| author | wetmore |
| Fri, 11 May 2018 15:53:12 -0700 | |
| branch | JDK-8145252-TLS13-branch |
| changeset 56542 | 56aaa6cb3693 |
| parent 47216 | 71c04702a3d5 |
| child 56564 | 30fa0266d3e6 |
| permissions | -rw-r--r-- |
| 2 | 1 |
/* |
| 56542 | 2 |
* Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved. |
| 2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
| 5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
| 2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
| 5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
| 2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
| 5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
| 2 | 24 |
*/ |
25 |
||
26 |
package sun.security.ssl; |
|
27 |
||
| 56542 | 28 |
import java.util.ArrayList; |
29 |
import java.util.Arrays; |
|
30 |
import java.util.Collection; |
|
31 |
import java.util.Collections; |
|
32 |
import java.util.LinkedList; |
|
33 |
import java.util.List; |
|
34 |
import static sun.security.ssl.CipherSuite.HashAlg.*; |
|
35 |
import static sun.security.ssl.CipherSuite.KeyExchange.*; |
|
36 |
import static sun.security.ssl.CipherSuite.MacAlg.*; |
|
37 |
import static sun.security.ssl.SSLCipher.*; |
|
38 |
import sun.security.ssl.SupportedGroupsExtension.NamedGroupType; |
|
39 |
import static sun.security.ssl.SupportedGroupsExtension.NamedGroupType.*; |
|
40 |
||
41 |
enum CipherSuite {
|
|
42 |
// |
|
43 |
// in preference order |
|
44 |
// |
|
45 |
||
46 |
// Definition of the CipherSuites that are enabled by default. |
|
47 |
// |
|
48 |
// They are listed in preference order, most preferred first, using |
|
49 |
// the following criteria: |
|
50 |
// 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be |
|
51 |
// changed later, see below). |
|
52 |
// 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM), |
|
53 |
// AES_128(GCM), AES_256, AES_128, 3DES-EDE. |
|
54 |
// 3. Prefer the stronger MAC algorithm, in the order of SHA384, |
|
55 |
// SHA256, SHA, MD5. |
|
56 |
// 4. Prefer the better performance of key exchange and digital |
|
57 |
// signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
|
58 |
// RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS. |
|
59 |
||
60 |
TLS_AES_128_GCM_SHA256( |
|
61 |
0x1301, true, "TLS_AES_128_GCM_SHA256", |
|
62 |
ProtocolVersion.PROTOCOLS_OF_13, B_AES_128_GCM_IV, H_SHA256), |
|
63 |
TLS_AES_256_GCM_SHA384( |
|
64 |
0x1302, true, "TLS_AES_256_GCM_SHA384", |
|
65 |
ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384), |
|
66 |
||
67 |
// Suite B compliant cipher suites, see RFC 6460. |
|
68 |
// |
|
69 |
// Note that, at present this provider is not Suite B compliant. The |
|
70 |
// preference order of the GCM cipher suites does not follow the spec |
|
71 |
// of RFC 6460. In this section, only two cipher suites are listed |
|
72 |
// so that applications can make use of Suite-B compliant cipher |
|
73 |
// suite firstly. |
|
74 |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384( |
|
75 |
0xC02C, true, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "", |
|
76 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
77 |
K_ECDHE_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
78 |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256( |
|
79 |
0xC02B, true, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "", |
|
80 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
81 |
K_ECDHE_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
82 |
||
83 |
// AES_256(GCM) |
|
84 |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384( |
|
85 |
0xC030, true, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "", |
|
86 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
87 |
K_ECDHE_RSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
88 |
TLS_RSA_WITH_AES_256_GCM_SHA384( |
|
89 |
0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "", |
|
90 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
91 |
K_RSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
92 |
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384( |
|
93 |
0xC02E, true, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "", |
|
94 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
95 |
K_ECDH_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
96 |
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384( |
|
97 |
0xC032, true, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "", |
|
98 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
99 |
K_ECDH_RSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
100 |
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384( |
|
101 |
0x009F, true, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "", |
|
102 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
103 |
K_DHE_RSA, B_AES_256_GCM, M_NULL, H_SHA384), |
|
104 |
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384( |
|
105 |
0x00A3, true, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "", |
|
106 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
107 |
K_DHE_DSS, B_AES_256_GCM, M_NULL, H_SHA384), |
|
| 2 | 108 |
|
| 56542 | 109 |
// AES_128(GCM) |
110 |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256( |
|
111 |
0xC02F, true, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "", |
|
112 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
113 |
K_ECDHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
114 |
TLS_RSA_WITH_AES_128_GCM_SHA256( |
|
115 |
0x009C, true, "TLS_RSA_WITH_AES_128_GCM_SHA256", "", |
|
116 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
117 |
K_RSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
118 |
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256( |
|
119 |
0xC02D, true, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "", |
|
120 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
121 |
K_ECDH_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
122 |
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256( |
|
123 |
0xC031, true, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "", |
|
124 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
125 |
K_ECDH_RSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
126 |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256( |
|
127 |
0x009E, true, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "", |
|
128 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
129 |
K_DHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256), |
|
130 |
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256( |
|
131 |
0x00A2, true, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "", |
|
132 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
133 |
K_DHE_DSS, B_AES_128_GCM, M_NULL, H_SHA256), |
|
134 |
||
135 |
// AES_256(CBC) |
|
136 |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384( |
|
137 |
0xC024, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "", |
|
138 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
139 |
K_ECDHE_ECDSA, B_AES_256, M_SHA384, H_SHA384), |
|
140 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384( |
|
141 |
0xC028, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "", |
|
142 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
143 |
K_ECDHE_RSA, B_AES_256, M_SHA384, H_SHA384), |
|
144 |
TLS_RSA_WITH_AES_256_CBC_SHA256( |
|
145 |
0x003D, true, "TLS_RSA_WITH_AES_256_CBC_SHA256", "", |
|
146 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
147 |
K_RSA, B_AES_256, M_SHA384, H_SHA384), |
|
148 |
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384( |
|
149 |
0xC026, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "", |
|
150 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
151 |
K_ECDH_ECDSA, B_AES_256, M_SHA384, H_SHA384), |
|
152 |
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384( |
|
153 |
0xC02A, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "", |
|
154 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
155 |
K_ECDH_RSA, B_AES_256, M_SHA384, H_SHA384), |
|
156 |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256( |
|
157 |
0x006B, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", "", |
|
158 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
159 |
K_DHE_RSA, B_AES_256, M_SHA384, H_SHA256), |
|
160 |
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256( |
|
161 |
0x006A, true, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", "", |
|
162 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
163 |
K_DHE_DSS, B_AES_256, M_SHA384, H_SHA256), |
|
164 |
||
165 |
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA( |
|
166 |
0xC00A, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "", |
|
167 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
168 |
K_ECDHE_ECDSA, B_AES_256, M_SHA, H_SHA256), |
|
169 |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA( |
|
170 |
0xC014, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "", |
|
171 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
172 |
K_ECDHE_RSA, B_AES_256, M_SHA, H_SHA256), |
|
173 |
TLS_RSA_WITH_AES_256_CBC_SHA( |
|
174 |
0x0035, true, "TLS_RSA_WITH_AES_256_CBC_SHA", "", |
|
175 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
176 |
K_RSA, B_AES_256, M_SHA, H_SHA256), |
|
177 |
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA( |
|
178 |
0xC005, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "", |
|
179 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
180 |
K_ECDH_ECDSA, B_AES_256, M_SHA, H_SHA256), |
|
181 |
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA( |
|
182 |
0xC00F, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "", |
|
183 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
184 |
K_ECDH_RSA, B_AES_256, M_SHA, H_SHA256), |
|
185 |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA( |
|
186 |
0x0039, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "", |
|
187 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
188 |
K_DHE_RSA, B_AES_256, M_SHA, H_SHA256), |
|
189 |
TLS_DHE_DSS_WITH_AES_256_CBC_SHA( |
|
190 |
0x0038, true, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "", |
|
191 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
192 |
K_DHE_DSS, B_AES_256, M_SHA, H_SHA256), |
|
| 2 | 193 |
|
| 56542 | 194 |
// AES_128(CBC) |
195 |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256( |
|
196 |
0xC023, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "", |
|
197 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
198 |
K_ECDHE_ECDSA, B_AES_128, M_SHA256, H_SHA256), |
|
199 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256( |
|
200 |
0xC027, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "", |
|
201 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
202 |
K_ECDHE_RSA, B_AES_128, M_SHA256, H_SHA256), |
|
203 |
TLS_RSA_WITH_AES_128_CBC_SHA256( |
|
204 |
0x003C, true, "TLS_RSA_WITH_AES_128_CBC_SHA256", "", |
|
205 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
206 |
K_RSA, B_AES_128, M_SHA256, H_SHA256), |
|
207 |
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256( |
|
208 |
0xC025, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "", |
|
209 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
210 |
K_ECDH_ECDSA, B_AES_128, M_SHA256, H_SHA256), |
|
211 |
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256( |
|
212 |
0xC029, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "", |
|
213 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
214 |
K_ECDH_RSA, B_AES_128, M_SHA256, H_SHA256), |
|
215 |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256( |
|
216 |
0x0067, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "", |
|
217 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
218 |
K_DHE_RSA, B_AES_128, M_SHA256, H_SHA256), |
|
219 |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256( |
|
220 |
0x0040, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "", |
|
221 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
222 |
K_DHE_DSS, B_AES_128, M_SHA256, H_SHA256), |
|
223 |
||
224 |
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA( |
|
225 |
0xC009, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "", |
|
226 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
227 |
K_ECDHE_ECDSA, B_AES_128, M_SHA, H_SHA256), |
|
228 |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA( |
|
229 |
0xC013, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "", |
|
230 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
231 |
K_ECDHE_RSA, B_AES_128, M_SHA, H_SHA256), |
|
232 |
TLS_RSA_WITH_AES_128_CBC_SHA( |
|
233 |
0x002F, true, "TLS_RSA_WITH_AES_128_CBC_SHA", "", |
|
234 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
235 |
K_RSA, B_AES_128, M_SHA, H_SHA256), |
|
236 |
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA( |
|
237 |
0xC004, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "", |
|
238 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
239 |
K_ECDH_ECDSA, B_AES_128, M_SHA, H_SHA256), |
|
240 |
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA( |
|
241 |
0xC00E, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "", |
|
242 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
243 |
K_ECDH_RSA, B_AES_128, M_SHA, H_SHA256), |
|
244 |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA( |
|
245 |
0x0033, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "", |
|
246 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
247 |
K_DHE_RSA, B_AES_128, M_SHA, H_SHA256), |
|
248 |
TLS_DHE_DSS_WITH_AES_128_CBC_SHA( |
|
249 |
0x0032, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "", |
|
250 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
251 |
K_DHE_DSS, B_AES_128, M_SHA, H_SHA256), |
|
252 |
||
253 |
// 3DES_EDE |
|
254 |
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA( |
|
255 |
0xC008, true, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "", |
|
256 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
257 |
K_ECDHE_ECDSA, B_3DES, M_SHA, H_SHA256), |
|
258 |
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA( |
|
259 |
0xC012, true, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "", |
|
260 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
261 |
K_ECDHE_RSA, B_3DES, M_SHA, H_SHA256), |
|
262 |
SSL_RSA_WITH_3DES_EDE_CBC_SHA( |
|
263 |
0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "", |
|
264 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
265 |
K_RSA, B_3DES, M_SHA, H_SHA256), |
|
266 |
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA( |
|
267 |
0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "", |
|
268 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
269 |
K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256), |
|
270 |
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA( |
|
271 |
0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "", |
|
272 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
273 |
K_ECDH_RSA, B_3DES, M_SHA, H_SHA256), |
|
274 |
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA( |
|
275 |
0x0016, true, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "", |
|
276 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
277 |
K_DHE_RSA, B_3DES, M_SHA, H_SHA256), |
|
278 |
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA( |
|
279 |
0x0013, true, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "", |
|
280 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
281 |
K_DHE_DSS, B_3DES, M_SHA, H_SHA256), |
|
282 |
||
283 |
// Renegotiation protection request Signalling Cipher Suite Value (SCSV). |
|
284 |
TLS_EMPTY_RENEGOTIATION_INFO_SCSV( // RFC 5746, TLS 1.2 and prior |
|
285 |
0x00FF, true, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", "", |
|
286 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
287 |
K_SCSV, B_NULL, M_NULL, H_NONE), |
|
| 2 | 288 |
|
| 56542 | 289 |
// Definition of the CipherSuites that are supported but not enabled |
290 |
// by default. |
|
291 |
// They are listed in preference order, preferred first, using the |
|
292 |
// following criteria: |
|
293 |
// 1. CipherSuites for KRB5 need additional KRB5 service |
|
294 |
// configuration, and these suites are not common in practice, |
|
295 |
// so we put KRB5 based cipher suites at the end of the supported |
|
296 |
// list. |
|
297 |
// 2. If a cipher suite has been obsoleted, we put it at the end of |
|
298 |
// the list. |
|
299 |
// 3. Prefer the stronger bulk cipher, in the order of AES_256, |
|
300 |
// AES_128, 3DES-EDE, RC-4, DES, DES40, RC4_40, NULL. |
|
301 |
// 4. Prefer the stronger MAC algorithm, in the order of SHA384, |
|
302 |
// SHA256, SHA, MD5. |
|
303 |
// 5. Prefer the better performance of key exchange and digital |
|
304 |
// signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, |
|
305 |
// RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS, anonymous. |
|
306 |
TLS_DH_anon_WITH_AES_256_GCM_SHA384( |
|
307 |
0x00A7, false, "TLS_DH_anon_WITH_AES_256_GCM_SHA384", "", |
|
308 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
309 |
K_DH_ANON, B_AES_256_GCM, M_NULL, H_SHA384), |
|
310 |
TLS_DH_anon_WITH_AES_128_GCM_SHA256( |
|
311 |
0x00A6, false, "TLS_DH_anon_WITH_AES_128_GCM_SHA256", "", |
|
312 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
313 |
K_DH_ANON, B_AES_128_GCM, M_NULL, H_SHA256), |
|
314 |
TLS_DH_anon_WITH_AES_256_CBC_SHA256( |
|
315 |
0x006D, false, "TLS_DH_anon_WITH_AES_256_CBC_SHA256", "", |
|
316 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
317 |
K_DH_ANON, B_AES_256, M_SHA256, H_SHA256), |
|
318 |
TLS_ECDH_anon_WITH_AES_256_CBC_SHA( |
|
319 |
0xC019, false, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", "", |
|
320 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
321 |
K_ECDH_ANON, B_AES_256, M_SHA, H_SHA256), |
|
322 |
TLS_DH_anon_WITH_AES_256_CBC_SHA( |
|
323 |
0x003A, false, "TLS_DH_anon_WITH_AES_256_CBC_SHA", "", |
|
324 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
325 |
K_DH_ANON, B_AES_256, M_SHA, H_SHA256), |
|
326 |
TLS_DH_anon_WITH_AES_128_CBC_SHA256( |
|
327 |
0x006C, false, "TLS_DH_anon_WITH_AES_128_CBC_SHA256", "", |
|
328 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
329 |
K_DH_ANON, B_AES_128, M_SHA256, H_SHA256), |
|
330 |
TLS_ECDH_anon_WITH_AES_128_CBC_SHA( |
|
331 |
0xC018, false, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", "", |
|
332 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
333 |
K_ECDH_ANON, B_AES_128, M_SHA, H_SHA256), |
|
334 |
TLS_DH_anon_WITH_AES_128_CBC_SHA( |
|
335 |
0x0034, false, "TLS_DH_anon_WITH_AES_128_CBC_SHA", "", |
|
336 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
337 |
K_DH_ANON, B_AES_128, M_SHA, H_SHA256), |
|
338 |
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA( |
|
339 |
0xC017, false, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", "", |
|
340 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
341 |
K_ECDH_ANON, B_3DES, M_SHA, H_SHA256), |
|
342 |
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA( |
|
343 |
0x001B, false, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "", |
|
344 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
345 |
K_DH_ANON, B_3DES, M_SHA, H_SHA256), |
|
346 |
||
347 |
// RC-4 |
|
348 |
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA( |
|
349 |
0xC007, false, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", "", |
|
350 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
351 |
K_ECDHE_ECDSA, B_RC4_128, M_SHA, H_SHA256), |
|
352 |
TLS_ECDHE_RSA_WITH_RC4_128_SHA( |
|
353 |
0xC011, false, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", "", |
|
354 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
355 |
K_ECDHE_RSA, B_RC4_128, M_SHA, H_SHA256), |
|
356 |
SSL_RSA_WITH_RC4_128_SHA( |
|
357 |
0x0005, false, "SSL_RSA_WITH_RC4_128_SHA", "", |
|
358 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
359 |
K_RSA, B_RC4_128, M_SHA, H_SHA256), |
|
360 |
TLS_ECDH_ECDSA_WITH_RC4_128_SHA( |
|
361 |
0xC002, false, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", "", |
|
362 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
363 |
K_ECDH_ECDSA, B_RC4_128, M_SHA, H_SHA256), |
|
364 |
TLS_ECDH_RSA_WITH_RC4_128_SHA( |
|
365 |
0xC00C, false, "TLS_ECDH_RSA_WITH_RC4_128_SHA", "", |
|
366 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
367 |
K_ECDH_RSA, B_RC4_128, M_SHA, H_SHA256), |
|
368 |
SSL_RSA_WITH_RC4_128_MD5( |
|
369 |
0x0004, false, "SSL_RSA_WITH_RC4_128_MD5", "", |
|
370 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
371 |
K_RSA, B_RC4_128, M_MD5, H_SHA256), |
|
372 |
TLS_ECDH_anon_WITH_RC4_128_SHA( |
|
373 |
0xC016, false, "TLS_ECDH_anon_WITH_RC4_128_SHA", "", |
|
374 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
375 |
K_ECDH_ANON, B_RC4_128, M_SHA, H_SHA256), |
|
376 |
SSL_DH_anon_WITH_RC4_128_MD5( |
|
377 |
0x0018, false, "SSL_DH_anon_WITH_RC4_128_MD5", "", |
|
378 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
379 |
K_DH_ANON, B_RC4_128, M_MD5, H_SHA256), |
|
380 |
||
381 |
// weak cipher suites obsoleted in TLS 1.2 |
|
382 |
SSL_RSA_WITH_DES_CBC_SHA( |
|
383 |
0x0009, false, "SSL_RSA_WITH_DES_CBC_SHA", "", |
|
384 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
385 |
K_RSA, B_DES, M_SHA, H_NONE), |
|
386 |
SSL_DHE_RSA_WITH_DES_CBC_SHA( |
|
387 |
0x0015, false, "SSL_DHE_RSA_WITH_DES_CBC_SHA", "", |
|
388 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
389 |
K_DHE_RSA, B_DES, M_SHA, H_NONE), |
|
390 |
SSL_DHE_DSS_WITH_DES_CBC_SHA( |
|
391 |
0x0012, false, "SSL_DHE_DSS_WITH_DES_CBC_SHA", "", |
|
392 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
393 |
K_DHE_DSS, B_DES, M_SHA, H_NONE), |
|
394 |
SSL_DH_anon_WITH_DES_CBC_SHA( |
|
395 |
0x001A, false, "SSL_DH_anon_WITH_DES_CBC_SHA", "", |
|
396 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
397 |
K_DH_ANON, B_DES, M_SHA, H_NONE), |
|
| 2 | 398 |
|
| 56542 | 399 |
// weak cipher suites obsoleted in TLS 1.1 |
400 |
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA( |
|
401 |
0x0008, false, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "", |
|
402 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
403 |
K_RSA_EXPORT, B_DES_40, M_SHA, H_NONE), |
|
404 |
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA( |
|
405 |
0x0014, false, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "", |
|
406 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
407 |
K_DHE_RSA_EXPORT, B_DES_40, M_SHA, H_NONE), |
|
408 |
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA( |
|
409 |
0x0011, false, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", "", |
|
410 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
411 |
K_DHE_DSS_EXPORT, B_DES_40, M_SHA, H_NONE), |
|
412 |
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA( |
|
413 |
0x0019, false, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "", |
|
414 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
415 |
K_DH_ANON_EXPORT, B_DES_40, M_SHA, H_NONE), |
|
416 |
SSL_RSA_EXPORT_WITH_RC4_40_MD5( |
|
417 |
0x0003, false, "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "", |
|
418 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
419 |
K_RSA_EXPORT, B_DES_40, M_MD5, H_NONE), |
|
420 |
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5( |
|
421 |
0x0017, false, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "", |
|
422 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
423 |
K_DH_ANON, B_DES_40, M_MD5, H_NONE), |
|
424 |
||
425 |
// no traffic encryption cipher suites |
|
426 |
TLS_RSA_WITH_NULL_SHA256( |
|
427 |
0x003B, false, "TLS_RSA_WITH_NULL_SHA256", "", |
|
428 |
ProtocolVersion.PROTOCOLS_OF_12, |
|
429 |
K_RSA, B_NULL, M_SHA256, H_SHA256), |
|
430 |
TLS_ECDHE_ECDSA_WITH_NULL_SHA( |
|
431 |
0xC006, false, "TLS_ECDHE_ECDSA_WITH_NULL_SHA", "", |
|
432 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
433 |
K_ECDHE_ECDSA, B_NULL, M_SHA, H_SHA256), |
|
434 |
TLS_ECDHE_RSA_WITH_NULL_SHA( |
|
435 |
0xC010, false, "TLS_ECDHE_RSA_WITH_NULL_SHA", "", |
|
436 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
437 |
K_ECDHE_RSA, B_NULL, M_SHA, H_SHA256), |
|
438 |
SSL_RSA_WITH_NULL_SHA( |
|
439 |
0x0002, false, "SSL_RSA_WITH_NULL_SHA", "", |
|
440 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
441 |
K_RSA, B_NULL, M_SHA, H_SHA256), |
|
442 |
TLS_ECDH_ECDSA_WITH_NULL_SHA( |
|
443 |
0xC001, false, "TLS_ECDH_ECDSA_WITH_NULL_SHA", "", |
|
444 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
445 |
K_ECDH_ECDSA, B_NULL, M_SHA, H_SHA256), |
|
446 |
TLS_ECDH_RSA_WITH_NULL_SHA( |
|
447 |
0xC00B, false, "TLS_ECDH_RSA_WITH_NULL_SHA", "", |
|
448 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
449 |
K_ECDH_RSA, B_NULL, M_SHA, H_SHA256), |
|
450 |
TLS_ECDH_anon_WITH_NULL_SHA( |
|
451 |
0xC015, false, "TLS_ECDH_anon_WITH_NULL_SHA", "", |
|
452 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
453 |
K_ECDH_ANON, B_NULL, M_SHA, H_SHA256), |
|
454 |
SSL_RSA_WITH_NULL_MD5( |
|
455 |
0x0001, false, "SSL_RSA_WITH_NULL_MD5", "", |
|
456 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
457 |
K_RSA, B_NULL, M_MD5, H_SHA256), |
|
| 2 | 458 |
|
| 56542 | 459 |
// supported Kerberos ciphersuites from RFC2712 |
460 |
TLS_KRB5_WITH_3DES_EDE_CBC_SHA( |
|
461 |
0x001F, false, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", "", |
|
462 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
463 |
K_KRB5, B_3DES, M_SHA, H_SHA256), |
|
464 |
TLS_KRB5_WITH_3DES_EDE_CBC_MD5( |
|
465 |
0x0023, false, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", "", |
|
466 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
467 |
K_KRB5, B_3DES, M_MD5, H_SHA256), |
|
468 |
TLS_KRB5_WITH_RC4_128_SHA( |
|
469 |
0x0020, false, "TLS_KRB5_WITH_RC4_128_SHA", "", |
|
470 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
471 |
K_KRB5, B_RC4_128, M_SHA, H_SHA256), |
|
472 |
TLS_KRB5_WITH_RC4_128_MD5( |
|
473 |
0x0024, false, "TLS_KRB5_WITH_RC4_128_MD5", "", |
|
474 |
ProtocolVersion.PROTOCOLS_TO_12, |
|
475 |
K_KRB5, B_RC4_128, M_MD5, H_SHA256), |
|
476 |
TLS_KRB5_WITH_DES_CBC_SHA( |
|
477 |
0x001e, false, "TLS_KRB5_WITH_DES_CBC_SHA", "", |
|
478 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
479 |
K_KRB5, B_DES, M_SHA, H_NONE), |
|
480 |
TLS_KRB5_WITH_DES_CBC_MD5( |
|
481 |
0x0022, false, "TLS_KRB5_WITH_DES_CBC_MD5", "", |
|
482 |
ProtocolVersion.PROTOCOLS_TO_11, |
|
483 |
K_KRB5, B_DES, M_MD5, H_NONE), |
|
484 |
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA( |
|
485 |
0x0026, false, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", "", |
|
486 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
487 |
K_KRB5_EXPORT, B_DES_40, M_SHA, H_NONE), |
|
488 |
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5( |
|
489 |
0x0029, false, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", "", |
|
490 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
491 |
K_KRB5_EXPORT, B_DES_40, M_MD5, H_NONE), |
|
492 |
TLS_KRB5_EXPORT_WITH_RC4_40_SHA( |
|
493 |
0x0028, false, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", "", |
|
494 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
495 |
K_KRB5_EXPORT, B_RC4_40, M_SHA, H_NONE), |
|
496 |
TLS_KRB5_EXPORT_WITH_RC4_40_MD5( |
|
497 |
0x002B, false, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", "", |
|
498 |
ProtocolVersion.PROTOCOLS_TO_10, |
|
499 |
K_KRB5_EXPORT, B_RC4_40, M_MD5, H_NONE), |
|
500 |
||
501 |
// Other values from the TLS Cipher Suite Registry, as of August 2010. |
|
502 |
// |
|
503 |
// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml |
|
504 |
// |
|
505 |
// Range Registration Procedures Notes |
|
506 |
// 000-191 Standards Action Refers to value of first byte |
|
507 |
// 192-254 Specification Required Refers to value of first byte |
|
508 |
// 255 Reserved for Private Use Refers to value of first byte |
|
509 |
||
510 |
TLS_CHACHA20_POLY1305_SHA256( // TLS 1.3 |
|
511 |
"TLS_CHACHA20_POLY1305_SHA256", 0x1303), |
|
512 |
TLS_AES_128_CCM_SHA256( // TLS 1.3 |
|
513 |
"TLS_AES_128_CCM_SHA256", 0x1304), |
|
514 |
TLS_AES_128_CCM_8_SHA256( // TLS 1.3 |
|
515 |
"TLS_AES_128_CCM_8_SHA256", 0x1305), |
|
| 2 | 516 |
|
| 56542 | 517 |
// remaining unsupported ciphersuites defined in RFC2246. |
518 |
CS_0006("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", 0x0006),
|
|
519 |
CS_0007("SSL_RSA_WITH_IDEA_CBC_SHA", 0x0007),
|
|
520 |
CS_000B("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", 0x000b),
|
|
521 |
CS_000C("SSL_DH_DSS_WITH_DES_CBC_SHA", 0x000c),
|
|
522 |
CS_000D("SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", 0x000d),
|
|
523 |
CS_000E("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", 0x000e),
|
|
524 |
CS_000F("SSL_DH_RSA_WITH_DES_CBC_SHA", 0x000f),
|
|
525 |
CS_0010("SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", 0x0010),
|
|
526 |
||
527 |
// SSL 3.0 Fortezza ciphersuites |
|
528 |
CS_001C("SSL_FORTEZZA_DMS_WITH_NULL_SHA", 0x001c),
|
|
529 |
CS_001D("SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA", 0x001d),
|
|
530 |
||
531 |
// 1024/56 bit exportable ciphersuites from expired internet draft |
|
532 |
CS_0062("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", 0x0062),
|
|
533 |
CS_0063("SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", 0x0063),
|
|
534 |
CS_0064("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", 0x0064),
|
|
535 |
CS_0065("SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", 0x0065),
|
|
536 |
CS_0066("SSL_DHE_DSS_WITH_RC4_128_SHA", 0x0066),
|
|
537 |
||
538 |
// Netscape old and new SSL 3.0 FIPS ciphersuites |
|
539 |
// see http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html |
|
540 |
CS_FFE0("NETSCAPE_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xffe0),
|
|
541 |
CS_FFE1("NETSCAPE_RSA_FIPS_WITH_DES_CBC_SHA", 0xffe1),
|
|
542 |
CS_FEFE("SSL_RSA_FIPS_WITH_DES_CBC_SHA", 0xfefe),
|
|
543 |
CS_FEFF("SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xfeff),
|
|
544 |
||
545 |
// Unsupported Kerberos cipher suites from RFC 2712 |
|
546 |
CS_0021("TLS_KRB5_WITH_IDEA_CBC_SHA", 0x0021),
|
|
547 |
CS_0025("TLS_KRB5_WITH_IDEA_CBC_MD5", 0x0025),
|
|
548 |
CS_0027("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", 0x0027),
|
|
549 |
CS_002A("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", 0x002a),
|
|
550 |
||
551 |
// Unsupported cipher suites from RFC 4162 |
|
552 |
CS_0096("TLS_RSA_WITH_SEED_CBC_SHA", 0x0096),
|
|
553 |
CS_0097("TLS_DH_DSS_WITH_SEED_CBC_SHA", 0x0097),
|
|
554 |
CS_0098("TLS_DH_RSA_WITH_SEED_CBC_SHA", 0x0098),
|
|
555 |
CS_0099("TLS_DHE_DSS_WITH_SEED_CBC_SHA", 0x0099),
|
|
556 |
CS_009A("TLS_DHE_RSA_WITH_SEED_CBC_SHA", 0x009a),
|
|
557 |
CS_009B("TLS_DH_anon_WITH_SEED_CBC_SHA", 0x009b),
|
|
558 |
||
559 |
// Unsupported cipher suites from RFC 4279 |
|
560 |
CS_008A("TLS_PSK_WITH_RC4_128_SHA", 0x008a),
|
|
561 |
CS_008B("TLS_PSK_WITH_3DES_EDE_CBC_SHA", 0x008b),
|
|
562 |
CS_008C("TLS_PSK_WITH_AES_128_CBC_SHA", 0x008c),
|
|
563 |
CS_008D("TLS_PSK_WITH_AES_256_CBC_SHA", 0x008d),
|
|
564 |
CS_008E("TLS_DHE_PSK_WITH_RC4_128_SHA", 0x008e),
|
|
565 |
CS_008F("TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", 0x008f),
|
|
566 |
CS_0090("TLS_DHE_PSK_WITH_AES_128_CBC_SHA", 0x0090),
|
|
567 |
CS_0091("TLS_DHE_PSK_WITH_AES_256_CBC_SHA", 0x0091),
|
|
568 |
CS_0092("TLS_RSA_PSK_WITH_RC4_128_SHA", 0x0092),
|
|
569 |
CS_0093("TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", 0x0093),
|
|
570 |
CS_0094("TLS_RSA_PSK_WITH_AES_128_CBC_SHA", 0x0094),
|
|
571 |
CS_0095("TLS_RSA_PSK_WITH_AES_256_CBC_SHA", 0x0095),
|
|
572 |
||
573 |
// Unsupported cipher suites from RFC 4785 |
|
574 |
CS_002C("TLS_PSK_WITH_NULL_SHA", 0x002c),
|
|
575 |
CS_002D("TLS_DHE_PSK_WITH_NULL_SHA", 0x002d),
|
|
576 |
CS_002E("TLS_RSA_PSK_WITH_NULL_SHA", 0x002e),
|
|
577 |
||
578 |
// Unsupported cipher suites from RFC 5246 |
|
579 |
CS_0030("TLS_DH_DSS_WITH_AES_128_CBC_SHA", 0x0030),
|
|
580 |
CS_0031("TLS_DH_RSA_WITH_AES_128_CBC_SHA", 0x0031),
|
|
581 |
CS_0036("TLS_DH_DSS_WITH_AES_256_CBC_SHA", 0x0036),
|
|
582 |
CS_0037("TLS_DH_RSA_WITH_AES_256_CBC_SHA", 0x0037),
|
|
583 |
CS_003E("TLS_DH_DSS_WITH_AES_128_CBC_SHA256", 0x003e),
|
|
584 |
CS_003F("TLS_DH_RSA_WITH_AES_128_CBC_SHA256", 0x003f),
|
|
585 |
CS_0068("TLS_DH_DSS_WITH_AES_256_CBC_SHA256", 0x0068),
|
|
586 |
CS_0069("TLS_DH_RSA_WITH_AES_256_CBC_SHA256", 0x0069),
|
|
587 |
||
588 |
// Unsupported cipher suites from RFC 5288 |
|
589 |
CS_00A0("TLS_DH_RSA_WITH_AES_128_GCM_SHA256", 0x00a0),
|
|
590 |
CS_00A1("TLS_DH_RSA_WITH_AES_256_GCM_SHA384", 0x00a1),
|
|
591 |
CS_00A4("TLS_DH_DSS_WITH_AES_128_GCM_SHA256", 0x00a4),
|
|
592 |
CS_00A5("TLS_DH_DSS_WITH_AES_256_GCM_SHA384", 0x00a5),
|
|
| 2 | 593 |
|
| 56542 | 594 |
// Unsupported cipher suites from RFC 5487 |
595 |
CS_00A8("TLS_PSK_WITH_AES_128_GCM_SHA256", 0x00a8),
|
|
596 |
CS_00A9("TLS_PSK_WITH_AES_256_GCM_SHA384", 0x00a9),
|
|
597 |
CS_00AA("TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", 0x00aa),
|
|
598 |
CS_00AB("TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", 0x00ab),
|
|
599 |
CS_00AC("TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", 0x00ac),
|
|
600 |
CS_00AD("TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", 0x00ad),
|
|
601 |
CS_00AE("TLS_PSK_WITH_AES_128_CBC_SHA256", 0x00ae),
|
|
602 |
CS_00AF("TLS_PSK_WITH_AES_256_CBC_SHA384", 0x00af),
|
|
603 |
CS_00B0("TLS_PSK_WITH_NULL_SHA256", 0x00b0),
|
|
604 |
CS_00B1("TLS_PSK_WITH_NULL_SHA384", 0x00b1),
|
|
605 |
CS_00B2("TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", 0x00b2),
|
|
606 |
CS_00B3("TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", 0x00b3),
|
|
607 |
CS_00B4("TLS_DHE_PSK_WITH_NULL_SHA256", 0x00b4),
|
|
608 |
CS_00B5("TLS_DHE_PSK_WITH_NULL_SHA384", 0x00b5),
|
|
609 |
CS_00B6("TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", 0x00b6),
|
|
610 |
CS_00B7("TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", 0x00b7),
|
|
611 |
CS_00B8("TLS_RSA_PSK_WITH_NULL_SHA256", 0x00b8),
|
|
612 |
CS_00B9("TLS_RSA_PSK_WITH_NULL_SHA384", 0x00b9),
|
|
| 2 | 613 |
|
| 56542 | 614 |
// Unsupported cipher suites from RFC 5932 |
615 |
CS_0041("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0041),
|
|
616 |
CS_0042("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", 0x0042),
|
|
617 |
CS_0043("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0043),
|
|
618 |
CS_0044("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", 0x0044),
|
|
619 |
CS_0045("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0045),
|
|
620 |
CS_0046("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", 0x0046),
|
|
621 |
CS_0084("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0084),
|
|
622 |
CS_0085("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", 0x0085),
|
|
623 |
CS_0086("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0086),
|
|
624 |
CS_0087("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", 0x0087),
|
|
625 |
CS_0088("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0088),
|
|
626 |
CS_0089("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", 0x0089),
|
|
627 |
CS_00BA("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00ba),
|
|
628 |
CS_00BB("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0x00bb),
|
|
629 |
CS_00BC("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00bc),
|
|
630 |
CS_00BD("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0x00bd),
|
|
631 |
CS_00BE("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00be),
|
|
632 |
CS_00BF("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", 0x00bf),
|
|
633 |
CS_00C0("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c0),
|
|
634 |
CS_00C1("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0x00c1),
|
|
635 |
CS_00C2("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c2),
|
|
636 |
CS_00C3("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0x00c3),
|
|
637 |
CS_00C4("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c4),
|
|
638 |
CS_00C5("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", 0x00c5),
|
|
639 |
||
640 |
// TLS Fallback Signaling Cipher Suite Value (SCSV) RFC 7507 |
|
641 |
CS_5600("TLS_FALLBACK_SCSV", 0x5600),
|
|
642 |
||
643 |
// Unsupported cipher suites from RFC 5054 |
|
644 |
CS_C01A("TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", 0xc01a),
|
|
645 |
CS_C01B("TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", 0xc01b),
|
|
646 |
CS_C01C("TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", 0xc01c),
|
|
647 |
CS_C01D("TLS_SRP_SHA_WITH_AES_128_CBC_SHA", 0xc01d),
|
|
648 |
CS_C01E("TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", 0xc01e),
|
|
649 |
CS_C01F("TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", 0xc01f),
|
|
650 |
CS_C020("TLS_SRP_SHA_WITH_AES_256_CBC_SHA", 0xc020),
|
|
651 |
CS_C021("TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", 0xc021),
|
|
652 |
CS_C022("TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", 0xc022),
|
|
653 |
||
654 |
// Unsupported cipher suites from RFC 5489 |
|
655 |
CS_C033("TLS_ECDHE_PSK_WITH_RC4_128_SHA", 0xc033),
|
|
656 |
CS_C034("TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", 0xc034),
|
|
657 |
CS_C035("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", 0xc035),
|
|
658 |
CS_C036("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", 0xc036),
|
|
659 |
CS_C037("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", 0xc037),
|
|
660 |
CS_C038("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", 0xc038),
|
|
661 |
CS_C039("TLS_ECDHE_PSK_WITH_NULL_SHA", 0xc039),
|
|
662 |
CS_C03A("TLS_ECDHE_PSK_WITH_NULL_SHA256", 0xc03a),
|
|
663 |
CS_C03B("TLS_ECDHE_PSK_WITH_NULL_SHA384", 0xc03b),
|
|
| 2 | 664 |
|
| 56542 | 665 |
// Unsupported cipher suites from RFC 6209 |
666 |
CS_C03C("TLS_RSA_WITH_ARIA_128_CBC_SHA256", 0xc03c),
|
|
667 |
CS_C03D("TLS_RSA_WITH_ARIA_256_CBC_SHA384", 0xc03d),
|
|
668 |
CS_C03E("TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", 0xc03e),
|
|
669 |
CS_C03F("TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", 0xc03f),
|
|
670 |
CS_C040("TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", 0xc040),
|
|
671 |
CS_C041("TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", 0xc041),
|
|
672 |
CS_C042("TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", 0xc042),
|
|
673 |
CS_C043("TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", 0xc043),
|
|
674 |
CS_C044("TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", 0xc044),
|
|
675 |
CS_C045("TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", 0xc045),
|
|
676 |
CS_C046("TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", 0xc046),
|
|
677 |
CS_C047("TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", 0xc047),
|
|
678 |
CS_C048("TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", 0xc048),
|
|
679 |
CS_C049("TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", 0xc049),
|
|
680 |
CS_C04A("TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", 0xc04a),
|
|
681 |
CS_C04B("TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", 0xc04b),
|
|
682 |
CS_C04C("TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", 0xc04c),
|
|
683 |
CS_C04D("TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", 0xc04d),
|
|
684 |
CS_C04E("TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", 0xc04e),
|
|
685 |
CS_C04F("TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", 0xc04f),
|
|
686 |
CS_C050("TLS_RSA_WITH_ARIA_128_GCM_SHA256", 0xc050),
|
|
687 |
CS_C051("TLS_RSA_WITH_ARIA_256_GCM_SHA384", 0xc051),
|
|
688 |
CS_C052("TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", 0xc052),
|
|
689 |
CS_C053("TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", 0xc053),
|
|
690 |
CS_C054("TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", 0xc054),
|
|
691 |
CS_C055("TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", 0xc055),
|
|
692 |
CS_C056("TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", 0xc056),
|
|
693 |
CS_C057("TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", 0xc057),
|
|
694 |
CS_C058("TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", 0xc058),
|
|
695 |
CS_C059("TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", 0xc059),
|
|
696 |
CS_C05A("TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", 0xc05a),
|
|
697 |
CS_C05B("TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", 0xc05b),
|
|
698 |
CS_C05C("TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", 0xc05c),
|
|
699 |
CS_C05D("TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", 0xc05d),
|
|
700 |
CS_C05E("TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", 0xc05e),
|
|
701 |
CS_C05F("TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", 0xc05f),
|
|
702 |
CS_C060("TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", 0xc060),
|
|
703 |
CS_C061("TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", 0xc061),
|
|
704 |
CS_C062("TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", 0xc062),
|
|
705 |
CS_C063("TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", 0xc063),
|
|
706 |
CS_C064("TLS_PSK_WITH_ARIA_128_CBC_SHA256", 0xc064),
|
|
707 |
CS_C065("TLS_PSK_WITH_ARIA_256_CBC_SHA384", 0xc065),
|
|
708 |
CS_C066("TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", 0xc066),
|
|
709 |
CS_C067("TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", 0xc067),
|
|
710 |
CS_C068("TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", 0xc068),
|
|
711 |
CS_C069("TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", 0xc069),
|
|
712 |
CS_C06A("TLS_PSK_WITH_ARIA_128_GCM_SHA256", 0xc06a),
|
|
713 |
CS_C06B("TLS_PSK_WITH_ARIA_256_GCM_SHA384", 0xc06b),
|
|
714 |
CS_C06C("TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", 0xc06c),
|
|
715 |
CS_C06D("TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", 0xc06d),
|
|
716 |
CS_C06E("TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", 0xc06e),
|
|
717 |
CS_C06F("TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", 0xc06f),
|
|
718 |
CS_C070("TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", 0xc070),
|
|
719 |
CS_C071("TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", 0xc071),
|
|
| 2 | 720 |
|
| 56542 | 721 |
// Unsupported cipher suites from RFC 6367 |
722 |
CS_C072("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", 0xc072),
|
|
723 |
CS_C073("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", 0xc073),
|
|
724 |
CS_C074("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", 0xc074),
|
|
725 |
CS_C075("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", 0xc075),
|
|
726 |
CS_C076("TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0xc076),
|
|
727 |
CS_C077("TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", 0xc077),
|
|
728 |
CS_C078("TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0xc078),
|
|
729 |
CS_C079("TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", 0xc079),
|
|
730 |
CS_C07A("TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc07a),
|
|
731 |
CS_C07B("TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc07b),
|
|
732 |
CS_C07C("TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc07c),
|
|
733 |
CS_C07D("TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc07d),
|
|
734 |
CS_C07E("TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc07e),
|
|
735 |
CS_C07F("TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc07f),
|
|
736 |
CS_C080("TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", 0xc080),
|
|
737 |
CS_C081("TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", 0xc081),
|
|
738 |
CS_C082("TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", 0xc082),
|
|
739 |
CS_C083("TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", 0xc083),
|
|
740 |
CS_C084("TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", 0xc084),
|
|
741 |
CS_C085("TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", 0xc085),
|
|
742 |
CS_C086("TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc086),
|
|
743 |
CS_C087("TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc087),
|
|
744 |
CS_C088("TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc088),
|
|
745 |
CS_C089("TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc089),
|
|
746 |
CS_C08A("TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc08a),
|
|
747 |
CS_C08B("TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc08b),
|
|
748 |
CS_C08C("TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0xc08c),
|
|
749 |
CS_C08D("TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0xc08d),
|
|
750 |
CS_C08E("TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0xc08e),
|
|
751 |
CS_C08F("TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0xc08f),
|
|
752 |
CS_C090("TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0xc090),
|
|
753 |
CS_C091("TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0xc091),
|
|
754 |
CS_C092("TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0xc092),
|
|
755 |
CS_C093("TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0xc093),
|
|
756 |
CS_C094("TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0xc094),
|
|
757 |
CS_C095("TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0xc095),
|
|
758 |
CS_C096("TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0xc096),
|
|
759 |
CS_C097("TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0xc097),
|
|
760 |
CS_C098("TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0xc098),
|
|
761 |
CS_C099("TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0xc099),
|
|
762 |
CS_C09A("TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0xc09a),
|
|
763 |
CS_C09B("TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0xc09b),
|
|
| 2 | 764 |
|
| 56542 | 765 |
// Unsupported cipher suites from RFC 6655 |
766 |
CS_C09C("TLS_RSA_WITH_AES_128_CCM", 0xc09c),
|
|
767 |
CS_C09D("TLS_RSA_WITH_AES_256_CCM", 0xc09d),
|
|
768 |
CS_C09E("TLS_DHE_RSA_WITH_AES_128_CCM", 0xc09e),
|
|
769 |
CS_C09F("TLS_DHE_RSA_WITH_AES_256_CCM", 0xc09f),
|
|
770 |
CS_C0A0("TLS_RSA_WITH_AES_128_CCM_8", 0xc0A0),
|
|
771 |
CS_C0A1("TLS_RSA_WITH_AES_256_CCM_8", 0xc0A1),
|
|
772 |
CS_C0A2("TLS_DHE_RSA_WITH_AES_128_CCM_8", 0xc0A2),
|
|
773 |
CS_C0A3("TLS_DHE_RSA_WITH_AES_256_CCM_8", 0xc0A3),
|
|
774 |
CS_C0A4("TLS_PSK_WITH_AES_128_CCM", 0xc0A4),
|
|
775 |
CS_C0A5("TLS_PSK_WITH_AES_256_CCM", 0xc0A5),
|
|
776 |
CS_C0A6("TLS_DHE_PSK_WITH_AES_128_CCM", 0xc0A6),
|
|
777 |
CS_C0A7("TLS_DHE_PSK_WITH_AES_256_CCM", 0xc0A7),
|
|
778 |
CS_C0A8("TLS_PSK_WITH_AES_128_CCM_8", 0xc0A8),
|
|
779 |
CS_C0A9("TLS_PSK_WITH_AES_256_CCM_8", 0xc0A9),
|
|
780 |
CS_C0AA("TLS_PSK_DHE_WITH_AES_128_CCM_8", 0xc0Aa),
|
|
781 |
CS_C0AB("TLS_PSK_DHE_WITH_AES_256_CCM_8", 0xc0Ab),
|
|
782 |
||
783 |
// Unsupported cipher suites from RFC 7251 |
|
784 |
CS_C0AC("TLS_ECDHE_ECDSA_WITH_AES_128_CCM", 0xc0Ac),
|
|
785 |
CS_C0AD("TLS_ECDHE_ECDSA_WITH_AES_256_CCM", 0xc0Ad),
|
|
786 |
CS_C0AE("TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", 0xc0Ae),
|
|
787 |
CS_C0AF("TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", 0xc0Af),
|
|
788 |
||
789 |
C_NULL("SSL_NULL_WITH_NULL_NULL", 0x0000);
|
|
790 |
||
| 2 | 791 |
final int id; |
| 56542 | 792 |
final boolean isDefaultEnabled; |
793 |
final String name; |
|
794 |
final List<String> aliases; |
|
795 |
final List<ProtocolVersion> supportedProtocols; |
|
796 |
final KeyExchange keyExchange; |
|
797 |
final SSLCipher bulkCipher; |
|
798 |
final MacAlg macAlg; |
|
799 |
final HashAlg hashAlg; |
|
| 2 | 800 |
|
801 |
final boolean exportable; |
|
802 |
||
| 56542 | 803 |
// known but unsupported cipher suite |
804 |
private CipherSuite(String name, int id) {
|
|
805 |
this(id, false, name, "", |
|
806 |
ProtocolVersion.PROTOCOLS_EMPTY, null, null, null, null); |
|
807 |
} |
|
808 |
||
809 |
// TLS 1.3 cipher suite |
|
810 |
private CipherSuite(int id, boolean isDefaultEnabled, |
|
811 |
String name, ProtocolVersion[] supportedProtocols, |
|
812 |
SSLCipher bulkCipher, HashAlg hashAlg) {
|
|
813 |
this(id, isDefaultEnabled, name, "", |
|
814 |
supportedProtocols, null, bulkCipher, M_NULL, hashAlg); |
|
815 |
} |
|
| 2 | 816 |
|
| 56542 | 817 |
private CipherSuite(int id, boolean isDefaultEnabled, |
818 |
String name, String aliases, |
|
819 |
ProtocolVersion[] supportedProtocols, |
|
820 |
KeyExchange keyExchange, SSLCipher cipher, |
|
821 |
MacAlg macAlg, HashAlg hashAlg) {
|
|
822 |
this.id = id; |
|
823 |
this.isDefaultEnabled = isDefaultEnabled; |
|
824 |
this.name = name; |
|
825 |
if (aliases.isEmpty()) {
|
|
826 |
this.aliases = Arrays.asList(aliases.split(","));
|
|
827 |
} else {
|
|
828 |
this.aliases = Collections.emptyList(); |
|
829 |
} |
|
830 |
this.supportedProtocols = Arrays.asList(supportedProtocols); |
|
831 |
this.keyExchange = keyExchange; |
|
832 |
this.bulkCipher = cipher; |
|
833 |
this.macAlg = macAlg; |
|
834 |
this.hashAlg = hashAlg; |
|
| 7039 | 835 |
|
| 56542 | 836 |
this.exportable = (cipher == null ? false : cipher.exportable); |
837 |
} |
|
838 |
||
839 |
static CipherSuite nameOf(String ciperSuiteName) {
|
|
840 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
841 |
if (cs.name.equals(ciperSuiteName) || |
|
842 |
cs.aliases.contains(ciperSuiteName)) {
|
|
843 |
return cs; |
|
844 |
} |
|
845 |
} |
|
| 7043 | 846 |
|
| 56542 | 847 |
return null; |
848 |
} |
|
849 |
||
850 |
static CipherSuite valueOf(int id) {
|
|
851 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
852 |
if (cs.id == id) {
|
|
853 |
return cs; |
|
854 |
} |
|
855 |
} |
|
856 |
||
857 |
return null; |
|
858 |
} |
|
859 |
||
860 |
static String nameOf(int id) {
|
|
861 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
862 |
if (cs.id == id) {
|
|
863 |
return cs.name; |
|
864 |
} |
|
865 |
} |
|
866 |
||
867 |
return "UNKNOWN-CIPHER-SUITE(" + Utilities.byte16HexString(id) + ")";
|
|
868 |
} |
|
869 |
||
870 |
static Collection<CipherSuite> allowedCipherSuites() {
|
|
871 |
Collection<CipherSuite> cipherSuites = new LinkedList<>(); |
|
872 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
873 |
if (!cs.supportedProtocols.isEmpty()) {
|
|
874 |
cipherSuites.add(cs); |
|
875 |
} else {
|
|
876 |
// The following cipher suites are not supported. |
|
877 |
break; |
|
878 |
} |
|
879 |
} |
|
880 |
return cipherSuites; |
|
881 |
} |
|
882 |
||
883 |
static Collection<CipherSuite> defaultCipherSuites() {
|
|
884 |
Collection<CipherSuite> cipherSuites = new LinkedList<>(); |
|
885 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
886 |
if (cs.isDefaultEnabled) {
|
|
887 |
cipherSuites.add(cs); |
|
888 |
} else {
|
|
889 |
// The following cipher suites are not default enabled.. |
|
890 |
break; |
|
891 |
} |
|
892 |
} |
|
893 |
return cipherSuites; |
|
| 2 | 894 |
} |
895 |
||
| 7043 | 896 |
/** |
| 56542 | 897 |
* Validates and converts an array of cipher suite names. |
898 |
* |
|
899 |
* @throws IllegalArgumentException if the array or any of its elements |
|
900 |
* is null or if the ciphersuite name is unrecognized or |
|
901 |
* unsupported using currently installed providers |
|
| 7043 | 902 |
*/ |
| 56542 | 903 |
static List<CipherSuite> validValuesOf(String[] names) {
|
904 |
if (names == null || names.length == 0) {
|
|
905 |
return Collections.emptyList(); |
|
906 |
} |
|
| 2 | 907 |
|
| 56542 | 908 |
List<CipherSuite> cipherSuites = new ArrayList<>(names.length); |
909 |
for (String name : names) {
|
|
910 |
boolean found = false; |
|
911 |
for (CipherSuite cs : CipherSuite.values()) {
|
|
912 |
if (!cs.supportedProtocols.isEmpty()) {
|
|
913 |
if (cs.name.equals(name) || |
|
914 |
cs.aliases.contains(name)) {
|
|
915 |
cipherSuites.add(cs); |
|
916 |
found = true; |
|
917 |
break; |
|
918 |
} |
|
919 |
} else {
|
|
920 |
// The following cipher suites are not supported. |
|
921 |
break; |
|
922 |
} |
|
923 |
} |
|
924 |
if (!found) {
|
|
925 |
throw new IllegalArgumentException( |
|
926 |
"Cannot support " + name + |
|
927 |
" with currently installed providers"); |
|
928 |
} |
|
929 |
} |
|
930 |
||
931 |
return Collections.unmodifiableList(cipherSuites); |
|
| 2 | 932 |
} |
933 |
||
| 56542 | 934 |
static String[] namesOf(List<CipherSuite> cipherSuites) {
|
935 |
String[] names = new String[cipherSuites.size()]; |
|
936 |
int i = 0; |
|
937 |
for (CipherSuite cipherSuite : cipherSuites) {
|
|
938 |
names[i++] = cipherSuite.name; |
|
939 |
} |
|
940 |
||
941 |
return names; |
|
942 |
} |
|
943 |
||
| 2 | 944 |
boolean isAvailable() {
|
| 56542 | 945 |
return !supportedProtocols.isEmpty() && |
946 |
(keyExchange == null || keyExchange.isAvailable()) && |
|
947 |
bulkCipher != null && bulkCipher.isAvailable(); |
|
948 |
} |
|
949 |
||
950 |
public boolean supports(ProtocolVersion protocolVersion) {
|
|
951 |
return supportedProtocols.contains(protocolVersion); |
|
| 2 | 952 |
} |
953 |
||
| 6856 | 954 |
boolean isNegotiable() {
|
| 56542 | 955 |
return this != TLS_EMPTY_RENEGOTIATION_INFO_SCSV && isAvailable(); |
| 6856 | 956 |
} |
957 |
||
| 56542 | 958 |
boolean isAnonymous() {
|
959 |
return (keyExchange != null && keyExchange.isAnonymous); |
|
960 |
} |
|
961 |
||
962 |
// See also SSLWriteCipher.calculatePacketSize(). |
|
| 30904 | 963 |
int calculatePacketSize(int fragmentSize, |
964 |
ProtocolVersion protocolVersion, boolean isDTLS) {
|
|
965 |
int packetSize = fragmentSize; |
|
| 56542 | 966 |
if (bulkCipher != null && bulkCipher != B_NULL) {
|
967 |
int blockSize = bulkCipher.ivSize; |
|
968 |
switch (bulkCipher.cipherType) {
|
|
| 30904 | 969 |
case BLOCK_CIPHER: |
970 |
packetSize += macAlg.size; |
|
971 |
packetSize += 1; // 1 byte padding length field |
|
972 |
packetSize += // use the minimal padding |
|
973 |
(blockSize - (packetSize % blockSize)) % blockSize; |
|
974 |
if (protocolVersion.useTLS11PlusSpec()) {
|
|
975 |
packetSize += blockSize; // explicit IV |
|
976 |
} |
|
977 |
||
978 |
break; |
|
979 |
case AEAD_CIPHER: |
|
| 56542 | 980 |
if (protocolVersion == ProtocolVersion.TLS12 || |
981 |
protocolVersion == ProtocolVersion.DTLS12) {
|
|
982 |
packetSize += bulkCipher.ivSize - bulkCipher.fixedIvSize; |
|
983 |
} |
|
984 |
packetSize += bulkCipher.tagSize; |
|
| 30904 | 985 |
|
986 |
break; |
|
987 |
default: // NULL_CIPHER or STREAM_CIPHER |
|
988 |
packetSize += macAlg.size; |
|
989 |
} |
|
990 |
} |
|
991 |
||
992 |
return packetSize + |
|
993 |
(isDTLS ? DTLSRecord.headerSize : SSLRecord.headerSize); |
|
994 |
} |
|
995 |
||
996 |
// See also CipherBox.calculateFragmentSize(). |
|
997 |
int calculateFragSize(int packetLimit, |
|
998 |
ProtocolVersion protocolVersion, boolean isDTLS) {
|
|
999 |
int fragSize = packetLimit - |
|
1000 |
(isDTLS ? DTLSRecord.headerSize : SSLRecord.headerSize); |
|
| 56542 | 1001 |
if (bulkCipher != null && bulkCipher != B_NULL) {
|
1002 |
int blockSize = bulkCipher.ivSize; |
|
1003 |
switch (bulkCipher.cipherType) {
|
|
| 30904 | 1004 |
case BLOCK_CIPHER: |
1005 |
if (protocolVersion.useTLS11PlusSpec()) {
|
|
1006 |
fragSize -= blockSize; // explicit IV |
|
1007 |
} |
|
1008 |
fragSize -= (fragSize % blockSize); // cannot hold a block |
|
1009 |
// No padding for a maximum fragment. |
|
1010 |
fragSize -= 1; // 1 byte padding length field: 0x00 |
|
1011 |
fragSize -= macAlg.size; |
|
1012 |
||
1013 |
break; |
|
1014 |
case AEAD_CIPHER: |
|
| 56542 | 1015 |
fragSize -= bulkCipher.tagSize; |
1016 |
fragSize -= bulkCipher.ivSize - bulkCipher.fixedIvSize; |
|
| 30904 | 1017 |
|
1018 |
break; |
|
1019 |
default: // NULL_CIPHER or STREAM_CIPHER |
|
1020 |
fragSize -= macAlg.size; |
|
1021 |
} |
|
1022 |
} |
|
1023 |
||
1024 |
return fragSize; |
|
1025 |
} |
|
1026 |
||
| 2 | 1027 |
/** |
1028 |
* An SSL/TLS key exchange algorithm. |
|
1029 |
*/ |
|
1030 |
static enum KeyExchange {
|
|
| 56542 | 1031 |
K_NULL ("NULL", false, true, NAMED_GROUP_NONE),
|
1032 |
K_RSA ("RSA", true, false, NAMED_GROUP_NONE),
|
|
1033 |
K_RSA_EXPORT ("RSA_EXPORT", true, false, NAMED_GROUP_NONE),
|
|
1034 |
K_DH_RSA ("DH_RSA", false, false, NAMED_GROUP_NONE),
|
|
1035 |
K_DH_DSS ("DH_DSS", false, false, NAMED_GROUP_NONE),
|
|
1036 |
K_DHE_DSS ("DHE_DSS", true, false, NAMED_GROUP_FFDHE),
|
|
1037 |
K_DHE_DSS_EXPORT("DHE_DSS_EXPORT", true, false, NAMED_GROUP_NONE),
|
|
1038 |
K_DHE_RSA ("DHE_RSA", true, false, NAMED_GROUP_FFDHE),
|
|
1039 |
K_DHE_RSA_EXPORT("DHE_RSA_EXPORT", true, false, NAMED_GROUP_NONE),
|
|
1040 |
K_DH_ANON ("DH_anon", true, true, NAMED_GROUP_FFDHE),
|
|
1041 |
K_DH_ANON_EXPORT("DH_anon_EXPORT",true, true, NAMED_GROUP_NONE),
|
|
| 2 | 1042 |
|
| 56542 | 1043 |
K_ECDH_ECDSA ("ECDH_ECDSA", true, false, NAMED_GROUP_ECDHE),
|
1044 |
K_ECDH_RSA ("ECDH_RSA", true, false, NAMED_GROUP_ECDHE),
|
|
1045 |
K_ECDHE_ECDSA("ECDHE_ECDSA", true, false, NAMED_GROUP_ECDHE),
|
|
1046 |
K_ECDHE_RSA ("ECDHE_RSA", true, false, NAMED_GROUP_ECDHE),
|
|
1047 |
K_ECDH_ANON ("ECDH_anon", true, true, NAMED_GROUP_ECDHE),
|
|
| 2 | 1048 |
|
1049 |
// Kerberos cipher suites |
|
| 56542 | 1050 |
K_KRB5 ("KRB5", true, false, NAMED_GROUP_NONE),
|
1051 |
K_KRB5_EXPORT("KRB5_EXPORT", true, false, NAMED_GROUP_NONE),
|
|
| 6856 | 1052 |
|
1053 |
// renegotiation protection request signaling cipher suite |
|
| 56542 | 1054 |
K_SCSV ("SCSV", true, true, NAMED_GROUP_NONE);
|
| 2 | 1055 |
|
1056 |
// name of the key exchange algorithm, e.g. DHE_DSS |
|
1057 |
final String name; |
|
1058 |
final boolean allowed; |
|
|
45064
b1b45177051b
8140436: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
xuelei
parents:
39563
diff
changeset
|
1059 |
final NamedGroupType groupType; |
| 2 | 1060 |
private final boolean alwaysAvailable; |
| 56542 | 1061 |
private final boolean isAnonymous; |
| 2 | 1062 |
|
| 56542 | 1063 |
KeyExchange(String name, boolean allowed, |
1064 |
boolean isAnonymous, NamedGroupType groupType) {
|
|
| 2 | 1065 |
this.name = name; |
| 56542 | 1066 |
if (groupType == NAMED_GROUP_ECDHE) {
|
1067 |
this.allowed = JsseJce.ALLOW_ECC; |
|
1068 |
} else {
|
|
1069 |
this.allowed = allowed; |
|
1070 |
} |
|
|
45064
b1b45177051b
8140436: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
xuelei
parents:
39563
diff
changeset
|
1071 |
this.groupType = groupType; |
|
3957
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1072 |
this.alwaysAvailable = allowed && |
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1073 |
(!name.startsWith("EC")) && (!name.startsWith("KRB"));
|
| 56542 | 1074 |
this.isAnonymous = isAnonymous; |
| 2 | 1075 |
} |
1076 |
||
1077 |
boolean isAvailable() {
|
|
1078 |
if (alwaysAvailable) {
|
|
1079 |
return true; |
|
1080 |
} |
|
|
3957
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1081 |
|
|
45064
b1b45177051b
8140436: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
xuelei
parents:
39563
diff
changeset
|
1082 |
if (groupType == NAMED_GROUP_ECDHE) {
|
|
3957
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1083 |
return (allowed && JsseJce.isEcAvailable()); |
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1084 |
} else if (name.startsWith("KRB")) {
|
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1085 |
return (allowed && JsseJce.isKerberosAvailable()); |
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1086 |
} else {
|
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1087 |
return allowed; |
|
c8fdb8fad795
6885204: JSSE should not require Kerberos to be present
vinnie
parents:
715
diff
changeset
|
1088 |
} |
| 2 | 1089 |
} |
1090 |
||
|
14664
e71aa0962e70
8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl
xuelei
parents:
11904
diff
changeset
|
1091 |
@Override |
| 2 | 1092 |
public String toString() {
|
1093 |
return name; |
|
1094 |
} |
|
1095 |
} |
|
1096 |
||
1097 |
/** |
|
1098 |
* An SSL/TLS key MAC algorithm. |
|
1099 |
* |
|
| 7043 | 1100 |
* Also contains a factory method to obtain an initialized MAC |
| 2 | 1101 |
* for this algorithm. |
1102 |
*/ |
|
| 29488 | 1103 |
static enum MacAlg {
|
1104 |
// MACs |
|
1105 |
M_NULL ("NULL", 0, 0, 0),
|
|
1106 |
M_MD5 ("MD5", 16, 64, 9),
|
|
1107 |
M_SHA ("SHA", 20, 64, 9),
|
|
1108 |
M_SHA256 ("SHA256", 32, 64, 9),
|
|
1109 |
M_SHA384 ("SHA384", 48, 128, 17);
|
|
| 2 | 1110 |
|
1111 |
// descriptive name, e.g. MD5 |
|
1112 |
final String name; |
|
1113 |
||
1114 |
// size of the MAC value (and MAC key) in bytes |
|
1115 |
final int size; |
|
1116 |
||
| 16113 | 1117 |
// block size of the underlying hash algorithm |
1118 |
final int hashBlockSize; |
|
1119 |
||
1120 |
// minimal padding size of the underlying hash algorithm |
|
1121 |
final int minimalPaddingSize; |
|
1122 |
||
1123 |
MacAlg(String name, int size, |
|
1124 |
int hashBlockSize, int minimalPaddingSize) {
|
|
| 2 | 1125 |
this.name = name; |
1126 |
this.size = size; |
|
| 16113 | 1127 |
this.hashBlockSize = hashBlockSize; |
1128 |
this.minimalPaddingSize = minimalPaddingSize; |
|
| 2 | 1129 |
} |
1130 |
||
|
14664
e71aa0962e70
8003950: Adds missing Override annotations and removes unnecessary imports in sun.security.ssl
xuelei
parents:
11904
diff
changeset
|
1131 |
@Override |
| 2 | 1132 |
public String toString() {
|
1133 |
return name; |
|
1134 |
} |
|
1135 |
} |
|
1136 |
||
| 7807 | 1137 |
/** |
| 56542 | 1138 |
* The hash algorithms used for PRF (PseudoRandom Function) or HKDF. |
| 7807 | 1139 |
* |
| 56542 | 1140 |
* Note that TLS 1.1- uses a single MD5/SHA1-based PRF algorithm for |
1141 |
* generating the necessary material. |
|
| 7807 | 1142 |
*/ |
| 56542 | 1143 |
static enum HashAlg {
|
| 7043 | 1144 |
|
1145 |
// PRF algorithms |
|
| 56542 | 1146 |
H_NONE( "NONE", 0, 0), |
1147 |
H_SHA256("SHA-256", 32, 64),
|
|
1148 |
H_SHA384("SHA-384", 48, 128);
|
|
| 7043 | 1149 |
|
1150 |
// PRF characteristics |
|
| 56542 | 1151 |
final String name; |
1152 |
final int hashLength; |
|
1153 |
final int blockSize; |
|
| 7043 | 1154 |
|
| 56542 | 1155 |
HashAlg(String hashAlg, int hashLength, int blockSize) {
|
1156 |
this.name = hashAlg; |
|
1157 |
this.hashLength = hashLength; |
|
1158 |
this.blockSize = blockSize; |
|
| 7043 | 1159 |
} |
1160 |
||
| 56542 | 1161 |
@Override |
1162 |
public String toString() {
|
|
1163 |
return name; |
|
| 7043 | 1164 |
} |
1165 |
} |
|
| 2 | 1166 |
} |