From 43d2655ee44935bedfa115442977a34d0f3280c3 Mon Sep 17 00:00:00 2001
From: Andreas Auernhammer <hi@aead.dev>
Date: Tue, 7 Sep 2021 18:57:32 +0200
Subject: [PATCH] tls: add TLS 1.3 ciphers to the list of supported ciphers
 (#13158)

This commit adds the TLS 1.3 ciphers to the list of
supported ciphers. Now, clients can connect to MinIO
using TLS 1.3

Signed-off-by: Andreas Auernhammer <hi@aead.dev>
---
 internal/fips/fips.go    | 2 ++
 internal/fips/no_fips.go | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/internal/fips/fips.go b/internal/fips/fips.go
index fd07cc49f..526c92f1d 100644
--- a/internal/fips/fips.go
+++ b/internal/fips/fips.go
@@ -34,6 +34,8 @@ func cipherSuitesDARE() []byte {
 
 func cipherSuitesTLS() []uint16 {
 	return []uint16{
+		tls.TLS_AES_128_GCM_SHA256,
+		tls.TLS_AES_256_GCM_SHA384,
 		tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
 		tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 		tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
diff --git a/internal/fips/no_fips.go b/internal/fips/no_fips.go
index b874caee7..12b944b01 100644
--- a/internal/fips/no_fips.go
+++ b/internal/fips/no_fips.go
@@ -34,6 +34,9 @@ func cipherSuitesDARE() []byte {
 
 func cipherSuitesTLS() []uint16 {
 	return []uint16{
+		tls.TLS_CHACHA20_POLY1305_SHA256,
+		tls.TLS_AES_128_GCM_SHA256,
+		tls.TLS_AES_256_GCM_SHA384,
 		tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
 		tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
 		tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,