feat(tls): add key_exchange field to expose negotiated key exchange group

[usernametooshort]

Closes #935

What

Adds a new key_exchange field to the JSON output that reports the negotiated key exchange group after the TLS handshake (e.g. X25519, X25519MLKEM768, CurveP256).

Why

In TLS 1.3 the cipher suite name no longer encodes the key agreement mechanism — both X25519 (classical) and X25519MLKEM768 (post-quantum) report the same TLS_AES_128_GCM_SHA256. The CurveID field in Go’s ConnectionState (populated from Go 1.24+) is the only way to tell them apart.

This matters for:

• Auditing post-quantum readiness (FIPS 203 / ML-KEM already deployed by Chrome + Cloudflare as X25519MLKEM768, CurveID 4588)
• Detecting servers that still use older curves (CurveP256 only)
• General TLS configuration auditing beyond cipher suites

Example output

{
  "host": "cloudflare.com",
  "tls_version": "tls13",
  "cipher": "TLS_AES_128_GCM_SHA256",
  "key_exchange": "X25519MLKEM768"
}

Implementation

• clients/clients.go: adds KeyExchange string \json:"key_exchange,omitempty"`toResponse`
• pkg/tlsx/tls/tls.go (ctls): reads connectionState.CurveID and calls .String() after the handshake

ztls (zcrypto) does not expose the selected key exchange group in its ServerHello log structure and is TLS 1.2-only — left unchanged.

Summary by CodeRabbit

Release Notes

• New Features
  • Added TLS key-exchange group reporting to scan results. The negotiated key-exchange information is now captured and included in TLS analysis output, providing additional details about the TLS handshake.

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Incremental changes contain only minor test file refactoring (7 insertions, 11 deletions)
• No production code changes—all modifications are in test setup code for httptest servers
• Scanner results clean: 0 secrets, 0 semgrep findings, 0 ast-grep issues

_{Comment @pdneo help for available commands. · Open in Neo}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7d29d304-035e-4cfb-84fb-3f501c690f26

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

A new KeyExchange field is added to the TLS response structure to expose the negotiated key exchange group (curve) from Go 1.24+ ConnectionState.CurveID. The implementation reads the curve ID during handshake processing and populates the response object with a string representation of the negotiated curve.

Changes

Cohort / File(s)	Summary
Response Struct Definition pkg/tlsx/clients/clients.go	Adds new exported field KeyExchange to Response struct with JSON tag key_exchange,omitempty to hold the negotiated TLS curve group.
TLS Handshake Processing pkg/tlsx/tls/tls.go	Reads ConnectionState.CurveID after TLS handshake, derives string representation of the key exchange group, and assigns it to Response.KeyExchange field.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A new field hops into view,
Key exchange curves now shine through,
Post-quantum dreams and curves so bright,
TLS audits now see the light! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and concisely describes the primary change: adding a key_exchange field to expose the negotiated TLS key exchange group.
Linked Issues check	✅ Passed	The pull request implements all coding requirements from issue #935: adding KeyExchange field to Response struct and reading CurveID in the ctls client to populate the field.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to implementing the key_exchange field feature; no unrelated modifications are present in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Mzack9999]

Thanks for the contribution — the feature itself is solid and we'd like to merge it.

However, there are a couple of issues that need to be addressed:

1. Go version compatibility: ConnectionState.CurveID requires Go 1.25+, but the CI workflows and go.mod currently target Go 1.24.x. The PR needs to also bump the Go version to 1.25 in:

   • go.mod
   • .github/workflows/build-test.yml
   • .github/workflows/lint-test.yml
   • .github/workflows/release-test.yml
   • .github/workflows/release-binary.yml
   • README.md (install requirements section)

2. CI checks are failing: All build and lint checks fail with connectionState.CurveID undefined (type "crypto/tls".ConnectionState has no field or method CurveID) because of the Go version mismatch above.

Please update the Go version references and ensure CI passes. Once that's done we'll merge.