diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-11-14 13:18:12 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-11-14 13:18:12 +0700 |
| commit | 2dbc9173e214d6e3731b398a42a5b0833c64ff69 (patch) | |
| tree | b7399f3ed07fb4e473e97502279511970015685f | |
| parent | Misc. cleanup (diff) | |
| download | BouncyCastle.NET-ed25519-2dbc9173e214d6e3731b398a42a5b0833c64ff69.tar.xz | |
Mark RSA key exchange cipher suites to be removed from default list
| -rw-r--r-- | crypto/src/tls/DefaultTlsClient.cs | 2 | ||||
| -rw-r--r-- | crypto/src/tls/DefaultTlsServer.cs | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/crypto/src/tls/DefaultTlsClient.cs b/crypto/src/tls/DefaultTlsClient.cs index 32c99f393..e28128f94 100644 --- a/crypto/src/tls/DefaultTlsClient.cs +++ b/crypto/src/tls/DefaultTlsClient.cs @@ -30,6 +30,8 @@ namespace Org.BouncyCastle.Tls CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + + // TODO[api] Remove RSA key exchange cipher suites from default list CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, diff --git a/crypto/src/tls/DefaultTlsServer.cs b/crypto/src/tls/DefaultTlsServer.cs index 9e6d40439..38be5fa67 100644 --- a/crypto/src/tls/DefaultTlsServer.cs +++ b/crypto/src/tls/DefaultTlsServer.cs @@ -34,6 +34,8 @@ namespace Org.BouncyCastle.Tls CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + + // TODO[api] Remove RSA key exchange cipher suites from default list CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, |