diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-12-02 17:18:08 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-12-02 17:18:08 +0400 |
commit | c35ead533dc3aee032d2d8e798a2eca6aa1eb18b (patch) | |
tree | 17c9743a16280eb905212648bc4c9381e9a4af42 /core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java | |
parent | 2b4e963048e3a28e9c9b3bdc6b85dff3c97e9d41 (diff) |
Set TLS 1.2 as the default client version and choose a smaller set of
cipher suites to offer by default
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java index 9af7b20f..354b6fd1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java @@ -17,11 +17,9 @@ public abstract class DefaultTlsClient public int[] getCipherSuites() { - return new int[]{CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, - CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA,}; + return new int[] { CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA }; } public TlsKeyExchange getKeyExchange() |