TLSv1.3 and CNSA 1.0 algorithms have been added to the list of cryptographic requirements all Java SE implementations must support. All cryptographic algorithms that are needed to implement the TLSv1.3 cipher suites and signature mechanisms and that are defined by [RFC 8446](https://www.rfc-editor.org/rfc/rfc8446) as MUST or SHOULD requirements have been added. All algorithms that are required by CNSA 1.0 have also been added. No required algorithms or protocols are being removed at this time.

The following requirements have been added to the Security Algorithm Implementation Requirements section of the Java Security Standard Algorithm Names specification and to the class summary of each of the APIs below.

- AlgorithmParameters
  - ChaCha20-Poly1305
  - EC with secp256r1 or secp384r1 curves
  - RSASSA-PSS with MGF1 mask generation function and SHA-256 or SHA-384 hash algorithm

- Cipher
   - AES/GCM/NoPadding with 256 bit key size
   - ChaCha20-Poly1305

- KeyAgreement
   - ECDH with secp256r1 or secp384r1 curves
   - X25519

- KeyFactory
   - EC
   - RSASSA-PSS
   - X25519

- KeyGenerator
  - AES with 256 bit key size
  - ChaCha20

- KeyPairGenerator
   - DH with 3072 bit key size
   - EC with secp256r1 or secp384r1 curves
   - RSA with 3072 bit key size
   - RSASSA-PSS with 2048, 3072, 4096 bit key sizes
   - X25519

- MessageDigest
   - SHA-384

- Signature
   - RSASSA-PSS with MGF1 mask generation function and SHA-256 or SHA-384 hash algorithm
   - SHA256WithECDSA with secp256r1 curve
   - SHA384WithECDSA with secp384r1 curve
   - SHA384WithRSA

- SSLContext
  - TLSv1.3