Skip to content

Commit 9a367fe

Browse files
abbraedewata
abbra
authored and
edewata
committed
Add TLS 1.3 ciphers
1 parent 7c93763 commit 9a367fe

File tree

2 files changed

+18
-2
lines changed

2 files changed

+18
-2
lines changed

base/native-tools/src/sslget/sslget.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -587,7 +587,7 @@ client_main(
587587
SSLCipherSuiteInfo info;
588588
SSLVersionRange versions = {
589589
SSL_LIBRARY_VERSION_TLS_1_1,
590-
SSL_LIBRARY_VERSION_TLS_1_2
590+
SSL_LIBRARY_VERSION_TLS_1_3
591591
};
592592
SECStatus status;
593593

base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java

+17-1
Original file line numberDiff line numberDiff line change
@@ -185,7 +185,10 @@ public class CryptoUtil {
185185
SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
186186
SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
187187
SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
188-
SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
188+
SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
189+
SSLSocket.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
190+
SSLSocket.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
191+
SSLSocket.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
189192
};
190193
static public List<Integer> clientECCipherList = new ArrayList<Integer>(Arrays.asList(clientECCiphers));
191194

@@ -953,6 +956,19 @@ public static void setSSLDatagramVersionRange(SSLVersion min, SSLVersion max) th
953956
cipherMap.put("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
954957
SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
955958

959+
// TLSv1_3
960+
cipherMap.put("TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
961+
SSLSocket.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
962+
cipherMap.put("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
963+
SSLSocket.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
964+
cipherMap.put("TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
965+
SSLSocket.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
966+
cipherMap.put("TLS_AES_128_GCM_SHA256",
967+
SSLSocket.TLS_AES_128_GCM_SHA256);
968+
cipherMap.put("TLS_AES_256_GCM_SHA384",
969+
SSLSocket.TLS_AES_256_GCM_SHA384);
970+
cipherMap.put("TLS_CHACHA20_POLY1305_SHA256",
971+
SSLSocket.TLS_CHACHA20_POLY1305_SHA256);
956972
}
957973

958974
public static void setClientCiphers(String list) throws SocketException {

0 commit comments

Comments
 (0)