--- a/src/java.base/share/classes/sun/security/ssl/CipherSuite.java Thu Apr 04 23:21:52 2019 +0200
+++ b/src/java.base/share/classes/sun/security/ssl/CipherSuite.java Thu Apr 04 14:19:29 2019 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -56,20 +56,22 @@
// the following criteria:
// 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be
// changed later, see below).
- // 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
+ // 2. Prefer forward secrecy cipher suites.
+ // 3. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
// AES_128(GCM), AES_256, AES_128, 3DES-EDE.
- // 3. Prefer the stronger MAC algorithm, in the order of SHA384,
+ // 4. Prefer the stronger MAC algorithm, in the order of SHA384,
// SHA256, SHA, MD5.
- // 4. Prefer the better performance of key exchange and digital
+ // 5. Prefer the better performance of key exchange and digital
// signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA,
- // RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS.
+ // DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.
+ // TLS 1.3 cipher suites.
+ TLS_AES_256_GCM_SHA384(
+ 0x1302, true, "TLS_AES_256_GCM_SHA384",
+ ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384),
TLS_AES_128_GCM_SHA256(
0x1301, true, "TLS_AES_128_GCM_SHA256",
ProtocolVersion.PROTOCOLS_OF_13, B_AES_128_GCM_IV, H_SHA256),
- TLS_AES_256_GCM_SHA384(
- 0x1302, true, "TLS_AES_256_GCM_SHA384",
- ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384),
TLS_CHACHA20_POLY1305_SHA256(
0x1303, true, "TLS_CHACHA20_POLY1305_SHA256",
ProtocolVersion.PROTOCOLS_OF_13, B_CC20_P1305, H_SHA256),
@@ -97,7 +99,11 @@
ProtocolVersion.PROTOCOLS_OF_12,
K_ECDHE_ECDSA, B_CC20_P1305, M_NULL, H_SHA256),
- // AES_256(GCM)
+ //
+ // Forward screcy cipher suites.
+ //
+
+ // AES_256(GCM) - ECDHE
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
0xC030, true, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "",
ProtocolVersion.PROTOCOLS_OF_12,
@@ -106,18 +112,14 @@
0xCCA8, true, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
K_ECDHE_RSA, B_CC20_P1305, M_NULL, H_SHA256),
- TLS_RSA_WITH_AES_256_GCM_SHA384(
- 0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "",
+
+ // AES_128(GCM) - ECDHE
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
+ 0xC02F, true, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
- K_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
- TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
- 0xC02E, true, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384),
- TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
- 0xC032, true, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+ K_ECDHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+ // AES_256(GCM) - DHE
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(
0x009F, true, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "",
ProtocolVersion.PROTOCOLS_OF_12,
@@ -131,23 +133,7 @@
ProtocolVersion.PROTOCOLS_OF_12,
K_DHE_DSS, B_AES_256_GCM, M_NULL, H_SHA384),
- // AES_128(GCM)
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
- 0xC02F, true, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
- TLS_RSA_WITH_AES_128_GCM_SHA256(
- 0x009C, true, "TLS_RSA_WITH_AES_128_GCM_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
- TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
- 0xC02D, true, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256),
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
- 0xC031, true, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+ // AES_128(GCM) - DHE
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(
0x009E, true, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
@@ -157,7 +143,7 @@
ProtocolVersion.PROTOCOLS_OF_12,
K_DHE_DSS, B_AES_128_GCM, M_NULL, H_SHA256),
- // AES_256(CBC)
+ // AES_256(CBC) - ECDHE
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(
0xC024, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "",
ProtocolVersion.PROTOCOLS_OF_12,
@@ -166,18 +152,18 @@
0xC028, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "",
ProtocolVersion.PROTOCOLS_OF_12,
K_ECDHE_RSA, B_AES_256, M_SHA384, H_SHA384),
- TLS_RSA_WITH_AES_256_CBC_SHA256(
- 0x003D, true, "TLS_RSA_WITH_AES_256_CBC_SHA256", "",
+
+ // AES_128(CBC) - ECDHE
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
+ 0xC023, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
- K_RSA, B_AES_256, M_SHA256, H_SHA256),
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
- 0xC026, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "",
+ K_ECDHE_ECDSA, B_AES_128, M_SHA256, H_SHA256),
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
+ 0xC027, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_ECDSA, B_AES_256, M_SHA384, H_SHA384),
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
- 0xC02A, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_RSA, B_AES_256, M_SHA384, H_SHA384),
+ K_ECDHE_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+ // AES_256(CBC) - DHE
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(
0x006B, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", "",
ProtocolVersion.PROTOCOLS_OF_12,
@@ -187,6 +173,65 @@
ProtocolVersion.PROTOCOLS_OF_12,
K_DHE_DSS, B_AES_256, M_SHA256, H_SHA256),
+ // AES_128(CBC) - DHE
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
+ 0x0067, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_DHE_RSA, B_AES_128, M_SHA256, H_SHA256),
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
+ 0x0040, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_DHE_DSS, B_AES_128, M_SHA256, H_SHA256),
+
+ //
+ // not forward screcy cipher suites.
+ //
+
+ // AES_256(GCM)
+ TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
+ 0xC02E, true, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384),
+ TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
+ 0xC032, true, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+
+ // AES_128(GCM)
+ TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
+ 0xC02D, true, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256),
+ TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
+ 0xC031, true, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+ // AES_256(CBC)
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
+ 0xC026, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_ECDSA, B_AES_256, M_SHA384, H_SHA384),
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
+ 0xC02A, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_RSA, B_AES_256, M_SHA384, H_SHA384),
+
+ // AES_128(CBC)
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
+ 0xC025, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_ECDSA, B_AES_128, M_SHA256, H_SHA256),
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
+ 0xC029, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_ECDH_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+ //
+ // Legacy, used for compatibility
+ //
+
+ // AES_256(CBC) - ECDHE - Using SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(
0xC00A, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
@@ -195,18 +240,18 @@
0xC014, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_RSA, B_AES_256, M_SHA, H_SHA256),
- TLS_RSA_WITH_AES_256_CBC_SHA(
- 0x0035, true, "TLS_RSA_WITH_AES_256_CBC_SHA", "",
+
+ // AES_128(CBC) - ECDHE - using SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
+ 0xC009, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
- K_RSA, B_AES_256, M_SHA, H_SHA256),
- TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
- 0xC005, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "",
+ K_ECDHE_ECDSA, B_AES_128, M_SHA, H_SHA256),
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
+ 0xC013, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_ECDSA, B_AES_256, M_SHA, H_SHA256),
- TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
- 0xC00F, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_RSA, B_AES_256, M_SHA, H_SHA256),
+ K_ECDHE_RSA, B_AES_128, M_SHA, H_SHA256),
+
+ // AES_256(CBC) - DHE - Using SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA(
0x0039, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
@@ -216,56 +261,7 @@
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_DSS, B_AES_256, M_SHA, H_SHA256),
- // AES_128(CBC)
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
- 0xC023, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDHE_ECDSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
- 0xC027, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDHE_RSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_RSA_WITH_AES_128_CBC_SHA256(
- 0x003C, true, "TLS_RSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_RSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
- 0xC025, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_ECDSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
- 0xC029, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_ECDH_RSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
- 0x0067, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_DHE_RSA, B_AES_128, M_SHA256, H_SHA256),
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
- 0x0040, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "",
- ProtocolVersion.PROTOCOLS_OF_12,
- K_DHE_DSS, B_AES_128, M_SHA256, H_SHA256),
-
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
- 0xC009, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDHE_ECDSA, B_AES_128, M_SHA, H_SHA256),
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
- 0xC013, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDHE_RSA, B_AES_128, M_SHA, H_SHA256),
- TLS_RSA_WITH_AES_128_CBC_SHA(
- 0x002F, true, "TLS_RSA_WITH_AES_128_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_RSA, B_AES_128, M_SHA, H_SHA256),
- TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
- 0xC004, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_ECDSA, B_AES_128, M_SHA, H_SHA256),
- TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
- 0xC00E, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_RSA, B_AES_128, M_SHA, H_SHA256),
+ // AES_128(CBC) - DHE - using SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA(
0x0033, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
@@ -275,7 +271,67 @@
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_DSS, B_AES_128, M_SHA, H_SHA256),
- // 3DES_EDE
+ // AES_256(CBC) - using SHA, not forward screcy
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
+ 0xC005, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_ECDSA, B_AES_256, M_SHA, H_SHA256),
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
+ 0xC00F, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_RSA, B_AES_256, M_SHA, H_SHA256),
+
+ // AES_128(CBC) - using SHA, not forward screcy
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
+ 0xC004, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_ECDSA, B_AES_128, M_SHA, H_SHA256),
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
+ 0xC00E, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_RSA, B_AES_128, M_SHA, H_SHA256),
+
+ //
+ // deprecated, used for compatibility
+ //
+
+ // RSA, AES_256(GCM)
+ TLS_RSA_WITH_AES_256_GCM_SHA384(
+ 0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+
+ // RSA, AES_128(GCM)
+ TLS_RSA_WITH_AES_128_GCM_SHA256(
+ 0x009C, true, "TLS_RSA_WITH_AES_128_GCM_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+ // RSA, AES_256(CBC)
+ TLS_RSA_WITH_AES_256_CBC_SHA256(
+ 0x003D, true, "TLS_RSA_WITH_AES_256_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_RSA, B_AES_256, M_SHA256, H_SHA256),
+
+ // RSA, AES_128(CBC)
+ TLS_RSA_WITH_AES_128_CBC_SHA256(
+ 0x003C, true, "TLS_RSA_WITH_AES_128_CBC_SHA256", "",
+ ProtocolVersion.PROTOCOLS_OF_12,
+ K_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+ // RSA, AES_256(CBC) - using SHA, not forward screcy
+ TLS_RSA_WITH_AES_256_CBC_SHA(
+ 0x0035, true, "TLS_RSA_WITH_AES_256_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_RSA, B_AES_256, M_SHA, H_SHA256),
+
+ // RSA, AES_128(CBC) - using SHA, not forward screcy
+ TLS_RSA_WITH_AES_128_CBC_SHA(
+ 0x002F, true, "TLS_RSA_WITH_AES_128_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_RSA, B_AES_128, M_SHA, H_SHA256),
+
+ // 3DES_EDE, forward secrecy.
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
0xC008, true, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
@@ -284,19 +340,6 @@
0xC012, true, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_RSA, B_3DES, M_SHA, H_SHA256),
- SSL_RSA_WITH_3DES_EDE_CBC_SHA(
- 0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_RSA, B_3DES, M_SHA, H_SHA256),
- TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
- 0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
- TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
- 0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
- ProtocolVersion.PROTOCOLS_TO_12,
- K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
0x0016, true, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
@@ -308,6 +351,21 @@
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_DSS, B_3DES, M_SHA, H_SHA256),
+ // 3DES_EDE, not forward secrecy.
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
+ 0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
+ 0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA(
+ 0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+ ProtocolVersion.PROTOCOLS_TO_12,
+ K_RSA, B_3DES, M_SHA, H_SHA256),
+
// Renegotiation protection request Signalling Cipher Suite Value (SCSV).
TLS_EMPTY_RENEGOTIATION_INFO_SCSV( // RFC 5746, TLS 1.2 and prior
0x00FF, true, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", "",
--- a/test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java Thu Apr 04 23:21:52 2019 +0200
+++ b/test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java Thu Apr 04 14:19:29 2019 -0700
@@ -23,9 +23,9 @@
/*
* @test
- * @bug 4750141 4895631 8217579
+ * @bug 4750141 4895631 8217579 8163326
* @summary Check enabled and supported ciphersuites are correct
- * @run main CheckCipherSuites default
+ * @run main/othervm CheckCipherSuites default
* @run main/othervm CheckCipherSuites limited
*/
@@ -38,54 +38,97 @@
// List of enabled cipher suites when the "crypto.policy" security
// property is set to "unlimited" (the default value).
private final static String[] ENABLED_DEFAULT = {
- "TLS_AES_128_GCM_SHA256",
+ // TLS 1.3 cipher suites
"TLS_AES_256_GCM_SHA384",
+ "TLS_AES_128_GCM_SHA256",
"TLS_CHACHA20_POLY1305_SHA256",
+
+ // Suite B compliant cipher suites
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+
+ // Not suite B, but we want it to position the suite early
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+
+ // AES_256(GCM) - ECDHE - forward screcy
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
- "TLS_RSA_WITH_AES_256_GCM_SHA384",
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+ // AES_128(GCM) - ECDHE - forward screcy
+ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(GCM) - DHE - forward screcy
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
- "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_128(GCM) - DHE - forward screcy
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(CBC) - ECDHE - forward screcy
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
- "TLS_RSA_WITH_AES_256_CBC_SHA256",
+
+ // AES_256(CBC) - ECDHE - forward screcy
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(CBC) - DHE - forward screcy
+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+ // AES_128(CBC) - DHE - forward screcy
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(GCM) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+ "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+ // AES_128(GCM) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+ // AES_128(CBC) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(CBC) - ECDHE - using SHA
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
- "TLS_RSA_WITH_AES_256_CBC_SHA",
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ // AES_128(CBC) - ECDHE - using SHA
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+
+ // AES_256(CBC) - DHE - using SHA
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_RSA_WITH_AES_128_CBC_SHA",
+
+ // AES_128(CBC) - DHE - using SHA
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+ // AES_256(CBC) - using SHA, not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ // AES_128(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+ // deprecated
+ "TLS_RSA_WITH_AES_256_GCM_SHA384",
+ "TLS_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_RSA_WITH_AES_256_CBC_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
};
@@ -95,79 +138,122 @@
"TLS_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+ "TLS_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
};
// List of supported cipher suites when the "crypto.policy" security
// property is set to "unlimited" (the default value).
private final static String[] SUPPORTED_DEFAULT = {
- "TLS_AES_128_GCM_SHA256",
+ // TLS 1.3 cipher suites
"TLS_AES_256_GCM_SHA384",
+ "TLS_AES_128_GCM_SHA256",
"TLS_CHACHA20_POLY1305_SHA256",
+
+ // Suite B compliant cipher suites
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+
+ // Not suite B, but we want it to position the suite early
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
+
+ // AES_256(GCM) - ECDHE - forward screcy
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
- "TLS_RSA_WITH_AES_256_GCM_SHA384",
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+ // AES_128(GCM) - ECDHE - forward screcy
+ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(GCM) - DHE - forward screcy
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
- "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_128(GCM) - DHE - forward screcy
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(CBC) - ECDHE - forward screcy
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
- "TLS_RSA_WITH_AES_256_CBC_SHA256",
+
+ // AES_256(CBC) - ECDHE - forward screcy
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(CBC) - DHE - forward screcy
+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+ // AES_128(CBC) - DHE - forward screcy
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(GCM) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+ "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+ // AES_128(GCM) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+
+ // AES_256(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+ // AES_128(CBC) - not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+
+ // AES_256(CBC) - ECDHE - using SHA
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
- "TLS_RSA_WITH_AES_256_CBC_SHA",
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ // AES_128(CBC) - ECDHE - using SHA
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+
+ // AES_256(CBC) - DHE - using SHA
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_RSA_WITH_AES_128_CBC_SHA",
+
+ // AES_128(CBC) - DHE - using SHA
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+ // AES_256(CBC) - using SHA, not forward screcy
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ // AES_128(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+ // deprecated
+ "TLS_RSA_WITH_AES_256_GCM_SHA384",
+ "TLS_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_RSA_WITH_AES_256_CBC_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
};
@@ -177,25 +263,25 @@
"TLS_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_RSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_RSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+ "TLS_RSA_WITH_AES_128_GCM_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA256",
+ "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
};
@@ -228,7 +314,8 @@
throw new Exception("Illegal argument");
}
- SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
+ SSLSocketFactory factory =
+ (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket)factory.createSocket();
String[] enabled = socket.getEnabledCipherSuites();
@@ -257,5 +344,4 @@
long end = System.currentTimeMillis();
System.out.println("Done (" + (end - start) + " ms).");
}
-
}