File 1643-ssl-Add-hybrid-PQA-support.patch of Package erlang
From 1712a6f32f410c8ecdc64f55ae4820f796fa9af0 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 20 Oct 2025 21:21:51 +0200
Subject: [PATCH 3/3] ssl: Add hybrid PQA support
---
.../test/property_test/ssl_eqc_handshake.erl | 21 ++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/lib/ssl/test/property_test/ssl_eqc_handshake.erl b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
index a1f483973c..f68d649205 100644
--- a/lib/ssl/test/property_test/ssl_eqc_handshake.erl
+++ b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
@@ -689,7 +689,7 @@ elliptic_curves(Version) when ?TLS_LT(Version, ?TLS_1_3) ->
%% RFC 8446 (TLS 1.3) renamed the "elliptic_curve" extension.
supported_groups(Version) when ?TLS_GTE(Version, ?TLS_1_3) ->
- SupportedGroups = tls_v1:groups(),
+ SupportedGroups = tls_v1:groups(),
#supported_groups{supported_groups = SupportedGroups}.
@@ -773,11 +773,30 @@ generate_public_key(Group) when
Group =:= mlkem1024 ->
{PublicKey, _} = crypto:generate_key(Group, []),
PublicKey;
+generate_public_key(x25519mlkem768 = Group) ->
+ {Curve, MLKem} = hybrid_algs(Group),
+ P2 = generate_public_key(Curve),
+ {P1,_} = crypto:generate_key(MLKem, []),
+ <<P1/binary, P2/binary>>;
+generate_public_key(Group) when
+ Group =:= secp256r1mlkem768 orelse
+ Group =:= secp384r1mlkem1024 ->
+ {Curve, MLKem} = hybrid_algs(Group),
+ P1 = generate_public_key(Curve),
+ {P2, _} = crypto:generate_key(MLKem, []),
+ <<P1/binary, P2/binary>>;
generate_public_key(Group) ->
{PublicKey, _} =
public_key:generate_key(ssl_dh_groups:dh_params(Group)),
PublicKey.
+hybrid_algs(x25519mlkem768)->
+ {x25519, mlkem768};
+hybrid_algs(secp256r1mlkem768) ->
+ {secp256r1, mlkem768};
+hybrid_algs(secp384r1mlkem1024) ->
+ {secp384r1, mlkem1024}.
+
groups() ->
Max = length(ssl:groups()),
?LET(Size, choose(1,Max), group_list(Size)).
--
2.51.0
