mirror of
https://github.com/minio/minio.git
synced 2025-10-31 08:11:19 +01:00
43d2655ee4
This commit adds the TLS 1.3 ciphers to the list of supported ciphers. Now, clients can connect to MinIO using TLS 1.3 Signed-off-by: Andreas Auernhammer <hi@aead.dev>
52 lines
1.5 KiB
Go
52 lines
1.5 KiB
Go
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
//
|
|
// This file is part of MinIO Object Storage stack
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
//go:build !fips
|
|
// +build !fips
|
|
|
|
package fips
|
|
|
|
import (
|
|
"crypto/tls"
|
|
|
|
"github.com/minio/sio"
|
|
)
|
|
|
|
const enabled = false
|
|
|
|
func cipherSuitesDARE() []byte {
|
|
return []byte{sio.AES_256_GCM, sio.CHACHA20_POLY1305}
|
|
}
|
|
|
|
func cipherSuitesTLS() []uint16 {
|
|
return []uint16{
|
|
tls.TLS_CHACHA20_POLY1305_SHA256,
|
|
tls.TLS_AES_128_GCM_SHA256,
|
|
tls.TLS_AES_256_GCM_SHA384,
|
|
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
|
|
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
|
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
|
}
|
|
}
|
|
|
|
func ellipticCurvesTLS() []tls.CurveID {
|
|
return []tls.CurveID{tls.X25519, tls.CurveP256}
|
|
}
|