Add TLSv1.3 cipher suites to whitelist

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-01-23 11:28:11 +0100
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2019-01-23 16:33:56 +0100
commit: 6b450ba5b8b4f1f2a820e44e4c0f71745f363dd9 (patch)
tree: f4dbed62ba70527fb187e1c90118ea15f0bad952 /security-utils
parent: edc85076899bf84201a268ff00b362cd3caa70aa (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java
index f2ae1dd0d38..3f729d76ceb 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java
@@ -28,7 +28,10 @@ public class DefaultTlsContext implements TlsContext {
             "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
             "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
             "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_AES_128_GCM_SHA256", // TLSv1.3
+            "TLS_AES_256_GCM_SHA384", // TLSv1.3
+            "TLS_CHACHA20_POLY1305_SHA256"); // TLSv1.3
 
     private static final Logger log = Logger.getLogger(DefaultTlsContext.class.getName());
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-01-23 11:28:11 +0100
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2019-01-23 16:33:56 +0100
commit	6b450ba5b8b4f1f2a820e44e4c0f71745f363dd9 (patch)
tree	f4dbed62ba70527fb187e1c90118ea15f0bad952 /security-utils
parent	edc85076899bf84201a268ff00b362cd3caa70aa (diff)