From 16335f846bdd44f55137c18c7db27d95af4b2694 Mon Sep 17 00:00:00 2001 From: Bas Westerbaan Date: Mon, 2 Oct 2023 14:23:49 +0200 Subject: [PATCH] =?UTF-8?q?tls=20Add=20support=20for=20X25519Kyber768Draft?= =?UTF-8?q?00=20post-quantum=20"curve"=20=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit … when compiled with cfgo (https://github.com/cloudflare/go). --- modules/caddytls/cf.go | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 modules/caddytls/cf.go diff --git a/modules/caddytls/cf.go b/modules/caddytls/cf.go new file mode 100644 index 00000000000..e61a59c09e1 --- /dev/null +++ b/modules/caddytls/cf.go @@ -0,0 +1,24 @@ +//go:build cfgo + +package caddytls + +// This file adds support for X25519Kyber768Draft00, a post-quantum +// key agreement that is currently being rolled out by Chrome [1] +// and Cloudflare [2,3]. For more context, see the PR [4]. +// +// [1] https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html +// [2] https://blog.cloudflare.com/post-quantum-for-all/ +// [3] https://blog.cloudflare.com/post-quantum-to-origins/ +// [4] https://github.com/caddyserver/caddy/pull/5852 + +import ( + "crypto/tls" +) + +func init() { + SupportedCurves["X25519Kyber768Draft00"] = tls.X25519Kyber768Draft00 + defaultCurves = append( + []tls.CurveID{tls.X25519Kyber768Draft00}, + defaultCurves..., + ) +}