diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-07-02 13:59:57 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-07-03 15:14:05 +0200 |
commit | aca94cc460b2fbfaf51712a7b9d492f8dc181bd1 (patch) | |
tree | b4802d9d36d7f9e226358fabf54573053c42fcab /security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java | |
parent | ead6d2f4a592be23e790740a4a1d41bb42eef65b (diff) |
Move constants from DefaultTlsContext to TlsContext
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java index b315dd00b31..253331ee9c6 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java @@ -4,6 +4,8 @@ package com.yahoo.security.tls; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLParameters; +import java.util.Arrays; +import java.util.List; /** * A simplified version of {@link SSLContext} modelled as an interface. @@ -12,6 +14,19 @@ import javax.net.ssl.SSLParameters; */ public interface TlsContext extends AutoCloseable { + List<String> ALLOWED_CIPHER_SUITES = Arrays.asList( + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_AES_128_GCM_SHA256", // TLSv1.3 + "TLS_AES_256_GCM_SHA384", // TLSv1.3 + "TLS_CHACHA20_POLY1305_SHA256"); // TLSv1.3 + + List<String> ALLOWED_PROTOCOLS = List.of("TLSv1.2"); // TODO Enable TLSv1.3 + SSLContext context(); SSLParameters parameters(); |