--- a/jdk/src/java.base/share/classes/sun/security/ssl/CipherSuite.java Wed Apr 15 11:16:25 2015 +0200
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/CipherSuite.java Wed Apr 15 13:15:16 2015 +0300
@@ -1008,7 +1008,7 @@
* 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be
* changed later, see below).
* 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
- * AES_128(GCM), AES_256, AES_128, 3DES-EDE, RC-4.
+ * AES_128(GCM), AES_256, AES_128, 3DES-EDE.
* 3. Prefer the stronger MAC algorithm, in the order of SHA384,
* SHA256, SHA, MD5.
* 4. Prefer the better performance of key exchange and digital
@@ -1143,20 +1143,6 @@
add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 0x0013, --p,
K_DHE_DSS, B_3DES, M_SHA, N);
- // RC-4
- add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 0xC007, --p,
- K_ECDHE_ECDSA, B_RC4_128, M_SHA, N);
- add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", 0xC011, --p,
- K_ECDHE_RSA, B_RC4_128, M_SHA, N);
- add("SSL_RSA_WITH_RC4_128_SHA", 0x0005, --p,
- K_RSA, B_RC4_128, M_SHA, N);
- add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 0xC002, --p,
- K_ECDH_ECDSA, B_RC4_128, M_SHA, N);
- add("TLS_ECDH_RSA_WITH_RC4_128_SHA", 0xC00C, --p,
- K_ECDH_RSA, B_RC4_128, M_SHA, N);
- add("SSL_RSA_WITH_RC4_128_MD5", 0x0004, --p,
- K_RSA, B_RC4_128, M_MD5, N);
-
// Renegotiation protection request Signalling Cipher Suite Value (SCSV)
add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 0x00ff, --p,
K_SCSV, B_NULL, M_NULL, T);
@@ -1206,6 +1192,20 @@
add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", 0x001b, --p,
K_DH_ANON, B_3DES, M_SHA, N);
+ // RC-4
+ add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 0xC007, --p,
+ K_ECDHE_ECDSA, B_RC4_128, M_SHA, N);
+ add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", 0xC011, --p,
+ K_ECDHE_RSA, B_RC4_128, M_SHA, N);
+ add("SSL_RSA_WITH_RC4_128_SHA", 0x0005, --p,
+ K_RSA, B_RC4_128, M_SHA, N);
+ add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 0xC002, --p,
+ K_ECDH_ECDSA, B_RC4_128, M_SHA, N);
+ add("TLS_ECDH_RSA_WITH_RC4_128_SHA", 0xC00C, --p,
+ K_ECDH_RSA, B_RC4_128, M_SHA, N);
+ add("SSL_RSA_WITH_RC4_128_MD5", 0x0004, --p,
+ K_RSA, B_RC4_128, M_MD5, N);
+
add("TLS_ECDH_anon_WITH_RC4_128_SHA", 0xC016, --p,
K_ECDH_ANON, B_RC4_128, M_SHA, N);
add("SSL_DH_anon_WITH_RC4_128_MD5", 0x0018, --p,
--- a/jdk/test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java Wed Apr 15 11:16:25 2015 +0200
+++ b/jdk/test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java Wed Apr 15 13:15:16 2015 +0300
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -94,13 +94,6 @@
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
- "SSL_RSA_WITH_RC4_128_SHA",
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
- "TLS_ECDH_RSA_WITH_RC4_128_SHA",
- "SSL_RSA_WITH_RC4_128_MD5",
-
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
"TLS_DH_anon_WITH_AES_256_GCM_SHA384",
@@ -114,6 +107,13 @@
"TLS_DH_anon_WITH_AES_128_CBC_SHA",
"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+ "SSL_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
+ "SSL_RSA_WITH_RC4_128_MD5",
"TLS_ECDH_anon_WITH_RC4_128_SHA",
"SSL_DH_anon_WITH_RC4_128_MD5",