Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-04-19 17:33:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem

Browse Source 
The commit adds support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem. This includes support for the TLS_SM4_GCM_SM3 and TLS_SM4_CCM_SM3 cipher suites, the key exchange groups curveSM2 and curveSM2MLKEM768, and SM2 public keys and signatures.

While this commit adds support to tls_sockets() to decrypt server responses encrypted under SM4 GCM or CCM, OpenSSL does not support performing key derivation using curveSM2. So, tls_sockets() can not decrypt server responses if the key exchange was performed using curveSM2 or curveSM2MLKEM768.
This commit is contained in:
David Cooper
2024-11-22 14:05:33 -08:00
committed by David
parent 3f9eb84778
commit 3be7a854cb
6 changed files with 240 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
etc/curves-mapping.txt
View File

@@ -51,4 +51,5 @@
0x11,0xeb - SecP256r1MLKEM768 SecP256r1MLKEM768
0x11,0xec - X25519MLKEM768 X25519MLKEM768
0x11,0xed - SecP384r1MLKEM1024 SecP384r1MLKEM1024
0x11,0xee - curveSM2MLKEM768 curveSM2MLKEM768
0x63,0x99 - X25519Kyber768Draft00 X25519Kyber768Draft00