mirror of
https://github.com/drwetter/testssl.sh.git
synced 2026-04-19 17:33:30 +02:00
3be7a854cb
The commit adds support for RFC 8998 and draft-yang-tls-hybrid-sm2-mlkem. This includes support for the TLS_SM4_GCM_SM3 and TLS_SM4_CCM_SM3 cipher suites, the key exchange groups curveSM2 and curveSM2MLKEM768, and SM2 public keys and signatures. While this commit adds support to tls_sockets() to decrypt server responses encrypted under SM4 GCM or CCM, OpenSSL does not support performing key derivation using curveSM2. So, tls_sockets() can not decrypt server responses if the key exchange was performed using curveSM2 or curveSM2MLKEM768.
36 lines
702 B
Plaintext
36 lines
702 B
Plaintext
# Value, IANA name, openssl serverhello
|
|
1, sect163k1, K-163
|
|
2, sect163r1,
|
|
3, sect163r2, B-163
|
|
4, sect193r1,
|
|
5, sect193r2,
|
|
6, sect233k1, K-233
|
|
7, sect233r1, B-233
|
|
8, sect239k1,
|
|
9, sect283k1, K-283
|
|
10, sect283r1, B-283
|
|
11, sect409k1, K-409
|
|
12, sect409r1, B-409
|
|
13, sect571k1, K-571
|
|
14, sect571r1, B-571
|
|
15, secp160k1,
|
|
16, secp160r1,
|
|
17, secp160r2,
|
|
18, secp192k1,
|
|
19, secp192r1, P-192
|
|
20, secp224k1,
|
|
21, secp224r1, P-224
|
|
22, secp256k1,
|
|
23, secp256r1, P-256
|
|
24, secp384r1, P-384
|
|
25, secp521r1, P-521
|
|
26, brainpoolP256r1,
|
|
27, brainpoolP384r1,
|
|
28, brainpoolP512r1,
|
|
29, curve25519,
|
|
30, curve448,
|
|
31, brainpoolP256r1tls13,
|
|
32, brainpoolP384r1tls13,
|
|
33, brainpoolP512r1tls13,
|
|
41, curveSM2
|