mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-05-20 01:04:50 +02:00
Tobias Frauenschläger
89491c7e36
Add support for X25519 and X448 based hybrid PQC + ECC key exchange groups. Furthermore, two new combinations with SECP curves are added to match OQS combinations. This also incorporates the changed order of X25519 and X448 based combinations to place the PQC material before the ECDH material. This is motivated by the necessity to always have material of a FIPS approved algorithm first. Also, codepoints are updated to reflect the latest draft standards for pure ML-KEM and some of the hybrids. With these changes and based on the recent additions to both enable ML-KEM final and draft versions simultaneously, a WolfSSL TLS server is now compatible with all recent browsers that support either the draft version of ML-KEM (Chromium based browsers and Firefox < version 132; only when the draft version is enabled in the build) or the final version already (Firefox > version 132). In the process of extending support, some code and logic cleanup happened. Furthermore, some memory leaks within the hybrid code path have been fixed. Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
52 lines
1010 B
Plaintext
52 lines
1010 B
Plaintext
# server DTLSv1.3 with post-quantum group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc P256_ML_KEM_512
|
|
|
|
# client DTLSv1.3 with post-quantum group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc P256_ML_KEM_512
|
|
|
|
# server DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc X25519_ML_KEM_512
|
|
|
|
# client DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc X25519_ML_KEM_512
|
|
|
|
# Hybrids with ML_KEM_768 and ML_KEM_1024 would fragment the ClientHello.
|
|
|
|
# server DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc P256_KYBER_LEVEL1
|
|
|
|
# client DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc P256_KYBER_LEVEL1
|
|
|
|
# server DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc X25519_KYBER_LEVEL1
|
|
|
|
# client DTLSv1.3 with post-quantum hybrid group
|
|
-u
|
|
-v 4
|
|
-l TLS13-AES256-GCM-SHA384
|
|
--pqc X25519_KYBER_LEVEL1
|
|
|
|
# Hybrids with KYBER_LEVEL3 and KYBER_LEVEL5 would fragment the ClientHello.
|