Skip to content

Commit 6d09496

Browse files
zz85zz85
authored
Update CloudFront's upstream ECC Preference list (#4301)
- from s2n_ecc_pref_list_20140601 to s2n_ecc_pref_list_20230623 to include X25519 inline with CloudFront's documentation in https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-ciphers-cloudfront-to-origin.html
1 parent dacf2b1 commit 6d09496

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

tls/s2n_security_policies.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -180,31 +180,31 @@ const struct s2n_security_policy security_policy_cloudfront_upstream = {
180180
.cipher_preferences = &cipher_preferences_cloudfront_upstream,
181181
.kem_preferences = &kem_preferences_null,
182182
.signature_preferences = &s2n_signature_preferences_20140601,
183-
.ecc_preferences = &s2n_ecc_preferences_20140601,
183+
.ecc_preferences = &s2n_ecc_preferences_20230623,
184184
};
185185

186186
const struct s2n_security_policy security_policy_cloudfront_upstream_tls10 = {
187187
.minimum_protocol_version = S2N_TLS10,
188188
.cipher_preferences = &cipher_preferences_cloudfront_upstream_tls10,
189189
.kem_preferences = &kem_preferences_null,
190190
.signature_preferences = &s2n_signature_preferences_20140601,
191-
.ecc_preferences = &s2n_ecc_preferences_20140601,
191+
.ecc_preferences = &s2n_ecc_preferences_20230623,
192192
};
193193

194194
const struct s2n_security_policy security_policy_cloudfront_upstream_tls11 = {
195195
.minimum_protocol_version = S2N_TLS11,
196196
.cipher_preferences = &cipher_preferences_cloudfront_upstream_tls11,
197197
.kem_preferences = &kem_preferences_null,
198198
.signature_preferences = &s2n_signature_preferences_20140601,
199-
.ecc_preferences = &s2n_ecc_preferences_20140601,
199+
.ecc_preferences = &s2n_ecc_preferences_20230623,
200200
};
201201

202202
const struct s2n_security_policy security_policy_cloudfront_upstream_tls12 = {
203203
.minimum_protocol_version = S2N_TLS12,
204204
.cipher_preferences = &cipher_preferences_cloudfront_upstream_tls12,
205205
.kem_preferences = &kem_preferences_null,
206206
.signature_preferences = &s2n_signature_preferences_20140601,
207-
.ecc_preferences = &s2n_ecc_preferences_20140601,
207+
.ecc_preferences = &s2n_ecc_preferences_20230623,
208208
};
209209

210210
/* CloudFront viewer facing */

0 commit comments

Comments
 (0)