Skip to content

Commit cd0dc4d

Browse files
diegomarquezpdiegomarquezp
committed
fix: simplify grpc server setup
1 parent b08be58 commit cd0dc4d

1 file changed

Lines changed: 3 additions & 2 deletions

File tree

pqc-test/pqc-test-common/src/main/java/com/google/api/gax/pqc/PqcTestServer.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
import com.sun.net.httpserver.HttpsServer;
3535
import io.grpc.Server;
3636
import io.grpc.netty.NettyServerBuilder;
37+
import io.netty.handler.ssl.OpenSslContextOption;
3738
import java.io.InputStream;
3839
import java.io.OutputStream;
3940
import java.net.InetSocketAddress;
@@ -174,15 +175,15 @@ public void configure(HttpsParameters params) {
174175
// 12. Initialize netty SSL Context builder to establish gRPC server channel secure layers.
175176
// Bind the builder explicitly to Bouncy Castle JSSE provider context.
176177
io.netty.handler.ssl.SslContextBuilder nettySslContextBuilder =
177-
io.netty.handler.ssl.SslContextBuilder.forServer(kmf).sslContextProvider(bcProvider);
178+
io.netty.handler.ssl.SslContextBuilder.forServer(kmf);
178179

179180
// 14. Finalize compiling standard Netty SSL configurations.
180181
// Force Netty to execute handshakes utilizing the standard JRE (JDK) SSL Provider
181182
// so Bouncy Castle JJSSE (registered in the provider context) manages the secure pipelines.
182183
io.netty.handler.ssl.SslContext nettySslContext =
183184
io.grpc.netty.GrpcSslContexts.configure(
184185
nettySslContextBuilder, io.netty.handler.ssl.SslProvider.JDK)
185-
.protocols("TLSv1.3") // Force TLSv1.3 protocols
186+
.option(OpenSslContextOption.GROUPS, new String[] { "X25519MLKEM768" })
186187
.build();
187188

188189
// 15. Build a raw gRPC method descriptor to mock a unary SayHello endpoint.

0 commit comments

Comments
 (0)