1 files changed, 11 insertions, 3 deletions

diff --git a/lib/priority.c b/lib/priority.c
index bcabee9018..ad99459adb 100644
--- a/lib/priority.c
+++ b/lib/priority.c
@@ -132,7 +132,8 @@ static const int _supported_groups_ecdh[] = {
 	GNUTLS_GROUP_SECP256R1,
 	GNUTLS_GROUP_SECP384R1,
 	GNUTLS_GROUP_SECP521R1,
-	GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
 	0
 };
 
@@ -153,7 +154,8 @@ static const int _supported_groups_normal[] = {
 	GNUTLS_GROUP_SECP256R1,
 	GNUTLS_GROUP_SECP384R1,
 	GNUTLS_GROUP_SECP521R1,
-	GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
 
 	/* These should stay last as our default behavior
 	 * is to send key shares for two top types (GNUTLS_KEY_SHARE_TOP2)
@@ -172,7 +174,8 @@ static const int _supported_groups_secure128[] = {
 	GNUTLS_GROUP_SECP256R1,
 	GNUTLS_GROUP_SECP384R1,
 	GNUTLS_GROUP_SECP521R1,
-	GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */
+	GNUTLS_GROUP_X25519, /* RFC 8422 */
+	GNUTLS_GROUP_X448, /* RFC 8422 */
 	GNUTLS_GROUP_FFDHE2048,
 	GNUTLS_GROUP_FFDHE3072,
 	GNUTLS_GROUP_FFDHE4096,
@@ -419,6 +422,8 @@ static const int _sign_priority_default[] = {
 	GNUTLS_SIGN_ECDSA_SHA384,
 	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
 
+	GNUTLS_SIGN_EDDSA_ED448,
+
 	GNUTLS_SIGN_RSA_SHA512,
 	GNUTLS_SIGN_RSA_PSS_SHA512,
 	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,
@@ -455,6 +460,7 @@ static const int _sign_priority_secure128[] = {
 	GNUTLS_SIGN_RSA_PSS_RSAE_SHA256,
 	GNUTLS_SIGN_ECDSA_SHA256,
 	GNUTLS_SIGN_ECDSA_SECP256R1_SHA256,
+
 	GNUTLS_SIGN_EDDSA_ED25519,
 
 	GNUTLS_SIGN_RSA_SHA384,
@@ -463,6 +469,8 @@ static const int _sign_priority_secure128[] = {
 	GNUTLS_SIGN_ECDSA_SHA384,
 	GNUTLS_SIGN_ECDSA_SECP384R1_SHA384,
 
+	GNUTLS_SIGN_EDDSA_ED448,
+
 	GNUTLS_SIGN_RSA_SHA512,
 	GNUTLS_SIGN_RSA_PSS_SHA512,
 	GNUTLS_SIGN_RSA_PSS_RSAE_SHA512,