update list of cipher suites

adoroszlai · Apr 29, 2024 · a10a102 · a10a102
1 parent 73f4433
commit a10a102
Showing 1 changed file with 17 additions and 8 deletions.
diff --git a/test/src/main/java/org/apache/ratis/thirdparty/demo/common/SslConfig.java b/test/src/main/java/org/apache/ratis/thirdparty/demo/common/SslConfig.java
@@ -24,15 +24,23 @@
 public class SslConfig {
   // TODO: allow configure cipher suites
   private final List<String> tlsCipherSuitesWithEncryption = Collections.unmodifiableList(Arrays.asList(
+      "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+      "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+      "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+      "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
       "TLS_RSA_WITH_AES_128_GCM_SHA256",
       "TLS_RSA_WITH_AES_128_CBC_SHA",
-      "SSL_RSA_WITH_3DES_EDE_CBC_SHA"));
-
-  // "RSA" in this case refers to the key exchange algorithm,
-  // "SHA" refers to the message digest algorithm to provide integrity
-  // "NULL" is the encryption algorithm, to disable encryption.
-  // TODO: support NULL cipher from tcnative
-  private final List<String> tlsCipherSuitesNoEncryption = Collections.singletonList("TLS_RSA_WITH_AES_128_GCM_SHA256");
+      "TLS_RSA_WITH_AES_256_CBC_SHA",
+      "TLS_AES_128_GCM_SHA256",
+      "TLS_AES_256_GCM_SHA384",
+      "TLS_AES_128_GCM_SHA256",
+      "TLS_AES_256_GCM_SHA384",
+      "TLS_AES_128_GCM_SHA256",
+      "TLS_AES_256_GCM_SHA384",
+      "TLS_CHACHA20_POLY1305_SHA256"
+  ));
 
   private final boolean encryption;
 
@@ -49,7 +57,8 @@ public List<String> getTlsCipherSuitesWithEncryption() {
   }
 
   public List<String> getTlsCipherSuitesNoEncryption() {
-    return tlsCipherSuitesNoEncryption;
+    // TODO define list without encrpytion
+    return tlsCipherSuitesWithEncryption;
   }
 
 }