diff options
Diffstat (limited to 'lib/priority.c')
-rw-r--r-- | lib/priority.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/lib/priority.c b/lib/priority.c index bcabee9018..ad99459adb 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -132,7 +132,8 @@ static const int _supported_groups_ecdh[] = { GNUTLS_GROUP_SECP256R1, GNUTLS_GROUP_SECP384R1, GNUTLS_GROUP_SECP521R1, - GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */ + GNUTLS_GROUP_X25519, /* RFC 8422 */ + GNUTLS_GROUP_X448, /* RFC 8422 */ 0 }; @@ -153,7 +154,8 @@ static const int _supported_groups_normal[] = { GNUTLS_GROUP_SECP256R1, GNUTLS_GROUP_SECP384R1, GNUTLS_GROUP_SECP521R1, - GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */ + GNUTLS_GROUP_X25519, /* RFC 8422 */ + GNUTLS_GROUP_X448, /* RFC 8422 */ /* These should stay last as our default behavior * is to send key shares for two top types (GNUTLS_KEY_SHARE_TOP2) @@ -172,7 +174,8 @@ static const int _supported_groups_secure128[] = { GNUTLS_GROUP_SECP256R1, GNUTLS_GROUP_SECP384R1, GNUTLS_GROUP_SECP521R1, - GNUTLS_GROUP_X25519, /* draft-ietf-tls-rfc4492bis */ + GNUTLS_GROUP_X25519, /* RFC 8422 */ + GNUTLS_GROUP_X448, /* RFC 8422 */ GNUTLS_GROUP_FFDHE2048, GNUTLS_GROUP_FFDHE3072, GNUTLS_GROUP_FFDHE4096, @@ -419,6 +422,8 @@ static const int _sign_priority_default[] = { GNUTLS_SIGN_ECDSA_SHA384, GNUTLS_SIGN_ECDSA_SECP384R1_SHA384, + GNUTLS_SIGN_EDDSA_ED448, + GNUTLS_SIGN_RSA_SHA512, GNUTLS_SIGN_RSA_PSS_SHA512, GNUTLS_SIGN_RSA_PSS_RSAE_SHA512, @@ -455,6 +460,7 @@ static const int _sign_priority_secure128[] = { GNUTLS_SIGN_RSA_PSS_RSAE_SHA256, GNUTLS_SIGN_ECDSA_SHA256, GNUTLS_SIGN_ECDSA_SECP256R1_SHA256, + GNUTLS_SIGN_EDDSA_ED25519, GNUTLS_SIGN_RSA_SHA384, @@ -463,6 +469,8 @@ static const int _sign_priority_secure128[] = { GNUTLS_SIGN_ECDSA_SHA384, GNUTLS_SIGN_ECDSA_SECP384R1_SHA384, + GNUTLS_SIGN_EDDSA_ED448, + GNUTLS_SIGN_RSA_SHA512, GNUTLS_SIGN_RSA_PSS_SHA512, GNUTLS_SIGN_RSA_PSS_RSAE_SHA512, |