xyber cannot be negotiated GREASE [/CoreOS/nss/Sanity/GREASE] : should not be enabled by default Bug 1902119 - reuse X25519 share when offering both X25519 and Xyber768d00. check X25519 key share is reused between classic and hybrid with ML-KEM check P256 one is reused; if not, nudge upstream resume with strsclnt a few times and verify every key share is unique [optional, hinges on being able to send two key shares though =/] Bug 1915792 - Allow importing PKCS#8 private EC keys missing public key craft a file with EC private key only, should import into database Bug 1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN check that the ECDHE FIPS pairwise consistency check in pkcs11c.c:NSC_GenerateKeyPair is triggered in FIPS mode CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN is not in fips_algorithms.h [manual check] Bug 1935925 - change default sensitivity of KEM keys. connection decryption with SSLKEYLOGFILE keys still works when ML-KEM key shares are in use

.NSS rebased to 3.112 The NSS cryptographic toolkit packages have been rebased to upstream version 3.112, which provides many improvements and fixes. Most notably, the following: * Added support for the Module-Lattice-Based Digital Signature Algorithm (ML-DSA), which is a post-quantum cryptography (PQC) standard. * Added hybrid support for SSL for the MLKEM1024 key encapsulation mechanism. The following known issues occur in this version: * Updating the NSS database password corrupts the ML-DSA seed. For more information, see link: https://issues.redhat.com/browse/RHEL-114443 [ RHEL-114443 ].