diff options
author | Bas Westerbaan <bas@westerbaan.name> | 2023-10-11 21:45:37 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-11 13:45:37 -0600 |
commit | 289934f3d16405c6aa791d2b0702c2f893045e0e (patch) | |
tree | f306b6a3aba1df278d93ced9fc9d45704ed53e2f | |
parent | 3a3182fba3eb20c45dce3efd9eb2856288a5ae04 (diff) |
tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#5852)
… when compiled with cfgo (https://github.com/cloudflare/go).
-rw-r--r-- | modules/caddytls/cf.go | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/modules/caddytls/cf.go b/modules/caddytls/cf.go new file mode 100644 index 0000000..e61a59c --- /dev/null +++ b/modules/caddytls/cf.go @@ -0,0 +1,24 @@ +//go:build cfgo + +package caddytls + +// This file adds support for X25519Kyber768Draft00, a post-quantum +// key agreement that is currently being rolled out by Chrome [1] +// and Cloudflare [2,3]. For more context, see the PR [4]. +// +// [1] https://blog.chromium.org/2023/08/protecting-chrome-traffic-with-hybrid.html +// [2] https://blog.cloudflare.com/post-quantum-for-all/ +// [3] https://blog.cloudflare.com/post-quantum-to-origins/ +// [4] https://github.com/caddyserver/caddy/pull/5852 + +import ( + "crypto/tls" +) + +func init() { + SupportedCurves["X25519Kyber768Draft00"] = tls.X25519Kyber768Draft00 + defaultCurves = append( + []tls.CurveID{tls.X25519Kyber768Draft00}, + defaultCurves..., + ) +} |