1 files changed, 30 insertions, 34 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 57cd180d09..912bea592a 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.206 2025/05/31 15:17:11 tb Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.207 2025/12/04 21:16:17 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -306,6 +306,11 @@ static const struct supported_group nid_list[] = {
                .nid = NID_X25519,
                .bits = 128,
        },
+        {
+                .group_id = 4588,
+                .nid = NID_X25519MLKEM768,
+                .bits = 128,
+        },
 };
 #define NID_LIST_LEN (sizeof(nid_list) / sizeof(nid_list[0]))
@@ -322,41 +327,21 @@ static const uint8_t ecformats_default[] = {
        TLSEXT_ECPOINTFORMAT_uncompressed,
 };
-#if 0
+static const uint16_t ecgroups_tls12_client_default[] = {
-static const uint16_t ecgroups_list[] = {
        29,                     /* X25519 (29) */
-        14,                     /* sect571r1 (14) */
+        23,                     /* secp256r1 (23) */
-        13,                     /* sect571k1 (13) */
-        25,                     /* secp521r1 (25) */
-        28,                     /* brainpoolP512r1 (28) */
-        11,                     /* sect409k1 (11) */
-        12,                     /* sect409r1 (12) */
-        27,                     /* brainpoolP384r1 (27) */
        24,                     /* secp384r1 (24) */
-        9,                      /* sect283k1 (9) */
+        25,                     /* secp521r1 (25) */
-        10,                     /* sect283r1 (10) */
+};
-        26,                     /* brainpoolP256r1 (26) */
-        22,                     /* secp256k1 (22) */
+static const uint16_t ecgroups_tls12_server_default[] = {
+        29,                     /* X25519 (29) */
        23,                     /* secp256r1 (23) */
-        8,                      /* sect239k1 (8) */
+        24,                     /* secp384r1 (24) */
-        6,                      /* sect233k1 (6) */
-        7,                      /* sect233r1 (7) */
-        20,                     /* secp224k1 (20) */
-        21,                     /* secp224r1 (21) */
-        4,                      /* sect193r1 (4) */
-        5,                      /* sect193r2 (5) */
-        18,                     /* secp192k1 (18) */
-        19,                     /* secp192r1 (19) */
-        1,                      /* sect163k1 (1) */
-        2,                      /* sect163r1 (2) */
-        3,                      /* sect163r2 (3) */
-        15,                     /* secp160k1 (15) */
-        16,                     /* secp160r1 (16) */
-        17,                     /* secp160r2 (17) */
 };
-#endif
 static const uint16_t ecgroups_client_default[] = {
+        4588,                   /* X25519MLKEM768 (4588) */
        29,                     /* X25519 (29) */
        23,                     /* secp256r1 (23) */
        24,                     /* secp384r1 (24) */
@@ -364,6 +349,7 @@ static const uint16_t ecgroups_client_default[] = {
 };
 static const uint16_t ecgroups_server_default[] = {
+        4588,                   /* X25519MLKEM768 (4588) */
        29,                     /* X25519 (29) */
        23,                     /* secp256r1 (23) */
        24,                     /* secp384r1 (24) */
@@ -478,11 +464,21 @@ tls1_get_group_list(const SSL *s, int client_groups, const uint16_t **pgroups,
                return;
        if (!s->server) {
-                *pgroups = ecgroups_client_default;
+                if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
-                *pgroupslen = sizeof(ecgroups_client_default) / 2;
+                        *pgroups = ecgroups_client_default;
+                        *pgroupslen = sizeof(ecgroups_client_default) / 2;
+                } else {
+                        *pgroups = ecgroups_tls12_client_default;
+                        *pgroupslen = sizeof(ecgroups_tls12_client_default) / 2;
+                }
        } else {
-                *pgroups = ecgroups_server_default;
+                if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
-                *pgroupslen = sizeof(ecgroups_server_default) / 2;
+                        *pgroups = ecgroups_server_default;
+                        *pgroupslen = sizeof(ecgroups_server_default) / 2;
+                } else {
+                        *pgroups = ecgroups_tls12_server_default;
+                        *pgroupslen = sizeof(ecgroups_tls12_server_default) / 2;
+                }
        }
 }

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 57cd180d09..912bea592a 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.206 2025/05/31 15:17:11 tb Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.207 2025/12/04 21:16:17 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -306,6 +306,11 @@ static const struct supported_group nid_list[] = {
306	.nid = NID_X25519,	306	.nid = NID_X25519,
307	.bits = 128,	307	.bits = 128,
308	},	308	},
		309	{
		310	.group_id = 4588,
		311	.nid = NID_X25519MLKEM768,
		312	.bits = 128,
		313	},
309	};	314	};
310		315
311	#define NID_LIST_LEN (sizeof(nid_list) / sizeof(nid_list[0]))	316	#define NID_LIST_LEN (sizeof(nid_list) / sizeof(nid_list[0]))
@@ -322,41 +327,21 @@ static const uint8_t ecformats_default[] = {
322	TLSEXT_ECPOINTFORMAT_uncompressed,	327	TLSEXT_ECPOINTFORMAT_uncompressed,
323	};	328	};
324		329
325	#if 0	330	static const uint16_t ecgroups_tls12_client_default[] = {
326	static const uint16_t ecgroups_list[] = {
327	29, /* X25519 (29) */	331	29, /* X25519 (29) */
328	14, /* sect571r1 (14) */	332	23, /* secp256r1 (23) */
329	13, /* sect571k1 (13) */
330	25, /* secp521r1 (25) */
331	28, /* brainpoolP512r1 (28) */
332	11, /* sect409k1 (11) */
333	12, /* sect409r1 (12) */
334	27, /* brainpoolP384r1 (27) */
335	24, /* secp384r1 (24) */	333	24, /* secp384r1 (24) */
336	9, /* sect283k1 (9) */	334	25, /* secp521r1 (25) */
337	10, /* sect283r1 (10) */	335	};
338	26, /* brainpoolP256r1 (26) */	336
339	22, /* secp256k1 (22) */	337	static const uint16_t ecgroups_tls12_server_default[] = {
		338	29, /* X25519 (29) */
340	23, /* secp256r1 (23) */	339	23, /* secp256r1 (23) */
341	8, /* sect239k1 (8) */	340	24, /* secp384r1 (24) */
342	6, /* sect233k1 (6) */
343	7, /* sect233r1 (7) */
344	20, /* secp224k1 (20) */
345	21, /* secp224r1 (21) */
346	4, /* sect193r1 (4) */
347	5, /* sect193r2 (5) */
348	18, /* secp192k1 (18) */
349	19, /* secp192r1 (19) */
350	1, /* sect163k1 (1) */
351	2, /* sect163r1 (2) */
352	3, /* sect163r2 (3) */
353	15, /* secp160k1 (15) */
354	16, /* secp160r1 (16) */
355	17, /* secp160r2 (17) */
356	};	341	};
357	#endif
358		342
359	static const uint16_t ecgroups_client_default[] = {	343	static const uint16_t ecgroups_client_default[] = {
		344	4588, /* X25519MLKEM768 (4588) */
360	29, /* X25519 (29) */	345	29, /* X25519 (29) */
361	23, /* secp256r1 (23) */	346	23, /* secp256r1 (23) */
362	24, /* secp384r1 (24) */	347	24, /* secp384r1 (24) */
@@ -364,6 +349,7 @@ static const uint16_t ecgroups_client_default[] = {
364	};	349	};
365		350
366	static const uint16_t ecgroups_server_default[] = {	351	static const uint16_t ecgroups_server_default[] = {
		352	4588, /* X25519MLKEM768 (4588) */
367	29, /* X25519 (29) */	353	29, /* X25519 (29) */
368	23, /* secp256r1 (23) */	354	23, /* secp256r1 (23) */
369	24, /* secp384r1 (24) */	355	24, /* secp384r1 (24) */
@@ -478,11 +464,21 @@ tls1_get_group_list(const SSL s, int client_groups, const uint16_t *pgroups,
478	return;	464	return;
479		465
480	if (!s->server) {	466	if (!s->server) {
481	*pgroups = ecgroups_client_default;	467	if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
482	*pgroupslen = sizeof(ecgroups_client_default) / 2;	468	*pgroups = ecgroups_client_default;
		469	*pgroupslen = sizeof(ecgroups_client_default) / 2;
		470	} else {
		471	*pgroups = ecgroups_tls12_client_default;
		472	*pgroupslen = sizeof(ecgroups_tls12_client_default) / 2;
		473	}
483	} else {	474	} else {
484	*pgroups = ecgroups_server_default;	475	if (s->s3->hs.our_max_tls_version >= TLS1_3_VERSION) {
485	*pgroupslen = sizeof(ecgroups_server_default) / 2;	476	*pgroups = ecgroups_server_default;
		477	*pgroupslen = sizeof(ecgroups_server_default) / 2;
		478	} else {
		479	*pgroups = ecgroups_tls12_server_default;
		480	*pgroupslen = sizeof(ecgroups_tls12_server_default) / 2;
		481	}
486	}	482	}
487	}	483	}
488		484