Add missing TLS signature schemes

dcooper16 · dcooper16 · commit 62d032134fbc · 2026-04-13T11:54:03.000-07:00
This commit adds a few TLS signature schemes that were not added to certificate_transparency() in the 3.2 branch.
diff --git a/testssl.sh b/testssl.sh
@@ -9000,9 +9000,13 @@ certificate_transparency() {
           if [[ "$tls_version" == 0304 ]]; then
                ciphers=", 13,01, 13,02, 13,03, 13,04, 13,05, c0,b4, c0,b5"
                if [[ "$cipher" == tls1_3_RSA ]]; then
-                    extra_extns=", 00,0d,00,10,00,0e,08,04,08,05,08,06,04,01,05,01,06,01,02,01"
+                    extra_extns=", 00,0d,00,16,00,14,08,04,08,05,08,06,04,01,05,01,06,01,02,01,08,09,08,0a,08,0b"
                elif [[ "$cipher" == tls1_3_ECDSA ]]; then
                     extra_extns=", 00,0d,00,0a,00,08,04,03,05,03,06,03,02,03"
+               elif [[ "$cipher" == tls1_3_EdDSA ]]; then
+                    extra_extns=", 00,0d,00,06,00,04,08,07,08,08"
+               elif [[ "$cipher" == tls1_3_MLDSA ]]; then
+                    extra_extns=", 00,0d,00,08,00,06,09,04,09,05,09,06"
                else
                     return 1
                fi
