From f8fcf556caab3fb1fb9d9b496d2724345c90a3eb Mon Sep 17 00:00:00 2001 From: beck <> Date: Thu, 4 Dec 2025 21:03:42 +0000 Subject: Add a MLKEM768_X25519 hybrid key share. This implements the currently in use MLKEM768_X25519 hybrid key share as outlined in https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/ This commit does not yet wire this up to anything, that is done in follow on changes. ok tb@ jsing@ kenjiro@ --- src/lib/libssl/tls13_client.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/lib/libssl/tls13_client.c') diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c index 901b38f860..b0a285694d 100644 --- a/src/lib/libssl/tls13_client.c +++ b/src/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.104 2024/07/22 14:47:15 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.105 2025/12/04 21:03:42 beck Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -53,7 +53,7 @@ tls13_client_init(struct tls13_ctx *ctx) return 0; if ((ctx->hs->key_share = tls_key_share_new(groups[0])) == NULL) return 0; - if (!tls_key_share_generate(ctx->hs->key_share)) + if (!tls_key_share_client_generate(ctx->hs->key_share)) return 0; arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); @@ -450,7 +450,7 @@ tls13_client_hello_retry_send(struct tls13_ctx *ctx, CBB *cbb) if ((ctx->hs->key_share = tls_key_share_new(ctx->hs->tls13.server_group)) == NULL) return 0; - if (!tls_key_share_generate(ctx->hs->key_share)) + if (!tls_key_share_client_generate(ctx->hs->key_share)) return 0; if (!tls13_client_hello_build(ctx, cbb)) -- cgit v1.2.3-55-g6feb