Support post-quantum algorithms

[fwh-dc]

I'm setting up a service with post-quantum algorithms and I'd like to be able to detect correct setup with sslscan.

Would you accept a contribution that allows printing post-quantum algorithms? And is it correct that I just need to update the list in testSupportedGroups()?

[jtesta]

Would you accept a contribution that allows printing post-quantum algorithms?

I'm not the maintainer, but I'd say this would be an important addition.

And is it correct that I just need to update the list in testSupportedGroups()?

I think I wrote that function, but I don't remember everything that would be necessary. There's only one way to find out!

Also, if you share how exactly you set up your test lab, that could help us with future testing. Thanks!

[rbsec]

Certainly no objections here - although I'm afraid that sslscan isn't a project I have a huge amount of time for ATM.

Proper support (i.e. the ability to make actual connections) would probably need to come from OpenSSL. But we do some of our own handshake stuff, so it may be possible to just hack it in there.

As well as testSupportedGroups() we also have a hard-coded list of groups in checkIfTLSVersionIsSupported() - so that might also need updating.

[baentsch]

fyi @fwh-dc -- support for standardized PQ groups landed in https://github.com/rbsec/sslscan/pull/331, courtesy @jtesta . Remaining open question: What about PQ signature algs (MLDSA, SLHDSA)? Anyone already working on this? Anyone asking for it?