From dbfcaebe9faaf4f8d306ed58486b5f25f7e854ba Mon Sep 17 00:00:00 2001
From: Camila Macedo <7708031+camilamacedo86@users.noreply.github.com>
Date: Tue, 7 Apr 2026 16:32:27 +0200
Subject: [PATCH] Update TLS profiles to Mozilla v5.8

Minimal changes to make verify work:
- Change INPUT URL from latest.json to 5.8.json
- Update ciphers.go to ciphers.iana (Mozilla v5.8 format change)
- Add X25519MLKEM768 post-quantum curve constant
- Filter out unsupported ciphers not in Go's crypto/tls:
  - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  - TLS_RSA_WITH_AES_256_CBC_SHA256
- Update CHACHA20_POLY1305 constants to include _SHA256 suffix

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
---
 hack/tools/update-tls-profiles.sh              |  8 ++++++--
 .../shared/util/tlsprofiles/mozilla_data.go    | 15 +++++++++------
 .../shared/util/tlsprofiles/tlsprofiles.go     | 18 ++++++++++--------
 3 files changed, 25 insertions(+), 16 deletions(-)

diff --git a/hack/tools/update-tls-profiles.sh b/hack/tools/update-tls-profiles.sh
index 8fa61c43ee..29b8d8790a 100755
--- a/hack/tools/update-tls-profiles.sh
+++ b/hack/tools/update-tls-profiles.sh
@@ -8,7 +8,7 @@ if [ -z "${JQ}" ]; then
 fi
 
 OUTPUT=internal/shared/util/tlsprofiles/mozilla_data.go
-INPUT=https://ssl-config.mozilla.org/guidelines/latest.json
+INPUT=https://ssl-config.mozilla.org/guidelines/5.8.json
 
 TMPFILE="$(mktemp)"
 trap 'rm -rf "$TMPFILE"' EXIT
@@ -38,7 +38,7 @@ cipherNums: []uint16{
 EOF
 
     ${JQ} -r ".configurations.$1.ciphersuites.[] | . |= \"tls.\" + . + \",\"" ${TMPFILE} >> ${OUTPUT}
-    ${JQ} -r ".configurations.$1.ciphers.go[] | . |= \"tls.\" + . + \",\"" ${TMPFILE} >> ${OUTPUT}
+    ${JQ} -r ".configurations.$1.ciphers.iana[] | . |= \"tls.\" + . + \",\"" ${TMPFILE} >> ${OUTPUT}
 
     cat >> ${OUTPUT} <<EOF
 },
@@ -65,5 +65,9 @@ generate_profile "modern"
 generate_profile "intermediate"
 generate_profile "old"
 
+# Remove unsupported ciphers from Go's crypto/tls package (Mozilla v5.8 includes these but Go doesn't support them)
+sed -i.bak '/TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384/d; /TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384/d; /TLS_RSA_WITH_AES_256_CBC_SHA256/d' ${OUTPUT}
+rm -f ${OUTPUT}.bak
+
 # Make go happy
 go fmt ${OUTPUT}
diff --git a/internal/shared/util/tlsprofiles/mozilla_data.go b/internal/shared/util/tlsprofiles/mozilla_data.go
index 6b74ade2d8..8c5b49fd6f 100644
--- a/internal/shared/util/tlsprofiles/mozilla_data.go
+++ b/internal/shared/util/tlsprofiles/mozilla_data.go
@@ -1,8 +1,8 @@
 package tlsprofiles
 
 // DO NOT EDIT, GENERATED BY hack/tools/update-tls-profiles.sh
-// DATA SOURCE: https://ssl-config.mozilla.org/guidelines/latest.json
-// DATA VERSION: 5.7
+// DATA SOURCE: https://ssl-config.mozilla.org/guidelines/5.8.json
+// DATA VERSION: 5.8
 
 import (
 	"crypto/tls"
@@ -18,6 +18,7 @@ var modernTLSProfile = tlsProfile{
 	},
 	curves: curveSlice{
 		curveNums: []tls.CurveID{
+			X25519MLKEM768,
 			X25519,
 			prime256v1,
 			secp384r1,
@@ -36,12 +37,13 @@ var intermediateTLSProfile = tlsProfile{
 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
 		},
 	},
 	curves: curveSlice{
 		curveNums: []tls.CurveID{
+			X25519MLKEM768,
 			X25519,
 			prime256v1,
 			secp384r1,
@@ -60,8 +62,8 @@ var oldTLSProfile = tlsProfile{
 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
 			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
@@ -78,6 +80,7 @@ var oldTLSProfile = tlsProfile{
 	},
 	curves: curveSlice{
 		curveNums: []tls.CurveID{
+			X25519MLKEM768,
 			X25519,
 			prime256v1,
 			secp384r1,
diff --git a/internal/shared/util/tlsprofiles/tlsprofiles.go b/internal/shared/util/tlsprofiles/tlsprofiles.go
index bac6586101..b09fd4d125 100644
--- a/internal/shared/util/tlsprofiles/tlsprofiles.go
+++ b/internal/shared/util/tlsprofiles/tlsprofiles.go
@@ -69,17 +69,19 @@ func cipherSuiteId(name string) uint16 {
 
 // This is primarily so that we don't have to rewrite curve values in mozilla_data.go
 const (
-	X25519     tls.CurveID = tls.X25519
-	prime256v1 tls.CurveID = tls.CurveP256
-	secp384r1  tls.CurveID = tls.CurveP384
-	secp521r1  tls.CurveID = tls.CurveP521
+	X25519MLKEM768 tls.CurveID = tls.X25519MLKEM768
+	X25519         tls.CurveID = tls.X25519
+	prime256v1     tls.CurveID = tls.CurveP256
+	secp384r1      tls.CurveID = tls.CurveP384
+	secp521r1      tls.CurveID = tls.CurveP521
 )
 
 var curves = map[string]tls.CurveID{
-	"X25519":     tls.X25519,
-	"prime256v1": tls.CurveP256,
-	"secp384r1":  tls.CurveP384,
-	"secp521r1":  tls.CurveP521,
+	"X25519MLKEM768": tls.X25519MLKEM768,
+	"X25519":         tls.X25519,
+	"prime256v1":     tls.CurveP256,
+	"secp384r1":      tls.CurveP384,
+	"secp521r1":      tls.CurveP521,
 }
 
 // Returns 0 for an invalid curve name