad,d9,42,ef,99,4e,fa,79,41,6c,48,b1,3f,ec,2f,5a,3c,b7,96,1b,7e,4c,06,19,9d,67,6d,1d,bc,48,a3,98,9d,30,4a,38,29,44,bb,3b,8b,2b,24,20,8a,de,66,5c,a7,83,35,46,81,91,69,56,92,23,12,16,b0,e4,89,dc,aa,44,69,c7,76,a7,3c,8f,65,17,11,75,46,8c,44,b5,ae,40,b3,43,4a,a2,17,d5,d0,af,70,43,6d,d3,58,27,ee,48,6e,19,27,8a,fb,65,95,c9,0a,56,0f,9c,59,bd,03,65,10,7c,82,00,1b,48,58,47,7b,15,e7,16,6b,eb,91,99,93,7b,e8,f9,1e,77,66,c8,3b,f5,2a,d3,a0,71,73,d5,87,85,2b,0a,b9,22,87,5b,46,a4,94,58,6c,e0,50,bf,93,13,68,dc,f1,71,38,11,34,52,76,6e,2e,b3,51,95,c8,20,55,18,a8,0e,e8,a5,38,48,77,f4,7a,63,d5,f0,0e,fe,c6,63,0b,93,9c,f3,c2,a7,49,38,2d,14,2c,7c,19,5b,04,4a,da,60,89,dc,88,10,38,3c,47,09,a2,0c,b5,ba,3b,0a,ba,dd,c7,c7,fa,71,57,d5,75,b2,bf,5b,67,67,98,68,7c,00,bb,1b,fb,c8,95,b8,96,cc,3a,cf,95,d5,ca,07,02,79,02,ea,8f,a5,63,6c,b4,90,1b,e1,f3,64,7d,08,63,e8,06,78,d8,64,04,f9,ea,3c,e3,e5,55,9c,ea,3b,07,8a,60,49,e7,92,4b,82,6d,e0,36,50,71,f1,a6,97,62,cd,36,85,7c,b0,32,ce,34,7b,6a,0f,b9,8a,42,a3,14,2e,c0,1c,03,45,58,76,f5,6e,03,16,36,56,5c,b7,a0,64,c8,bd,4a,c2,33,75,7c,0d,b9,7e,61,06,7e,41,12,22,24,4b,26,80,fc,64,18,13,41,32,d5,64,dc,2c,60,08,3a,90,53,e2,c5,51,db,73,74,6a,05,56,66,48,cc,01,57,d1,c4,24,54,cc,6c,6b,09,9d,68,2c,a4,2f,87,30,8b,d5,bd,10,d8,55,45,55,79,82,f7,9f,f2,95,6c,69,f2,7c,c4,20,04,46,a0,b5,7e,65,1d,6e,b6,7c,17,62,aa,7b,44,94,05,70,12,16,e4,52,7d,23,94,6a,e5,ce,ad,29,92,a5,e5,1c,92,61,a5,aa,db,78,8e,92,93,f5,15,cc,b4,62,c8,13,d5,67,86,12,7d,15,cb,ba,21,23,36,81,ec,8d,9e,a1,0c,5e,c1,bc,15,42,23,c5,38,63,5e,a5,37,ed,b9,45,38,20,16,98,b1,52,d1,09,70,c8,95,48,75,f8,c6,b2,a1,1b,bc,77,58,c0,aa,b2,1a,fa,85,19,06,97,38,26,10,74,46,c7,42,bb,5b,72,10,4b,9c,69,87,f4,46,00,15,39,94,88,d3,72,06,96,b4,6d,c7,a1,a7,e1,ce,93,9b,a2,35,d3,82,65,d0,b1,11,9b,2e,e8,61,19,53,00,6d,d3,02,bc,1f,7c,48,f2,f8,99,df,68,bd,b7,a3,b6,92,99,cd,aa,51,3f,36,19,88,45,96,a8,a4,27,60,03,b4,c9,cc,59,18,35,24,73,24,5a,01,61,e3,11,34,b7,a1,db,ab,b7,cc,79,8d,cd,d3,2c,af,05,c5,59,d7,07,b4,cc,05,e1,a8,0a,d5,d3,31,fd,46,5f,e7,02,ae,c5,0a,1a,b4,a7,7c,df,22,a2,68,cb,5d,9c,f2,97,12,cb,57,d0,c2,5d,4c,08,0f,eb,a4,89,0c,f5,49,f4,68,69,fe,eb,99,59,a8,41,49,ca,c6,2b,05,56,aa,db,56,32,02,98,0f,a5,25,6b,68,4f,9e,91,64,2f,04,26,35,2c,49,bc,0b,01,9b,33,be,de,52,53,06,d5,07,4a,88,60,90,a2,c6,1e,8a,98,de,91,93,eb,97,15,41,0c,51,13,3c,8b,02,c1,94,04,f3,93,19,25,3f,c1,f6,bb,74,91,3e,7f,1c,75,3f,ea,83,b5,c9,a1,52,b3,28,61,eb,76,4b,49,b2,b9,a8,66,72,77,6f,b7,45,6f,58,38,13,3a,79,06,78,6c,ae,9f,ac,1d,be,33,01,a8,39,6d,0c,b6,4e,a1,cc,2b,77,d2,41,b7,51,97,36,04,17,d5,84,2d,1f,56,ad,7a,38,46,54,91,2a,62,93,95,d3,66,a3,e8,aa,8d,47,ba,ac,18,9b,5a,53,1b,5c,93,c8,83,01,93,cb,4d,e8,11,65,89,4e,99,42,cc,42,57,8d,72,2a,1d,ab,25,bd,8e,00,d0,dc,c5,0f,b0,cb,4c,f8,33,70,09,f1,f5,c6,3d,59,0f,32,bb,e5,87,87,20,cb,25,4c,ce,41,d8,b5,94,33,fc,e6,92,53,5f,6a,f0"
[4588]="11,ec,04,c0,65,55,33,83,63,2a,4d,62,11,db,f0,05,14,00,cb,34,78,35,00,63,9f,7a,ac,41,bb,60,7b,05,9c,35,5c,6b,53,73,58,6c,9e,d8,10,a4,40,8b,48,97,65,b6,23,2c,ec,88,bd,94,49,0a,e9,a8,54,46,55,3f,af,e5,61,a7,67,33,2e,65,23,25,2a,7c,7d,c1,0c,9a,9b,42,ea,da,4e,a7,ab,73,b0,b5,92,21,a0,79,f9,96,b3,8c,ab,17,fa,30,2d,37,47,7e,53,c9,07,7b,a2,6d,37,25,b9,1b,5c,2f,64,b9,a3,a0,ec,40,29,95,c4,e9,c1,69,0d,04,8f,af,32,52,4b,c9,91,a2,8a,01,a5,a9,24,ee,4a,a4,d6,e7,87,d3,c7,1b,4b,a9,3f,12,15,73,ed,06,8a,95,a3,c6,ef,5c,bb,7f,82,9c,1c,54,4c,2c,e2,73,51,15,74,d7,87,9f,de,46,1c,78,26,70,69,37,7a,19,47,14,dc,e3,34,7e,b6,7b,bb,98,36,12,d2,34,91,d8,09,29,86,bc,ea,4b,5d,a9,13,29,fd,c5,22,b8,75,6f,83,77,bb,81,73,04,70,42,45,dd,09,10,68,8b,60,fe,26,2f,0e,56,be,43,f4,a4,ea,f6,06,30,59,24,c2,65,b7,1b,f4,55,e2,48,61,e3,f4,00,46,16,21,3b,68,ae,ee,68,74,4a,a7,0d,88,a2,83,ec,d4,b0,20,98,90,5e,7c,1e,c8,e9,9d,8b,e3,26,79,90,c3,2e,30,04,60,75,8b,ee,b3,b3,30,b0,ba,12,8b,b3,e5,c7,54,e4,ab,31,5a,55,bb,25,27,47,06,4a,4f,bf,8b,b3,e3,81,5f,74,c9,44,df,6c,49,7f,c2,65,cf,a0,a7,69,d6,7f,3f,92,41,2e,97,4c,ac,01,8a,a6,9b,bc,50,58,52,c5,ec,58,da,75,11,dc,90,20,41,79,1e,e9,39,5c,06,99,7f,93,11,a7,d5,44,85,fe,2c,bd,d5,61,4c,ac,bb,36,a1,5c,43,fc,b8,6c,34,a6,01,92,77,5a,0c,f9,10,1d,e4,46,43,b0,8b,bd,68,29,5f,9a,29,d5,26,88,9b,12,9a,0c,03,29,2c,c2,0e,b6,61,54,12,29,a5,c9,e2,03,0c,d3,6c,15,24,7e,90,1c,2c,6c,37,b2,0d,72,b6,d6,9a,89,33,68,68,be,75,0f,1a,24,3e,9c,f4,75,b2,31,52,09,ab,c9,8a,bc,3c,eb,64,6e,84,13,9b,80,6b,b4,4c,79,b4,6a,4c,1e,39,11,69,33,a4,6c,0d,e6,06,cd,11,bb,59,37,be,88,43,84,9f,2a,45,05,94,38,17,f8,7b,8f,82,49,e1,e7,c0,28,34,6a,0a,5c,b0,c2,2c,c2,4b,64,52,32,e3,87,e2,c4,6f,52,80,4e,01,c1,80,19,b3,84,8c,a1,6f,95,c7,7a,fd,d4,5f,de,ba,c4,a3,f0,30,72,ac,7f,9a,a0,85,14,18,62,0e,a3,68,a2,03,48,bc,4a,50,dc,c5,64,08,f2,1b,76,eb,5b,f5,56,a5,e7,b0,07,b6,56,3c,d4,13,95,1c,82,71,9a,c8,38,4b,fa,25,c4,36,8d,41,24,64,02,59,cf,69,91,21,de,0a,80,7e,ea,8d,c2,7b,48,24,1a,6a,fa,a6,1a,25,48,9b,3b,c1,49,8a,47,10,5e,a1,b5,6e,24,42,fc,fc,44,a8,99,b3,60,24,23,c4,3b,71,5e,89,5a,52,01,c5,0c,84,42,85,1a,9c,3d,65,a1,27,72,43,98,32,40,05,90,71,d7,d4,98,41,13,c7,2c,d0,8b,a8,5b,24,29,54,1b,fb,83,a4,a4,44,97,df,b8,7d,a6,97,ca,32,93,57,8b,d8,5e,08,65,42,81,e3,6a,5c,e0,1a,ef,d0,1d,93,98,c5,4d,f5,a0,3a,37,ae,c2,f5,5d,98,6c,95,1a,c7,58,d4,a9,32,f6,ea,8f,af,79,48,66,94,ab,47,e4,89,f6,09,63,56,48,6b,27,63,98,43,f9,1a,04,ea,62,4c,02,1f,94,a5,4a,4f,77,37,06,03,b5,e2,ba,aa,a9,16,43,8d,91,a2,81,f0,1c,09,e6,81,ff,f0,95,42,68,32,d2,a8,bc,7f,18,bf,d5,f1,14,3f,28,14,a2,3a,86,2f,94,ad,18,46,8d,7e,3b,1d,13,e1,19,d0,98,49,d4,bb,03,90,12,8c,f5,17,22,57,ca,0b,93,cc,1e,3e,b0,a7,4e,c9,8b,b5,da,6e,9e,76,c9,1e,d7,98,05,a8,c2,0e,05,bd,b4,30,bf,1d,e6,10,e7,74,73,00,00,9b,f2,27,1b,5d,b5,b6,c3,28,b3,01,3b,a0,0a,32,52,21,b8,ae,10,bc,5d,d2,70,47,6d,02,ca,95,aa,80,de,6b,5f,c7,04,af,f6,16,1c,a7,fb,54,e7,79,71,c8,22,4d,ae,81,55,0b,81,b2,c1,c4,b8,24,48,4d,46,50,ac,02,19,01,f8,01,65,0b,73,61,87,19,42,cc,29,25,52,b1,18,5f,69,63,65,b3,3d,cb,91,b6,31,3c,40,b4,8a,6f,08,ca,90,ab,a0,4a,b7,e2,b3,b0,f5,89,93,89,78,c3,93,3b,97,fa,92,b0,8b,c0,6a,29,0b,b3,b9,a6,2f,16,1f,34,67,4b,a2,47,38,ad,01,bf,bb,26,46,3e,17,78,22,68,0d,2a,54,1c,d6,09,15,4a,c5,9f,f4,80,7d,24,e1,30,68,4c,01,b9,b2,a2,11,eb,0e,ba,f6,49,c7,32,b1,ef,5a,ae,37,06,81,08,5c,8a,4f,05,38,c6,b8,7e,5b,77,b2,61,65,a6,22,37,29,11,dc,26,4c,50,44,c2,78,95,4d,83,9c,07,6c,c2,8e,00,08,bf,e5,ce,4b,ba,58,2f,54,83,bb,55,9f,75,7c,c2,fe,63,7c,8a,54,c5,95,c4,c8,b7,c4,cb,62,3b,7f,55,5a,3f,73,a6,b9,2e,dc,54,bd,e1,bf,5c,b9,e2,85,0c,a5,19,ff,ae,0a,7b,2c,14,b4,da,9a,ad,c3,2e,e1,fb,6f,d1,de,9e,c5,dd,6c,0e,5d,63,d0,b0,9a,3c,8d,b4,23,07,c3,74,5b,7d,c1,a3,5f,41,e5,9f,96,73,5f"
[4589]="11,ed,06,81,04,11,4f,18,47,b8,9f,e6,f1,83,9a,a1,f6,ca,e2,d0,d0,89,f5,fc,71,77,6a,05,98,d2,32,10,bb,81,a4,b9,62,43,3d,f2,9b,8b,1f,62,f3,6a,f9,bc,fb,af,43,bc,e5,d6,22,67,cb,7e,2b,b6,84,d2,9e,f8,c0,e5,84,49,fb,84,d7,03,8f,5c,3f,77,e6,2a,83,d9,ca,9d,30,5e,21,6e,a1,60,97,68,d9,af,92,a0,6d,d1,71,6d,4f,17,8e,a5,64,6c,f9,e4,57,ce,ac,3c,43,85,1a,f1,da,1c,1d,51,0f,8f,f4,cc,f6,5a,ce,c5,79,14,c8,f8,09,71,02,b5,12,95,b1,75,1a,0f,d5,53,21,a0,91,0b,0a,11,28,9c,b8,2c,a6,13,94,2a,b0,4a,de,8b,30,b4,77,5e,f9,c4,bd,0f,95,39,50,9c,2b,c5,d4,22,f3,90,7d,48,fc,33,55,00,c6,10,c1,a9,be,2b,69,17,b8,4d,e9,dc,34,ed,51,2f,5e,46,8b,66,c3,39,d5,d1,9e,7a,eb,14,17,a6,51,21,e1,64,d7,97,91,f0,ac,64,d6,6b,30,c0,21,80,d6,e4,17,c1,02,8d,8b,d9,19,87,ab,7d,22,98,2e,8b,c8,56,3e,5c,0e,50,a1,4f,88,a3,53,f9,cb,30,0f,6b,48,60,75,b8,7d,c1,9a,14,f0,25,3a,3c,73,0d,45,97,00,98,92,bf,27,53,12,c8,24,98,33,3b,3a,e9,a5,9e,03,62,08,46,36,62,0b,45,9e,a7,7c,80,46,07,88,3c,22,6c,01,01,5c,19,60,03,d1,1d,d3,84,71,b6,60,2d,84,a5,b8,1a,56,35,ff,29,4b,49,45,9e,51,67,86,96,00,ab,8c,ca,bd,3d,e3,85,7c,22,8b,eb,46,0a,b2,a6,6b,1d,d1,75,6e,78,20,05,d9,30,d1,e2,04,38,15,ce,8a,13,5d,3d,b4,3f,2f,f3,96,40,27,9e,3e,3a,68,d2,ec,0c,a0,38,0d,bb,6c,31,45,48,a0,8b,11,61,6d,5b,3f,ab,21,14,01,44,37,90,2b,a2,00,42,a4,7a,62,24,1d,79,b4,d8,da,84,5c,d1,55,dd,9a,8d,fd,60,ab,bb,c3,9e,be,86,25,ba,44,18,a5,cb,80,b4,c7,cc,15,a9,4f,2b,e8,28,f5,99,13,61,6a,2b,c7,15,ac,b4,b8,cc,08,b4,4b,3f,20,26,79,35,61,a9,e0,b7,c9,a7,80,99,38,8f,9a,27,66,ef,57,90,a9,32,ca,4b,7c,aa,69,30,b8,cd,4c,27,5d,f2,b8,10,0a,cd,ee,75,64,58,77,9c,f5,b9,34,26,61,8c,f5,26,8e,68,70,b1,39,74,72,19,41,5a,2f,54,a8,f3,a7,7c,f1,3b,6f,8d,37,42,bd,4a,98,7e,29,44,1e,d7,c7,1d,c8,4d,bf,41,0d,7e,82,76,00,8b,ab,a0,01,cd,b9,30,16,32,4c,b4,ac,a1,10,55,e6,88,37,ec,4a,a9,45,44,d6,25,ba,ce,13,42,f4,52,36,1b,72,c2,4a,c7,a4,88,82,27,99,3c,16,d0,25,cf,47,d0,72,5b,c8,7e,42,89,31,81,f3,c5,69,b4,2b,aa,a8,9e,5d,13,5d,69,b5,0a,52,ec,18,68,ea,69,1e,1c,c7,0c,62,30,47,b3,37,a5,93,4c,a5,98,cc,a3,e9,75,54,35,79,b6,01,46,59,c7,77,72,66,b8,73,fb,31,88,1a,40,84,ac,93,00,2c,5a,04,84,68,3b,0c,87,2d,b1,ab,20,9a,6e,e4,f4,5d,ee,43,c7,a3,e4,a7,e9,27,6f,6a,25,18,57,91,60,69,82,c1,b2,e5,0f,a3,d3,23,c7,37,7c,57,57,b3,aa,54,49,35,49,7e,e4,e8,9c,01,f3,24,7f,18,8d,9a,89,63,30,3a,a3,83,a1,6c,c7,bb,3f,d8,56,38,56,d2,44,42,17,97,86,d9,3c,6d,90,c5,67,c5,17,ce,4b,6e,b4,33,30,54,83,95,ad,e6,15,d7,64,87,d7,42,18,09,b8,10,8b,39,70,95,b0,2e,50,e1,c5,44,28,44,0b,8a,53,27,66,25,86,06,b4,09,eb,0a,75,b8,b3,c2,63,c5,9f,c1,b2,28,38,cf,f3,f1,86,f6,10,61,b7,c7,4c,fe,55,40,16,93,b0,2e,d0,9f,9c,85,c9,f1,81,3c,18,99,3d,6a,e3,ab,fa,67,27,c4,6b,81,8f,71,26,1c,ca,73,8c,0c,72,bb,47,46,dd,20,cf,ad,62,65,f3,00,0f,8e,42,15,bb,34,09,32,87,cd,a2,35,cf,dd,50,5a,77,92,9a,c6,03,24,3e,36,b8,a1,da,26,3c,22,71,08,a5,b4,ca,68,83,53,66,a9,ad,67,43,e8,70,1d,e1,f6,67,4d,44,55,34,46,71,c1,08,1c,4b,e9,41,f6,5b,0d,46,08,ab,6e,78,c2,5b,76,24,ab,75,42,05,4a,2d,dc,b2,a2,89,20,9f,f5,ea,12,e2,14,83,57,b2,36,2e,45,52,30,34,95,3b,b1,41,af,9b,a4,07,87,02,be,1a,5f,f2,a5,8e,fb,10,18,5c,d7,a7,ca,9b,5b,aa,68,8b,e2,33,be,52,18,4b,83,78,28,2a,43,3a,4c,3c,af,ba,07,72,4f,40,4d,d0,72,07,bc,77,50,73,b9,5f,e8,70,2e,e4,94,4c,62,3a,79,37,4b,1c,8c,e5,1d,ba,94,0c,f9,32,33,60,fa,bd,d9,55,aa,30,14,6f,3e,a6,7a,22,8b,84,5e,95,cf,8f,54,11,b7,28,1b,5a,69,5f,c1,b7,4b,23,65,70,30,c5,6f,94,0c,37,2d,ac,4d,b7,d1,c8,6b,45,2e,d0,f6,64,a5,d6,5b,d7,43,79,e6,52,3d,e9,27,7e,99,a0,3b,80,4c,aa,d8,24,a5,a7,1b,be,97,85,7c,8b,f2,95,5c,32,6e,80,a9,45,5a,c2,5f,88,58,59,9d,52,5f,f4,67,c3,d9,a3,31,89,b8,0f,1f,c7,9f,04,fb,44,1e,0a,85,b4,c7,9d,be,ea,bc,31,fb,91,1e,05,ae,5d,bb,af,e2,a9,2d,1b,57,1b,ec,01,7a,19,25,74,7c,39,43,21,d8,66,84,f7,15,fc,f9,be,6d,55,56,3a,76,a8,79,3b,c2,8e,da,cb,b1,5c,5b,5b,36,aa,4a,c5,98,94,37,08,ca,24,63,a7,2b,84,a5,79,8d,cc,e3,08,83,c5,0a,f0,3b,58,c1,e8,a9,db,b0,73,47,0c,7f,fd,bc,2f,ab,93,47,33,77,76,71,e5,08,08,f9,6f,57,21,39,0e,d0,27,3f,11,7c,62,84,84,d1,63,09,18,84,29,37,92,ca,c6,20,9a,a4,2b,55,4a,da,37,f5,8c,af,50,ba,bb,cc,2a,88,b7,bb,4d,f5,6a,cc,c6,3b,c4,7e,76,24,ba,27,c8,f3,71,24,0c,19,50,24,47,77,a7,c7,43,99,88,10,33,87,c9,a4,8c,51,23,e1,96,68,86,cc,74,b2,2d,2c,66,4f,a0,1b,83,2e,50,8c,03,42,2e,cc,75,06,25,6c,7c,f6,04,8a,5e,d5,7b,7a,d7,b5,b6,82,c7,d7,5b,2c,82,61,ae,6e,e4,3a,af,2c,08,b3,7b,72,71,52,39,3f,c7,ac,60,50,48,e9,b8,36,79,81,87,62,ea,70,0b,20,a8,32,34,1a,53,77,7c,b2,0a,c7,bd,86,43,98,d4,a4,74,e1,88,38,ac,c7,e1,f3,9d,4e,31,76,9b,54,4f,a2,05,9b,09,2b,85,59,dc,8b,e5,95,be,29,34,1b,8a,07,2b,dd,b6,ab,0c,01,33,0f,85,40,bb,93,8d,cf,17,bb,6a,77,6c,f4,93,64,1a,a6,2b,8b,92,3f,94,e3,8a,03,61,b9,d2,90,9a,99,86,a6,df,f1,71,c3,bc,b9,d1,57,9f,47,b3,3c,38,0c,1a,d9,b2,9c,3a,11,a2,a3,0b,2f,24,04,69,52,50,8b,9b,1b,1a,a8,49,a5,81,74,65,54,68,b8,34,2b,75,35,c4,9d,e9,12,84,38,d5,5e,99,09,2e,78,74,cd,e9,e2,3b,d3,e6,58,1b,35,1f,6e,34,3f,3a,ea,1b,f6,01,29,af,bb,68,8c,ea,4c,a6,9b,35,96,91,75,8a,ea,06,83,11,76,20,9c,06,74,53,af,ae,00,1d,b4,07,28,1d,21,64,a0,77,0d,ae,2e,1b,55,a6,49,7c,0e,88,7f,c0,d3,ca,a1,32,e7,02,21,51,8a,1e,a2,be,ec,f6,e2,86,37,1a,9f,5f,6b"
+ [4590]="11,ee,04,e1,04,63,99,4b,b9,10,72,6b,fe,ea,17,1b,56,de,4a,fb,35,8f,df,44,a3,f8,88,ba,61,dd,81,75,c4,1c,80,be,6f,ea,be,70,aa,ab,40,38,bc,38,38,55,cc,e7,04,e7,81,46,2f,16,c2,5f,72,c8,39,c0,43,2e,08,bc,27,dc,a7,a7,d3,6f,0b,68,7f,f1,d5,62,89,9a,86,55,0b,29,a5,ec,b3,e2,a9,03,1b,5a,67,c9,ab,58,5e,ac,97,d4,d7,34,ba,51,02,f0,a5,68,98,73,85,61,f9,2d,a3,29,ae,c7,fb,08,f8,00,9b,d1,f4,5d,33,42,8f,21,87,3e,e1,e2,87,ac,c3,c3,a9,e1,5c,db,a4,c5,d2,92,c6,e1,33,18,0b,b6,03,ec,28,39,05,69,a2,4d,91,c1,c8,02,b8,1f,c9,a7,43,8c,09,df,87,13,6c,2c,7e,9a,66,97,2d,fa,46,cf,f0,28,e5,d8,a5,56,5b,9d,88,9b,84,fc,79,41,2a,17,0c,44,f2,42,5c,e0,1c,64,64,c0,07,e7,a0,2c,27,05,f2,a5,9d,da,eb,33,66,e5,4a,35,1a,08,e0,50,5e,3a,86,23,7e,6c,1f,a1,96,8b,0e,94,41,43,4a,a5,52,18,b0,15,f5,9b,86,c0,cb,65,b8,00,a3,29,cc,04,9b,0b,d7,d2,22,63,0b,4e,8a,33,5c,a9,08,bc,90,42,2b,29,fb,7f,ab,fb,6f,ea,ba,7d,c1,77,3c,e4,a8,01,f5,a6,94,7f,68,ae,71,c0,13,8f,51,76,84,72,1e,ca,7c,74,9b,c4,5a,34,9a,3d,16,82,b2,82,9a,79,69,70,53,39,84,2b,6f,8a,96,94,c4,34,d9,a9,bd,dd,f5,a6,2d,5c,44,5f,91,78,e5,73,2f,0f,dc,2d,57,89,9f,fb,9b,73,b4,01,12,65,c5,64,49,4b,96,86,78,35,5e,14,28,ff,39,be,d1,e8,25,f6,8a,bc,62,f4,07,1c,46,1e,22,d1,74,b1,11,a5,e4,71,2b,e8,d8,26,92,9a,6b,74,c2,72,57,03,cb,cd,91,a9,41,41,0b,3f,55,be,39,f3,26,56,ac,cf,ce,c1,a8,0b,68,1b,fb,55,10,3c,81,5b,99,58,3f,5f,73,73,6d,da,4d,3b,a6,41,b1,d1,26,91,11,45,12,38,4c,2c,b8,58,fc,52,71,1f,49,00,e6,43,b4,2d,f6,8e,43,f3,5d,d6,14,2b,49,b6,78,8c,e5,20,4e,eb,2a,33,fc,07,62,bb,00,0d,ab,79,25,d8,c3,cd,cb,06,fd,16,c9,d3,33,21,80,02,3e,1d,1c,24,60,b6,69,34,76,76,5b,ac,02,1b,6c,07,d4,78,21,f3,21,c9,18,c2,2c,30,8c,1b,79,db,63,b1,95,82,f0,f0,89,c3,64,92,7b,8b,4a,ef,09,5e,f6,48,53,c6,e7,ba,f4,a8,9c,4b,a0,4f,54,63,9c,4b,3b,3c,0d,ab,b2,86,58,86,84,26,77,77,80,77,90,f1,30,22,3b,1e,6d,25,11,d2,a3,91,66,22,76,a3,3c,bb,40,f6,94,d3,ea,a3,fe,a5,32,d2,99,a8,49,4b,35,55,76,9f,bb,86,9a,d1,38,27,8f,5b,53,25,55,62,72,76,1b,53,7a,8d,ca,b8,05,fb,92,1f,96,c7,55,58,35,b0,55,e7,7f,4b,29,35,00,31,81,d8,34,02,d0,1a,84,31,b7,b1,8c,a7,c0,d8,5a,6f,79,39,7e,ab,d5,4b,ce,10,83,1c,eb,5c,f6,93,13,4d,97,a6,ac,85,83,81,b8,7b,5b,a2,24,e7,a9,96,fa,25,06,ba,c5,45,38,bb,aa,96,6b,67,3a,cb,11,e9,d1,0a,f8,67,90,db,d4,72,7f,35,1b,c8,d1,72,95,c9,1e,d4,ac,67,e7,83,41,18,89,0d,e0,b4,2a,b0,67,55,93,9a,3e,6f,10,74,4c,e0,af,f9,11,1b,de,c5,15,84,b8,a7,80,cc,a1,1c,b0,bf,8f,ca,20,96,70,6b,9b,9c,3a,db,a7,8b,4d,dc,c5,5b,98,03,d5,b0,aa,fa,73,a2,11,e0,5f,3d,f1,0d,9e,bb,3a,53,1a,7a,13,60,78,9a,36,8a,6a,99,3f,f2,67,ac,cb,75,a4,9c,04,26,37,5c,6d,0f,19,6d,f8,46,6d,1b,bc,45,d6,d8,5e,3e,51,13,50,fb,0f,3a,0a,2e,88,08,6b,fc,d8,ad,2b,54,52,25,7a,4d,24,2c,c9,47,9b,59,b5,d2,71,84,36,7b,aa,55,2c,d7,4b,95,9b,08,85,cd,b1,3f,77,1a,46,4a,cb,a4,82,47,b8,2f,ac,b4,e1,f7,c4,1d,a4,af,cd,38,ad,01,b3,cb,c8,18,67,48,23,5f,dd,76,b3,5f,40,27,f4,61,5a,81,78,bf,68,99,0f,76,ea,b7,1e,f8,36,d9,83,24,df,dc,0e,26,c1,89,40,5a,98,86,8a,64,20,4a,a8,7f,98,71,26,90,88,72,c0,40,b0,f9,42,9a,b4,80,46,51,7d,c1,31,78,2c,eb,2c,96,22,59,e3,67,14,1d,94,5c,a7,4a,c9,fc,85,2b,db,08,ab,e7,dc,9f,eb,98,1f,f4,30,5b,7e,e1,6c,5f,fb,4b,ea,31,39,a4,74,88,53,f5,83,f8,51,0f,a5,40,30,07,34,b8,fb,a9,9d,6c,b4,36,66,70,39,79,31,34,df,55,8c,de,49,19,a7,66,7e,ac,f9,9d,57,00,29,26,6c,5e,94,5a,91,0f,b6,92,e2,1a,b1,08,85,73,34,ec,7d,43,44,c5,c3,40,17,6c,c8,0f,e4,e2,0a,f0,c5,18,98,f8,6c,6f,46,66,8d,37,82,78,58,3b,c4,32,9d,22,91,a5,b1,56,1f,62,a4,cb,2a,85,7b,8c,c8,bf,34,74,25,74,65,2c,f3,e0,a0,c0,5c,b2,20,b4,81,8d,b5,4e,06,f6,b0,c8,d4,93,d6,f4,10,54,cb,27,dc,e5,3a,42,27,ba,93,20,27,de,1c,85,ea,e7,8a,0b,b9,4b,31,40,42,44,6b,1e,fd,fb,ac,f9,98,b9,74,76,89,ac,b4,66,8d,d5,1a,2a,9c,85,03,35,93,09,77,04,8a,d0,99,08,b8,26,4d,3c,98,d0,ea,2e,75,2c,84,ba,4a,a0,c2,fb,9a,f4,4c,31,2a,54,71,2b,91,20,7f,bd,2c,0d,97,01,54,d6,12,e6,8c,6b,4d,83,c6,52,ac"
[25497]="63,99,04,c0,15,45,8a,33,c6,16,72,fb,44,02,c9,c1,42,63,5d,2e,d0,30,a8,9b,a8,84,19,33,bf,23,10,ec,05,67,68,d9,12,0e,88,07,0a,39,85,85,6c,52,6e,24,70,69,38,aa,a1,a7,10,41,b5,4f,5a,99,2f,38,dc,07,0e,ab,a8,a2,44,40,49,7c,47,5d,3a,bd,7c,ea,af,63,11,47,5f,d2,8c,ef,81,b1,4d,e1,57,40,e6,32,0c,49,5d,43,63,62,7e,a8,49,71,7a,85,ea,00,9f,42,54,85,71,97,16,0e,43,35,4b,d1,26,2c,73,c8,cc,f2,43,63,c3,66,17,b4,7c,a7,d2,66,98,b4,60,e8,0b,a7,94,49,75,03,e3,4f,bf,69,ba,e7,67,68,89,c2,8a,4b,24,a2,42,f4,74,92,e3,44,85,bc,9e,da,e3,40,e9,e4,bd,4c,02,20,88,dc,67,2d,25,ba,4f,0a,4b,7c,dc,1f,96,d3,6a,01,86,5b,ad,75,b2,23,c5,c7,39,10,35,34,59,6e,23,fc,c9,cd,c0,17,e0,16,79,4b,04,82,70,d9,1f,62,a4,36,67,d3,00,a9,db,a4,25,09,21,38,f0,0b,d1,17,6a,3d,d5,22,51,1a,a6,0b,97,23,c7,67,32,0b,7c,a0,b3,a7,0d,06,49,01,52,69,9c,4f,f5,37,dd,0c,a7,bc,d0,c2,72,d5,6f,9c,26,aa,c3,ca,0d,84,6b,27,40,f8,1b,e3,55,bb,e4,f0,9a,15,52,2f,a3,da,06,45,c2,10,6e,a3,2a,07,87,61,89,1c,39,b1,52,26,2a,80,a5,a6,4b,2c,b3,3c,40,d7,42,0d,8b,67,90,d6,c6,49,09,a7,6e,d3,f2,c2,ac,b5,46,75,2c,8c,0d,03,0a,d8,f2,b7,19,a7,a4,84,f4,90,48,34,29,aa,00,28,e8,01,bf,2b,02,94,57,e2,62,36,59,61,d2,c0,0e,1c,69,04,57,b0,ba,c3,2c,a4,aa,e7,46,03,45,c9,a1,b6,58,13,ba,3f,ea,80,b3,ef,dc,5c,7f,28,8b,c6,92,18,db,81,0b,43,e1,07,65,b4,be,96,33,58,f0,31,c0,8c,29,9c,4c,d9,a8,95,91,58,e1,e7,61,b5,b5,23,0e,fa,39,62,63,38,3e,d4,3c,df,c1,09,81,ea,4f,0b,a2,7c,e3,08,1f,e6,e1,0f,5e,e0,5f,f1,02,c3,99,fa,6a,6f,45,96,87,31,18,f6,d8,48,13,15,6b,ed,7a,02,1e,da,a5,ec,da,67,07,67,ab,c2,ab,94,a5,07,01,17,54,8e,9c,35,12,55,60,53,02,8b,48,46,06,79,9f,da,6c,f3,51,86,a6,34,16,af,ba,45,ac,77,68,10,0b,c1,ce,f0,0a,c5,20,98,37,42,22,f8,e8,2e,9b,80,52,23,e4,90,f3,01,6e,f9,40,a7,19,c1,9d,59,97,9d,2e,57,06,d2,2a,75,28,c5,5b,aa,0c,a8,94,62,7b,ff,80,c4,6c,01,67,7f,c5,98,61,06,a3,bf,2c,19,32,77,86,7c,1c,42,36,0c,8c,7b,6b,62,01,d7,5a,2c,62,6f,a5,18,1b,19,c3,47,f7,e9,c9,ff,a9,c1,89,31,1d,46,79,2c,35,51,63,4a,f7,66,91,4a,b8,93,f9,40,b9,28,71,29,85,9a,0d,c5,16,c7,7b,ae,b9,4a,cc,50,d3,39,37,54,5f,31,fc,1b,fc,5a,76,23,e5,49,6b,c0,bd,11,1b,a2,b0,ca,36,55,07,54,40,0a,08,c8,49,ca,09,ea,29,73,02,80,d5,30,4c,e6,00,ae,0a,a4,2f,b8,57,4c,2d,75,58,05,8b,b6,c5,55,be,22,e6,48,63,75,c5,aa,f9,8d,e9,4c,8a,51,84,b7,96,b0,2e,14,58,18,99,48,29,de,36,7d,be,e5,8e,01,7c,9d,0f,71,2f,f8,84,7d,6e,d2,88,d0,67,b2,5b,e3,bb,63,bc,53,fa,80,88,29,26,c5,22,54,42,d8,21,82,5d,6a,4a,b1,b7,a2,8f,48,68,c2,c7,2f,79,fa,8d,25,f4,85,7b,47,a5,46,a5,af,3e,88,37,06,f5,41,40,71,02,89,f9,3e,1d,46,43,3e,34,5e,7e,39,4b,f2,25,c8,30,33,59,45,8a,c2,95,4b,94,37,53,b3,f0,03,73,21,d5,36,51,fc,6f,e9,1c,69,dd,a6,47,2b,39,5e,fc,35,c4,a8,84,7e,34,32,b3,76,f5,23,1b,67,07,e7,c8,b3,99,82,36,ec,9b,c7,a3,2c,80,de,09,46,c9,c9,22,cd,19,b9,a7,e0,c8,cb,a3,20,f7,f4,3a,7c,48,44,86,db,96,a4,b0,9d,bd,63,84,54,d9,c6,09,16,03,1e,45,89,65,da,57,2d,b3,33,0a,7b,1a,98,5a,cc,e5,08,ba,8c,35,7e,fe,4a,36,fa,f4,58,c3,fb,c8,e1,66,14,9e,91,b6,02,88,6f,fe,a9,6e,41,cb,63,6d,92,cc,65,c4,a9,9e,69,38,75,ec,6f,0f,89,c7,65,aa,2a,a1,8b,90,ad,e5,83,4b,b2,3e,68,60,84,be,a0,98,32,e6,47,53,41,c4,35,49,ca,10,16,c5,52,53,47,2b,ac,4f,44,1b,6a,04,7a,ab,95,7b,ae,20,b6,cc,be,21,9d,66,0a,c9,b0,a4,0b,2c,36,48,f2,6c,70,1d,56,11,b5,54,0a,7a,75,41,f1,fc,94,97,fc,5f,1c,53,c2,80,d5,64,6e,f9,c4,32,a1,69,fb,f6,b4,d7,63,a9,86,b8,7a,70,30,2f,45,22,47,19,1a,0e,54,b6,c4,58,81,b8,36,c1,2f,b5,67,6e,07,05,7b,68,37,aa,a8,73,46,c7,1b,1c,d8,34,44,83,83,b8,d7,07,76,5a,e9,32,38,30,9f,17,78,b0,c0,11,73,43,f2,c9,10,b1,cc,59,e9,59,f8,44,60,a0,1b,9c,98,f2,43,2e,5b,5a,b1,6a,07,e7,9a,73,79,56,cf,73,05,9a,a6,6a,79,a5,49,1f,c0,97,22,fe,89,e2,e4,66,6d,9a,18,ac,5e,d1,41,ba,dc,99,b4,01,0d,b0,43,11,3e,be,a0,50,d6,39,8a,4f,58,7d,cc,30,ba,c0,e6,41,51,ab,4e" )
diff --git a/openssl-iana.mapping.html b/openssl-iana.mapping.html
index 9e90ce2..190a94b 100644
--- a/openssl-iana.mapping.html
+++ b/openssl-iana.mapping.html
@@ -224,6 +224,10 @@ xB9 TLS_RSA_PSK_WITH_NULL_SHA384
| [0xbe] | DHE-RSA-CAMELLIA128-SHA256 | DH | Camellia | 128 | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 |
| [0xbf] | ADH-CAMELLIA128-SHA256 | DH | Camellia | 128 | TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 |
+
+| [0xc6] | | ECDH | SM4GCM | 128 | TLS_SM4_GCM_SM3 |
+| [0xc7] | | ECDH | SM4CCM | 128 | TLS_SM4_CCM_SM3 |
+
| [0x5600] | TLS_FALLBACK_SCSV | | | | TLS_EMPTY_RENEGOTIATION_INFO_SCSV |
diff --git a/testssl.sh b/testssl.sh
index 937d3ba..4a7da1f 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -467,7 +467,13 @@ declare TLS_CIPHER_AUTH=()
declare TLS_CIPHER_ENC=()
declare TLS_CIPHER_EXPORT=()
declare TLS_CIPHER_OSSL_SUPPORTED=()
-declare TLS13_OSSL_CIPHERS="TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_SHA256_SHA256:TLS_SHA384_SHA384"
+declare TLS13_OSSL_CIPHERS="TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_SHA256_SHA256:TLS_SHA384_SHA384:TLS_SM4_GCM_SM3:TLS_SM4_CCM_SM3"
+
+# Regular expression that matches all TLS 1.3 ciphers (see RFC 8446, RFC 8998,
+# RFC 9150, RFC 9367, and draft-irtf-cfrg-aegis-aead-08).
+# Note that strip_inconsistent_ciphers() also needs to be updated whenever a new
+# TLS 1.3-only cipher suite is added.
+declare TLS13_CIPHERS_REGEX="13,0[1-7]|00,[cC][67]|[cC]0,[bB][45]|[cC]1,0[3-6]"
########### Some predefinitions: date, sed (we always use tests for binaries and NOT try to determine
@@ -1033,8 +1039,10 @@ strip_inconsistent_ciphers() {
local cipherlist="$2"
if [[ $proto -lt 4 ]]; then
- cipherlist="${cipherlist//, 13,0[0-9a-fA-F]/}"
+ cipherlist="${cipherlist//, 13,0[1-7]/}"
+ cipherlist="${cipherlist//, 00,[cC][67]/}"
cipherlist="${cipherlist//, [cC]0,[bB][45]/}"
+ cipherlist="${cipherlist//, [cC]1,0[3-6]/}"
fi
if [[ $proto -lt 3 ]]; then
cipherlist="${cipherlist//, 00,3[b-fB-F]/}"
@@ -4176,7 +4184,7 @@ run_cipher_match(){
! "${ciphers_found2[i]}" && ciphers_to_test+=", ${hexcode2[i]}"
done
[[ -z "$ciphers_to_test" ]] && break
- [[ "$proto" == 04 ]] && [[ ! "$ciphers_to_test" =~ ,\ 13,[0-9a-f][0-9a-f] ]] && [[ ! "$ciphers_to_test" =~ ,\ [cC]0,[bB][45] ]] && break
+ [[ "$proto" == 04 ]] && [[ ! "$ciphers_to_test" =~ ,\ ($TLS13_CIPHERS_REGEX) ]] && break
ciphers_to_test="$(strip_inconsistent_ciphers "$proto" "$ciphers_to_test")"
[[ -z "$ciphers_to_test" ]] && break
if "$SHOW_SIGALGO"; then
@@ -4451,7 +4459,7 @@ run_allciphers() {
! "${ciphers_found2[i]}" && ciphers_to_test+=", ${hexcode2[i]}"
done
[[ -z "$ciphers_to_test" ]] && break
- [[ "$proto" == 04 ]] && [[ ! "$ciphers_to_test" =~ ,\ 13,[0-9a-f][0-9a-f] ]] && [[ ! "$ciphers_to_test" =~ ,\ [cC]0,[bB][45] ]] && break
+ [[ "$proto" == 04 ]] && [[ ! "$ciphers_to_test" =~ ,\ ($TLS13_CIPHERS_REGEX) ]] && break
ciphers_to_test="$(strip_inconsistent_ciphers "$proto" "$ciphers_to_test")"
[[ -z "$ciphers_to_test" ]] && break
if "$SHOW_SIGALGO"; then
@@ -6405,7 +6413,7 @@ sub_cipherlists() {
for proto in 04 03 02 01 00; do
# If $cipherlist doesn't contain any TLSv1.3 ciphers, then there is
# no reason to try a TLSv1.3 ClientHello.
- [[ "$proto" == 04 ]] && [[ ! "$6" =~ 13,0 ]] && [[ ! "$6" =~ [cC]0,[bB][45] ]] && continue
+ [[ "$proto" == 04 ]] && [[ ! "$6" =~ $TLS13_CIPHERS_REGEX ]] && continue
[[ $(has_server_protocol "$proto") -eq 1 ]] && continue
cipherlist="$(strip_inconsistent_ciphers "$proto" ", $6")"
cipherlist="${cipherlist:2}"
@@ -6602,9 +6610,9 @@ run_cipherlists() {
good_ciphers="00,9C, 00,9D, 00,A0, 00,A1, 00,A4, 00,A5, 00,A8, 00,A9, 00,AC, 00,AD, C0,2D, C0,2E, C0,31, C0,32, C0,50, C0,51, C0,54, C0,55, C0,58, C0,59, C0,5E, C0,5F, C0,62, C0,63, C0,6A, C0,6B, C0,6E, C0,6F, C0,7A, C0,7B, C0,7E, C0,7F, C0,82, C0,83, C0,88, C0,89, C0,8C, C0,8D, C0,8E, C0,8F, C0,92, C0,93, C0,9C, C0,9D, C0,A0, C0,A1, C0,A4, C0,A5, C0,A8, C0,A9, CC,AB, CC,AE, 00,FF"
ossl_strong_ciphers='AESGCM:CHACHA20:CamelliaGCM:AESCCM:ARIAGCM:!kPSK:!kRSAPSK:!kRSA:!kDH:!kECDH:!aNULL'
- ossl_strong_ciphersuites="TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256"
+ ossl_strong_ciphersuites="TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_SM4_GCM_SM3:TLS_SM4_CCM_SM3"
# grep AEAD etc/cipher-mapping.txt | grep -E 'TLS_ECDHE|TLS_DHE|TLS_PSK_DHE|TLSv1.3'
- strong_ciphers="00,9E, 00,9F, 00,A2, 00,A3, 00,AA, 00,AB, 13,01, 13,02, 13,03, 13,04, 13,05, 16,B7, 16,B8, 16,B9, 16,BA, C0,2B, C0,2C, C0,2F, C0,30, C0,52, C0,53, C0,56, C0,57, C0,5C, C0,5D, C0,60, C0,61, C0,6C, C0,6D, C0,7C, C0,7D, C0,80, C0,81, C0,86, C0,87, C0,8A, C0,8B, C0,90, C0,91, C0,9E, C0,9F, C0,A2, C0,A3, C0,A6, C0,A7, C0,AA, C0,AB, C0,AC, C0,AD, C0,AE, C0,AF, CC,13, CC,14, CC,15, CC,A8, CC,A9, CC,AA, CC,AC, CC,AD, 00,FF"
+ strong_ciphers="00,9E, 00,9F, 00,A2, 00,A3, 00,AA, 00,AB, 00,C6, 00,C7, 13,01, 13,02, 13,03, 13,04, 13,05, 16,B7, 16,B8, 16,B9, 16,BA, C0,2B, C0,2C, C0,2F, C0,30, C0,52, C0,53, C0,56, C0,57, C0,5C, C0,5D, C0,60, C0,61, C0,6C, C0,6D, C0,7C, C0,7D, C0,80, C0,81, C0,86, C0,87, C0,8A, C0,8B, C0,90, C0,91, C0,9E, C0,9F, C0,A2, C0,A3, C0,A6, C0,A7, C0,AA, C0,AB, C0,AC, C0,AD, C0,AE, C0,AF, CC,13, CC,14, CC,15, CC,A8, CC,A9, CC,AA, CC,AC, CC,AD, 00,FF"
# argv[1]: non-TLSv1.3 cipher list to test in OpenSSL syntax
# argv[2]: TLSv1.3 cipher list to test in OpenSSL syntax
@@ -6745,6 +6753,7 @@ pr_ecdh_curve_quality() {
"brainpoolP512r1"*) bits=512 ;;
"X25519") bits=253 ;;
"X448") bits=448 ;;
+ "curveSM2") bits=256 ;;
esac
pr_ecdh_quality "$bits" "$curve"
}
@@ -6772,6 +6781,7 @@ pr_kem_param_set_quality() {
"X25519MLKEM768") bits=192 ;;
"SecP384r1MLKEM1024") bits=256 ;;
"X25519Kyber768Draft00") bits=128 ;;
+ "curveSM2MLKEM768") bits=192 ;;
esac
pr_kem_quality "$bits" "$kem"
}
@@ -6932,6 +6942,7 @@ read_dhtype_from_file() {
[[ "$kx" == "Kx=X25519MLKEM768" ]] && kx="Kx=ECDH/MLKEM"
[[ "$kx" == "Kx=SecP384r1MLKEM1024" ]] && kx="Kx=ECDH/MLKEM"
[[ "$kx" == "Kx=X25519Kyber768Draft00" ]] && kx="Kx=ECDH/Kyber"
+ [[ "$kx" == "Kx=curveSM2MLKEM768" ]] && kx="Kx=ECDH/MLKEM"
tm_out "$kx"
return 0
}
@@ -6942,6 +6953,7 @@ read_sigalg_from_file() {
sig_alg="$(strip_leading_space "$($OPENSSL x509 -noout -text -in "$1" 2>/dev/null | awk -F':' '/Signature Algorithm/ { print $2; exit; }')")"
case "$sig_alg" in
+ 1.2.156.10197.1.501) tm_out "SM2-with-SM3" ;;
1.3.101.112|ED25519) tm_out "Ed25519" ;;
1.3.101.113|ED448) tm_out "Ed448" ;;
2.16.840.1.101.3.4.3.17) tm_out "ML-DSA-44" ;;
@@ -7205,8 +7217,8 @@ run_server_preference() {
local list_fwd="DHE-RSA-SEED-SHA:SEED-SHA:DES-CBC3-SHA:RC4-MD5:DES-CBC-SHA:RC4-SHA:AES128-SHA:AES128-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES256-SHA256:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:ADH-AES256-GCM-SHA384:AECDH-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA"
local list_reverse="ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:AECDH-AES128-SHA:ADH-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA:AES256-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES256-SHA:AES128-SHA256:AES128-SHA:RC4-SHA:DES-CBC-SHA:RC4-MD5:DES-CBC3-SHA:SEED-SHA:DHE-RSA-SEED-SHA"
tls_list_fwd="c0,2c, c0,30, 00,9f, cc,a9, cc,a8, cc,aa, c0,2b, c0,2f, 00,9e, c0,24, c0,28, 00,6b, c0,23, c0,27, 00,67, c0,0a, 00,04, 00,05, 00,09, 00,0a, 00,9a, 00,96,
- c0,14, 00,39, c0,09, c0,13, 00,33, 00,9d, 00,9c, 13,01, 13,02, 13,03, 13,04, 13,05, 00,3d, 00,3c, 00,35, 00,2f, 00,ff"
- tls_list_rev="00,2f, 00,35, 00,3c, 00,3d, 13,05, 13,04, 13,03, 13,02, 13,01, 00,9c, 00,9d, 00,33, c0,13, c0,09, 00,39, c0,14, 00,96, 00,9a, 00,0a, 00,09, 00,05, 00,04,
+ c0,14, 00,39, c0,09, c0,13, 00,33, 00,9d, 00,9c, 00,C6, 00,C7, 13,01, 13,02, 13,03, 13,04, 13,05, 00,3d, 00,3c, 00,35, 00,2f, 00,ff"
+ tls_list_rev="00,2f, 00,35, 00,3c, 00,3d, 13,05, 13,04, 13,03, 13,02, 13,01, 00,C7, 00,C6, 00,9c, 00,9d, 00,33, c0,13, c0,09, 00,39, c0,14, 00,96, 00,9a, 00,0a, 00,09, 00,05, 00,04,
c0,0a, 00,67, c0,27, c0,23, 00,6b, c0,28, c0,24, 00,9e, c0,2f, c0,2b, cc,aa, cc,a8, cc,a9, 00,9f, c0,30, c0,2c, 00,ff"
local has_cipher_order=false has_tls13_cipher_order=false
local addcmd="" addcmd2=""
@@ -7236,7 +7248,7 @@ run_server_preference() {
tls_sockets "04" \
"c0,2c, c0,30, 00,9f, cc,a9, cc,a8, cc,aa, c0,2b, c0,2f, 00,9a, 00,96,
00,9e, c0,24, c0,28, 00,6b, c0,23, c0,27, 00,67, c0,0a,
- c0,14, 00,39, c0,09, c0,13, 00,33, 00,9d, 00,9c, 13,02,
+ c0,14, 00,39, c0,09, c0,13, 00,33, 00,9d, 00,9c, 00,c6, 00,c7, 13,02,
13,03, 13,01, 13,04, 13,05, c0,b4, c0,b5, 00,3d, 00,3c, 00,35, 00,2f, 00,ff" \
"ephemeralkey"
sclient_success=$?
@@ -7279,12 +7291,12 @@ run_server_preference() {
# Some servers don't have a TLS 1.3 cipher order, see #1163
if [[ "$default_proto" == TLSv1.3 ]]; then
- tls_sockets "04" "c0,b5, c0,b4, 13,05, 13,04, 13,03, 13,02, 13,01, 00,ff"
+ tls_sockets "04" "c0,b5, c0,b4, 13,05, 13,04, 13,03, 13,02, 13,01, 00,c7, 00,c6, 00,ff"
[[ $? -ne 0 ]] && ret=1 && prln_fixme "something weird happened around line $((LINENO - 1))"
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
tls13_cipher1=$(get_cipher $TMPFILE)
debugme tm_out "TLS 1.3: --> $tls13_cipher1\n"
- tls_sockets "04" "13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5, 00,ff"
+ tls_sockets "04" "00,c6, 00,c7, 13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5, 00,ff"
[[ $? -ne 0 ]] && ret=1 && prln_fixme "something weird happened around line $((LINENO - 1))"
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
tls13_cipher2=$(get_cipher $TMPFILE)
@@ -8487,13 +8499,11 @@ get_server_certificate() {
CERTIFICATE_LIST_ORDERING_PROBLEM=false
if [[ "$1" =~ tls1_3 ]]; then
[[ $(has_server_protocol "tls1_3") -eq 1 ]] && return 1
- if "$HAS_TLS13" && "$HAS_SIGALGS" && [[ ! "$1" =~ tls1_3_EdDSA ]] && [[ ! "$1" =~ tls1_3_MLDSA ]]; then
+ if "$HAS_TLS13" && "$HAS_SIGALGS" && [[ "$1" =~ tls1_3_RSA || "$1" =~ tls1_3_ECDSA ]]; then
if [[ "$1" =~ tls1_3_RSA ]]; then
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs PSS+SHA256:PSS+SHA384:PSS+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512") $ERRFILE >$TMPFILE
- elif [[ "$1" =~ tls1_3_ECDSA ]]; then
- $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512") $ERRFILE >$TMPFILE
else
- return 1
+ $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512") $ERRFILE >$TMPFILE
fi
sclient_connect_successful $? $TMPFILE || return 1
DETECTED_TLS_VERSION="0304"
@@ -8512,6 +8522,8 @@ get_server_certificate() {
tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,06,00,04,08,07,08,08"
elif [[ "$1" =~ tls1_3_MLDSA ]]; then
tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,08,00,06,09,04,09,05,09,06"
+ elif [[ "$1" =~ tls1_3_SM2 ]]; then
+ tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,04,00,02,07,08"
else
return 1
fi
@@ -9195,11 +9207,13 @@ certificate_transparency() {
if [[ $number_of_certificates -gt 1 ]] && ! "$SSL_NATIVE"; then
if [[ "$tls_version" == 0304 ]]; then
- ciphers=", 13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5"
+ ciphers=", 00,c6, 00,c7, 13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5"
if [[ "$cipher" == tls1_3_RSA ]]; then
extra_extns=", 00,0d,00,10,00,0e,08,04,08,05,08,06,04,01,05,01,06,01,02,01"
elif [[ "$cipher" == tls1_3_ECDSA ]]; then
extra_extns=", 00,0d,00,0a,00,08,04,03,05,03,06,03,02,03"
+ elif [[ "$cipher" == tls1_3_SM2 ]]; then
+ extra_extns=", 00,0d,00,04,00,02,07,08"
else
return 1
fi
@@ -9383,6 +9397,7 @@ certificate_info() {
cert_sig_algo="$(awk -F':' '/Signature Algorithm/ { print $2; if (++Match >= 1) exit; }' <<< "$cert_txt")"
cert_sig_algo="${cert_sig_algo// /}"
case "$cert_sig_algo" in
+ 1.2.156.10197.1.501) cert_sig_algo="SM2-with-SM3" ;;
1.3.101.112|ED25519) cert_sig_algo="Ed25519" ;;
1.3.101.113|ED448) cert_sig_algo="Ed448" ;;
2.16.840.1.101.3.4.3.17) cert_sig_algo="ML-DSA-44" ;;
@@ -9521,6 +9536,10 @@ certificate_info() {
prln_svrty_good "$cert_sig_algo"
fileout "${jsonID}${json_postfix}" "OK" "$cert_sig_algo"
;;
+ SM2-with-SM3)
+ outln "SM2 with SM3"
+ fileout "${jsonID}${json_postfix}" "INFO" "SM2 with SM3"
+ ;;
*)
out "$cert_sig_algo ("
pr_warning "FIXME: can't tell whether this is good or not"
@@ -10422,7 +10441,7 @@ run_server_defaults() {
local match_found
local sessticket_lifetime_hint="" sessticket_proto="" lifetime unit
local -i i n
- local -i certs_found=0
+ local -i certs_found=0 nr_cert_types
local -i ret=0
local -a previous_hostcert previous_hostcert_txt previous_hostcert_type
local -a previous_hostcert_issuer previous_intermediates previous_ordering_problem keysize tested_cipher
@@ -10454,33 +10473,35 @@ run_server_defaults() {
ciphers_to_test[9]="tls1_3_ECDSA"
ciphers_to_test[10]="tls1_3_EdDSA"
ciphers_to_test[11]="tls1_3_MLDSA"
+ ciphers_to_test[12]="tls1_3_SM2"
certificate_type[1]="" ; certificate_type[2]=""
certificate_type[3]=""; certificate_type[4]=""
certificate_type[5]="" ; certificate_type[6]=""
certificate_type[7]="" ; certificate_type[8]="RSASig"
certificate_type[9]="ECDSA" ; certificate_type[10]="EdDSA"
- certificate_type[11]="MLDSA"
+ certificate_type[11]="MLDSA" ; certificate_type[12]="SM2"
+ nr_cert_types=12
if "$SERVER_SIZE_LIMIT_BUG"; then
ciphers_to_test[3]="aDSS:aDH:aECDH"
ciphers_to_test[6]="aECDSA:aGOST"
fi
- for (( n=1; n <= 18 ; n++ )); do
+ for (( n=1; n <= $((nr_cert_types+7)) ; n++ )); do
# Some servers use a different certificate if the ClientHello
# specifies TLSv1.1 and doesn't include a server name extension.
# So, for each public key type for which a certificate was found,
# try again, but only with TLSv1.1 and without SNI.
if [[ $n -ne 1 ]] && [[ "$OPTIMAL_PROTO" == -ssl2 ]]; then
ciphers_to_test[n]=""
- elif [[ $n -ge 12 ]]; then
+ elif [[ $n -gt $nr_cert_types ]]; then
ciphers_to_test[n]=""
- [[ ${success[n-11]} -eq 0 ]] && [[ $(has_server_protocol "tls1_1") -ne 1 ]] && \
- ciphers_to_test[n]="${ciphers_to_test[n-11]}" && certificate_type[n]="${certificate_type[n-11]}"
+ [[ ${success[n-nr_cert_types]} -eq 0 ]] && [[ $(has_server_protocol "tls1_1") -ne 1 ]] && \
+ ciphers_to_test[n]="${ciphers_to_test[n-nr_cert_types]}" && certificate_type[n]="${certificate_type[n-nr_cert_types]}"
fi
if [[ -n "${ciphers_to_test[n]}" ]]; then
- if [[ $n -ge 12 ]]; then
+ if [[ $n -gt $nr_cert_types ]]; then
sni="$SNI"
SNI=""
get_server_certificate "${ciphers_to_test[n]}" "tls1_1"
@@ -10491,7 +10512,7 @@ run_server_defaults() {
success[n]=$?
fi
if [[ ${success[n]} -eq 0 ]] && [[ -s "$HOSTCERT" ]]; then
- [[ $n -ge 12 ]] && [[ ! -e $HOSTCERT.nosni ]] && cp $HOSTCERT $HOSTCERT.nosni
+ [[ $n -gt $nr_cert_types ]] && [[ ! -e $HOSTCERT.nosni ]] && cp $HOSTCERT $HOSTCERT.nosni
cp "$TEMPDIR/$NODEIP.get_server_certificate.txt" $TMPFILE
>$ERRFILE
if [[ -z "$sessticket_lifetime_hint" ]]; then
@@ -10573,7 +10594,7 @@ run_server_defaults() {
fi
i=$((i + 1))
done
- if ! "$match_found" && [[ $n -ge 12 ]] && [[ $certs_found -ne 0 ]]; then
+ if ! "$match_found" && [[ $n -gt $nr_cert_types ]] && [[ $certs_found -ne 0 ]]; then
# A new certificate was found using TLSv1.1 without SNI.
# Check to see if the new certificate should be displayed.
# It should be displayed if it is either a match for the
@@ -10630,7 +10651,7 @@ run_server_defaults() {
[[ -n "${previous_intermediates[certs_found]}" ]] && [[ -r $TEMPDIR/hostcert_issuer.pem ]] && \
previous_hostcert_issuer[certs_found]=$(cat $TEMPDIR/hostcert_issuer.pem)
previous_ordering_problem[certs_found]=$CERTIFICATE_LIST_ORDERING_PROBLEM
- [[ $n -ge 12 ]] && sni_used[certs_found]="" || sni_used[certs_found]="$SNI"
+ [[ $n -gt $nr_cert_types ]] && sni_used[certs_found]="" || sni_used[certs_found]="$SNI"
tls_version[certs_found]="$DETECTED_TLS_VERSION"
previous_hostcert_type[certs_found]=" ${certificate_type[n]}"
if [[ $DEBUG -ge 1 ]]; then
@@ -10898,7 +10919,7 @@ run_server_defaults() {
sni="$SNI" ; SNI=""
mv $HOSTCERT $HOSTCERT.save
# Send same list of cipher suites as OpenSSL 1.1.1 sends (but with
- # all 5 TLSv1.3 ciphers offered.
+ # all 5 TLSv1.3 ciphers from RFC 8446 offered.
tls_sockets "04" \
"c0,2c, c0,30, 00,9f, cc,a9, cc,a8, cc,aa, c0,2b, c0,2f,
00,9e, c0,24, c0,28, 00,6b, c0,23, c0,27, 00,67, c0,0a,
@@ -10978,18 +10999,18 @@ run_fs() {
local fs_cipher_list="DHE-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-CAMELLIA128-SHA256:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-CAMELLIA256-SHA256:DHE-DSS-CAMELLIA256-SHA:DHE-DSS-SEED-SHA:DHE-RSA-AES128-CCM8:DHE-RSA-AES128-CCM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-CCM8:DHE-RSA-AES256-CCM:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-SEED-SHA:ECDHE-ECDSA-AES128-CCM8:ECDHE-ECDSA-AES128-CCM:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-CAMELLIA128-SHA256:ECDHE-ECDSA-CAMELLIA256-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-CAMELLIA128-SHA256:ECDHE-RSA-CAMELLIA256-SHA384:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305"
local fs_hex_cipher_list="" ciphers_to_test tls13_ciphers_to_test
local ecdhe_cipher_list="" tls13_cipher_list="" ecdhe_cipher_list_hex="" ffdhe_cipher_list_hex=""
- local curves_hex=("00,01" "00,02" "00,03" "00,04" "00,05" "00,06" "00,07" "00,08" "00,09" "00,0a" "00,0b" "00,0c" "00,0d" "00,0e" "00,0f" "00,10" "00,11" "00,12" "00,13" "00,14" "00,15" "00,16" "00,17" "00,18" "00,19" "00,1a" "00,1b" "00,1c" "00,1d" "00,1e" "00,1f" "00,20" "00,21" "02,00" "02,01" "02,02" "11,eb" "11,ec" "11,ed" "63,99")
- local -a curves_ossl=("sect163k1" "sect163r1" "sect163r2" "sect193r1" "sect193r2" "sect233k1" "sect233r1" "sect239k1" "sect283k1" "sect283r1" "sect409k1" "sect409r1" "sect571k1" "sect571r1" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "prime192v1" "secp224k1" "secp224r1" "secp256k1" "prime256v1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448" "brainpoolP256r1tls13" "brainpoolP384r1tls13" "brainpoolP512r1tls13" "MLKEM512" "MLKEM768" "MLKEM1024" "SecP256r1MLKEM768" "X25519MLKEM768" "SecP384r1MLKEM1024" "X25519Kyber768Draft00")
- local -a curves_ossl_output=("K-163" "sect163r1" "B-163" "sect193r1" "sect193r2" "K-233" "B-233" "sect239k1" "K-283" "B-283" "K-409" "B-409" "K-571" "B-571" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "P-192" "secp224k1" "P-224" "secp256k1" "P-256" "P-384" "P-521" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448" "brainpoolP256r1tls13" "brainpoolP384r1tls13" "brainpoolP512r1tls13" "MLKEM512" "MLKEM768" "MLKEM1024" "SecP256r1MLKEM768" "X25519MLKEM768" "SecP384r1MLKEM1024" "X25519Kyber768Draft00")
- local -ai curves_bits=(163 162 163 193 193 232 233 238 281 282 407 409 570 570 161 161 161 192 192 225 224 256 256 384 521 256 384 512 253 448 256 384 512 128 192 256 192 192 256 128)
+ local curves_hex=("00,01" "00,02" "00,03" "00,04" "00,05" "00,06" "00,07" "00,08" "00,09" "00,0a" "00,0b" "00,0c" "00,0d" "00,0e" "00,0f" "00,10" "00,11" "00,12" "00,13" "00,14" "00,15" "00,16" "00,17" "00,18" "00,19" "00,1a" "00,1b" "00,1c" "00,1d" "00,1e" "00,1f" "00,20" "00,21" "00,29" "02,00" "02,01" "02,02" "11,eb" "11,ec" "11,ed" "11,ee" "63,99")
+ local -a curves_ossl=("sect163k1" "sect163r1" "sect163r2" "sect193r1" "sect193r2" "sect233k1" "sect233r1" "sect239k1" "sect283k1" "sect283r1" "sect409k1" "sect409r1" "sect571k1" "sect571r1" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "prime192v1" "secp224k1" "secp224r1" "secp256k1" "prime256v1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448" "brainpoolP256r1tls13" "brainpoolP384r1tls13" "brainpoolP512r1tls13" "curveSM2" "MLKEM512" "MLKEM768" "MLKEM1024" "SecP256r1MLKEM768" "X25519MLKEM768" "SecP384r1MLKEM1024" "curveSM2MLKEM768" "X25519Kyber768Draft00")
+ local -a curves_ossl_output=("K-163" "sect163r1" "B-163" "sect193r1" "sect193r2" "K-233" "B-233" "sect239k1" "K-283" "B-283" "K-409" "B-409" "K-571" "B-571" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "P-192" "secp224k1" "P-224" "secp256k1" "P-256" "P-384" "P-521" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448" "brainpoolP256r1tls13" "brainpoolP384r1tls13" "brainpoolP512r1tls13" "curveSM2" "MLKEM512" "MLKEM768" "MLKEM1024" "SecP256r1MLKEM768" "X25519MLKEM768" "SecP384r1MLKEM1024" "curveSM2MLKEM768" "X25519Kyber768Draft00")
+ local -ai curves_bits=(163 162 163 193 193 232 233 238 281 282 407 409 570 570 161 161 161 192 192 225 224 256 256 384 521 256 384 512 253 448 256 384 512 256 128 192 256 192 192 256 192 128)
# Many curves have been deprecated, and RFC 8446, Appendix B.3.1.4, states
# that these curves MUST NOT be offered in a TLS 1.3 ClientHello.
- local -a curves_deprecated=("true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "false" "false" "false" "true" "true" "true" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false")
+ local -a curves_deprecated=("true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "true" "false" "false" "false" "true" "true" "true" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false")
local -a ffdhe_groups_hex=("01,00" "01,01" "01,02" "01,03" "01,04")
local -a ffdhe_groups_output=("ffdhe2048" "ffdhe3072" "ffdhe4096" "ffdhe6144" "ffdhe8192")
local -a supported_curve
local -a sigalgs_hex=("01,01" "01,02" "01,03" "02,01" "02,02" "02,03" "03,01" "03,02" "03,03" "04,01" "04,02" "04,03" "04,20" "05,01" "05,02" "05,03" "05,20" "06,01" "06,02" "06,03" "06,20" "07,08" "08,04" "08,05" "08,06" "08,07" "08,08" "08,09" "08,0a" "08,0b" "08,1a" "08,1b" "08,1c" "09,04" "09,05" "09,06")
- local -a sigalgs_strings=("RSA+MD5" "DSA+MD5" "ECDSA+MD5" "RSA+SHA1" "DSA+SHA1" "ECDSA+SHA1" "RSA+SHA224" "DSA+SHA224" "ECDSA+SHA224" "RSA+SHA256" "DSA+SHA256" "ECDSA+SHA256" "RSA+SHA256" "RSA+SHA384" "DSA+SHA384" "ECDSA+SHA384" "RSA+SHA384" "RSA+SHA512" "DSA+SHA512" "ECDSA+SHA512" "RSA+SHA512" "SM2+SM3" "RSA-PSS-RSAE+SHA256" "RSA-PSS-RSAE+SHA384" "RSA-PSS-RSAE+SHA512" "Ed25519" "Ed448" "RSA-PSS-PSS+SHA256" "RSA-PSS-PSS+SHA384" "RSA-PSS-PSS+SHA512" "ECDSA-BRAINPOOL+SHA256" "ECDSA-BRAINPOOL+SHA384" "ECDSA-BRAINPOOL+SHA512" "ML-DSA-44" "ML-DSA-65" "ML-DSA-87")
+ local -a sigalgs_strings=("RSA+MD5" "DSA+MD5" "ECDSA+MD5" "RSA+SHA1" "DSA+SHA1" "ECDSA+SHA1" "RSA+SHA224" "DSA+SHA224" "ECDSA+SHA224" "RSA+SHA256" "DSA+SHA256" "ECDSA+SHA256" "RSA+SHA256" "RSA+SHA384" "DSA+SHA384" "ECDSA+SHA384" "RSA+SHA384" "RSA+SHA512" "DSA+SHA512" "ECDSA+SHA512" "RSA+SHA512" "sm2sig_sm3" "RSA-PSS-RSAE+SHA256" "RSA-PSS-RSAE+SHA384" "RSA-PSS-RSAE+SHA512" "Ed25519" "Ed448" "RSA-PSS-PSS+SHA256" "RSA-PSS-PSS+SHA384" "RSA-PSS-PSS+SHA512" "ECDSA-BRAINPOOL+SHA256" "ECDSA-BRAINPOOL+SHA384" "ECDSA-BRAINPOOL+SHA512" "ML-DSA-44" "ML-DSA-65" "ML-DSA-87")
local -a tls13_supported_sigalgs=("false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false")
local -a tls12_supported_sigalgs=("false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false" "false")
local rsa_cipher="" ecdsa_cipher="" dss_cipher=""
@@ -11023,7 +11044,7 @@ run_fs() {
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
fs_cipher="${TLS_CIPHER_RFC_NAME[i]}"
hexc="${TLS_CIPHER_HEXCODE[i]}"
- if [[ "$fs_cipher" == "TLS_DHE_"* || "$fs_cipher" == "TLS_ECDHE_"* || "${hexc:2:2}" == "13" ]] && \
+ if [[ "$fs_cipher" == "TLS_DHE_"* || "$fs_cipher" == "TLS_ECDHE_"* || "${hexc:2:2}" == "13" || "$hexc" == 0x00\,0x[cC][67] ]] && \
[[ ! "$fs_cipher" =~ NULL ]] && [[ ! "$fs_cipher" =~ DES ]] && [[ ! "$fs_cipher" =~ RC4 ]] && \
[[ ! "$fs_cipher" =~ PSK ]] && { "$using_sockets" || "${TLS_CIPHER_OSSL_SUPPORTED[i]}"; }; then
fs_hex_cipher_list+=", ${hexc:2:2},${hexc:7:2}"
@@ -11055,7 +11076,7 @@ run_fs() {
sigalg[nr_supported_ciphers]=""
ossl_supported[nr_supported_ciphers]=true
nr_supported_ciphers+=1
- done < <(actually_supported_osslciphers "$fs_cipher_list" "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256" "-V")
+ done < <(actually_supported_osslciphers "$fs_cipher_list" "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_SM4_GCM_SM3:TLS_SM4_CCM_SM3" "-V")
fi
if "$using_sockets"; then
@@ -11070,7 +11091,7 @@ run_fs() {
fi
else
debugme echo $nr_supported_ciphers
- debugme echo $(actually_supported_osslciphers $fs_cipher_list "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256")
+ debugme echo $(actually_supported_osslciphers $fs_cipher_list "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_SM4_GCM_SM3:TLS_SM4_CCM_SM3")
if [[ "$nr_supported_ciphers" -le "$CLIENT_MIN_FS" ]]; then
outln
prln_local_problem "You only have $nr_supported_ciphers FS ciphers on the client side "
@@ -11091,7 +11112,7 @@ run_fs() {
curves_list2="${curves_list2// /:}"
fi
curves_list1="${curves_list1// /:}"
- $OPENSSL s_client $(s_client_options "-cipher $fs_cipher_list -ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256 $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE $TMPFILE 2>$ERRFILE /dev/null)"
hash_clienthello1="${hash_clienthello1#*= }"
msg_transcript="FE0000$(printf "%02x" $((${#hash_clienthello1}/2)))$hash_clienthello1$hrr$clienthello2$serverhello"
@@ -13141,13 +13159,12 @@ derive-handshake-secret() {
"$HAS_PKUTIL" || return 1
- if [[ "$cipher" == *SHA256 ]]; then
- hash_fn="-sha256"
- elif [[ "$cipher" == *SHA384 ]]; then
- hash_fn="-sha384"
- else
- return 1
- fi
+ case "$cipher" in
+ *SHA256) hash_fn="-sha256" ;;
+ *SHA384) hash_fn="-sha384" ;;
+ *SM3) hash_fn="-sm3" ;;
+ *) return 1 ;;
+ esac
if [[ ! "$tmpfile" =~ BEGIN\ HYBRID\ PRIV\ KEY ]]; then
# For (EC)DH groups the server's key share is a public key.
@@ -13236,6 +13253,17 @@ derive-handshake-secret() {
derived_secret="1591dac5cbbf0330a4a84de9c753330e92d01f0a88214b4464972fd668049e93e52f2b16fad922fdc0584478428f282b"
fi
;;
+ "-sm3") early_secret="a4f50a29c327e9acc4ddd4dbe32b75a6a1d77e4bbe823e3d71fdcc1a5fa52757"
+ if [[ "${TLS_SERVER_HELLO:8:2}" == 7F ]] && [[ 0x${TLS_SERVER_HELLO:10:2} -lt 0x14 ]]; then
+ # "6465726976656420736563726574" = "derived secret"
+ # derived_secret="$(derive-secret "$hash_fn" "$early_secret" "6465726976656420736563726574" "")"
+ derived_secret="e3a3bff7b0dd68bbc5323191304bc0e27c8ae0c19d10ce22649b59fe3b531edb"
+ else
+ # "64657269766564" = "derived"
+ # derived_secret="$(derive-secret "$hash_fn" "$early_secret" "64657269766564" "")"
+ derived_secret="8bf1d43b3cb61da421895be55c07b3c1f49d7af9f9c728240cee1fc8039252f4"
+ fi
+ ;;
esac
# The approach defined in https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design
@@ -13276,18 +13304,15 @@ derive-handshake-traffic-keys() {
local -i hash_len key_len iv_len
local handshake_traffic_secret label key iv finished="0000"
- if [[ "$cipher" == *SHA256 ]]; then
- hash_fn="-sha256"
- hash_len=32
- elif [[ "$cipher" == *SHA384 ]]; then
- hash_fn="-sha384"
- hash_len=48
- else
- return 1
- fi
+ case "$cipher" in
+ *SHA256) hash_fn="-sha256"; hash_len=32 ;;
+ *SHA384) hash_fn="-sha384"; hash_len=48 ;;
+ *SM3) hash_fn="-sm3"; hash_len=32 ;;
+ *) return 1 ;;
+ esac
iv_len=12
case "$cipher" in
- *AES_128*) key_len=16 ;;
+ *AES_128*|*SM4*) key_len=16 ;;
*AES_256*|*CHACHA20_POLY1305*) key_len=32 ;;
TLS_SHA256_SHA256) key_len=32; iv_len=32 ;;
TLS_SHA384_SHA384) key_len=48; iv_len=48 ;;
@@ -13341,6 +13366,9 @@ derive-master-secret() {
elif [[ "$cipher" == *SHA384 ]]; then
hash_fn="-sha384"
zeros="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+ elif [[ "$cipher" == *SM3 ]]; then
+ hash_fn="-sm3"
+ zeros="0000000000000000000000000000000000000000000000000000000000000000"
else
return 1
fi
@@ -13370,16 +13398,15 @@ derive-application-traffic-keys() {
local -i key_len iv_len
local application_traffic_secret_0 label key iv
- if [[ "$cipher" == *SHA256 ]]; then
- hash_fn="-sha256"
- elif [[ "$cipher" == *SHA384 ]]; then
- hash_fn="-sha384"
- else
- return 1
- fi
+ case "$cipher" in
+ *SHA256) hash_fn="-sha256" ;;
+ *SHA384) hash_fn="-sha384" ;;
+ *SM3) hash_fn="-sm3" ;;
+ *) return 1 ;;
+ esac
iv_len=12
case "$cipher" in
- *AES_128*) key_len=16 ;;
+ *AES_128*|*SM4*) key_len=16 ;;
*AES_256*|*CHACHA20_POLY1305*) key_len=32 ;;
TLS_SHA256_SHA256) key_len=32; iv_len=32 ;;
TLS_SHA384_SHA384) key_len=48; iv_len=48 ;;
@@ -13938,6 +13965,7 @@ ccm-decrypt() {
case "$cipher" in
*AES_128*) cipher="-aes-128-ecb" ;;
*AES_256*) cipher="-aes-256-ecb" ;;
+ *SM4*) cipher="-sm4-ecb" ;;
*) return 7
esac
@@ -14006,7 +14034,7 @@ ccm-decrypt() {
ccm-encrypt() {
local cipher="$1" key="$2" nonce="$3" plaintext="$4" aad="$5"
local -i tag_len
- local ossl_cipher="-aes-128-ecb"
+ local ossl_cipher
local ciphertext="" tag encrypted_tag
local -i i i1 i2 i3 i4
local -i plaintext_len n mod_check
@@ -14015,8 +14043,9 @@ ccm-encrypt() {
[[ ${#nonce} -ne 24 ]] && return 7
case "$cipher" in
- TLS_AES_128_CCM_SHA256) tag_len=32 ;;
- TLS_AES_128_CCM_8_SHA256) tag_len=16 ;;
+ TLS_AES_128_CCM_SHA256) tag_len=32; ossl_cipher="-aes-128-ecb" ;;
+ TLS_AES_128_CCM_8_SHA256) tag_len=16; ossl_cipher="-aes-128-ecb" ;;
+ TLS_SM4_CCM_SM3) tag_len=32; ossl_cipher="-sm4-ecb" ;;
*) return 7
esac
@@ -14305,6 +14334,7 @@ gcm-decrypt() {
case "$cipher" in
*AES_128*) cipher="-aes-128-ecb" ;;
*AES_256*) cipher="-aes-256-ecb" ;;
+ *SM4*) cipher="-sm4-ecb" ;;
*) return 7
esac
@@ -14338,6 +14368,7 @@ gcm-encrypt() {
case "$1" in
*AES_128*) cipher="-aes-128-ecb" ;;
*AES_256*) cipher="-aes-256-ecb" ;;
+ *SM4*) cipher="-sm4-ecb" ;;
*) return 7
esac
[[ ${#3} -ne 24 ]] && return 7
@@ -14675,6 +14706,9 @@ check_tls_serverhellodone() {
elif [[ "$cipher" == *SHA384 ]]; then
hash_fn="-sha384"
[[ $msg_len -eq 96 ]] || return 2
+ elif [[ "$cipher" == *SM3 ]]; then
+ hash_fn="-sm3"
+ [[ $msg_len -eq 64 ]] || return 2
else
return 2
fi
@@ -15207,6 +15241,7 @@ parse_tls_serverhello() {
"0019") echo -n "secp521r1" >> $TMPFILE ;;
"001D") echo -n "X25519" >> $TMPFILE ;;
"001E") echo -n "X448" >> $TMPFILE ;;
+ "0029") echo -n "curveSM2" >> $TMPFILE ;;
"0100") echo -n "ffdhe2048" >> $TMPFILE ;;
"0101") echo -n "ffdhe3072" >> $TMPFILE ;;
"0102") echo -n "ffdhe4096" >> $TMPFILE ;;
@@ -15218,6 +15253,7 @@ parse_tls_serverhello() {
"11EB") echo -n "SecP256r1MLKEM768" >> $TMPFILE ;;
"11EC") echo -n "X25519MLKEM768" >> $TMPFILE ;;
"11ED") echo -n "SecP384r1MLKEM1024" >> $TMPFILE ;;
+ "11EE") echo -n "curveSM2MLKEM768" >> $TMPFILE ;;
"6399") echo -n "X25519Kyber768Draft00" >> $TMPFILE ;;
*) echo -n "unknown (${tls_serverhello_ascii:offset:4})" >> $TMPFILE ;;
esac
@@ -15309,6 +15345,7 @@ parse_tls_serverhello() {
31) dh_bits=256 ; named_curve_str="brainpoolP256r1tls13" ; named_curve_oid="06092B2403030208010107" ;;
32) dh_bits=384 ; named_curve_str="brainpoolP384r1tls13" ; named_curve_oid="06092B240303020801010B" ;;
33) dh_bits=512 ; named_curve_str="brainpoolP512r1tls13" ; named_curve_oid="06092B240303020801010D" ;;
+ 41) dh_bits=256 ; named_curve_str="curveSM2" ; named_curve_oid="06082a811ccf5501822d" ;;
256) dh_bits=2048 ; named_curve_str="ffdhe2048" ;;
257) dh_bits=3072 ; named_curve_str="ffdhe3072" ;;
258) dh_bits=4096 ; named_curve_str="ffdhe4096" ;;
@@ -15320,6 +15357,7 @@ parse_tls_serverhello() {
4587) dh_bits=192 ; named_curve_str="SecP256r1MLKEM768" ;;
4588) dh_bits=192 ; named_curve_str="X25519MLKEM768" ;;
4589) dh_bits=256 ; named_curve_str="SecP384r1MLKEM1024" ;;
+ 4590) dh_bits=192 ; named_curve_str="curveSM2MLKEM768" ;;
25497) dh_bits=128 ; named_curve_str="X25519Kyber768Draft00" ;;
*) named_curve_str="" ; named_curve_oid="" ;;
esac
@@ -15426,6 +15464,26 @@ parse_tls_serverhello() {
key_bitstring+="--END HYBRID CIPHERTEXT--"
fi
fi
+ elif [[ $named_curve -eq 4590 ]]; then
+ # The server's key share is the concatenation of a curveSM2 public key and a ML-KEM-768 ciphertext
+ if [[ $msg_len -ne 2306 ]]; then
+ debugme tmln_warning "Malformed key share extension."
+ [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt
+ return 1
+ fi
+ if [[ ! "$OSSL_SUPPORTED_CURVES" =~ MLKEM ]]; then
+ debugme prln_warning "Your $OPENSSL doesn't support ML-KEM"
+ else
+ key_bitstring="3059301306072a8648ce3d020106082a811ccf5501822d034200${tls_serverhello_ascii:offset:130}"
+ key_bitstring="$(hex2binary "$key_bitstring" | $OPENSSL pkey -pubin -inform DER 2>$ERRFILE)"
+ if [[ -z "$key_bitstring" ]]; then
+ debugme prln_warning "Your $OPENSSL doesn't support curveSM2"
+ else
+ key_bitstring="--BEGIN HYBRID CIPHERTEXT--${key_bitstring}"
+ key_bitstring+="-----BEGIN CIPHERTEXT------${tls_serverhello_ascii:$((offset+130)):2176}-----END CIPHERTEXT------"
+ key_bitstring+="--END HYBRID CIPHERTEXT--"
+ fi
+ fi
fi
if [[ -n "$key_bitstring" ]] && [[ ! "$key_bitstring" =~ BEGIN ]]; then
key_bitstring="$(hex2binary "$key_bitstring" | $OPENSSL pkey -pubin -inform DER 2>$ERRFILE)"
@@ -16055,6 +16113,10 @@ parse_tls_serverhello() {
[[ $DEBUG -ge 3 ]] && echo -e " Peer signing digest: $peering_signing_digest"
echo "Peer signature type: $peer_signature_type" >> $TMPFILE
[[ $DEBUG -ge 3 ]] && echo -e " Peer signature type: $peer_signature_type\n"
+ elif [[ 0x$peering_signing_digest -eq 7 ]] && [[ 0x$peer_signature_type -eq 8 ]]; then
+ peer_signature_type="sm2sig_sm3"
+ echo "Peer signature type: $peer_signature_type" >> $TMPFILE
+ [[ $DEBUG -ge 3 ]] && echo -e " Peer signature type: $peer_signature_type\n"
elif [[ 0x$peering_signing_digest -eq 9 ]] && \
[[ 0x$peer_signature_type -ge 4 ]] && [[ 0x$peer_signature_type -le 6 ]]; then
case $peer_signature_type in
@@ -16396,10 +16458,10 @@ prepare_tls_clienthello() {
else
extension_signature_algorithms="
00, 0d, # Type: signature_algorithms , see RFC 8446
- 00, 28, 00, 26, # lengths
+ 00, 2a, 00, 28, # lengths
04,03, 05,03, 06,03, 08,04, 08,05, 08,06, 04,01, 05,01,
06,01, 08,09, 08,0a, 08,0b, 08,07, 08,08, 02,01, 02,03,
- 09,04, 09,05, 09,06"
+ 07,08, 09,04, 09,05, 09,06"
fi
extension_heartbeat="
@@ -16430,10 +16492,10 @@ prepare_tls_clienthello() {
# regardless of whether testssl.sh can decrypt the response.
extension_supported_groups="
00,0a, # Type: Supported Groups, see RFC 8446
- 00,24, 00,22, # lengths
+ 00,28, 00,26, # lengths
00,1d, 00,17, 00,1e, 00,18, 00,19, 00,1f, 00,20, 00,21,
01,00, 01,01, 02,00, 02,01, 02,02, 11,eb, 11,ec, 11,ed,
- 63,99"
+ 63,99, 00,29, 11,ee"
elif [[ "$process_full" == all+ ]]; then
# Since the response needs to be decrypted, only include groups that can be
# decrypted using $OPENSSL. Place X25519 and X448 early in the list, if they
@@ -16467,8 +16529,8 @@ prepare_tls_clienthello() {
extension_supported_groups+=", 00,1d"
fi
! "$HAS_X448" && extension_supported_groups+=", 00,1e"
- extension_supported_groups+=", 02,00, 02,01, 02,02, 11,eb, 11,ec, 11,ed, 63,99"
- extension_supported_groups="00,0a, 00,24, 00,22$extension_supported_groups"
+ extension_supported_groups+=", 02,00, 02,01, 02,02, 11,eb, 11,ec, 11,ed, 63,99, 00,29, 11,ee"
+ extension_supported_groups="00,0a, 00,28, 00,26$extension_supported_groups"
fi
code2network "$extension_supported_groups"
@@ -16987,7 +17049,7 @@ tls_sockets() {
tls_hello_ascii="${tls_hello_ascii%%140303000101}"
# Check if the response is a HelloRetryRequest.
- original_clienthello="160301$(printf "%04x" "${#clienthello1}")$clienthello1"
+ original_clienthello="160301$(printf "%04x" "$((${#clienthello1}/2))")$clienthello1"
resend_if_hello_retry_request "$original_clienthello" "$tls_hello_ascii"
ret=$?
if [[ $ret -eq 2 ]]; then
@@ -17140,6 +17202,8 @@ tls_sockets() {
read -r key iv finished_key <<< "$handshake_traffic_keys"
if [[ "$cipher" == *SHA256 ]]; then
finished_msg="14000020$(hmac-transcript "-sha256" "$finished_key" "$msg_transcript")"
+ elif [[ "$cipher" == *SM3 ]]; then
+ finished_msg="14000020$(hmac-transcript "-sm3" "$finished_key" "$msg_transcript")"
else
finished_msg="14000030$(hmac-transcript "-sha384" "$finished_key" "$msg_transcript")"
fi
@@ -21055,7 +21119,7 @@ find_openssl_binary() {
local ossl_line1="" yr=""
# FIXME: At the moment curves_ossl does not include any post-quantum key-exchange
# groups (e.g., MLKEM512, MLKEM768, MLKEM1024, SecP256r1MLKEM768, X25519MLKEM768,
- # SecP384r1MLKEM1024). They do not need to be included since they are only
+ # SecP384r1MLKEM1024, curveSM2MLKEM768). They do not need to be included since they are only
# supported by OpenSSL 3.5.0 (and above), and "$OPENSSL list -tls-groups" is used
# instead of curves_ossl to populate $OSSL_SUPPORTED_CURVES. If newer versions of
# LibreSSL include support for groups that are not in curves_ossl, then they