wgengine/wgcfg: propagate PQC capability into WG config

Signed-off-by: Adriano Sela Aviles <adriano@tailscale.com>

wgengine/wgcfg/config.go

@@ -23,6 +23,12 @@ type Config struct {
 	DNS        []netip.Addr
 	Peers      []Peer
 
+	// MLKEMEnabled enables the hybrid ML-KEM-768 + Noise_IKpsk2 WireGuard
+	// handshake (FIPS 203).  When true the device uses message types 5/6
+	// instead of the standard types 1/2.  All nodes in the network must
+	// have this set identically.
+	MLKEMEnabled bool
+
 	// NetworkLogging enables network logging.
 	// It is disabled if either ID is the zero value.
 	// LogExitFlowEnabled indicates whether or not exit flows should be logged.
@@ -39,6 +45,7 @@ func (c *Config) Equal(o *Config) bool {
 	}
 	return c.PrivateKey.Equal(o.PrivateKey) &&
 		c.MTU == o.MTU &&
+		c.MLKEMEnabled == o.MLKEMEnabled &&
 		c.NetworkLogging == o.NetworkLogging &&
 		slices.Equal(c.Addresses, o.Addresses) &&
 		slices.Equal(c.DNS, o.DNS) &&

wgengine/wgcfg/nmcfg/nmcfg.go

@@ -53,6 +53,14 @@ func WGCfg(pk key.NodePrivate, nm *netmap.NetworkMap, logf logger.Logf, flags ne
 		Peers:      make([]wgcfg.Peer, 0, len(nm.Peers)),
 	}
 
+	// Enable hybrid ML-KEM-768 handshake when the control plane sets the
+	// NodeAttrPostQuantumCrypto capability on this node.  All nodes in the
+	// tailnet must have this attribute for the network to function; the flag
+	// is network-wide and not per-peer.
+	if nm.SelfNode.Valid() {
+		cfg.MLKEMEnabled = nm.SelfNode.HasCap(tailcfg.NodeAttrPostQuantumCrypto)
+	}
+
 	// Setup log IDs for data plane audit logging.
 	if nm.SelfNode.Valid() {
 		canNetworkLog := nm.SelfNode.HasCap(tailcfg.CapabilityDataPlaneAuditLogs)

wgengine/wgcfg/wgcfg_clone.go

@@ -38,6 +38,7 @@ var _ConfigCloneNeedsRegeneration = Config(struct {
 	MTU            uint16
 	DNS            []netip.Addr
 	Peers          []Peer
+	MLKEMEnabled   bool
 	NetworkLogging struct {
 		NodeID             logid.PrivateID
 		DomainID           logid.PrivateID