Add a MLKEM768_X25519 hybrid key share.

This implements the currently in use MLKEM768_X25519 hybrid key share as outlined in https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/ This commit does not yet wire this up to anything, that is done in follow on changes. ok tb@ jsing@ kenjiro@
author: beck <> 2025-12-04 21:03:42 +0000
committer: beck <> 2025-12-04 21:03:42 +0000
commit: f8fcf556caab3fb1fb9d9b496d2724345c90a3eb (patch)
tree: e39a46d0520e4b766125513ea7a2a2e6521f7cf6 /src/lib/libssl/ssl_srvr.c
parent: 25e047ad935a9d585bc84fe9aae3de40dbad3e72 (diff)
download: openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.tar.gz
openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.tar.bz2
openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index db4ba38b51..ef93e283de 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.166 2025/03/09 15:53:36 tb Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.167 2025/12/04 21:03:42 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1357,7 +1357,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
                        goto err;
        }
-        if (!tls_key_share_generate(s->s3->hs.key_share))
+        if (!tls_key_share_server_generate(s->s3->hs.key_share))
                goto err;
        if (!tls_key_share_params(s->s3->hs.key_share, cbb))
@@ -1393,7 +1393,7 @@ ssl3_send_server_kex_ecdhe(SSL *s, CBB *cbb)
        if ((s->s3->hs.key_share = tls_key_share_new_nid(nid)) == NULL)
                goto err;
-        if (!tls_key_share_generate(s->s3->hs.key_share))
+        if (!tls_key_share_server_generate(s->s3->hs.key_share))
                goto err;
        /*
@@ -1744,7 +1744,7 @@ ssl3_get_client_kex_dhe(SSL *s, CBS *cbs)
                goto err;
        }
-        if (!tls_key_share_peer_public(s->s3->hs.key_share, cbs,
+        if (!tls_key_share_server_peer_public(s->s3->hs.key_share, cbs,
            &decode_error, &invalid_key)) {
                if (decode_error) {
                        SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
@@ -1792,7 +1792,7 @@ ssl3_get_client_kex_ecdhe(SSL *s, CBS *cbs)
                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
                goto err;
        }
-        if (!tls_key_share_peer_public(s->s3->hs.key_share, &public,
+        if (!tls_key_share_server_peer_public(s->s3->hs.key_share, &public,
            &decode_error, NULL)) {
                if (decode_error) {
                        SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
author	beck <>	2025-12-04 21:03:42 +0000
committer	beck <>	2025-12-04 21:03:42 +0000
commit	f8fcf556caab3fb1fb9d9b496d2724345c90a3eb (patch)
tree	e39a46d0520e4b766125513ea7a2a2e6521f7cf6 /src/lib/libssl/ssl_srvr.c
parent	25e047ad935a9d585bc84fe9aae3de40dbad3e72 (diff)
download	openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.tar.gz openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.tar.bz2 openbsd-f8fcf556caab3fb1fb9d9b496d2724345c90a3eb.zip

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index db4ba38b51..ef93e283de 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.166 2025/03/09 15:53:36 tb Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.167 2025/12/04 21:03:42 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1357,7 +1357,7 @@ ssl3_send_server_kex_dhe(SSL s, CBB cbb)
1357	goto err;	1357	goto err;
1358	}	1358	}
1359		1359
1360	if (!tls_key_share_generate(s->s3->hs.key_share))	1360	if (!tls_key_share_server_generate(s->s3->hs.key_share))
1361	goto err;	1361	goto err;
1362		1362
1363	if (!tls_key_share_params(s->s3->hs.key_share, cbb))	1363	if (!tls_key_share_params(s->s3->hs.key_share, cbb))
@@ -1393,7 +1393,7 @@ ssl3_send_server_kex_ecdhe(SSL s, CBB cbb)
1393	if ((s->s3->hs.key_share = tls_key_share_new_nid(nid)) == NULL)	1393	if ((s->s3->hs.key_share = tls_key_share_new_nid(nid)) == NULL)
1394	goto err;	1394	goto err;
1395		1395
1396	if (!tls_key_share_generate(s->s3->hs.key_share))	1396	if (!tls_key_share_server_generate(s->s3->hs.key_share))
1397	goto err;	1397	goto err;
1398		1398
1399	/*	1399	/*
@@ -1744,7 +1744,7 @@ ssl3_get_client_kex_dhe(SSL s, CBS cbs)
1744	goto err;	1744	goto err;
1745	}	1745	}
1746		1746
1747	if (!tls_key_share_peer_public(s->s3->hs.key_share, cbs,	1747	if (!tls_key_share_server_peer_public(s->s3->hs.key_share, cbs,
1748	&decode_error, &invalid_key)) {	1748	&decode_error, &invalid_key)) {
1749	if (decode_error) {	1749	if (decode_error) {
1750	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);	1750	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
@@ -1792,7 +1792,7 @@ ssl3_get_client_kex_ecdhe(SSL s, CBS cbs)
1792	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);	1792	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1793	goto err;	1793	goto err;
1794	}	1794	}
1795	if (!tls_key_share_peer_public(s->s3->hs.key_share, &public,	1795	if (!tls_key_share_server_peer_public(s->s3->hs.key_share, &public,
1796	&decode_error, NULL)) {	1796	&decode_error, NULL)) {
1797	if (decode_error) {	1797	if (decode_error) {
1798	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);	1798	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);