diff --git a/crypto/src/tls/AbstractTlsPeer.cs b/crypto/src/tls/AbstractTlsPeer.cs
index 6d29953ee..4e1b28e58 100644
--- a/crypto/src/tls/AbstractTlsPeer.cs
+++ b/crypto/src/tls/AbstractTlsPeer.cs
@@ -26,8 +26,7 @@ namespace Org.BouncyCastle.Tls
/// <returns>an array of supported <see cref="ProtocolVersion"/> values.</returns>
protected virtual ProtocolVersion[] GetSupportedVersions()
{
- // TODO[tls13] Enable TLSv13 by default in due course
- return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10);
+ return ProtocolVersion.TLSv13.DownTo(ProtocolVersion.TLSv12);
}
protected abstract int[] GetSupportedCipherSuites();
diff --git a/crypto/src/tls/DefaultTlsClient.cs b/crypto/src/tls/DefaultTlsClient.cs
index a2a742633..00827b5e7 100644
--- a/crypto/src/tls/DefaultTlsClient.cs
+++ b/crypto/src/tls/DefaultTlsClient.cs
@@ -10,10 +10,10 @@ namespace Org.BouncyCastle.Tls
private static readonly int[] DefaultCipherSuites = new int[]
{
/*
- * TODO[tls13] TLS 1.3
+ * TLS 1.3
*/
- //CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
- //CipherSuite.TLS_AES_128_GCM_SHA256,
+ CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
+ CipherSuite.TLS_AES_128_GCM_SHA256,
/*
* pre-TLS 1.3
diff --git a/crypto/src/tls/DefaultTlsServer.cs b/crypto/src/tls/DefaultTlsServer.cs
index de8a3f4a0..edab24b71 100644
--- a/crypto/src/tls/DefaultTlsServer.cs
+++ b/crypto/src/tls/DefaultTlsServer.cs
@@ -11,11 +11,11 @@ namespace Org.BouncyCastle.Tls
private static readonly int[] DefaultCipherSuites = new int[]
{
/*
- * TODO[tls13] TLS 1.3
+ * TLS 1.3
*/
- //CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
- //CipherSuite.TLS_AES_256_GCM_SHA384,
- //CipherSuite.TLS_AES_128_GCM_SHA256,
+ CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
+ CipherSuite.TLS_AES_256_GCM_SHA384,
+ CipherSuite.TLS_AES_128_GCM_SHA256,
/*
* pre-TLS 1.3
diff --git a/crypto/src/tls/PskTlsClient.cs b/crypto/src/tls/PskTlsClient.cs
index 3e9a00390..c475be63b 100644
--- a/crypto/src/tls/PskTlsClient.cs
+++ b/crypto/src/tls/PskTlsClient.cs
@@ -34,7 +34,7 @@ namespace Org.BouncyCastle.Tls
protected override ProtocolVersion[] GetSupportedVersions()
{
- return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10);
+ return ProtocolVersion.TLSv12.Only();
}
protected override int[] GetSupportedCipherSuites()
diff --git a/crypto/src/tls/PskTlsServer.cs b/crypto/src/tls/PskTlsServer.cs
index 7197b6ad8..968cd5ce3 100644
--- a/crypto/src/tls/PskTlsServer.cs
+++ b/crypto/src/tls/PskTlsServer.cs
@@ -40,7 +40,7 @@ namespace Org.BouncyCastle.Tls
protected override ProtocolVersion[] GetSupportedVersions()
{
- return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10);
+ return ProtocolVersion.TLSv12.Only();
}
protected override int[] GetSupportedCipherSuites()
diff --git a/crypto/src/tls/SrpTlsClient.cs b/crypto/src/tls/SrpTlsClient.cs
index a2b0e9461..f6f6472bc 100644
--- a/crypto/src/tls/SrpTlsClient.cs
+++ b/crypto/src/tls/SrpTlsClient.cs
@@ -34,7 +34,7 @@ namespace Org.BouncyCastle.Tls
protected override ProtocolVersion[] GetSupportedVersions()
{
- return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10);
+ return ProtocolVersion.TLSv12.Only();
}
protected virtual bool RequireSrpServerExtension
diff --git a/crypto/src/tls/SrpTlsServer.cs b/crypto/src/tls/SrpTlsServer.cs
index 58f89ee22..1e2f09e03 100644
--- a/crypto/src/tls/SrpTlsServer.cs
+++ b/crypto/src/tls/SrpTlsServer.cs
@@ -44,7 +44,7 @@ namespace Org.BouncyCastle.Tls
protected override ProtocolVersion[] GetSupportedVersions()
{
- return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10);
+ return ProtocolVersion.TLSv12.Only();
}
protected override int[] GetSupportedCipherSuites()
|
