From 34226de021dce74cb4e1677c4f4d0f2350fa2253 Mon Sep 17 00:00:00 2001 From: Paulo Gomes Date: Tue, 12 May 2020 16:24:50 +0100 Subject: [PATCH] Add support for TLS 1.3 ciphers. (#90843) --- .../src/k8s.io/component-base/cli/flag/ciphersuites_flag.go | 3 +++ .../k8s.io/component-base/cli/flag/ciphersuites_flag_test.go | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go index 4fecd173296..a84484cf239 100644 --- a/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go +++ b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag.go @@ -48,6 +48,9 @@ var ciphers = map[string]uint16{ "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, + "TLS_AES_128_GCM_SHA256": tls.TLS_AES_128_GCM_SHA256, + "TLS_CHACHA20_POLY1305_SHA256": tls.TLS_CHACHA20_POLY1305_SHA256, + "TLS_AES_256_GCM_SHA384": tls.TLS_AES_256_GCM_SHA384, } func TLSCipherPossibleValues() []string { diff --git a/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go index 4a8c4efebb5..f7fc7ab6c12 100644 --- a/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go +++ b/staging/src/k8s.io/component-base/cli/flag/ciphersuites_flag_test.go @@ -86,7 +86,8 @@ func TestConstantMaps(t *testing.T) { if strings.HasPrefix(declName, "VersionTLS") { discoveredVersions[declName] = true } - if strings.HasPrefix(declName, "TLS_RSA_") || strings.HasPrefix(declName, "TLS_ECDHE_") { + if strings.HasPrefix(declName, "TLS_RSA_") || strings.HasPrefix(declName, "TLS_ECDHE_") || + strings.HasPrefix(declName, "TLS_AES_") || strings.HasPrefix(declName, "TLS_CHACHA20_") { discoveredCiphers[declName] = true } }