Add support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem

The commit adds support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem. This includes support for the TLS_SM4_GCM_SM3 and TLS_SM4_CCM_SM3 cipher suites, the key exchange groups curveSM2 and curveSM2MLKEM768, and SM2 public keys and signatures. While this commit adds support to tls_sockets() to decrypt server responses encrypted under SM4 GCM or CCM, OpenSSL does not support performing key derivation using curveSM2. So, tls_sockets() can not decrypt server responses if the key exchange was performed using curveSM2 or curveSM2MLKEM768.
2026-04-19 17:33:30 +02:00 · 2024-11-22 14:05:33 -08:00
parent 3f9eb84778
commit 3be7a854cb
6 changed files with 240 additions and 92 deletions
--- a/openssl-iana.mapping.html
+++ b/openssl-iana.mapping.html
@@ -224,6 +224,10 @@ xB9  TLS_RSA_PSK_WITH_NULL_SHA384
 <tr><td> [0xbe]</td><td>     DHE-RSA-CAMELLIA128-SHA256</td><td> DH       </td><td>   Camellia  </td><td>  128          </td><td> TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    </td></tr>
 <tr><td> [0xbf]</td><td>     ADH-CAMELLIA128-SHA256    </td><td> DH       </td><td>   Camellia  </td><td>  128          </td><td> TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256     </td></tr>

+<!-- RFC 8998 -->
+<tr><td> [0xc6]</td><td>          </td><td> ECDH     </td><td> SM4GCM    </td><td> 128           </td><td> TLS_SM4_GCM_SM3     </td></tr>
+<tr><td> [0xc7]</td><td>          </td><td> ECDH     </td><td> SM4CCM    </td><td> 128           </td><td> TLS_SM4_CCM_SM3     </td></tr>
+
 <!-- https://tools.ietf.org/html/rfc5746 -->
 <tr><td> [0x5600]</td><td>   TLS_FALLBACK_SCSV            </td><td>          </td><td>           </td><td>               </td><td> TLS_EMPTY_RENEGOTIATION_INFO_SCSV     </td></tr>