Attention is currently required from: comododragon, flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email )
Change subject: Added PQE to WolfSSL ...................................................................... Patch Set 5: Code-Review+1 (3 comments) Patchset: PS5: I tested the patch and it works and is also a lot cleaner than the first version. There are some documentation updates I would like to see (see the other comments) to ensure users to don't get lost with the difference in OpenSSL vs wolfSSL names and defaults. Also wolfSSL's ML-DSA-87 seems to be a bit wacky for now. It cannot read the private key generated by OpenSSL and when connecting to a server with ml-kem and fingerprints it seems not be able to read some of the fields with the current APIs that we use: [wolfSSL] Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: , signature: ML-DSA 87, peer signing digest/type: SHA512 ML-DSA 87 vs [OpenSSL] Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 20736 bits ML-DSA-87, signature: id-ml-dsa-87, peer signing digest/type: mldsa87 id-ml-dsa-87, key agreement: X25519MLKEM768 but that should be probably adresses in a different patch. File README.wolfssl: http://gerrit.openvpn.net/c/openvpn/+/1046/comment/19a0ea53_119798bd : PS3, Line 39: WolfSSL supports the following Quantum Safe algorithms by specifying them using the `tls-groups` > What do you mean? WolfSSL allows the definition of secp384r1 and P-384 > respectively interchangeably. Okay you are right for the *plain* P384 curve but not for the hybrid ones (see below). But we NEED to mention is that the names of the new key agreements are different. If you try to use the names that work with OpenSSL (https://community.openvpn.net/PQCryptoOpenVPN) you get only an error Failed to set allowed TLS group list: secp384r1:X25519MLKEM768 while OpenSSL also does not like the wolfSSL names. It is probably good to least mention the difference in the naming, e.g. by adding the names of the OpenSSL (our TLS library) in brackes in the readme. Also OpenSSL *only* accepts secp384r1MLKEM1024 and not P384MLKEM1024. So it is something more than just removing the _ from the names. So I still it would be good document this fact at least in the man page for tls-groups by adding a paragraph like: Please note that when OpenVPN is compiled with wolfSSL, the names of the groups might be called different, especially the PQ groups (e.g. X25519_ML_KEM_512 instead of X25519MLKEM768 or P384_MLKEM_1024 instead of secp384r1MLKEM1024) File README.wolfssl: http://gerrit.openvpn.net/c/openvpn/+/1046/comment/41367317_be158cd2 : PS5, Line 38: option in an OpenVPN config. Add a paragraph here like: In contrast to OpenSSL that includes X25519MLKEM768 in the default configuration, wolfSSL will need to explicitly have tls-groups configured to include (at least one) PQ KEM. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1046?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ie0529c2074964b3be034f01e0ef53090a6edbd35 Gerrit-Change-Number: 1046 Gerrit-PatchSet: 5 Gerrit-Owner: comododragon <rein.vanbaa...@fox-it.com> Gerrit-Reviewer: cron2 <g...@greenie.muc.de> Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com> Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org> Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net> Gerrit-Attention: flichtenheld <fr...@lichtenheld.com> Gerrit-Attention: comododragon <rein.vanbaa...@fox-it.com> Gerrit-Comment-Date: Wed, 25 Jun 2025 22:23:31 +0000 Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: plaisthos <arne-open...@rfc2549.org> Comment-In-Reply-To: comododragon <rein.vanbaa...@fox-it.com> Gerrit-MessageType: comment
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
