summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-11-14 13:18:12 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-11-14 13:18:12 +0700
commit2dbc9173e214d6e3731b398a42a5b0833c64ff69 (patch)
treeb7399f3ed07fb4e473e97502279511970015685f
parentMisc. cleanup (diff)
downloadBouncyCastle.NET-ed25519-2dbc9173e214d6e3731b398a42a5b0833c64ff69.tar.xz
Mark RSA key exchange cipher suites to be removed from default list
-rw-r--r--crypto/src/tls/DefaultTlsClient.cs2
-rw-r--r--crypto/src/tls/DefaultTlsServer.cs2
2 files changed, 4 insertions, 0 deletions
diff --git a/crypto/src/tls/DefaultTlsClient.cs b/crypto/src/tls/DefaultTlsClient.cs
index 32c99f393..e28128f94 100644
--- a/crypto/src/tls/DefaultTlsClient.cs
+++ b/crypto/src/tls/DefaultTlsClient.cs
@@ -30,6 +30,8 @@ namespace Org.BouncyCastle.Tls
             CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
             CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
             CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+
+            // TODO[api] Remove RSA key exchange cipher suites from default list
             CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
             CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
             CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
diff --git a/crypto/src/tls/DefaultTlsServer.cs b/crypto/src/tls/DefaultTlsServer.cs
index 9e6d40439..38be5fa67 100644
--- a/crypto/src/tls/DefaultTlsServer.cs
+++ b/crypto/src/tls/DefaultTlsServer.cs
@@ -34,6 +34,8 @@ namespace Org.BouncyCastle.Tls
             CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
             CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
             CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+
+            // TODO[api] Remove RSA key exchange cipher suites from default list
             CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384,
             CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
             CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,