min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't support X25519MLKEM768 by default (yet)

This commit is contained in:
Bas Westerbaan 2024-09-18 22:22:16 +02:00 committed by Bas Westerbaan
parent b7f47dec46
commit b7eaa5bc95
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
boring/src/ssl/mod.rs
View File

@ -2693,13 +2693,13 @@ impl SslRef {
if cfg!(feature = "kx-client-nist-required") {
"P256Kyber768Draft00:P-256:P-384:P-521"
} else {
"X25519Kyber768Draft00:X25519MLKEM768:X25519:P256Kyber768Draft00:P-256:P-384:P-521"
"X25519Kyber768Draft00:X25519:P256Kyber768Draft00:P-256:P-384:P-521"
}
} else if cfg!(feature = "kx-client-pq-supported") {
if cfg!(feature = "kx-client-nist-required") {
"P-256:P-384:P-521:P256Kyber768Draft00"
} else {
"X25519:P-256:P-384:P-521:X25519MLKEM768:X25519Kyber768Draft00:P256Kyber768Draft00"
"X25519:P-256:P-384:P-521:X25519Kyber768Draft00:P256Kyber768Draft00"
}
} else {
if cfg!(feature = "kx-client-nist-required") {
@ -2715,10 +2715,8 @@ impl SslRef {
#[cfg(feature = "kx-safe-default")]
fn server_set_default_curves_list(&mut self) {
self.set_curves_list(
"X25519Kyber768Draft00:X25519MLKEM768:P256Kyber768Draft00:X25519:P-256:P-384",
)
.expect("invalid default server curves list");
self.set_curves_list("X25519Kyber768Draft00:P256Kyber768Draft00:X25519:P-256:P-384")
.expect("invalid default server curves list");
}
/// Returns the [`SslCurve`] used for this `SslRef`.