Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-125931

QE Test support for loading multiple sets of x509 certificates for PQC hybrid mode

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: Generate New Ti...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • None
    • qemu-kvm / General
    • None
    • rhel-virt-core
    • None
    • False
    • Hide

      None

      Show
      None
    • None

      To support hybrid mode for PQC, the TLS library (GNUTLS for QEMU) must be provided multiple distinct sets of certificates. One set using classic DSA algorithm, and one set using ML-DSA algorithm.

      This requires calling gnutls_certificate_set_x509_key() with different pem files loaded, which is not something QEMU is currently able to do.

       

              virt-maint virt-maint
              rhn-engineering-berrange Daniel Berrangé
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: