diff options
author | Sam Whited <sam@samwhited.com> | 2015-01-14 12:20:02 -0500 |
---|---|---|
committer | Sam Whited <sam@samwhited.com> | 2015-01-14 13:10:15 -0500 |
commit | 548a585b2c4af9b4c2a98faabb8855fcb260daf2 (patch) | |
tree | afde87c24c6e0d543b30e77c5d347b60e5a45515 /src/main/java/eu/siacs/conversations/Config.java | |
parent | a88824bb1d40f1373b22639815ed673c134f6777 (diff) |
Harden the TLS connection cipher suites
Diffstat (limited to '')
-rw-r--r-- | src/main/java/eu/siacs/conversations/Config.java | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/main/java/eu/siacs/conversations/Config.java b/src/main/java/eu/siacs/conversations/Config.java index 6fe13d932..b269dedf6 100644 --- a/src/main/java/eu/siacs/conversations/Config.java +++ b/src/main/java/eu/siacs/conversations/Config.java @@ -29,6 +29,32 @@ public final class Config { public static final long MAM_MAX_CATCHUP = MILLISECONDS_IN_DAY / 2; public static final int MAM_MAX_MESSAGES = 500; + public static final String ENABLED_CIPHERS[] = { + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA384", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_RSA_AES_128_SHA", + "TLS_ECDHE_RSA_AES_256_SHA", + + "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_DHE_RSA_WITH_AES_128_GCM_SHA384", + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA256", + "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", + + "TLS_DHE_RSA_WITH_CAMELLIA_256_SHA", + + // Fallback. + "TLS_RSA_WITH_AES_128_GCM_SHA256", + "TLS_RSA_WITH_AES_128_GCM_SHA384", + "TLS_RSA_WITH_AES_256_GCM_SHA256", + "TLS_RSA_WITH_AES_256_GCM_SHA384", + "TLS_RSA_WITH_AES_128_CBC_SHA256", + "TLS_RSA_WITH_AES_128_CBC_SHA384", + "TLS_RSA_WITH_AES_256_CBC_SHA256", + "TLS_RSA_WITH_AES_256_CBC_SHA384" + }; + private Config() { } |