Merge pull request #119 from QuickMythril/upgrade-tls

Upgraded to TLSv1.3
1 year ago · 91dfc5efd0
4 changed files with 4 additions and 4 deletions
--- a/src/main/java/org/qortal/api/ApiService.java
+++ b/src/main/java/org/qortal/api/ApiService.java
@ -96,7 +96,7 @@ public class ApiService {
 					throw new RuntimeException("Failed to start SSL API due to broken keystore");

 				// BouncyCastle-specific SSLContext build
-				SSLContext sslContext = SSLContext.getInstance("TLS", "BCJSSE");
+				SSLContext sslContext = SSLContext.getInstance("TLSv1.3", "BCJSSE");
 				KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", "BCJSSE");

 				KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType(), "BC");
--- a/src/main/java/org/qortal/api/DomainMapService.java
+++ b/src/main/java/org/qortal/api/DomainMapService.java
@ -69,7 +69,7 @@ public class DomainMapService {
 					throw new RuntimeException("Failed to start SSL API due to broken keystore");

 				// BouncyCastle-specific SSLContext build
-				SSLContext sslContext = SSLContext.getInstance("TLS", "BCJSSE");
+				SSLContext sslContext = SSLContext.getInstance("TLSv1.3", "BCJSSE");
 				KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", "BCJSSE");

 				KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType(), "BC");
--- a/src/main/java/org/qortal/api/GatewayService.java
+++ b/src/main/java/org/qortal/api/GatewayService.java
@ -69,7 +69,7 @@ public class GatewayService {
 					throw new RuntimeException("Failed to start SSL API due to broken keystore");

 				// BouncyCastle-specific SSLContext build
-				SSLContext sslContext = SSLContext.getInstance("TLS", "BCJSSE");
+				SSLContext sslContext = SSLContext.getInstance("TLSv1.3", "BCJSSE");
 				KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX", "BCJSSE");

 				KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType(), "BC");
--- a/src/main/java/org/qortal/crypto/TrustlessSSLSocketFactory.java
+++ b/src/main/java/org/qortal/crypto/TrustlessSSLSocketFactory.java
@ -28,7 +28,7 @@ public abstract class TrustlessSSLSocketFactory {
 	private static final SSLContext sc;
 	static {
 		try {
-			sc = SSLContext.getInstance("SSL");
+			sc = SSLContext.getInstance("TLSv1.3");
 			sc.init(null, TRUSTLESS_MANAGER, new java.security.SecureRandom());
 		} catch (Exception e) {
 			throw new RuntimeException(e);