Produced by Araxis Merge on 9/25/2018 2:13:25 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\ssl | CipherSuite.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\ssl | CipherSuite.java | Wed Sep 12 17:54:27 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 3 | 2742 |
Changed | 2 | 4 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 2, 2016, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | ||
27 | package su n.security .ssl; | |
28 | ||
29 | import jav a.util.*; | |
30 | ||
31 | import jav a.security .NoSuchAlg orithmExce ption; | |
32 | import jav a.security .InvalidKe yException ; | |
33 | import jav a.security .SecureRan dom; | |
34 | import jav a.security .KeyManage mentExcept ion; | |
35 | ||
36 | import jav ax.crypto. Cipher; | |
37 | import jav ax.crypto. SecretKey; | |
38 | import jav ax.crypto. spec.IvPar ameterSpec ; | |
39 | import jav ax.crypto. spec.Secre tKeySpec; | |
40 | ||
41 | import sta tic sun.se curity.ssl .CipherSui te.KeyExch ange.*; | |
42 | import sta tic sun.se curity.ssl .CipherSui te.PRF.*; | |
43 | import sta tic sun.se curity.ssl .CipherSui te.CipherT ype.*; | |
44 | import sta tic sun.se curity.ssl .JsseJce.* ; | |
45 | ||
46 | /** | |
47 | * An SSL/ TLS Cipher Suite. Con stants for the stand ard key ex change, ci pher, | |
48 | * and mac algorithm s are also defined i n this cla ss. | |
49 | * | |
50 | * The Cip herSuite c lass and t he inner c lasses def ined in th is file ro ughly | |
51 | * follow the type s afe enum p attern des cribed in Effective Java. This means: | |
52 | * | |
53 | * . inst ances are immutable, classes a re final | |
54 | * | |
55 | * . ther e is a uni que instan ce of ever y value, i .e. there are never two | |
56 | * inst ances repr esenting t he same Ci pherSuite, etc. This means equ ality | |
57 | * test s can be p erformed u sing == in stead of e quals() (a lthough th at works | |
58 | * as w ell). [A m inor excep tion are * unsupporte d* CipherS uites read from a | |
59 | * hand shake mess age, but t his is usu ally irrel evant] | |
60 | * | |
61 | * . inst ances are obtained u sing the s tatic valu eOf() fact ory method s. | |
62 | * | |
63 | * . prop erties are defined a s final va riables an d made ava ilable as | |
64 | * pack age privat e variable s without method acc essors | |
65 | * | |
66 | * . if t he member variable a llowed is false, the given alg orithm is either | |
67 | * unav ailable or disabled at compile time | |
68 | * | |
69 | */ | |
70 | final clas s CipherSu ite implem ents Compa rable<Ciph erSuite> { | |
71 | ||
72 | // min imum prior ity for su pported Ci pherSuites | |
73 | final static int SUPPORTED _SUITES_PR IORITY = 1 ; | |
74 | ||
75 | // min imum prior ity for de fault enab led Cipher Suites | |
76 | final static int DEFAULT_S UITES_PRIO RITY = 300 ; | |
77 | ||
78 | privat e final st atic boole an ALLOW_E CC = Debug .getBoolea nProperty | |
79 | (" com.sun.ne t.ssl.enab leECC", tr ue); | |
80 | ||
81 | // Map Integer(i d) -> Ciph erSuite | |
82 | // con tains all known Ciph erSuites | |
83 | privat e final st atic Map<I nteger,Cip herSuite> idMap; | |
84 | ||
85 | // Map String(na me) -> Cip herSuite | |
86 | // con tains only supported CipherSui tes (i.e. allowed == true) | |
87 | privat e final st atic Map<S tring,Ciph erSuite> n ameMap; | |
88 | ||
89 | // Pro tocol defi ned Cipher Suite name , e.g. SSL _RSA_WITH_ RC4_128_MD 5 | |
90 | // we use TLS_* only for n ew CipherS uites, sti ll SSL_* f or old one s | |
91 | final String nam e; | |
92 | ||
93 | // id in 16 bit MSB format , i.e. 0x0 004 for SS L_RSA_WITH _RC4_128_M D5 | |
94 | final int id; | |
95 | ||
96 | // pri ority for the intern al default preferenc e order. t he higher the | |
97 | // bet ter. Each supported CipherSuit e *must* h ave a uniq ue priorit y. | |
98 | // Cip hersuites with prior ity >= DEF AULT_SUITE S_PRIORITY are enabl ed | |
99 | // by default | |
100 | final int priori ty; | |
101 | ||
102 | // key exchange, bulk ciph er, mac an d prf algo rithms. Se e those | |
103 | // cla sses below . | |
104 | final KeyExchang e keyExcha nge; | |
105 | final BulkCipher cipher; | |
106 | final MacAlg mac Alg; | |
107 | final PRF prfAlg ; | |
108 | ||
109 | // whe ther a Cip herSuite q ualifies a s exportab le under 5 12/40 bit rules. | |
110 | // TLS 1.1+ (RFC 4346) mus t not nego tiate to t hese suite s. | |
111 | final boolean ex portable; | |
112 | ||
113 | // tru e iff impl emented an d enabled at compile time | |
114 | final boolean al lowed; | |
115 | ||
116 | // obs oleted sin ce protoco l version | |
117 | final int obsole ted; | |
118 | ||
119 | // sup ported sin ce protoco l version | |
120 | final int suppor ted; | |
121 | ||
122 | /** | |
123 | * Con structor f or impleme nted Ciphe rSuites. | |
124 | */ | |
125 | privat e CipherSu ite(String name, int id, int p riority, | |
126 | KeyExcha nge keyExc hange, Bul kCipher ci pher, | |
127 | boolean allowed, i nt obsolet ed, int su pported, P RF prfAlg) { | |
128 | th is.name = name; | |
129 | th is.id = id ; | |
130 | th is.priorit y = priori ty; | |
131 | th is.keyExch ange = key Exchange; | |
132 | th is.cipher = cipher; | |
133 | th is.exporta ble = ciph er.exporta ble; | |
134 | if (cipher.c ipherType == CipherT ype.AEAD_C IPHER) { | |
135 | macAlg = M_NULL; | |
136 | } else if (n ame.endsWi th("_MD5") ) { | |
137 | macAlg = M_MD5; | |
138 | } else if (n ame.endsWi th("_SHA") ) { | |
139 | macAlg = M_SHA; | |
140 | } else if (n ame.endsWi th("_SHA25 6")) { | |
141 | macAlg = M_SHA256; | |
142 | } else if (n ame.endsWi th("_SHA38 4")) { | |
143 | macAlg = M_SHA384; | |
144 | } else if (n ame.endsWi th("_NULL" )) { | |
145 | macAlg = M_NULL; | |
146 | } else if (n ame.endsWi th("_SCSV" )) { | |
147 | macAlg = M_NULL; | |
148 | } else { | |
149 | throw ne w IllegalA rgumentExc eption | |
150 | ("Unknown MAC algori thm for ci phersuite " + name); | |
151 | } | |
152 | ||
153 | al lowed &= k eyExchange .allowed; | |
154 | al lowed &= c ipher.allo wed; | |
155 | th is.allowed = allowed ; | |
156 | th is.obsolet ed = obsol eted; | |
157 | th is.support ed = suppo rted; | |
158 | th is.prfAlg = prfAlg; | |
159 | } | |
160 | ||
161 | /** | |
162 | * Con structor f or unimple mented Cip herSuites. | |
163 | */ | |
164 | privat e CipherSu ite(String name, int id) { | |
165 | th is.name = name; | |
166 | th is.id = id ; | |
167 | th is.allowed = false; | |
168 | ||
169 | th is.priorit y = 0; | |
170 | th is.keyExch ange = nul l; | |
171 | th is.cipher = null; | |
172 | th is.macAlg = null; | |
173 | th is.exporta ble = fals e; | |
174 | th is.obsolet ed = Proto colVersion .LIMIT_MAX _VALUE; | |
175 | th is.support ed = Proto colVersion .LIMIT_MIN _VALUE; | |
176 | th is.prfAlg = P_NONE; | |
177 | } | |
178 | ||
179 | /** | |
180 | * Ret urn whethe r this Cip herSuite i s availabl e for use. A | |
181 | * Cip herSuite m ay be unav ailable ev en if it i s supporte d | |
182 | * (i. e. allowed == true) if the req uired JCE cipher is not instal led. | |
183 | */ | |
184 | boolea n isAvaila ble() { | |
185 | re turn allow ed && keyE xchange.is Available( ) && ciphe r.isAvaila ble(); | |
186 | } | |
187 | ||
188 | boolea n isNegoti able() { | |
189 | re turn this != C_SCSV && isAvail able(); | |
190 | } | |
191 | ||
192 | /** | |
193 | * Com pares Ciph erSuites b ased on th eir priori ty. Has th e effect o f | |
194 | * sor ting Ciphe rSuites wh en put in a sorted c ollection, which is | |
195 | * use d by Ciphe rSuiteList . Follows standard C omparable contract. | |
196 | * | |
197 | * Not e that for unsupport ed CipherS uites pars ed from a handshake | |
198 | * mes sage we vi olate the equals() c ontract. | |
199 | */ | |
200 | @Overr ide | |
201 | public int compa reTo(Ciphe rSuite o) { | |
202 | re turn o.pri ority - pr iority; | |
203 | } | |
204 | ||
205 | /** | |
206 | * Ret urns this. name. | |
207 | */ | |
208 | @Overr ide | |
209 | public String to String() { | |
210 | re turn name; | |
211 | } | |
212 | ||
213 | /** | |
214 | * Ret urn a Ciph erSuite fo r the give n name. Th e returned CipherSui te | |
215 | * is supported by this im plementati on but may not actua lly be | |
216 | * cur rently use able. See isAvailabl e(). | |
217 | * | |
218 | * @ex ception Il legalArgum entExcepti on if the CipherSuit e is unkno wn or | |
219 | * uns upported. | |
220 | */ | |
221 | static CipherSui te valueOf (String s) { | |
222 | if (s == nul l) { | |
223 | throw ne w IllegalA rgumentExc eption("Na me must no t be null" ); | |
224 | } | |
225 | ||
226 | Ci pherSuite c = nameMa p.get(s); | |
227 | if ((c == nu ll) || (c. allowed == false)) { | |
228 | throw ne w IllegalA rgumentExc eption("Un supported ciphersuit e " + s); | |
229 | } | |
230 | ||
231 | re turn c; | |
232 | } | |
233 | ||
234 | /** | |
235 | * Ret urn a Ciph erSuite wi th the giv en ID. A t emporary o bject is | |
236 | * con structed i f the ID i s unknown. Use isAva ilable() t o verify t hat | |
237 | * the CipherSui te can act ually be u sed. | |
238 | */ | |
239 | static CipherSui te valueOf (int id1, int id2) { | |
240 | id 1 &= 0xff; | |
241 | id 2 &= 0xff; | |
242 | in t id = (id 1 << 8) | id2; | |
243 | Ci pherSuite c = idMap. get(id); | |
244 | if (c == nul l) { | |
245 | String h 1 = Intege r.toString (id1, 16); | |
246 | String h 2 = Intege r.toString (id2, 16); | |
247 | c = new CipherSuit e("Unknown 0x" + h1 + ":0x" + h2, id); | |
248 | } | |
249 | re turn c; | |
250 | } | |
251 | ||
252 | // for use by Ci pherSuiteL ist only | |
253 | static Collectio n<CipherSu ite> allow edCipherSu ites() { | |
254 | re turn nameM ap.values( ); | |
255 | } | |
256 | ||
257 | /* | |
258 | * Use this meth od when al l of the v alues need to be spe cified. | |
259 | * Thi s is prima rily used when defin ing a new ciphersuit e for | |
260 | * TLS 1.2+ that doesn't u se the "de fault" PRF . | |
261 | */ | |
262 | privat e static v oid add(St ring name, int id, i nt priorit y, | |
263 | KeyExcha nge keyExc hange, Bul kCipher ci pher, | |
264 | boolean allowed, i nt obsolet ed, int su pported, P RF prf) { | |
265 | ||
266 | Ci pherSuite c = new Ci pherSuite( name, id, priority, keyExchang e, | |
267 | cipher, allowed, o bsoleted, supported, prf); | |
268 | if (idMap.pu t(id, c) ! = null) { | |
269 | throw ne w RuntimeE xception(" Duplicate ciphersuit e definiti on: " | |
270 | + id + ", " + name); | |
271 | } | |
272 | if (c.allowe d) { | |
273 | if (name Map.put(na me, c) != null) { | |
274 | thro w new Runt imeExcepti on("Duplic ate cipher suite defi nition: " | |
275 | + id + ", " + na me); | |
276 | } | |
277 | } | |
278 | } | |
279 | ||
280 | /* | |
281 | * Use this meth od when th ere is no lower prot ocol limit where thi s | |
282 | * sui te can be used, and the PRF is P_SHA256. That is, the | |
283 | * exi sting ciph ersuites. From RFC 5246: | |
284 | * | |
285 | * All ciphe r suites i n this doc ument use P_SHA256. | |
286 | */ | |
287 | privat e static v oid add(St ring name, int id, i nt priorit y, | |
288 | KeyExcha nge keyExc hange, Bul kCipher ci pher, | |
289 | boolean allowed, i nt obsolet ed) { | |
290 | // If this i s an obsol eted suite , then don 't let the TLS 1.2 | |
291 | // protocol have a val id PRF val ue. | |
292 | PR F prf = P_ SHA256; | |
293 | if (obsolete d < Protoc olVersion. TLS12.v) { | |
294 | prf = P_ NONE; | |
295 | } | |
296 | ||
297 | ad d(name, id , priority , keyExcha nge, ciphe r, allowed , obsolete d, | |
298 | Protocol Version.LI MIT_MIN_VA LUE, prf); | |
299 | } | |
300 | ||
301 | /* | |
302 | * Use this meth od when th ere is no upper prot ocol limit . That is , | |
303 | * sui tes which have not b een obsole ted. | |
304 | */ | |
305 | privat e static v oid add(St ring name, int id, i nt priorit y, | |
306 | KeyExcha nge keyExc hange, Bul kCipher ci pher, bool ean allowe d) { | |
307 | ad d(name, id , priority , keyExcha nge, | |
308 | cipher, allowed, P rotocolVer sion.LIMIT _MAX_VALUE ); | |
309 | } | |
310 | ||
311 | /* | |
312 | * Use this meth od to defi ne an unim plemented suite. Th is provide s | |
313 | * a n umber<->na me mapping that can be used fo r debuggin g. | |
314 | */ | |
315 | privat e static v oid add(St ring name, int id) { | |
316 | Ci pherSuite c = new Ci pherSuite( name, id); | |
317 | if (idMap.pu t(id, c) ! = null) { | |
318 | throw ne w RuntimeE xception(" Duplicate ciphersuit e definiti on: " | |
319 | + id + ", " + name); | |
320 | } | |
321 | } | |
322 | ||
323 | /** | |
324 | * An SSL/TLS ke y exchange algorithm . | |
325 | */ | |
326 | static enum KeyE xchange { | |
327 | ||
328 | // key excha nge algori thms | |
329 | K_ NULL ("NULL", fals e, fa lse), | |
330 | K_ RSA ("RSA", true , fa lse), | |
331 | K_ RSA_EXPORT ("RSA_EXP ORT", true , fa lse), | |
332 | K_ DH_RSA ("DH_RSA" , fals e, fa lse), | |
333 | K_ DH_DSS ("DH_DSS" , fals e, fa lse), | |
334 | K_ DHE_DSS ("DHE_DSS ", true , fa lse), | |
335 | K_ DHE_RSA ("DHE_RSA ", true , fa lse), | |
336 | K_ DH_ANON ("DH_anon ", true , fa lse), | |
337 | ||
338 | K_ ECDH_ECDSA ("ECDH_EC DSA", ALL OW_ECC, tr ue), | |
339 | K_ ECDH_RSA ("ECDH_RS A", ALL OW_ECC, tr ue), | |
340 | K_ ECDHE_ECDS A("ECDHE_E CDSA", ALL OW_ECC, tr ue), | |
341 | K_ ECDHE_RSA ("ECDHE_R SA", ALL OW_ECC, tr ue), | |
342 | K_ ECDH_ANON ("ECDH_an on", ALL OW_ECC, tr ue), | |
343 | ||
344 | // Kerberos cipher sui tes | |
345 | K_ KRB5 ("KRB5", true, fa lse), | |
346 | K_ KRB5_EXPOR T("KRB5_EX PORT", tru e, fa lse), | |
347 | ||
348 | // renegotia tion prote ction requ est signal ing cipher suite | |
349 | K_ SCSV ("SCSV", tru e, fa lse); | |
350 | ||
351 | // name of t he key exc hange algo rithm, e.g . DHE_DSS | |
352 | fi nal String name; | |
353 | fi nal boolea n allowed; | |
354 | fi nal boolea n isEC; | |
355 | pr ivate fina l boolean alwaysAvai lable; | |
356 | ||
357 | Ke yExchange( String nam e, boolean allowed, boolean is EC) { | |
358 | this.nam e = name; | |
359 | this.all owed = all owed; | |
360 | this.isE C = isEC; | |
361 | this.alw aysAvailab le = allow ed && | |
362 | (!na me.startsW ith("EC")) && (!name .startsWit h("KRB")); | |
363 | } | |
364 | ||
365 | bo olean isAv ailable() { | |
366 | if (alwa ysAvailabl e) { | |
367 | retu rn true; | |
368 | } | |
369 | ||
370 | if (isEC ) { | |
371 | retu rn (allowe d && JsseJ ce.isEcAva ilable()); | |
372 | } else i f (name.st artsWith(" KRB")) { | |
373 | retu rn (allowe d && JsseJ ce.isKerbe rosAvailab le()); | |
374 | } else { | |
375 | retu rn allowed ; | |
376 | } | |
377 | } | |
378 | ||
379 | @O verride | |
380 | pu blic Strin g toString () { | |
381 | return n ame; | |
382 | } | |
383 | } | |
384 | ||
385 | static enum Ciph erType { | |
386 | ST REAM_CIPHE R, // null o r stream c ipher | |
387 | BL OCK_CIPHER , // block cipher in CBC mode | |
388 | AE AD_CIPHER // AEAD c ipher | |
389 | } | |
390 | ||
391 | /** | |
392 | * An SSL/TLS bu lk cipher algorithm. One insta nce per co mbination of | |
393 | * cip her and ke y length. | |
394 | * | |
395 | * Als o contains a factory method to obtain in initializ ed CipherB ox | |
396 | * for this algo rithm. | |
397 | */ | |
398 | final static cla ss BulkCip her { | |
399 | ||
400 | // descripti ve name in cluding ke y size, e. g. AES/128 | |
401 | fi nal String descripti on; | |
402 | ||
403 | // JCE ciphe r transfor mation str ing, e.g. AES/CBC/No Padding | |
404 | fi nal String transform ation; | |
405 | ||
406 | // algorithm name, e.g . AES | |
407 | fi nal String algorithm ; | |
408 | ||
409 | // supported and compi le time en abled. Als o see isAv ailable() | |
410 | fi nal boolea n allowed; | |
411 | ||
412 | // number of bytes of entropy in the key | |
413 | fi nal int ke ySize; | |
414 | ||
415 | // length of the actua l cipher k ey in byte s. | |
416 | // for non-e xportable ciphers, t his is the same as k eySize | |
417 | fi nal int ex pandedKeyS ize; | |
418 | ||
419 | // size of t he IV | |
420 | fi nal int iv Size; | |
421 | ||
422 | // size of f ixed IV | |
423 | // | |
424 | // record_iv _length = ivSize - f ixedIvSize | |
425 | fi nal int fi xedIvSize; | |
426 | ||
427 | // exportabl e under 51 2/40 bit r ules | |
428 | fi nal boolea n exportab le; | |
429 | ||
430 | // Is the ci pher algor ithm of Ci pher Block Chaining (CBC) mode ? | |
431 | fi nal Cipher Type ciphe rType; | |
432 | ||
433 | // size of t he authent ication ta g, only ap plicable t o cipher s uites in | |
434 | // Galois Co unter Mode (GCM) | |
435 | // | |
436 | // As far as we know, all suppor ted GCM ci pher suite s use 128- bits | |
437 | // authentic ation tags . | |
438 | fi nal int ta gSize = 16 ; | |
439 | ||
440 | // The secur e random u sed to det ect the ci pher avail ability. | |
441 | pr ivate fina l static S ecureRando m secureRa ndom; | |
442 | ||
443 | // runtime a vailabilit y | |
444 | pr ivate fina l boolean isAvailabl e; | |
445 | ||
446 | st atic { | |
447 | try { | |
448 | secu reRandom = JsseJce.g etSecureRa ndom(); | |
449 | } catch (KeyManage mentExcept ion kme) { | |
450 | thro w new Runt imeExcepti on(kme); | |
451 | } | |
452 | } | |
453 | ||
454 | Bu lkCipher(S tring tran sformation , CipherTy pe cipherT ype, int k eySize, | |
455 | int expandedKe ySize, int ivSize, | |
456 | int fixedIvSiz e, boolean allowed) { | |
457 | ||
458 | this.tra nsformatio n = transf ormation; | |
459 | String[] splits = transforma tion.split ("/"); | |
460 | this.alg orithm = s plits[0]; | |
461 | this.cip herType = cipherType ; | |
462 | this.des cription = this.algo rithm + "/ " + (keySi ze << 3); | |
463 | this.key Size = key Size; | |
464 | this.ivS ize = ivSi ze; | |
465 | this.fix edIvSize = fixedIvSi ze; | |
466 | this.all owed = all owed; | |
467 | ||
468 | this.exp andedKeySi ze = expan dedKeySize ; | |
469 | this.exp ortable = true; | |
470 | ||
471 | // avail ability of this bulk cipher | |
472 | // | |
473 | // Curre ntly all s upported c iphers exc ept AES ar e always a vailable | |
474 | // via t he JSSE in ternal imp lementatio ns. We als o assume A ES/128 of | |
475 | // CBC m ode is alw ays availa ble since it is ship ped with t he SunJCE | |
476 | // provi der. Howe ver, AES/2 56 is unav ailable wh en the def ault JCE | |
477 | // polic y jurisdic tion files are insta lled becau se of key length | |
478 | // restr ictions. | |
479 | this.isA vailable = | |
480 | allowed ? isUnlimite d(keySize, transform ation) : f alse; | |
481 | } | |
482 | ||
483 | Bu lkCipher(S tring tran sformation , CipherTy pe cipherT ype, int k eySize, | |
484 | int ivSize, in t fixedIvS ize, boole an allowed ) { | |
485 | this.tra nsformatio n = transf ormation; | |
486 | String[] splits = transforma tion.split ("/"); | |
487 | this.alg orithm = s plits[0]; | |
488 | this.cip herType = cipherType ; | |
489 | this.des cription = this.algo rithm + "/ " + (keySi ze << 3); | |
490 | this.key Size = key Size; | |
491 | this.ivS ize = ivSi ze; | |
492 | this.fix edIvSize = fixedIvSi ze; | |
493 | this.all owed = all owed; | |
494 | ||
495 | this.exp andedKeySi ze = keySi ze; | |
496 | this.exp ortable = false; | |
497 | ||
498 | // avail ability of this bulk cipher | |
499 | // | |
500 | // Curre ntly all s upported c iphers exc ept AES ar e always a vailable | |
501 | // via t he JSSE in ternal imp lementatio ns. We als o assume A ES/128 of | |
502 | // CBC m ode is alw ays availa ble since it is ship ped with t he SunJCE | |
503 | // provi der. Howe ver, AES/2 56 is unav ailable wh en the def ault JCE | |
504 | // polic y jurisdic tion files are insta lled becau se of key length | |
505 | // restr ictions. | |
506 | this.isA vailable = | |
507 | allowed ? isUnlimite d(keySize, transform ation) : f alse; | |
508 | } | |
509 | ||
510 | /* * | |
511 | * Return an initializ ed CipherB ox for thi s BulkCiph er. | |
512 | * IV must b e null for stream ci phers. | |
513 | * | |
514 | * @exceptio n NoSuchAl gorithmExc eption if anything g oes wrong | |
515 | * / | |
516 | Ci pherBox ne wCipher(Pr otocolVers ion versio n, SecretK ey key, | |
517 | IvPa rameterSpe c iv, Secu reRandom r andom, | |
518 | bool ean encryp t) throws NoSuchAlgo rithmExcep tion { | |
519 | return C ipherBox.n ewCipherBo x(version, this, | |
520 | key, i v, random, encrypt); | |
521 | } | |
522 | ||
523 | /* * | |
524 | * Test if t his bulk c ipher is a vailable. For use by CipherSui te. | |
525 | * / | |
526 | bo olean isAv ailable() { | |
527 | return t his.isAvai lable; | |
528 | } | |
529 | ||
530 | pr ivate stat ic boolean isUnlimit ed(int key Size, Stri ng transfo rmation) { | |
531 | int keyS izeInBits = keySize * 8; | |
532 | if (keyS izeInBits > 128) { // need the JCE un limited | |
533 | // stren gth jurisd iction pol icy | |
534 | try { | |
535 | if (Cipher .getMaxAll owedKeyLen gth( | |
536 | tr ansformati on) < keyS izeInBits) { | |
537 | ||
538 | return false; | |
539 | } | |
540 | } ca tch (Excep tion e) { | |
541 | return fal se; | |
542 | } | |
543 | } | |
544 | ||
545 | return t rue; | |
546 | } | |
547 | ||
548 | @O verride | |
549 | pu blic Strin g toString () { | |
550 | return d escription ; | |
551 | } | |
552 | } | |
553 | ||
554 | /** | |
555 | * An SSL/TLS ke y MAC algo rithm. | |
556 | * | |
557 | * Als o contains a factory method to obtain an initializ ed MAC | |
558 | * for this algo rithm. | |
559 | */ | |
560 | final static cla ss MacAlg { | |
561 | ||
562 | // descripti ve name, e .g. MD5 | |
563 | fi nal String name; | |
564 | ||
565 | // size of t he MAC val ue (and MA C key) in bytes | |
566 | fi nal int si ze; | |
567 | ||
568 | // block siz e of the u nderlying hash algor ithm | |
569 | fi nal int ha shBlockSiz e; | |
570 | ||
571 | // minimal p adding siz e of the u nderlying hash algor ithm | |
572 | fi nal int mi nimalPaddi ngSize; | |
573 | ||
574 | Ma cAlg(Strin g name, in t size, | |
575 | int hashBlockS ize, int m inimalPadd ingSize) { | |
576 | this.nam e = name; | |
577 | this.siz e = size; | |
578 | this.has hBlockSize = hashBlo ckSize; | |
579 | this.min imalPaddin gSize = mi nimalPaddi ngSize; | |
580 | } | |
581 | ||
582 | /* * | |
583 | * Return an initializ ed MAC for this MacA lg. Protoc olVersion | |
584 | * must eith er be SSL3 0 (SSLv3 c ustom MAC) or TLS10 (std. HMAC ). | |
585 | * | |
586 | * @exceptio n NoSuchAl gorithmExc eption if anything g oes wrong | |
587 | * / | |
588 | MAC newMac (ProtocolV ersion pro tocolVersi on, Secret Key PW ) | |
589 | thro ws NoSuchA lgorithmEx ception, I nvalidKeyE xception { | |
590 | return new MAC(this, protocolV ersion, PW ); | |
591 | } | |
592 | ||
593 | @O verride | |
594 | pu blic Strin g toString () { | |
595 | return n ame; | |
596 | } | |
597 | } | |
598 | ||
599 | // exp ort streng th ciphers | |
600 | final static Bul kCipher B_ NULL = | |
601 | ne w BulkCiph er("NULL", STREAM_CIP HER, 0, 0, 0, 0 , true); | |
602 | final static Bul kCipher B_ RC4_40 = | |
603 | ne w BulkCiph er(CIPHER_ RC4, STREAM_CIP HER, 5, 16, 0, 0 , true); | |
604 | final static Bul kCipher B_ RC2_40 = | |
605 | ne w BulkCiph er("RC2", BLOCK_CIPH ER, 5, 16, 8, 0 , false); | |
606 | final static Bul kCipher B_ DES_40 = | |
607 | ne w BulkCiph er(CIPHER_ DES, BLOCK_CIPH ER, 5, 8, 8, 0 , true); | |
608 | ||
609 | // dom estic stre ngth ciphe rs | |
610 | final static Bul kCipher B_ RC4_128 = | |
611 | ne w BulkCiph er(CIPHER_ RC4, STREAM_CIP HER, 16, 0, 0, t rue); | |
612 | final static Bul kCipher B_ DES = | |
613 | ne w BulkCiph er(CIPHER_ DES, BLOCK_CIPH ER, 8, 8, 0, t rue); | |
614 | final static Bul kCipher B_ 3DES = | |
615 | ne w BulkCiph er(CIPHER_ 3DES, BLOCK_CIPH ER, 24, 8, 0, t rue); | |
616 | final static Bul kCipher B_ IDEA = | |
617 | ne w BulkCiph er("IDEA", BLOCK_CIPH ER, 16, 8, 0, f alse); | |
618 | final static Bul kCipher B_ AES_128 = | |
619 | ne w BulkCiph er(CIPHER_ AES, BLOCK_CIPH ER, 16, 16, 0, t rue); | |
620 | final static Bul kCipher B_ AES_256 = | |
621 | ne w BulkCiph er(CIPHER_ AES, BLOCK_CIPH ER, 32, 16, 0, t rue); | |
622 | final static Bul kCipher B_ AES_128_GC M = | |
623 | ne w BulkCiph er(CIPHER_ AES_GCM, AEAD_CIPHE R, 16, 12, 4, t rue); | |
624 | final static Bul kCipher B_ AES_256_GC M = | |
625 | ne w BulkCiph er(CIPHER_ AES_GCM, AEAD_CIPHE R, 32, 12, 4, t rue); | |
626 | ||
627 | // MAC s | |
628 | final static Mac Alg M_NULL = new MacAlg("NU LL", 0 , 0, 0 ); | |
629 | final static Mac Alg M_MD5 = new MacAlg("MD 5", 16 , 64, 9 ); | |
630 | final static Mac Alg M_SHA = new MacAlg("SH A", 20 , 64, 9 ); | |
631 | final static Mac Alg M_SHA2 56 = new MacAlg("SH A256", 32 , 64, 9 ); | |
632 | final static Mac Alg M_SHA3 84 = new MacAlg("SH A384", 48 , 128, 17 ); | |
633 | ||
634 | /** | |
635 | * PRF s (PseudoR andom Func tion) from TLS speci fications. | |
636 | * | |
637 | * TLS 1.1- uses a single MD5/SHA1-b ased PRF a lgorithm f or generat ing | |
638 | * the necessary material. | |
639 | * | |
640 | * In TLS 1.2+, all existi ng/known C ipherSuite s use SHA2 56, howeve r | |
641 | * new Ciphersui tes (e.g. RFC 5288) can define specific PRF hash | |
642 | * alg orithms. | |
643 | */ | |
644 | static enum PRF { | |
645 | ||
646 | // PRF algor ithms | |
647 | P_ NONE( "NONE", 0 , 0), | |
648 | P_ SHA256("SH A-256", 32 , 64), | |
649 | P_ SHA384("SH A-384", 48 , 128), | |
650 | P_ SHA512("SH A-512", 64 , 128); / / not curr ently used . | |
651 | ||
652 | // PRF chara cteristics | |
653 | pr ivate fina l String p rfHashAlg; | |
654 | pr ivate fina l int prfH ashLength; | |
655 | pr ivate fina l int prfB lockSize; | |
656 | ||
657 | PR F(String p rfHashAlg, int prfHa shLength, int prfBlo ckSize) { | |
658 | this.prf HashAlg = prfHashAlg ; | |
659 | this.prf HashLength = prfHash Length; | |
660 | this.prf BlockSize = prfBlock Size; | |
661 | } | |
662 | ||
663 | St ring getPR FHashAlg() { | |
664 | return p rfHashAlg; | |
665 | } | |
666 | ||
667 | in t getPRFHa shLength() { | |
668 | return p rfHashLeng th; | |
669 | } | |
670 | ||
671 | in t getPRFBl ockSize() { | |
672 | return p rfBlockSiz e; | |
673 | } | |
674 | } | |
675 | ||
676 | static { | |
677 | id Map = new HashMap<In teger,Ciph erSuite>() ; | |
678 | na meMap = ne w HashMap< String,Cip herSuite>( ); | |
679 | ||
680 | fi nal boolea n F = fals e; | |
681 | fi nal boolea n T = true ; | |
682 | // N: cipher suites onl y allowed if we are not in FIP S mode | |
683 | fi nal boolea n N = (Sun JSSE.isFIP S() == fal se); | |
684 | ||
685 | /* | |
686 | * TLS Ciphe r Suite Re gistry, as of August 2010. | |
687 | * | |
688 | * http://ww w.iana.org /assignmen ts/tls-par ameters/tl s-paramete rs.xml | |
689 | * | |
690 | * Range Registra tion Proce dures No tes | |
691 | * 000-191 Standard s Action Re fers to va lue of fir st byte | |
692 | * 192-254 Specific ation Requ ired Re fers to va lue of fir st byte | |
693 | * 255 Reserved for Priva te Use Re fers to va lue of fir st byte | |
694 | * | |
695 | * Value Descript ion Refere nce | |
696 | * 0x00,0x00 TLS_NULL _WITH_NULL _NULL [RFC52 46] | |
697 | * 0x00,0x01 TLS_RSA_ WITH_NULL_ MD5 [RFC52 46] | |
698 | * 0x00,0x02 TLS_RSA_ WITH_NULL_ SHA [RFC52 46] | |
699 | * 0x00,0x03 TLS_RSA_ EXPORT_WIT H_RC4_40_M D5 [RFC43 46] | |
700 | * 0x00,0x04 TLS_RSA_ WITH_RC4_1 28_MD5 [RFC52 46] | |
701 | * 0x00,0x05 TLS_RSA_ WITH_RC4_1 28_SHA [RFC52 46] | |
702 | * 0x00,0x06 TLS_RSA_ EXPORT_WIT H_RC2_CBC_ 40_MD5 [RFC43 46] | |
703 | * 0x00,0x07 TLS_RSA_ WITH_IDEA_ CBC_SHA [RFC54 69] | |
704 | * 0x00,0x08 TLS_RSA_ EXPORT_WIT H_DES40_CB C_SHA [RFC43 46] | |
705 | * 0x00,0x09 TLS_RSA_ WITH_DES_C BC_SHA [RFC54 69] | |
706 | * 0x00,0x0A TLS_RSA_ WITH_3DES_ EDE_CBC_SH A [RFC52 46] | |
707 | * 0x00,0x0B TLS_DH_D SS_EXPORT_ WITH_DES40 _CBC_SHA [RFC43 46] | |
708 | * 0x00,0x0C TLS_DH_D SS_WITH_DE S_CBC_SHA [RFC54 69] | |
709 | * 0x00,0x0D TLS_DH_D SS_WITH_3D ES_EDE_CBC _SHA [RFC52 46] | |
710 | * 0x00,0x0E TLS_DH_R SA_EXPORT_ WITH_DES40 _CBC_SHA [RFC43 46] | |
711 | * 0x00,0x0F TLS_DH_R SA_WITH_DE S_CBC_SHA [RFC54 69] | |
712 | * 0x00,0x10 TLS_DH_R SA_WITH_3D ES_EDE_CBC _SHA [RFC52 46] | |
713 | * 0x00,0x11 TLS_DHE_ DSS_EXPORT _WITH_DES4 0_CBC_SHA [RFC43 46] | |
714 | * 0x00,0x12 TLS_DHE_ DSS_WITH_D ES_CBC_SHA [RFC54 69] | |
715 | * 0x00,0x13 TLS_DHE_ DSS_WITH_3 DES_EDE_CB C_SHA [RFC52 46] | |
716 | * 0x00,0x14 TLS_DHE_ RSA_EXPORT _WITH_DES4 0_CBC_SHA [RFC43 46] | |
717 | * 0x00,0x15 TLS_DHE_ RSA_WITH_D ES_CBC_SHA [RFC54 69] | |
718 | * 0x00,0x16 TLS_DHE_ RSA_WITH_3 DES_EDE_CB C_SHA [RFC52 46] | |
719 | * 0x00,0x17 TLS_DH_a non_EXPORT _WITH_RC4_ 40_MD5 [RFC43 46] | |
720 | * 0x00,0x18 TLS_DH_a non_WITH_R C4_128_MD5 [RFC52 46] | |
721 | * 0x00,0x19 TLS_DH_a non_EXPORT _WITH_DES4 0_CBC_SHA [RFC43 46] | |
722 | * 0x00,0x1A TLS_DH_a non_WITH_D ES_CBC_SHA [RFC54 69] | |
723 | * 0x00,0x1B TLS_DH_a non_WITH_3 DES_EDE_CB C_SHA [RFC52 46] | |
724 | * 0x00,0x1C -1D Reserv ed to avoi d conflict s with SSL v3 [RFC52 46] | |
725 | * 0x00,0x1E TLS_KRB5 _WITH_DES_ CBC_SHA [RFC27 12] | |
726 | * 0x00,0x1F TLS_KRB5 _WITH_3DES _EDE_CBC_S HA [RFC27 12] | |
727 | * 0x00,0x20 TLS_KRB5 _WITH_RC4_ 128_SHA [RFC27 12] | |
728 | * 0x00,0x21 TLS_KRB5 _WITH_IDEA _CBC_SHA [RFC27 12] | |
729 | * 0x00,0x22 TLS_KRB5 _WITH_DES_ CBC_MD5 [RFC27 12] | |
730 | * 0x00,0x23 TLS_KRB5 _WITH_3DES _EDE_CBC_M D5 [RFC27 12] | |
731 | * 0x00,0x24 TLS_KRB5 _WITH_RC4_ 128_MD5 [RFC27 12] | |
732 | * 0x00,0x25 TLS_KRB5 _WITH_IDEA _CBC_MD5 [RFC27 12] | |
733 | * 0x00,0x26 TLS_KRB5 _EXPORT_WI TH_DES_CBC _40_SHA [RFC27 12] | |
734 | * 0x00,0x27 TLS_KRB5 _EXPORT_WI TH_RC2_CBC _40_SHA [RFC27 12] | |
735 | * 0x00,0x28 TLS_KRB5 _EXPORT_WI TH_RC4_40_ SHA [RFC27 12] | |
736 | * 0x00,0x29 TLS_KRB5 _EXPORT_WI TH_DES_CBC _40_MD5 [RFC27 12] | |
737 | * 0x00,0x2A TLS_KRB5 _EXPORT_WI TH_RC2_CBC _40_MD5 [RFC27 12] | |
738 | * 0x00,0x2B TLS_KRB5 _EXPORT_WI TH_RC4_40_ MD5 [RFC27 12] | |
739 | * 0x00,0x2C TLS_PSK_ WITH_NULL_ SHA [RFC47 85] | |
740 | * 0x00,0x2D TLS_DHE_ PSK_WITH_N ULL_SHA [RFC47 85] | |
741 | * 0x00,0x2E TLS_RSA_ PSK_WITH_N ULL_SHA [RFC47 85] | |
742 | * 0x00,0x2F TLS_RSA_ WITH_AES_1 28_CBC_SHA [RFC52 46] | |
743 | * 0x00,0x30 TLS_DH_D SS_WITH_AE S_128_CBC_ SHA [RFC52 46] | |
744 | * 0x00,0x31 TLS_DH_R SA_WITH_AE S_128_CBC_ SHA [RFC52 46] | |
745 | * 0x00,0x32 TLS_DHE_ DSS_WITH_A ES_128_CBC _SHA [RFC52 46] | |
746 | * 0x00,0x33 TLS_DHE_ RSA_WITH_A ES_128_CBC _SHA [RFC52 46] | |
747 | * 0x00,0x34 TLS_DH_a non_WITH_A ES_128_CBC _SHA [RFC52 46] | |
748 | * 0x00,0x35 TLS_RSA_ WITH_AES_2 56_CBC_SHA [RFC52 46] | |
749 | * 0x00,0x36 TLS_DH_D SS_WITH_AE S_256_CBC_ SHA [RFC52 46] | |
750 | * 0x00,0x37 TLS_DH_R SA_WITH_AE S_256_CBC_ SHA [RFC52 46] | |
751 | * 0x00,0x38 TLS_DHE_ DSS_WITH_A ES_256_CBC _SHA [RFC52 46] | |
752 | * 0x00,0x39 TLS_DHE_ RSA_WITH_A ES_256_CBC _SHA [RFC52 46] | |
753 | * 0x00,0x3A TLS_DH_a non_WITH_A ES_256_CBC _SHA [RFC52 46] | |
754 | * 0x00,0x3B TLS_RSA_ WITH_NULL_ SHA256 [RFC52 46] | |
755 | * 0x00,0x3C TLS_RSA_ WITH_AES_1 28_CBC_SHA 256 [RFC52 46] | |
756 | * 0x00,0x3D TLS_RSA_ WITH_AES_2 56_CBC_SHA 256 [RFC52 46] | |
757 | * 0x00,0x3E TLS_DH_D SS_WITH_AE S_128_CBC_ SHA256 [RFC52 46] | |
758 | * 0x00,0x3F TLS_DH_R SA_WITH_AE S_128_CBC_ SHA256 [RFC52 46] | |
759 | * 0x00,0x40 TLS_DHE_ DSS_WITH_A ES_128_CBC _SHA256 [RFC52 46] | |
760 | * 0x00,0x41 TLS_RSA_ WITH_CAMEL LIA_128_CB C_SHA [RFC59 32] | |
761 | * 0x00,0x42 TLS_DH_D SS_WITH_CA MELLIA_128 _CBC_SHA [RFC59 32] | |
762 | * 0x00,0x43 TLS_DH_R SA_WITH_CA MELLIA_128 _CBC_SHA [RFC59 32] | |
763 | * 0x00,0x44 TLS_DHE_ DSS_WITH_C AMELLIA_12 8_CBC_SHA [RFC59 32] | |
764 | * 0x00,0x45 TLS_DHE_ RSA_WITH_C AMELLIA_12 8_CBC_SHA [RFC59 32] | |
765 | * 0x00,0x46 TLS_DH_a non_WITH_C AMELLIA_12 8_CBC_SHA [RFC59 32] | |
766 | * 0x00,0x47 -4F Reserv ed to avoi d conflict s with | |
767 | * deployed implement ations [Pasi_ Eronen] | |
768 | * 0x00,0x50 -58 Reserv ed to avoi d conflict s [Pasi Eronen] | |
769 | * 0x00,0x59 -5C Reserv ed to avoi d conflict s with | |
770 | * deployed implement ations [Pasi_ Eronen] | |
771 | * 0x00,0x5D -5F Unassi gned | |
772 | * 0x00,0x60 -66 Reserv ed to avoi d conflict s with wid ely | |
773 | * deployed implement ations [Pasi_ Eronen] | |
774 | * 0x00,0x67 TLS_DHE_ RSA_WITH_A ES_128_CBC _SHA256 [RFC52 46] | |
775 | * 0x00,0x68 TLS_DH_D SS_WITH_AE S_256_CBC_ SHA256 [RFC52 46] | |
776 | * 0x00,0x69 TLS_DH_R SA_WITH_AE S_256_CBC_ SHA256 [RFC52 46] | |
777 | * 0x00,0x6A TLS_DHE_ DSS_WITH_A ES_256_CBC _SHA256 [RFC52 46] | |
778 | * 0x00,0x6B TLS_DHE_ RSA_WITH_A ES_256_CBC _SHA256 [RFC52 46] | |
779 | * 0x00,0x6C TLS_DH_a non_WITH_A ES_128_CBC _SHA256 [RFC52 46] | |
780 | * 0x00,0x6D TLS_DH_a non_WITH_A ES_256_CBC _SHA256 [RFC52 46] | |
781 | * 0x00,0x6E -83 Unassi gned | |
782 | * 0x00,0x84 TLS_RSA_ WITH_CAMEL LIA_256_CB C_SHA [RFC59 32] | |
783 | * 0x00,0x85 TLS_DH_D SS_WITH_CA MELLIA_256 _CBC_SHA [RFC59 32] | |
784 | * 0x00,0x86 TLS_DH_R SA_WITH_CA MELLIA_256 _CBC_SHA [RFC59 32] | |
785 | * 0x00,0x87 TLS_DHE_ DSS_WITH_C AMELLIA_25 6_CBC_SHA [RFC59 32] | |
786 | * 0x00,0x88 TLS_DHE_ RSA_WITH_C AMELLIA_25 6_CBC_SHA [RFC59 32] | |
787 | * 0x00,0x89 TLS_DH_a non_WITH_C AMELLIA_25 6_CBC_SHA [RFC59 32] | |
788 | * 0x00,0x8A TLS_PSK_ WITH_RC4_1 28_SHA [RFC42 79] | |
789 | * 0x00,0x8B TLS_PSK_ WITH_3DES_ EDE_CBC_SH A [RFC42 79] | |
790 | * 0x00,0x8C TLS_PSK_ WITH_AES_1 28_CBC_SHA [RFC42 79] | |
791 | * 0x00,0x8D TLS_PSK_ WITH_AES_2 56_CBC_SHA [RFC42 79] | |
792 | * 0x00,0x8E TLS_DHE_ PSK_WITH_R C4_128_SHA [RFC42 79] | |
793 | * 0x00,0x8F TLS_DHE_ PSK_WITH_3 DES_EDE_CB C_SHA [RFC42 79] | |
794 | * 0x00,0x90 TLS_DHE_ PSK_WITH_A ES_128_CBC _SHA [RFC42 79] | |
795 | * 0x00,0x91 TLS_DHE_ PSK_WITH_A ES_256_CBC _SHA [RFC42 79] | |
796 | * 0x00,0x92 TLS_RSA_ PSK_WITH_R C4_128_SHA [RFC42 79] | |
797 | * 0x00,0x93 TLS_RSA_ PSK_WITH_3 DES_EDE_CB C_SHA [RFC42 79] | |
798 | * 0x00,0x94 TLS_RSA_ PSK_WITH_A ES_128_CBC _SHA [RFC42 79] | |
799 | * 0x00,0x95 TLS_RSA_ PSK_WITH_A ES_256_CBC _SHA [RFC42 79] | |
800 | * 0x00,0x96 TLS_RSA_ WITH_SEED_ CBC_SHA [RFC41 62] | |
801 | * 0x00,0x97 TLS_DH_D SS_WITH_SE ED_CBC_SHA [RFC41 62] | |
802 | * 0x00,0x98 TLS_DH_R SA_WITH_SE ED_CBC_SHA [RFC41 62] | |
803 | * 0x00,0x99 TLS_DHE_ DSS_WITH_S EED_CBC_SH A [RFC41 62] | |
804 | * 0x00,0x9A TLS_DHE_ RSA_WITH_S EED_CBC_SH A [RFC41 62] | |
805 | * 0x00,0x9B TLS_DH_a non_WITH_S EED_CBC_SH A [RFC41 62] | |
806 | * 0x00,0x9C TLS_RSA_ WITH_AES_1 28_GCM_SHA 256 [RFC52 88] | |
807 | * 0x00,0x9D TLS_RSA_ WITH_AES_2 56_GCM_SHA 384 [RFC52 88] | |
808 | * 0x00,0x9E TLS_DHE_ RSA_WITH_A ES_128_GCM _SHA256 [RFC52 88] | |
809 | * 0x00,0x9F TLS_DHE_ RSA_WITH_A ES_256_GCM _SHA384 [RFC52 88] | |
810 | * 0x00,0xA0 TLS_DH_R SA_WITH_AE S_128_GCM_ SHA256 [RFC52 88] | |
811 | * 0x00,0xA1 TLS_DH_R SA_WITH_AE S_256_GCM_ SHA384 [RFC52 88] | |
812 | * 0x00,0xA2 TLS_DHE_ DSS_WITH_A ES_128_GCM _SHA256 [RFC52 88] | |
813 | * 0x00,0xA3 TLS_DHE_ DSS_WITH_A ES_256_GCM _SHA384 [RFC52 88] | |
814 | * 0x00,0xA4 TLS_DH_D SS_WITH_AE S_128_GCM_ SHA256 [RFC52 88] | |
815 | * 0x00,0xA5 TLS_DH_D SS_WITH_AE S_256_GCM_ SHA384 [RFC52 88] | |
816 | * 0x00,0xA6 TLS_DH_a non_WITH_A ES_128_GCM _SHA256 [RFC52 88] | |
817 | * 0x00,0xA7 TLS_DH_a non_WITH_A ES_256_GCM _SHA384 [RFC52 88] | |
818 | * 0x00,0xA8 TLS_PSK_ WITH_AES_1 28_GCM_SHA 256 [RFC54 87] | |
819 | * 0x00,0xA9 TLS_PSK_ WITH_AES_2 56_GCM_SHA 384 [RFC54 87] | |
820 | * 0x00,0xAA TLS_DHE_ PSK_WITH_A ES_128_GCM _SHA256 [RFC54 87] | |
821 | * 0x00,0xAB TLS_DHE_ PSK_WITH_A ES_256_GCM _SHA384 [RFC54 87] | |
822 | * 0x00,0xAC TLS_RSA_ PSK_WITH_A ES_128_GCM _SHA256 [RFC54 87] | |
823 | * 0x00,0xAD TLS_RSA_ PSK_WITH_A ES_256_GCM _SHA384 [RFC54 87] | |
824 | * 0x00,0xAE TLS_PSK_ WITH_AES_1 28_CBC_SHA 256 [RFC54 87] | |
825 | * 0x00,0xAF TLS_PSK_ WITH_AES_2 56_CBC_SHA 384 [RFC54 87] | |
826 | * 0x00,0xB0 TLS_PSK_ WITH_NULL_ SHA256 [RFC54 87] | |
827 | * 0x00,0xB1 TLS_PSK_ WITH_NULL_ SHA384 [RFC54 87] | |
828 | * 0x00,0xB2 TLS_DHE_ PSK_WITH_A ES_128_CBC _SHA256 [RFC54 87] | |
829 | * 0x00,0xB3 TLS_DHE_ PSK_WITH_A ES_256_CBC _SHA384 [RFC54 87] | |
830 | * 0x00,0xB4 TLS_DHE_ PSK_WITH_N ULL_SHA256 [RFC54 87] | |
831 | * 0x00,0xB5 TLS_DHE_ PSK_WITH_N ULL_SHA384 [RFC54 87] | |
832 | * 0x00,0xB6 TLS_RSA_ PSK_WITH_A ES_128_CBC _SHA256 [RFC54 87] | |
833 | * 0x00,0xB7 TLS_RSA_ PSK_WITH_A ES_256_CBC _SHA384 [RFC54 87] | |
834 | * 0x00,0xB8 TLS_RSA_ PSK_WITH_N ULL_SHA256 [RFC54 87] | |
835 | * 0x00,0xB9 TLS_RSA_ PSK_WITH_N ULL_SHA384 [RFC54 87] | |
836 | * 0x00,0xBA TLS_RSA_ WITH_CAMEL LIA_128_CB C_SHA256 [RFC59 32] | |
837 | * 0x00,0xBB TLS_DH_D SS_WITH_CA MELLIA_128 _CBC_SHA25 6 [RFC59 32] | |
838 | * 0x00,0xBC TLS_DH_R SA_WITH_CA MELLIA_128 _CBC_SHA25 6 [RFC59 32] | |
839 | * 0x00,0xBD TLS_DHE_ DSS_WITH_C AMELLIA_12 8_CBC_SHA2 56 [RFC59 32] | |
840 | * 0x00,0xBE TLS_DHE_ RSA_WITH_C AMELLIA_12 8_CBC_SHA2 56 [RFC59 32] | |
841 | * 0x00,0xBF TLS_DH_a non_WITH_C AMELLIA_12 8_CBC_SHA2 56 [RFC59 32] | |
842 | * 0x00,0xC0 TLS_RSA_ WITH_CAMEL LIA_256_CB C_SHA256 [RFC59 32] | |
843 | * 0x00,0xC1 TLS_DH_D SS_WITH_CA MELLIA_256 _CBC_SHA25 6 [RFC59 32] | |
844 | * 0x00,0xC2 TLS_DH_R SA_WITH_CA MELLIA_256 _CBC_SHA25 6 [RFC59 32] | |
845 | * 0x00,0xC3 TLS_DHE_ DSS_WITH_C AMELLIA_25 6_CBC_SHA2 56 [RFC59 32] | |
846 | * 0x00,0xC4 TLS_DHE_ RSA_WITH_C AMELLIA_25 6_CBC_SHA2 56 [RFC59 32] | |
847 | * 0x00,0xC5 TLS_DH_a non_WITH_C AMELLIA_25 6_CBC_SHA2 56 [RFC59 32] | |
848 | * 0x00,0xC6 -FE Unassign ed | |
849 | * 0x00,0xFF TLS_EMPT Y_RENEGOTI ATION_INFO _SCSV [RFC57 46] | |
850 | * 0x01-BF,* Unassign ed | |
851 | * 0xC0,0x01 TLS_ECDH _ECDSA_WIT H_NULL_SHA [RFC44 92] | |
852 | * 0xC0,0x02 TLS_ECDH _ECDSA_WIT H_RC4_128_ SHA [RFC44 92] | |
853 | * 0xC0,0x03 TLS_ECDH _ECDSA_WIT H_3DES_EDE _CBC_SHA [RFC44 92] | |
854 | * 0xC0,0x04 TLS_ECDH _ECDSA_WIT H_AES_128_ CBC_SHA [RFC44 92] | |
855 | * 0xC0,0x05 TLS_ECDH _ECDSA_WIT H_AES_256_ CBC_SHA [RFC44 92] | |
856 | * 0xC0,0x06 TLS_ECDH E_ECDSA_WI TH_NULL_SH A [RFC44 92] | |
857 | * 0xC0,0x07 TLS_ECDH E_ECDSA_WI TH_RC4_128 _SHA [RFC44 92] | |
858 | * 0xC0,0x08 TLS_ECDH E_ECDSA_WI TH_3DES_ED E_CBC_SHA [RFC44 92] | |
859 | * 0xC0,0x09 TLS_ECDH E_ECDSA_WI TH_AES_128 _CBC_SHA [RFC44 92] | |
860 | * 0xC0,0x0A TLS_ECDH E_ECDSA_WI TH_AES_256 _CBC_SHA [RFC44 92] | |
861 | * 0xC0,0x0B TLS_ECDH _RSA_WITH_ NULL_SHA [RFC44 92] | |
862 | * 0xC0,0x0C TLS_ECDH _RSA_WITH_ RC4_128_SH A [RFC44 92] | |
863 | * 0xC0,0x0D TLS_ECDH _RSA_WITH_ 3DES_EDE_C BC_SHA [RFC44 92] | |
864 | * 0xC0,0x0E TLS_ECDH _RSA_WITH_ AES_128_CB C_SHA [RFC44 92] | |
865 | * 0xC0,0x0F TLS_ECDH _RSA_WITH_ AES_256_CB C_SHA [RFC44 92] | |
866 | * 0xC0,0x10 TLS_ECDH E_RSA_WITH _NULL_SHA [RFC44 92] | |
867 | * 0xC0,0x11 TLS_ECDH E_RSA_WITH _RC4_128_S HA [RFC44 92] | |
868 | * 0xC0,0x12 TLS_ECDH E_RSA_WITH _3DES_EDE_ CBC_SHA [RFC44 92] | |
869 | * 0xC0,0x13 TLS_ECDH E_RSA_WITH _AES_128_C BC_SHA [RFC44 92] | |
870 | * 0xC0,0x14 TLS_ECDH E_RSA_WITH _AES_256_C BC_SHA [RFC44 92] | |
871 | * 0xC0,0x15 TLS_ECDH _anon_WITH _NULL_SHA [RFC44 92] | |
872 | * 0xC0,0x16 TLS_ECDH _anon_WITH _RC4_128_S HA [RFC44 92] | |
873 | * 0xC0,0x17 TLS_ECDH _anon_WITH _3DES_EDE_ CBC_SHA [RFC44 92] | |
874 | * 0xC0,0x18 TLS_ECDH _anon_WITH _AES_128_C BC_SHA [RFC44 92] | |
875 | * 0xC0,0x19 TLS_ECDH _anon_WITH _AES_256_C BC_SHA [RFC44 92] | |
876 | * 0xC0,0x1A TLS_SRP_ SHA_WITH_3 DES_EDE_CB C_SHA [RFC50 54] | |
877 | * 0xC0,0x1B TLS_SRP_ SHA_RSA_WI TH_3DES_ED E_CBC_SHA [RFC50 54] | |
878 | * 0xC0,0x1C TLS_SRP_ SHA_DSS_WI TH_3DES_ED E_CBC_SHA [RFC50 54] | |
879 | * 0xC0,0x1D TLS_SRP_ SHA_WITH_A ES_128_CBC _SHA [RFC50 54] | |
880 | * 0xC0,0x1E TLS_SRP_ SHA_RSA_WI TH_AES_128 _CBC_SHA [RFC50 54] | |
881 | * 0xC0,0x1F TLS_SRP_ SHA_DSS_WI TH_AES_128 _CBC_SHA [RFC50 54] | |
882 | * 0xC0,0x20 TLS_SRP_ SHA_WITH_A ES_256_CBC _SHA [RFC50 54] | |
883 | * 0xC0,0x21 TLS_SRP_ SHA_RSA_WI TH_AES_256 _CBC_SHA [RFC50 54] | |
884 | * 0xC0,0x22 TLS_SRP_ SHA_DSS_WI TH_AES_256 _CBC_SHA [RFC50 54] | |
885 | * 0xC0,0x23 TLS_ECDH E_ECDSA_WI TH_AES_128 _CBC_SHA25 6 [RFC52 89] | |
886 | * 0xC0,0x24 TLS_ECDH E_ECDSA_WI TH_AES_256 _CBC_SHA38 4 [RFC52 89] | |
887 | * 0xC0,0x25 TLS_ECDH _ECDSA_WIT H_AES_128_ CBC_SHA256 [RFC52 89] | |
888 | * 0xC0,0x26 TLS_ECDH _ECDSA_WIT H_AES_256_ CBC_SHA384 [RFC52 89] | |
889 | * 0xC0,0x27 TLS_ECDH E_RSA_WITH _AES_128_C BC_SHA256 [RFC52 89] | |
890 | * 0xC0,0x28 TLS_ECDH E_RSA_WITH _AES_256_C BC_SHA384 [RFC52 89] | |
891 | * 0xC0,0x29 TLS_ECDH _RSA_WITH_ AES_128_CB C_SHA256 [RFC52 89] | |
892 | * 0xC0,0x2A TLS_ECDH _RSA_WITH_ AES_256_CB C_SHA384 [RFC52 89] | |
893 | * 0xC0,0x2B TLS_ECDH E_ECDSA_WI TH_AES_128 _GCM_SHA25 6 [RFC52 89] | |
894 | * 0xC0,0x2C TLS_ECDH E_ECDSA_WI TH_AES_256 _GCM_SHA38 4 [RFC52 89] | |
895 | * 0xC0,0x2D TLS_ECDH _ECDSA_WIT H_AES_128_ GCM_SHA256 [RFC52 89] | |
896 | * 0xC0,0x2E TLS_ECDH _ECDSA_WIT H_AES_256_ GCM_SHA384 [RFC52 89] | |
897 | * 0xC0,0x2F TLS_ECDH E_RSA_WITH _AES_128_G CM_SHA256 [RFC52 89] | |
898 | * 0xC0,0x30 TLS_ECDH E_RSA_WITH _AES_256_G CM_SHA384 [RFC52 89] | |
899 | * 0xC0,0x31 TLS_ECDH _RSA_WITH_ AES_128_GC M_SHA256 [RFC52 89] | |
900 | * 0xC0,0x32 TLS_ECDH _RSA_WITH_ AES_256_GC M_SHA384 [RFC52 89] | |
901 | * 0xC0,0x33 TLS_ECDH E_PSK_WITH _RC4_128_S HA [RFC54 89] | |
902 | * 0xC0,0x34 TLS_ECDH E_PSK_WITH _3DES_EDE_ CBC_SHA [RFC54 89] | |
903 | * 0xC0,0x35 TLS_ECDH E_PSK_WITH _AES_128_C BC_SHA [RFC54 89] | |
904 | * 0xC0,0x36 TLS_ECDH E_PSK_WITH _AES_256_C BC_SHA [RFC54 89] | |
905 | * 0xC0,0x37 TLS_ECDH E_PSK_WITH _AES_128_C BC_SHA256 [RFC54 89] | |
906 | * 0xC0,0x38 TLS_ECDH E_PSK_WITH _AES_256_C BC_SHA384 [RFC54 89] | |
907 | * 0xC0,0x39 TLS_ECDH E_PSK_WITH _NULL_SHA [RFC54 89] | |
908 | * 0xC0,0x3A TLS_ECDH E_PSK_WITH _NULL_SHA2 56 [RFC54 89] | |
909 | * 0xC0,0x3B TLS_ECDH E_PSK_WITH _NULL_SHA3 84 [RFC54 89] | |
910 | * 0xC0,0x3C -FF Unassi gned | |
911 | * 0xC1-FD,* Unassign ed | |
912 | * 0xFE,0x00 -FD Unassi gned | |
913 | * 0xFE,0xFE -FF Reserv ed to avoi d conflict s with wid ely | |
914 | * deployed implement ations [Pasi_ Eronen] | |
915 | * 0xFF,0x00 -FF Reserv ed for Pri vate Use [RFC52 46] | |
916 | * / | |
917 | ||
918 | ad d("SSL_NUL L_WITH_NUL L_NULL", | |
919 | 0x0000, 1, K_NULL, B_N ULL, F) ; | |
920 | ||
921 | /* | |
922 | * Definitio n of the C ipherSuite s that are enabled b y default. | |
923 | * They are listed in preference order, mo st preferr ed first, using | |
924 | * the follo wing crite ria: | |
925 | * 1. Prefer Suite B c ompliant c ipher suit es, see RF C6460 (To be | |
926 | * change d later, s ee below). | |
927 | * 2. Prefer the stron ger bulk c ipher, in the order of AES_256 (GCM), | |
928 | * AES_12 8(GCM), AE S_256, AES _128, 3DES -EDE. | |
929 | * 3. Prefer the stron ger MAC al gorithm, i n the orde r of SHA38 4, | |
930 | * SHA256 , SHA, MD5 . | |
931 | * 4. Prefer the bette r performa nce of key exchange and digita l | |
932 | * signat ure algori thm, in th e order of ECDHE-ECD SA, ECDHE- RSA, | |
933 | * RSA, E CDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS. | |
934 | * / | |
935 | in t p = DEFA ULT_SUITES _PRIORITY * 2; | |
936 | ||
937 | // shorten n ames to fi t the foll owing tabl e cleanly. | |
938 | in t max = Pr otocolVers ion.LIMIT_ MAX_VALUE; | |
939 | in t tls11 = ProtocolVe rsion.TLS1 1.v; | |
940 | in t tls12 = ProtocolVe rsion.TLS1 2.v; | |
941 | ||
942 | // ID Key E xchange Cipher A obs s uprt PRF | |
943 | // ====== ===== ======= ========= = === = ==== ==== ==== | |
944 | ||
945 | ||
946 | // Placehold er for cip her suites in GCM mo de. | |
947 | // | |
948 | // For bette r compatib ility and interopera bility, we decrease the | |
949 | // priority of cipher suites in GCM mode f or a while as GCM | |
950 | // technolog ies mature in the in dustry. E ventually we'll move | |
951 | // the GCM s uites here . | |
952 | ||
953 | // AES_256(C BC) | |
954 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_25 6_CBC_SHA3 84", | |
955 | 0xc024, --p, K_ECD HE_ECDSA, B_AES_256, T, max, t ls12, P_SH A384); | |
956 | ad d("TLS_ECD HE_RSA_WIT H_AES_256_ CBC_SHA384 ", | |
957 | 0xc028, --p, K_ECD HE_RSA, B_AES_256, T, max, t ls12, P_SH A384); | |
958 | ad d("TLS_RSA _WITH_AES_ 256_CBC_SH A256", | |
959 | 0x003d, --p, K_RSA , B_AES_256, T, max, t ls12, P_SH A256); | |
960 | ad d("TLS_ECD H_ECDSA_WI TH_AES_256 _CBC_SHA38 4", | |
961 | 0xc026, --p, K_ECD H_ECDSA, B_AES_256, T, max, t ls12, P_SH A384); | |
962 | ad d("TLS_ECD H_RSA_WITH _AES_256_C BC_SHA384" , | |
963 | 0xc02a, --p, K_ECD H_RSA, B_AES_256, T, max, t ls12, P_SH A384); | |
964 | ad d("TLS_DHE _RSA_WITH_ AES_256_CB C_SHA256", | |
965 | 0x006b, --p, K_DHE _RSA, B_AES_256, T, max, t ls12, P_SH A256); | |
966 | ad d("TLS_DHE _DSS_WITH_ AES_256_CB C_SHA256", | |
967 | 0x006a, --p, K_DHE _DSS, B_AES_256, T, max, t ls12, P_SH A256); | |
968 | ||
969 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_25 6_CBC_SHA" , | |
970 | 0xC00A, --p, K_ECD HE_ECDSA, B_AES_256, T); | |
971 | ad d("TLS_ECD HE_RSA_WIT H_AES_256_ CBC_SHA", | |
972 | 0xC014, --p, K_ECD HE_RSA, B_AES_256, T); | |
973 | ad d("TLS_RSA _WITH_AES_ 256_CBC_SH A", | |
974 | 0x0035, --p, K_RSA , B_AES_256, T); | |
975 | ad d("TLS_ECD H_ECDSA_WI TH_AES_256 _CBC_SHA", | |
976 | 0xC005, --p, K_ECD H_ECDSA, B_AES_256, T); | |
977 | ad d("TLS_ECD H_RSA_WITH _AES_256_C BC_SHA", | |
978 | 0xC00F, --p, K_ECD H_RSA, B_AES_256, T); | |
979 | ad d("TLS_DHE _RSA_WITH_ AES_256_CB C_SHA", | |
980 | 0x0039, --p, K_DHE _RSA, B_AES_256, T); | |
981 | ad d("TLS_DHE _DSS_WITH_ AES_256_CB C_SHA", | |
982 | 0x0038, --p, K_DHE _DSS, B_AES_256, T); | |
983 | ||
984 | // AES_128(C BC) | |
985 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_12 8_CBC_SHA2 56", | |
986 | 0xc023, --p, K_ECD HE_ECDSA, B_AES_128, T, max, t ls12, P_SH A256); | |
987 | ad d("TLS_ECD HE_RSA_WIT H_AES_128_ CBC_SHA256 ", | |
988 | 0xc027, --p, K_ECD HE_RSA, B_AES_128, T, max, t ls12, P_SH A256); | |
989 | ad d("TLS_RSA _WITH_AES_ 128_CBC_SH A256", | |
990 | 0x003c, --p, K_RSA , B_AES_128, T, max, t ls12, P_SH A256); | |
991 | ad d("TLS_ECD H_ECDSA_WI TH_AES_128 _CBC_SHA25 6", | |
992 | 0xc025, --p, K_ECD H_ECDSA, B_AES_128, T, max, t ls12, P_SH A256); | |
993 | ad d("TLS_ECD H_RSA_WITH _AES_128_C BC_SHA256" , | |
994 | 0xc029, --p, K_ECD H_RSA, B_AES_128, T, max, t ls12, P_SH A256); | |
995 | ad d("TLS_DHE _RSA_WITH_ AES_128_CB C_SHA256", | |
996 | 0x0067, --p, K_DHE _RSA, B_AES_128, T, max, t ls12, P_SH A256); | |
997 | ad d("TLS_DHE _DSS_WITH_ AES_128_CB C_SHA256", | |
998 | 0x0040, --p, K_DHE _DSS, B_AES_128, T, max, t ls12, P_SH A256); | |
999 | ||
1000 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_12 8_CBC_SHA" , | |
1001 | 0xC009, --p, K_ECD HE_ECDSA, B_AES_128, T); | |
1002 | ad d("TLS_ECD HE_RSA_WIT H_AES_128_ CBC_SHA", | |
1003 | 0xC013, --p, K_ECD HE_RSA, B_AES_128, T); | |
1004 | ad d("TLS_RSA _WITH_AES_ 128_CBC_SH A", | |
1005 | 0x002f, --p, K_RSA , B_AES_128, T); | |
1006 | ad d("TLS_ECD H_ECDSA_WI TH_AES_128 _CBC_SHA", | |
1007 | 0xC004, --p, K_ECD H_ECDSA, B_AES_128, T); | |
1008 | ad d("TLS_ECD H_RSA_WITH _AES_128_C BC_SHA", | |
1009 | 0xC00E, --p, K_ECD H_RSA, B_AES_128, T); | |
1010 | ad d("TLS_DHE _RSA_WITH_ AES_128_CB C_SHA", | |
1011 | 0x0033, --p, K_DHE _RSA, B_AES_128, T); | |
1012 | ad d("TLS_DHE _DSS_WITH_ AES_128_CB C_SHA", | |
1013 | 0x0032, --p, K_DHE _DSS, B_AES_128, T); | |
1014 | ||
1015 | // Cipher su ites in GC M mode, se e RFC 5288 /5289. | |
1016 | // | |
1017 | // We may in crease the priority of cipher suites in GCM mode w hen | |
1018 | // GCM techn ologies be come matur e in the i ndustry. | |
1019 | ||
1020 | // Suite B c ompliant c ipher suit es, see RF C 6460. | |
1021 | // | |
1022 | // Note that , at prese nt this pr ovider is not Suite B complian t. The | |
1023 | // preferenc e order of the GCM c ipher suit es does no t follow t he spec | |
1024 | // of RFC 64 60. | |
1025 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_25 6_GCM_SHA3 84", | |
1026 | 0xc02c, --p, K_ECD HE_ECDSA, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1027 | ad d("TLS_ECD HE_ECDSA_W ITH_AES_12 8_GCM_SHA2 56", | |
1028 | 0xc02b, --p, K_ECD HE_ECDSA, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1029 | ||
1030 | // AES_256(G CM) | |
1031 | ad d("TLS_ECD HE_RSA_WIT H_AES_256_ GCM_SHA384 ", | |
1032 | 0xc030, --p, K_ECD HE_RSA, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1033 | ad d("TLS_RSA _WITH_AES_ 256_GCM_SH A384", | |
1034 | 0x009d, --p, K_RSA , B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1035 | ad d("TLS_ECD H_ECDSA_WI TH_AES_256 _GCM_SHA38 4", | |
1036 | 0xc02e, --p, K_ECD H_ECDSA, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1037 | ad d("TLS_ECD H_RSA_WITH _AES_256_G CM_SHA384" , | |
1038 | 0xc032, --p, K_ECD H_RSA, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1039 | ad d("TLS_DHE _RSA_WITH_ AES_256_GC M_SHA384", | |
1040 | 0x009f, --p, K_DHE _RSA, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1041 | ad d("TLS_DHE _DSS_WITH_ AES_256_GC M_SHA384", | |
1042 | 0x00a3, --p, K_DHE _DSS, B_AES_256_ GCM, T, ma x, tls12, P_SHA384); | |
1043 | ||
1044 | // AES_128(G CM) | |
1045 | ad d("TLS_ECD HE_RSA_WIT H_AES_128_ GCM_SHA256 ", | |
1046 | 0xc02f, --p, K_ECD HE_RSA, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1047 | ad d("TLS_RSA _WITH_AES_ 128_GCM_SH A256", | |
1048 | 0x009c, --p, K_RSA , B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1049 | ad d("TLS_ECD H_ECDSA_WI TH_AES_128 _GCM_SHA25 6", | |
1050 | 0xc02d, --p, K_ECD H_ECDSA, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1051 | ad d("TLS_ECD H_RSA_WITH _AES_128_G CM_SHA256" , | |
1052 | 0xc031, --p, K_ECD H_RSA, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1053 | ad d("TLS_DHE _RSA_WITH_ AES_128_GC M_SHA256", | |
1054 | 0x009e, --p, K_DHE _RSA, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1055 | ad d("TLS_DHE _DSS_WITH_ AES_128_GC M_SHA256", | |
1056 | 0x00a2, --p, K_DHE _DSS, B_AES_128_ GCM, T, ma x, tls12, P_SHA256); | |
1057 | // End of ci pher suite s in GCM m ode. | |
1058 | ||
1059 | // 3DES_EDE | |
1060 | ad d("TLS_ECD HE_ECDSA_W ITH_3DES_E DE_CBC_SHA ", | |
1061 | 0xC008, --p, K_ECD HE_ECDSA, B_3DES, T); | |
1062 | ad d("TLS_ECD HE_RSA_WIT H_3DES_EDE _CBC_SHA", | |
1063 | 0xC012, --p, K_ECD HE_RSA, B_3DES, T); | |
1064 | ad d("SSL_RSA _WITH_3DES _EDE_CBC_S HA", | |
1065 | 0x000a, --p, K_RSA , B_3DES, T); | |
1066 | ad d("TLS_ECD H_ECDSA_WI TH_3DES_ED E_CBC_SHA" , | |
1067 | 0xC003, --p, K_ECD H_ECDSA, B_3DES, T); | |
1068 | ad d("TLS_ECD H_RSA_WITH _3DES_EDE_ CBC_SHA", | |
1069 | 0xC00D, --p, K_ECD H_RSA, B_3DES, T); | |
1070 | ad d("SSL_DHE _RSA_WITH_ 3DES_EDE_C BC_SHA", | |
1071 | 0x0016, --p, K_DHE _RSA, B_3DES, T); | |
1072 | ad d("SSL_DHE _DSS_WITH_ 3DES_EDE_C BC_SHA", | |
1073 | 0x0013, --p, K_DHE _DSS, B_3DES, N); | |
1074 | ||
1075 | // Renegotia tion prote ction requ est Signal ling Ciphe r Suite Va lue (SCSV) | |
1076 | ad d("TLS_EMP TY_RENEGOT IATION_INF O_SCSV", | |
1077 | 0x00ff, --p, K_SCS V, B_NULL, T); | |
1078 | ||
1079 | /* | |
1080 | * Definitio n of the C ipherSuite s that are supported but not e nabled | |
1081 | * by defaul t. | |
1082 | * They are listed in preference order, pr eferred fi rst, using the | |
1083 | * following criteria: | |
1084 | * 1. Cipher Suites for KRB5 need additiona l KRB5 ser vice | |
1085 | * config uration, a nd these s uites are not common in practi ce, | |
1086 | * so we put KRB5 b ased ciphe r suites a t the end of the sup ported | |
1087 | * list. | |
1088 | * 2. If a c ipher suit e has been obsoleted , we put i t at the e nd of | |
1089 | * the li st. | |
1090 | * 3. Prefer the stron ger bulk c ipher, in the order of AES_256 , | |
1091 | * AES_12 8, 3DES-ED E, RC-4, D ES, DES40, RC4_40, N ULL. | |
1092 | * 4. Prefer the stron ger MAC al gorithm, i n the orde r of SHA38 4, | |
1093 | * SHA256 , SHA, MD5 . | |
1094 | * 5. Prefer the bette r performa nce of key exchange and digita l | |
1095 | * signat ure algori thm, in th e order of ECDHE-ECD SA, ECDHE- RSA, | |
1096 | * RSA, E CDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS, a nonymous. | |
1097 | * / | |
1098 | p = DEFAULT_ SUITES_PRI ORITY; | |
1099 | ||
1100 | ad d("TLS_DH_ anon_WITH_ AES_256_GC M_SHA384", | |
1101 | 0x00a7, --p, K_DH_ ANON, B_AES_256_ GCM, N, ma x, tls12, P_SHA384); | |
1102 | ad d("TLS_DH_ anon_WITH_ AES_128_GC M_SHA256", | |
1103 | 0x00a6, --p, K_DH_ ANON, B_AES_128_ GCM, N, ma x, tls12, P_SHA256); | |
1104 | ||
1105 | ad d("TLS_DH_ anon_WITH_ AES_256_CB C_SHA256", | |
1106 | 0x006d, --p, K_DH_ ANON, B_AES_256, N, max, t ls12, P_SH A256); | |
1107 | ad d("TLS_ECD H_anon_WIT H_AES_256_ CBC_SHA", | |
1108 | 0xC019, --p, K_ECD H_ANON, B_AES_256, N); | |
1109 | ad d("TLS_DH_ anon_WITH_ AES_256_CB C_SHA", | |
1110 | 0x003a, --p, K_DH_ ANON, B_AES_256, N); | |
1111 | ||
1112 | ad d("TLS_DH_ anon_WITH_ AES_128_CB C_SHA256", | |
1113 | 0x006c, --p, K_DH_ ANON, B_AES_128, N, max, t ls12, P_SH A256); | |
1114 | ad d("TLS_ECD H_anon_WIT H_AES_128_ CBC_SHA", | |
1115 | 0xC018, --p, K_ECD H_ANON, B_AES_128, N); | |
1116 | ad d("TLS_DH_ anon_WITH_ AES_128_CB C_SHA", | |
1117 | 0x0034, --p, K_DH_ ANON, B_AES_128, N); | |
1118 | ||
1119 | ad d("TLS_ECD H_anon_WIT H_3DES_EDE _CBC_SHA", | |
1120 | 0xC017, --p, K_ECD H_ANON, B_3DES, N); | |
1121 | ad d("SSL_DH_ anon_WITH_ 3DES_EDE_C BC_SHA", | |
1122 | 0x001b, --p, K_DH_ ANON, B_3DES, N); | |
1123 | ||
1124 | // RC-4 | |
1125 | ad d("TLS_ECD HE_ECDSA_W ITH_RC4_12 8_SHA", | |
1126 | 0xC007, --p, K_ECD HE_ECDSA, B_RC4_128, N); | |
1127 | ad d("TLS_ECD HE_RSA_WIT H_RC4_128_ SHA", | |
1128 | 0xC011, --p, K_ECD HE_RSA, B_RC4_128, N); | |
1129 | ad d("SSL_RSA _WITH_RC4_ 128_SHA", | |
1130 | 0x0005, --p, K_RSA , B_RC4_128, N); | |
1131 | ad d("TLS_ECD H_ECDSA_WI TH_RC4_128 _SHA", | |
1132 | 0xC002, --p, K_ECD H_ECDSA, B_RC4_128, N); | |
1133 | ad d("TLS_ECD H_RSA_WITH _RC4_128_S HA", | |
1134 | 0xC00C, --p, K_ECD H_RSA, B_RC4_128, N); | |
1135 | ad d("SSL_RSA _WITH_RC4_ 128_MD5", | |
1136 | 0x0004, --p, K_RSA , B_RC4_128, N); | |
1137 | ||
1138 | ad d("TLS_ECD H_anon_WIT H_RC4_128_ SHA", | |
1139 | 0xC016, --p, K_ECD H_ANON, B_RC4_128, N); | |
1140 | ad d("SSL_DH_ anon_WITH_ RC4_128_MD 5", | |
1141 | 0x0018, --p, K_DH_ ANON, B_RC4_128, N); | |
1142 | ||
1143 | // weak ciph er suites obsoleted in TLS 1.2 | |
1144 | ad d("SSL_RSA _WITH_DES_ CBC_SHA", | |
1145 | 0x0009, --p, K_RSA , B_DES, N, tls12) ; | |
1146 | ad d("SSL_DHE _RSA_WITH_ DES_CBC_SH A", | |
1147 | 0x0015, --p, K_DHE _RSA, B_DES, N, tls12) ; | |
1148 | ad d("SSL_DHE _DSS_WITH_ DES_CBC_SH A", | |
1149 | 0x0012, --p, K_DHE _DSS, B_DES, N, tls12) ; | |
1150 | ad d("SSL_DH_ anon_WITH_ DES_CBC_SH A", | |
1151 | 0x001a, --p, K_DH_ ANON, B_DES, N, tls12) ; | |
1152 | ||
1153 | // weak ciph er suites obsoleted in TLS 1.1 | |
1154 | ad d("SSL_RSA _EXPORT_WI TH_DES40_C BC_SHA", | |
1155 | 0x0008, --p, K_RSA _EXPORT, B_DES_40, N, tls11) ; | |
1156 | ad d("SSL_DHE _RSA_EXPOR T_WITH_DES 40_CBC_SHA ", | |
1157 | 0x0014, --p, K_DHE _RSA, B_DES_40, N, tls11) ; | |
1158 | ad d("SSL_DHE _DSS_EXPOR T_WITH_DES 40_CBC_SHA ", | |
1159 | 0x0011, --p, K_DHE _DSS, B_DES_40, N, tls11) ; | |
1160 | ad d("SSL_DH_ anon_EXPOR T_WITH_DES 40_CBC_SHA ", | |
1161 | 0x0019, --p, K_DH_ ANON, B_DES_40, N, tls11) ; | |
1162 | ||
1163 | ad d("SSL_RSA _EXPORT_WI TH_RC4_40_ MD5", | |
1164 | 0x0003, --p, K_RSA _EXPORT, B_RC4_40, N, tls11) ; | |
1165 | ad d("SSL_DH_ anon_EXPOR T_WITH_RC4 _40_MD5", | |
1166 | 0x0017, --p, K_DH_ ANON, B_RC4_40, N, tls11) ; | |
1167 | ||
1168 | ad d("TLS_RSA _WITH_NULL _SHA256", | |
1169 | 0x003b, --p, K_RSA , B_NULL, N, max, t ls12, P_SH A256); | |
1170 | ad d("TLS_ECD HE_ECDSA_W ITH_NULL_S HA", | |
1171 | 0xC006, --p, K_ECD HE_ECDSA, B_NULL, N); | |
1172 | ad d("TLS_ECD HE_RSA_WIT H_NULL_SHA ", | |
1173 | 0xC010, --p, K_ECD HE_RSA, B_NULL, N); | |
1174 | ad d("SSL_RSA _WITH_NULL _SHA", | |
1175 | 0x0002, --p, K_RSA , B_NULL, N); | |
1176 | ad d("TLS_ECD H_ECDSA_WI TH_NULL_SH A", | |
1177 | 0xC001, --p, K_ECD H_ECDSA, B_NULL, N); | |
1178 | ad d("TLS_ECD H_RSA_WITH _NULL_SHA" , | |
1179 | 0xC00B, --p, K_ECD H_RSA, B_NULL, N); | |
1180 | ad d("TLS_ECD H_anon_WIT H_NULL_SHA ", | |
1181 | 0xC015, --p, K_ECD H_ANON, B_NULL, N); | |
1182 | ad d("SSL_RSA _WITH_NULL _MD5", | |
1183 | 0x0001, --p, K_RSA , B_NULL, N); | |
1184 | ||
1185 | // Supported Kerberos ciphersuit es from RF C2712 | |
1186 | ad d("TLS_KRB 5_WITH_3DE S_EDE_CBC_ SHA", | |
1187 | 0x001f, --p, K_KRB 5, B_3DES, N); | |
1188 | ad d("TLS_KRB 5_WITH_3DE S_EDE_CBC_ MD5", | |
1189 | 0x0023, --p, K_KRB 5, B_3DES, N); | |
1190 | ad d("TLS_KRB 5_WITH_RC4 _128_SHA", | |
1191 | 0x0020, --p, K_KRB 5, B_RC4_128, N); | |
1192 | ad d("TLS_KRB 5_WITH_RC4 _128_MD5", | |
1193 | 0x0024, --p, K_KRB 5, B_RC4_128, N); | |
1194 | ad d("TLS_KRB 5_WITH_DES _CBC_SHA", | |
1195 | 0x001e, --p, K_KRB 5, B_DES, N, tls12) ; | |
1196 | ad d("TLS_KRB 5_WITH_DES _CBC_MD5", | |
1197 | 0x0022, --p, K_KRB 5, B_DES, N, tls12) ; | |
1198 | ad d("TLS_KRB 5_EXPORT_W ITH_DES_CB C_40_SHA", | |
1199 | 0x0026, --p, K_KRB 5_EXPORT, B_DES_40, N, tls11) ; | |
1200 | ad d("TLS_KRB 5_EXPORT_W ITH_DES_CB C_40_MD5", | |
1201 | 0x0029, --p, K_KRB 5_EXPORT, B_DES_40, N, tls11) ; | |
1202 | ad d("TLS_KRB 5_EXPORT_W ITH_RC4_40 _SHA", | |
1203 | 0x0028, --p, K_KRB 5_EXPORT, B_RC4_40, N, tls11) ; | |
1204 | ad d("TLS_KRB 5_EXPORT_W ITH_RC4_40 _MD5", | |
1205 | 0x002b, --p, K_KRB 5_EXPORT, B_RC4_40, N, tls11) ; | |
1206 | ||
1207 | /* | |
1208 | * Other val ues from t he TLS Cip her Suite Registry, as of Augu st 2010. | |
1209 | * | |
1210 | * http://ww w.iana.org /assignmen ts/tls-par ameters/tl s-paramete rs.xml | |
1211 | * | |
1212 | * Range Registra tion Proce dures No tes | |
1213 | * 000-191 Standard s Action Re fers to va lue of fir st byte | |
1214 | * 192-254 Specific ation Requ ired Re fers to va lue of fir st byte | |
1215 | * 255 Reserved for Priva te Use Re fers to va lue of fir st byte | |
1216 | * / | |
1217 | ||
1218 | // Register the names of a few a dditional CipherSuit es. | |
1219 | // Makes the m show up as names i nstead of numbers in | |
1220 | // the debug output. | |
1221 | ||
1222 | // remaining unsupport ed ciphers uites defi ned in RFC 2246. | |
1223 | ad d("SSL_RSA _EXPORT_WI TH_RC2_CBC _40_MD5", 0 x0006); | |
1224 | ad d("SSL_RSA _WITH_IDEA _CBC_SHA", 0 x0007); | |
1225 | ad d("SSL_DH_ DSS_EXPORT _WITH_DES4 0_CBC_SHA" , 0 x000b); | |
1226 | ad d("SSL_DH_ DSS_WITH_D ES_CBC_SHA ", 0 x000c); | |
1227 | ad d("SSL_DH_ DSS_WITH_3 DES_EDE_CB C_SHA", 0 x000d); | |
1228 | ad d("SSL_DH_ RSA_EXPORT _WITH_DES4 0_CBC_SHA" , 0 x000e); | |
1229 | ad d("SSL_DH_ RSA_WITH_D ES_CBC_SHA ", 0 x000f); | |
1230 | ad d("SSL_DH_ RSA_WITH_3 DES_EDE_CB C_SHA", 0 x0010); | |
1231 | ||
1232 | // SSL 3.0 F ortezza ci phersuites | |
1233 | ad d("SSL_FOR TEZZA_DMS_ WITH_NULL_ SHA", 0 x001c); | |
1234 | ad d("SSL_FOR TEZZA_DMS_ WITH_FORTE ZZA_CBC_SH A", 0 x001d); | |
1235 | ||
1236 | // 1024/56 b it exporta ble cipher suites fro m expired internet d raft | |
1237 | ad d("SSL_RSA _EXPORT102 4_WITH_DES _CBC_SHA", 0 x0062); | |
1238 | ad d("SSL_DHE _DSS_EXPOR T1024_WITH _DES_CBC_S HA", 0 x0063); | |
1239 | ad d("SSL_RSA _EXPORT102 4_WITH_RC4 _56_SHA", 0 x0064); | |
1240 | ad d("SSL_DHE _DSS_EXPOR T1024_WITH _RC4_56_SH A", 0 x0065); | |
1241 | ad d("SSL_DHE _DSS_WITH_ RC4_128_SH A", 0 x0066); | |
1242 | ||
1243 | // Netscape old and ne w SSL 3.0 FIPS ciphe rsuites | |
1244 | // see http: //www.mozi lla.org/pr ojects/sec urity/pki/ nss/ssl/fi ps-ssl-cip hersuites. html | |
1245 | ad d("NETSCAP E_RSA_FIPS _WITH_3DES _EDE_CBC_S HA", 0 xffe0); | |
1246 | ad d("NETSCAP E_RSA_FIPS _WITH_DES_ CBC_SHA", 0 xffe1); | |
1247 | ad d("SSL_RSA _FIPS_WITH _DES_CBC_S HA", 0 xfefe); | |
1248 | ad d("SSL_RSA _FIPS_WITH _3DES_EDE_ CBC_SHA", 0 xfeff); | |
1249 | ||
1250 | // Unsupport ed Kerbero s cipher s uites from RFC 2712 | |
1251 | ad d("TLS_KRB 5_WITH_IDE A_CBC_SHA" , 0 x0021); | |
1252 | ad d("TLS_KRB 5_WITH_IDE A_CBC_MD5" , 0 x0025); | |
1253 | ad d("TLS_KRB 5_EXPORT_W ITH_RC2_CB C_40_SHA", 0 x0027); | |
1254 | ad d("TLS_KRB 5_EXPORT_W ITH_RC2_CB C_40_MD5", 0 x002a); | |
1255 | ||
1256 | // Unsupport ed cipher suites fro m RFC 4162 | |
1257 | ad d("TLS_RSA _WITH_SEED _CBC_SHA", 0 x0096); | |
1258 | ad d("TLS_DH_ DSS_WITH_S EED_CBC_SH A", 0 x0097); | |
1259 | ad d("TLS_DH_ RSA_WITH_S EED_CBC_SH A", 0 x0098); | |
1260 | ad d("TLS_DHE _DSS_WITH_ SEED_CBC_S HA", 0 x0099); | |
1261 | ad d("TLS_DHE _RSA_WITH_ SEED_CBC_S HA", 0 x009a); | |
1262 | ad d("TLS_DH_ anon_WITH_ SEED_CBC_S HA", 0 x009b); | |
1263 | ||
1264 | // Unsupport ed cipher suites fro m RFC 4279 | |
1265 | ad d("TLS_PSK _WITH_RC4_ 128_SHA", 0 x008a); | |
1266 | ad d("TLS_PSK _WITH_3DES _EDE_CBC_S HA", 0 x008b); | |
1267 | ad d("TLS_PSK _WITH_AES_ 128_CBC_SH A", 0 x008c); | |
1268 | ad d("TLS_PSK _WITH_AES_ 256_CBC_SH A", 0 x008d); | |
1269 | ad d("TLS_DHE _PSK_WITH_ RC4_128_SH A", 0 x008e); | |
1270 | ad d("TLS_DHE _PSK_WITH_ 3DES_EDE_C BC_SHA", 0 x008f); | |
1271 | ad d("TLS_DHE _PSK_WITH_ AES_128_CB C_SHA", 0 x0090); | |
1272 | ad d("TLS_DHE _PSK_WITH_ AES_256_CB C_SHA", 0 x0091); | |
1273 | ad d("TLS_RSA _PSK_WITH_ RC4_128_SH A", 0 x0092); | |
1274 | ad d("TLS_RSA _PSK_WITH_ 3DES_EDE_C BC_SHA", 0 x0093); | |
1275 | ad d("TLS_RSA _PSK_WITH_ AES_128_CB C_SHA", 0 x0094); | |
1276 | ad d("TLS_RSA _PSK_WITH_ AES_256_CB C_SHA", 0 x0095); | |
1277 | ||
1278 | // Unsupport ed cipher suites fro m RFC 4785 | |
1279 | ad d("TLS_PSK _WITH_NULL _SHA", 0 x002c); | |
1280 | ad d("TLS_DHE _PSK_WITH_ NULL_SHA", 0 x002d); | |
1281 | ad d("TLS_RSA _PSK_WITH_ NULL_SHA", 0 x002e); | |
1282 | ||
1283 | // Unsupport ed cipher suites fro m RFC 5246 | |
1284 | ad d("TLS_DH_ DSS_WITH_A ES_128_CBC _SHA", 0 x0030); | |
1285 | ad d("TLS_DH_ RSA_WITH_A ES_128_CBC _SHA", 0 x0031); | |
1286 | ad d("TLS_DH_ DSS_WITH_A ES_256_CBC _SHA", 0 x0036); | |
1287 | ad d("TLS_DH_ RSA_WITH_A ES_256_CBC _SHA", 0 x0037); | |
1288 | ad d("TLS_DH_ DSS_WITH_A ES_128_CBC _SHA256", 0 x003e); | |
1289 | ad d("TLS_DH_ RSA_WITH_A ES_128_CBC _SHA256", 0 x003f); | |
1290 | ad d("TLS_DH_ DSS_WITH_A ES_256_CBC _SHA256", 0 x0068); | |
1291 | ad d("TLS_DH_ RSA_WITH_A ES_256_CBC _SHA256", 0 x0069); | |
1292 | ||
1293 | // Unsupport ed cipher suites fro m RFC 5288 | |
1294 | ad d("TLS_DH_ RSA_WITH_A ES_128_GCM _SHA256", 0 x00a0); | |
1295 | ad d("TLS_DH_ RSA_WITH_A ES_256_GCM _SHA384", 0 x00a1); | |
1296 | ad d("TLS_DH_ DSS_WITH_A ES_128_GCM _SHA256", 0 x00a4); | |
1297 | ad d("TLS_DH_ DSS_WITH_A ES_256_GCM _SHA384", 0 x00a5); | |
1298 | ||
1299 | // Unsupport ed cipher suites fro m RFC 5487 | |
1300 | ad d("TLS_PSK _WITH_AES_ 128_GCM_SH A256", 0 x00a8); | |
1301 | ad d("TLS_PSK _WITH_AES_ 256_GCM_SH A384", 0 x00a9); | |
1302 | ad d("TLS_DHE _PSK_WITH_ AES_128_GC M_SHA256", 0 x00aa); | |
1303 | ad d("TLS_DHE _PSK_WITH_ AES_256_GC M_SHA384", 0 x00ab); | |
1304 | ad d("TLS_RSA _PSK_WITH_ AES_128_GC M_SHA256", 0 x00ac); | |
1305 | ad d("TLS_RSA _PSK_WITH_ AES_256_GC M_SHA384", 0 x00ad); | |
1306 | ad d("TLS_PSK _WITH_AES_ 128_CBC_SH A256", 0 x00ae); | |
1307 | ad d("TLS_PSK _WITH_AES_ 256_CBC_SH A384", 0 x00af); | |
1308 | ad d("TLS_PSK _WITH_NULL _SHA256", 0 x00b0); | |
1309 | ad d("TLS_PSK _WITH_NULL _SHA384", 0 x00b1); | |
1310 | ad d("TLS_DHE _PSK_WITH_ AES_128_CB C_SHA256", 0 x00b2); | |
1311 | ad d("TLS_DHE _PSK_WITH_ AES_256_CB C_SHA384", 0 x00b3); | |
1312 | ad d("TLS_DHE _PSK_WITH_ NULL_SHA25 6", 0 x00b4); | |
1313 | ad d("TLS_DHE _PSK_WITH_ NULL_SHA38 4", 0 x00b5); | |
1314 | ad d("TLS_RSA _PSK_WITH_ AES_128_CB C_SHA256", 0 x00b6); | |
1315 | ad d("TLS_RSA _PSK_WITH_ AES_256_CB C_SHA384", 0 x00b7); | |
1316 | ad d("TLS_RSA _PSK_WITH_ NULL_SHA25 6", 0 x00b8); | |
1317 | ad d("TLS_RSA _PSK_WITH_ NULL_SHA38 4", 0 x00b9); | |
1318 | ||
1319 | // Unsupport ed cipher suites fro m RFC 5932 | |
1320 | ad d("TLS_RSA _WITH_CAME LLIA_128_C BC_SHA", 0 x0041); | |
1321 | ad d("TLS_DH_ DSS_WITH_C AMELLIA_12 8_CBC_SHA" , 0 x0042); | |
1322 | ad d("TLS_DH_ RSA_WITH_C AMELLIA_12 8_CBC_SHA" , 0 x0043); | |
1323 | ad d("TLS_DHE _DSS_WITH_ CAMELLIA_1 28_CBC_SHA ", 0 x0044); | |
1324 | ad d("TLS_DHE _RSA_WITH_ CAMELLIA_1 28_CBC_SHA ", 0 x0045); | |
1325 | ad d("TLS_DH_ anon_WITH_ CAMELLIA_1 28_CBC_SHA ", 0 x0046); | |
1326 | ad d("TLS_RSA _WITH_CAME LLIA_256_C BC_SHA", 0 x0084); | |
1327 | ad d("TLS_DH_ DSS_WITH_C AMELLIA_25 6_CBC_SHA" , 0 x0085); | |
1328 | ad d("TLS_DH_ RSA_WITH_C AMELLIA_25 6_CBC_SHA" , 0 x0086); | |
1329 | ad d("TLS_DHE _DSS_WITH_ CAMELLIA_2 56_CBC_SHA ", 0 x0087); | |
1330 | ad d("TLS_DHE _RSA_WITH_ CAMELLIA_2 56_CBC_SHA ", 0 x0088); | |
1331 | ad d("TLS_DH_ anon_WITH_ CAMELLIA_2 56_CBC_SHA ", 0 x0089); | |
1332 | ad d("TLS_RSA _WITH_CAME LLIA_128_C BC_SHA256" , 0 x00ba); | |
1333 | ad d("TLS_DH_ DSS_WITH_C AMELLIA_12 8_CBC_SHA2 56", 0 x00bb); | |
1334 | ad d("TLS_DH_ RSA_WITH_C AMELLIA_12 8_CBC_SHA2 56", 0 x00bc); | |
1335 | ad d("TLS_DHE _DSS_WITH_ CAMELLIA_1 28_CBC_SHA 256", 0 x00bd); | |
1336 | ad d("TLS_DHE _RSA_WITH_ CAMELLIA_1 28_CBC_SHA 256", 0 x00be); | |
1337 | ad d("TLS_DH_ anon_WITH_ CAMELLIA_1 28_CBC_SHA 256", 0 x00bf); | |
1338 | ad d("TLS_RSA _WITH_CAME LLIA_256_C BC_SHA256" , 0 x00c0); | |
1339 | ad d("TLS_DH_ DSS_WITH_C AMELLIA_25 6_CBC_SHA2 56", 0 x00c1); | |
1340 | ad d("TLS_DH_ RSA_WITH_C AMELLIA_25 6_CBC_SHA2 56", 0 x00c2); | |
1341 | ad d("TLS_DHE _DSS_WITH_ CAMELLIA_2 56_CBC_SHA 256", 0 x00c3); | |
1342 | ad d("TLS_DHE _RSA_WITH_ CAMELLIA_2 56_CBC_SHA 256", 0 x00c4); | |
1343 | ad d("TLS_DH_ anon_WITH_ CAMELLIA_2 56_CBC_SHA 256", 0 x00c5); | |
1344 | ||
1345 | // Unsupport ed cipher suites fro m RFC 5054 | |
1346 | ad d("TLS_SRP _SHA_WITH_ 3DES_EDE_C BC_SHA", 0 xc01a); | |
1347 | ad d("TLS_SRP _SHA_RSA_W ITH_3DES_E DE_CBC_SHA ", 0 xc01b); | |
1348 | ad d("TLS_SRP _SHA_DSS_W ITH_3DES_E DE_CBC_SHA ", 0 xc01c); | |
1349 | ad d("TLS_SRP _SHA_WITH_ AES_128_CB C_SHA", 0 xc01d); | |
1350 | ad d("TLS_SRP _SHA_RSA_W ITH_AES_12 8_CBC_SHA" , 0 xc01e); | |
1351 | ad d("TLS_SRP _SHA_DSS_W ITH_AES_12 8_CBC_SHA" , 0 xc01f); | |
1352 | ad d("TLS_SRP _SHA_WITH_ AES_256_CB C_SHA", 0 xc020); | |
1353 | ad d("TLS_SRP _SHA_RSA_W ITH_AES_25 6_CBC_SHA" , 0 xc021); | |
1354 | ad d("TLS_SRP _SHA_DSS_W ITH_AES_25 6_CBC_SHA" , 0 xc022); | |
1355 | ||
1356 | // Unsupport ed cipher suites fro m RFC 5489 | |
1357 | ad d("TLS_ECD HE_PSK_WIT H_RC4_128_ SHA", 0 xc033); | |
1358 | ad d("TLS_ECD HE_PSK_WIT H_3DES_EDE _CBC_SHA", 0 xc034); | |
1359 | ad d("TLS_ECD HE_PSK_WIT H_AES_128_ CBC_SHA", 0 xc035); | |
1360 | ad d("TLS_ECD HE_PSK_WIT H_AES_256_ CBC_SHA", 0 xc036); | |
1361 | ad d("TLS_ECD HE_PSK_WIT H_AES_128_ CBC_SHA256 ", 0 xc037); | |
1362 | ad d("TLS_ECD HE_PSK_WIT H_AES_256_ CBC_SHA384 ", 0 xc038); | |
1363 | ad d("TLS_ECD HE_PSK_WIT H_NULL_SHA ", 0 xc039); | |
1364 | ad d("TLS_ECD HE_PSK_WIT H_NULL_SHA 256", 0 xc03a); | |
1365 | ad d("TLS_ECD HE_PSK_WIT H_NULL_SHA 384", 0 xc03b); | |
1366 | } | |
1367 | ||
1368 | // cip hersuite S SL_NULL_WI TH_NULL_NU LL | |
1369 | final static Cip herSuite C _NULL = Ci pherSuite. valueOf(0, 0); | |
1370 | ||
1371 | // cip hersuite T LS_EMPTY_R ENEGOTIATI ON_INFO_SC SV | |
1372 | final static Cip herSuite C _SCSV = Ci pherSuite. valueOf(0x 00, 0xff); | |
1373 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.