From 5cd1fa5ab80451f3355de6bed7eabc34643fdfc2 Mon Sep 17 00:00:00 2001 From: Will Childs-Klein Date: Tue, 7 Oct 2025 11:05:37 -0400 Subject: [PATCH 1/4] Update aws-c-io to v0.23.1, aws-lc to v1.61.4, s2n-tls to v1.5.27 --- crt/aws-c-io | 2 +- crt/aws-lc | 2 +- crt/s2n | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crt/aws-c-io b/crt/aws-c-io index 8d7a201d..8906a02c 160000 --- a/crt/aws-c-io +++ b/crt/aws-c-io @@ -1 +1 @@ -Subproject commit 8d7a201d50f932a56b9f52c173d10c39e55a32d0 +Subproject commit 8906a02cb204b0b01cd38c2c2d62d7312dbee50f diff --git a/crt/aws-lc b/crt/aws-lc index 2980c1ba..8ca0b29b 160000 --- a/crt/aws-lc +++ b/crt/aws-lc @@ -1 +1 @@ -Subproject commit 2980c1ba66cba65162c9092e232858125e063ff4 +Subproject commit 8ca0b29b141bb8c7eae06ef324e2091d5648d819 diff --git a/crt/s2n b/crt/s2n index 2d254b0c..30f40f23 160000 --- a/crt/s2n +++ b/crt/s2n @@ -1 +1 @@ -Subproject commit 2d254b0c6d8ebe037730d23097f72a4cbc1f2218 +Subproject commit 30f40f2345a89570ed3c4cee2274942f1ebf85fa From 66e27ee8794817578b4f16eaf65dfdefff8270ae Mon Sep 17 00:00:00 2001 From: Will Childs-Klein Date: Tue, 14 Oct 2025 13:50:17 -0400 Subject: [PATCH 2/4] Add TlsCipherPreference enum entry --- aws-crt-kotlin/api/aws-crt-kotlin.api | 1 + .../common/src/aws/sdk/kotlin/crt/io/TlsCipherPreference.kt | 6 ++++++ .../jvm/src/aws/sdk/kotlin/crt/io/TlsContextJVM.kt | 1 + 3 files changed, 8 insertions(+) diff --git a/aws-crt-kotlin/api/aws-crt-kotlin.api b/aws-crt-kotlin/api/aws-crt-kotlin.api index 52f004ef..f85599d2 100644 --- a/aws-crt-kotlin/api/aws-crt-kotlin.api +++ b/aws-crt-kotlin/api/aws-crt-kotlin.api @@ -821,6 +821,7 @@ public final class aws/sdk/kotlin/crt/io/SocketType : java/lang/Enum { public final class aws/sdk/kotlin/crt/io/TlsCipherPreference : java/lang/Enum { public static final field PQ_DEFAULT Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static final field PQ_TLSV1_2_2024_10 Laws/sdk/kotlin/crt/io/TlsCipherPreference; + public static final field TLSV1_0_2023_06 Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static final field SYSTEM_DEFAULT Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static fun getEntries ()Lkotlin/enums/EnumEntries; public final fun getValue ()I diff --git a/aws-crt-kotlin/common/src/aws/sdk/kotlin/crt/io/TlsCipherPreference.kt b/aws-crt-kotlin/common/src/aws/sdk/kotlin/crt/io/TlsCipherPreference.kt index 82a14220..ee16f204 100644 --- a/aws-crt-kotlin/common/src/aws/sdk/kotlin/crt/io/TlsCipherPreference.kt +++ b/aws-crt-kotlin/common/src/aws/sdk/kotlin/crt/io/TlsCipherPreference.kt @@ -30,6 +30,12 @@ public enum class TlsCipherPreference(public val value: Int) { */ PQ_DEFAULT(8), + /** + * This security policy was the system default before PQ was enabled by default, specifically + * aws-c-io's AWS_IO_TLS_CIPHER_PREF_TLSV1_0_2023_06. + */ + TLSV1_0_2023_06(10), + ; /** diff --git a/aws-crt-kotlin/jvm/src/aws/sdk/kotlin/crt/io/TlsContextJVM.kt b/aws-crt-kotlin/jvm/src/aws/sdk/kotlin/crt/io/TlsContextJVM.kt index 6db61692..005170ac 100644 --- a/aws-crt-kotlin/jvm/src/aws/sdk/kotlin/crt/io/TlsContextJVM.kt +++ b/aws-crt-kotlin/jvm/src/aws/sdk/kotlin/crt/io/TlsContextJVM.kt @@ -29,6 +29,7 @@ internal actual fun isAlpnSupported(): Boolean = TlsContextOptionsJni.isAlpnSupp private fun TlsCipherPreference.into(): TlsCipherPreferenceJni = when (this) { TlsCipherPreference.SYSTEM_DEFAULT -> TlsCipherPreferenceJni.TLS_CIPHER_SYSTEM_DEFAULT + TlsCipherPreference.TLSV1_0_2023_06 -> TlsCipherPreferenceJni.TLS_CIPHER_PREF_TLSv1_0_2023 TlsCipherPreference.PQ_TLSV1_2_2024_10 -> TlsCipherPreferenceJni.TLS_CIPHER_PREF_PQ_TLSv1_2_2023 TlsCipherPreference.PQ_DEFAULT -> TlsCipherPreferenceJni.TLS_CIPHER_PQ_DEFAULT } From 7b4df9aeff94907123a188c84d08a789b03a56cc Mon Sep 17 00:00:00 2001 From: Will Childs-Klein Date: Thu, 16 Oct 2025 15:11:28 -0400 Subject: [PATCH 3/4] Bump aws-crt-java dep version to v0.39.3 --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 1e237d45..761e80fb 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -4,7 +4,7 @@ kotlin-version = "2.2.0" aws-kotlin-repo-tools-version = "0.4.65" # libs -crt-java-version = "0.38.1" +crt-java-version = "0.39.3" coroutines-version = "1.10.2" binary-compatibility-validator-version = "0.18.0" From b8c5a73ca0c4475ff2139ebbc608cf2dddecee6a Mon Sep 17 00:00:00 2001 From: Will Childs-Klein Date: Thu, 16 Oct 2025 18:09:05 -0400 Subject: [PATCH 4/4] Reorder aws-crt-kotlin.api entries --- aws-crt-kotlin/api/aws-crt-kotlin.api | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws-crt-kotlin/api/aws-crt-kotlin.api b/aws-crt-kotlin/api/aws-crt-kotlin.api index f85599d2..c65aba2f 100644 --- a/aws-crt-kotlin/api/aws-crt-kotlin.api +++ b/aws-crt-kotlin/api/aws-crt-kotlin.api @@ -821,8 +821,8 @@ public final class aws/sdk/kotlin/crt/io/SocketType : java/lang/Enum { public final class aws/sdk/kotlin/crt/io/TlsCipherPreference : java/lang/Enum { public static final field PQ_DEFAULT Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static final field PQ_TLSV1_2_2024_10 Laws/sdk/kotlin/crt/io/TlsCipherPreference; - public static final field TLSV1_0_2023_06 Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static final field SYSTEM_DEFAULT Laws/sdk/kotlin/crt/io/TlsCipherPreference; + public static final field TLSV1_0_2023_06 Laws/sdk/kotlin/crt/io/TlsCipherPreference; public static fun getEntries ()Lkotlin/enums/EnumEntries; public final fun getValue ()I public final fun isSupported ()Z