001: /*
002: * Copyright 2002-2007 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004: *
005: * This code is free software; you can redistribute it and/or modify it
006: * under the terms of the GNU General Public License version 2 only, as
007: * published by the Free Software Foundation. Sun designates this
008: * particular file as subject to the "Classpath" exception as provided
009: * by Sun in the LICENSE file that accompanied this code.
010: *
011: * This code is distributed in the hope that it will be useful, but WITHOUT
012: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014: * version 2 for more details (a copy is included in the LICENSE file that
015: * accompanied this code).
016: *
017: * You should have received a copy of the GNU General Public License version
018: * 2 along with this work; if not, write to the Free Software Foundation,
019: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022: * CA 95054 USA or visit www.sun.com if you need additional information or
023: * have any questions.
024: */
025:
026: package sun.security.ssl;
027:
028: import java.util.*;
029:
030: import java.security.NoSuchAlgorithmException;
031: import java.security.InvalidKeyException;
032:
033: import javax.crypto.SecretKey;
034: import javax.crypto.spec.IvParameterSpec;
035: import javax.crypto.spec.SecretKeySpec;
036:
037: import sun.security.ssl.CipherSuite.*;
038: import static sun.security.ssl.CipherSuite.KeyExchange.*;
039: import static sun.security.ssl.JsseJce.*;
040:
041: /**
042: * An SSL/TLS CipherSuite. Constants for the standard key exchange, cipher,
043: * and mac algorithms are also defined in this class.
044: *
045: * The CipherSuite class and the inner classes defined in this file roughly
046: * follow the type safe enum pattern described in Effective Java. This means:
047: *
048: * . instances are immutable, classes are final
049: *
050: * . there is a unique instance of every value, i.e. there are never two
051: * instances representing the same CipherSuite, etc. This means equality
052: * tests can be performed using == instead of equals() (although that works
053: * as well). [A minor exception are *unsupported* CipherSuites read from a
054: * handshake message, but this is usually irrelevant]
055: *
056: * . instances are obtained using the static valueOf() factory methods.
057: *
058: * . properties are defined as final variables and made available as
059: * package private variables without method accessors
060: *
061: * . if the member variable allowed is false, the given algorithm is either
062: * unavailable or disabled at compile time
063: *
064: * @version 1.18, 05/05/07
065: */
066: final class CipherSuite implements Comparable {
067:
068: // minimum priority for supported CipherSuites
069: final static int SUPPORTED_SUITES_PRIORITY = 1;
070:
071: // minimum priority for default enabled CipherSuites
072: final static int DEFAULT_SUITES_PRIORITY = 300;
073:
074: // Flag indicating if CipherSuite availability can change dynamically.
075: // This is the case when we rely on a JCE cipher implementation that
076: // may not be available in the installed JCE providers.
077: // It is true because we do not have a Java ECC implementation.
078: final static boolean DYNAMIC_AVAILABILITY = true;
079:
080: private final static boolean ALLOW_ECC = Debug.getBooleanProperty(
081: "com.sun.net.ssl.enableECC", true);
082:
083: // Map Integer(id) -> CipherSuite
084: // contains all known CipherSuites
085: private final static Map<Integer, CipherSuite> idMap;
086:
087: // Map String(name) -> CipherSuite
088: // contains only supported CipherSuites (i.e. allowed == true)
089: private final static Map<String, CipherSuite> nameMap;
090:
091: // Protocol defined CipherSuite name, e.g. SSL_RSA_WITH_RC4_128_MD5
092: // we use TLS_* only for new CipherSuites, still SSL_* for old ones
093: final String name;
094:
095: // id in 16 bit MSB format, i.e. 0x0004 for SSL_RSA_WITH_RC4_128_MD5
096: final int id;
097:
098: // priority for the internal default preference order. the higher the
099: // better. Each supported CipherSuite *must* have a unique priority.
100: // Ciphersuites with priority >= DEFAULT_SUITES_PRIORITY are enabled
101: // by default
102: final int priority;
103:
104: // key exchange, bulk cipher, and mac algorithms. See those classes below.
105: final KeyExchange keyExchange;
106: final BulkCipher cipher;
107: final MacAlg macAlg;
108:
109: // whether a CipherSuite qualifies as exportable under 512/40 bit rules.
110: final boolean exportable;
111:
112: // true iff implemented and enabled at compile time
113: final boolean allowed;
114:
115: private CipherSuite(String name, int id, int priority,
116: KeyExchange keyExchange, BulkCipher cipher, boolean allowed) {
117: this .name = name;
118: this .id = id;
119: this .priority = priority;
120: this .keyExchange = keyExchange;
121: this .cipher = cipher;
122: this .exportable = cipher.exportable;
123: if (name.endsWith("_MD5")) {
124: macAlg = M_MD5;
125: } else if (name.endsWith("_SHA")) {
126: macAlg = M_SHA;
127: } else if (name.endsWith("_NULL")) {
128: macAlg = M_NULL;
129: } else {
130: throw new IllegalArgumentException(
131: "Unknown MAC algorithm for ciphersuite " + name);
132: }
133:
134: allowed &= keyExchange.allowed;
135: allowed &= cipher.allowed;
136: this .allowed = allowed;
137: }
138:
139: private CipherSuite(String name, int id) {
140: this .name = name;
141: this .id = id;
142: this .allowed = false;
143:
144: this .priority = 0;
145: this .keyExchange = null;
146: this .cipher = null;
147: this .macAlg = null;
148: this .exportable = false;
149: }
150:
151: /**
152: * Return whether this CipherSuite is available for use. A
153: * CipherSuite may be unavailable even if it is supported
154: * (i.e. allowed == true) if the required JCE cipher is not installed.
155: * In some configuration, this situation may change over time, call
156: * CipherSuiteList.clearAvailableCache() before this method to obtain
157: * the most current status.
158: */
159: boolean isAvailable() {
160: return allowed && keyExchange.isAvailable()
161: && cipher.isAvailable();
162: }
163:
164: /**
165: * Compares CipherSuites based on their priority. Has the effect of
166: * sorting CipherSuites when put in a sorted collection, which is
167: * used by CipherSuiteList. Follows standard Comparable contract.
168: *
169: * Note that for unsupported CipherSuites parsed from a handshake
170: * message we violate the equals() contract.
171: */
172: public int compareTo(Object o) {
173: return ((CipherSuite) o).priority - priority;
174: }
175:
176: /**
177: * Returns this.name.
178: */
179: public String toString() {
180: return name;
181: }
182:
183: /**
184: * Return a CipherSuite for the given name. The returned CipherSuite
185: * is supported by this implementation but may not actually be
186: * currently useable. See isAvailable().
187: *
188: * @exception IllegalArgumentException if the CipherSuite is unknown or
189: * unsupported.
190: */
191: static CipherSuite valueOf(String s) {
192: if (s == null) {
193: throw new IllegalArgumentException("Name must not be null");
194: }
195: CipherSuite c = (CipherSuite) nameMap.get(s);
196: if ((c == null) || (c.allowed == false)) {
197: throw new IllegalArgumentException(
198: "Unsupported ciphersuite " + s);
199: }
200: return c;
201: }
202:
203: /**
204: * Return a CipherSuite with the given ID. A temporary object is
205: * constructed if the ID is unknown. Use isAvailable() to verify that
206: * the CipherSuite can actually be used.
207: */
208: static CipherSuite valueOf(int id1, int id2) {
209: id1 &= 0xff;
210: id2 &= 0xff;
211: int id = (id1 << 8) | id2;
212: CipherSuite c = idMap.get(id);
213: if (c == null) {
214: String h1 = Integer.toString(id1, 16);
215: String h2 = Integer.toString(id2, 16);
216: c = new CipherSuite("Unknown 0x" + h1 + ":0x" + h2, id);
217: }
218: return c;
219: }
220:
221: // for use by CipherSuiteList only
222: static Collection<CipherSuite> allowedCipherSuites() {
223: return nameMap.values();
224: }
225:
226: private static void add(String name, int id, int priority,
227: KeyExchange keyExchange, BulkCipher cipher, boolean allowed) {
228: CipherSuite c = new CipherSuite(name, id, priority,
229: keyExchange, cipher, allowed);
230: if (idMap.put(id, c) != null) {
231: throw new RuntimeException(
232: "Duplicate ciphersuite definition: " + id + ", "
233: + name);
234: }
235: if (c.allowed) {
236: if (nameMap.put(name, c) != null) {
237: throw new RuntimeException(
238: "Duplicate ciphersuite definition: " + id
239: + ", " + name);
240: }
241: }
242: }
243:
244: private static void add(String name, int id) {
245: CipherSuite c = new CipherSuite(name, id);
246: if (idMap.put(id, c) != null) {
247: throw new RuntimeException(
248: "Duplicate ciphersuite definition: " + id + ", "
249: + name);
250: }
251: }
252:
253: /**
254: * An SSL/TLS key exchange algorithm.
255: */
256: static enum KeyExchange {
257:
258: // key exchange algorithms
259: K_NULL("NULL", false), K_RSA("RSA", true), K_RSA_EXPORT(
260: "RSA_EXPORT", true), K_DH_RSA("DH_RSA", false), K_DH_DSS(
261: "DH_DSS", false), K_DHE_DSS("DHE_DSS", true), K_DHE_RSA(
262: "DHE_RSA", true), K_DH_ANON("DH_anon", true),
263:
264: K_ECDH_ECDSA("ECDH_ECDSA", ALLOW_ECC), K_ECDH_RSA("ECDH_RSA",
265: ALLOW_ECC), K_ECDHE_ECDSA("ECDHE_ECDSA", ALLOW_ECC), K_ECDHE_RSA(
266: "ECDHE_RSA", ALLOW_ECC), K_ECDH_ANON("ECDH_anon",
267: ALLOW_ECC),
268:
269: // Kerberos cipher suites
270: K_KRB5("KRB5", true), K_KRB5_EXPORT("KRB5_EXPORT", true);
271:
272: // name of the key exchange algorithm, e.g. DHE_DSS
273: final String name;
274: final boolean allowed;
275: private final boolean alwaysAvailable;
276:
277: KeyExchange(String name, boolean allowed) {
278: this .name = name;
279: this .allowed = allowed;
280: this .alwaysAvailable = allowed
281: && (name.startsWith("EC") == false);
282: }
283:
284: boolean isAvailable() {
285: if (alwaysAvailable) {
286: return true;
287: }
288: return allowed && JsseJce.isEcAvailable();
289: }
290:
291: public String toString() {
292: return name;
293: }
294: }
295:
296: /**
297: * An SSL/TLS bulk cipher algorithm. One instance per combination of
298: * cipher and key length.
299: *
300: * Also contains a factory method to obtain in initialized CipherBox
301: * for this algorithm.
302: */
303: final static class BulkCipher {
304:
305: // Map BulkCipher -> Boolean(available)
306: private final static Map<BulkCipher, Boolean> availableCache = new HashMap<BulkCipher, Boolean>(
307: 8);
308:
309: // descriptive name including key size, e.g. AES/128
310: final String description;
311:
312: // JCE cipher transformation string, e.g. AES/CBC/NoPadding
313: final String transformation;
314:
315: // algorithm name, e.g. AES
316: final String algorithm;
317:
318: // supported and compile time enabled. Also see isAvailable()
319: final boolean allowed;
320:
321: // number of bytes of entropy in the key
322: final int keySize;
323:
324: // length of the actual cipher key in bytes.
325: // for non-exportable ciphers, this is the same as keySize
326: final int expandedKeySize;
327:
328: // size of the IV (also block size)
329: final int ivSize;
330:
331: // exportable under 512/40 bit rules
332: final boolean exportable;
333:
334: BulkCipher(String transformation, int keySize,
335: int expandedKeySize, int ivSize, boolean allowed) {
336: this .transformation = transformation;
337: this .algorithm = transformation.split("/")[0];
338: this .description = this .algorithm + "/" + (keySize << 3);
339: this .keySize = keySize;
340: this .ivSize = ivSize;
341: this .allowed = allowed;
342:
343: this .expandedKeySize = expandedKeySize;
344: this .exportable = true;
345: }
346:
347: BulkCipher(String transformation, int keySize, int ivSize,
348: boolean allowed) {
349: this .transformation = transformation;
350: this .algorithm = transformation.split("/")[0];
351: this .description = this .algorithm + "/" + (keySize << 3);
352: this .keySize = keySize;
353: this .ivSize = ivSize;
354: this .allowed = allowed;
355:
356: this .expandedKeySize = keySize;
357: this .exportable = false;
358: }
359:
360: /**
361: * Return an initialized CipherBox for this BulkCipher.
362: * IV must be null for stream ciphers.
363: *
364: * @exception NoSuchAlgorithmException if anything goes wrong
365: */
366: CipherBox newCipher(ProtocolVersion version, SecretKey key,
367: IvParameterSpec iv, boolean encrypt)
368: throws NoSuchAlgorithmException {
369: return CipherBox.newCipherBox(version, this , key, iv,
370: encrypt);
371: }
372:
373: /**
374: * Test if this bulk cipher is available. For use by CipherSuite.
375: *
376: * Currently all supported ciphers except AES are always available
377: * via the JSSE internal implementations. We also assume AES/128
378: * is always available since it is shipped with the SunJCE provider.
379: * However, AES/256 is unavailable when the default JCE policy
380: * jurisdiction files are installed because of key length restrictions.
381: */
382: boolean isAvailable() {
383: if (allowed == false) {
384: return false;
385: }
386: if (this == B_AES_256) {
387: return isAvailable(this );
388: }
389: // always available
390: return true;
391: }
392:
393: // for use by CipherSuiteList.clearAvailableCache();
394: static synchronized void clearAvailableCache() {
395: if (DYNAMIC_AVAILABILITY) {
396: availableCache.clear();
397: }
398: }
399:
400: private static synchronized boolean isAvailable(
401: BulkCipher cipher) {
402: Boolean b = (Boolean) availableCache.get(cipher);
403: if (b == null) {
404: try {
405: SecretKey key = new SecretKeySpec(
406: new byte[cipher.expandedKeySize],
407: cipher.algorithm);
408: IvParameterSpec iv = new IvParameterSpec(
409: new byte[cipher.ivSize]);
410: cipher.newCipher(ProtocolVersion.DEFAULT, key, iv,
411: true);
412: b = Boolean.TRUE;
413: } catch (NoSuchAlgorithmException e) {
414: b = Boolean.FALSE;
415: }
416: availableCache.put(cipher, b);
417: }
418: return b.booleanValue();
419: }
420:
421: public String toString() {
422: return description;
423: }
424: }
425:
426: /**
427: * An SSL/TLS key MAC algorithm.
428: *
429: * Also contains a factory method to obtain in initialized MAC
430: * for this algorithm.
431: */
432: final static class MacAlg {
433:
434: // descriptive name, e.g. MD5
435: final String name;
436:
437: // size of the MAC value (and MAC key) in bytes
438: final int size;
439:
440: MacAlg(String name, int size) {
441: this .name = name;
442: this .size = size;
443: }
444:
445: /**
446: * Return an initialized MAC for this MacAlg. ProtocolVersion
447: * must either be SSL30 (SSLv3 custom MAC) or TLS10 (std. HMAC).
448: *
449: * @exception NoSuchAlgorithmException if anything goes wrong
450: */
451: MAC newMac(ProtocolVersion protocolVersion, SecretKey secret)
452: throws NoSuchAlgorithmException, InvalidKeyException {
453: return new MAC(this , protocolVersion, secret);
454: }
455:
456: public String toString() {
457: return name;
458: }
459: }
460:
461: // export strength ciphers
462: final static BulkCipher B_NULL = new BulkCipher("NULL", 0, 0, 0,
463: true);
464: final static BulkCipher B_RC4_40 = new BulkCipher(CIPHER_RC4, 5,
465: 16, 0, true);
466: final static BulkCipher B_RC2_40 = new BulkCipher("RC2", 5, 16, 8,
467: false);
468: final static BulkCipher B_DES_40 = new BulkCipher(CIPHER_DES, 5, 8,
469: 8, true);
470:
471: // domestic strength ciphers
472: final static BulkCipher B_RC4_128 = new BulkCipher(CIPHER_RC4, 16,
473: 0, true);
474: final static BulkCipher B_DES = new BulkCipher(CIPHER_DES, 8, 8,
475: true);
476: final static BulkCipher B_3DES = new BulkCipher(CIPHER_3DES, 24, 8,
477: true);
478: final static BulkCipher B_IDEA = new BulkCipher("IDEA", 16, 8,
479: false);
480: final static BulkCipher B_AES_128 = new BulkCipher(CIPHER_AES, 16,
481: 16, true);
482: final static BulkCipher B_AES_256 = new BulkCipher(CIPHER_AES, 32,
483: 16, true);
484:
485: // MACs
486: final static MacAlg M_NULL = new MacAlg("NULL", 0);
487: final static MacAlg M_MD5 = new MacAlg("MD5", 16);
488: final static MacAlg M_SHA = new MacAlg("SHA", 20);
489:
490: static {
491: idMap = new HashMap<Integer, CipherSuite>();
492: nameMap = new HashMap<String, CipherSuite>();
493:
494: final boolean F = false;
495: final boolean T = true;
496: // N: ciphersuites only allowed if we are not in FIPS mode
497: final boolean N = (SunJSSE.isFIPS() == false);
498:
499: add("SSL_NULL_WITH_NULL_NULL", 0x0000, 1, K_NULL, B_NULL, F);
500:
501: // Definition of the CipherSuites that are enabled by default.
502: // They are listed in preference order, most preferred first.
503: int p = DEFAULT_SUITES_PRIORITY * 2;
504:
505: add("SSL_RSA_WITH_RC4_128_MD5", 0x0004, --p, K_RSA, B_RC4_128,
506: N);
507: add("SSL_RSA_WITH_RC4_128_SHA", 0x0005, --p, K_RSA, B_RC4_128,
508: N);
509: add("TLS_RSA_WITH_AES_128_CBC_SHA", 0x002f, --p, K_RSA,
510: B_AES_128, T);
511: add("TLS_RSA_WITH_AES_256_CBC_SHA", 0x0035, --p, K_RSA,
512: B_AES_256, T);
513:
514: add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 0xC002, --p,
515: K_ECDH_ECDSA, B_RC4_128, N);
516: add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 0xC004, --p,
517: K_ECDH_ECDSA, B_AES_128, T);
518: add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 0xC005, --p,
519: K_ECDH_ECDSA, B_AES_256, T);
520: add("TLS_ECDH_RSA_WITH_RC4_128_SHA", 0xC00C, --p, K_ECDH_RSA,
521: B_RC4_128, N);
522: add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 0xC00E, --p,
523: K_ECDH_RSA, B_AES_128, T);
524: add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 0xC00F, --p,
525: K_ECDH_RSA, B_AES_256, T);
526:
527: add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 0xC007, --p,
528: K_ECDHE_ECDSA, B_RC4_128, N);
529: add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 0xC009, --p,
530: K_ECDHE_ECDSA, B_AES_128, T);
531: add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 0xC00A, --p,
532: K_ECDHE_ECDSA, B_AES_256, T);
533: add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", 0xC011, --p, K_ECDHE_RSA,
534: B_RC4_128, N);
535: add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 0xC013, --p,
536: K_ECDHE_RSA, B_AES_128, T);
537: add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 0xC014, --p,
538: K_ECDHE_RSA, B_AES_256, T);
539:
540: add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 0x0033, --p, K_DHE_RSA,
541: B_AES_128, T);
542: add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 0x0039, --p, K_DHE_RSA,
543: B_AES_256, T);
544: add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 0x0032, --p, K_DHE_DSS,
545: B_AES_128, T);
546: add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 0x0038, --p, K_DHE_DSS,
547: B_AES_256, T);
548:
549: add("SSL_RSA_WITH_3DES_EDE_CBC_SHA", 0x000a, --p, K_RSA,
550: B_3DES, T);
551: add("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 0xC003, --p,
552: K_ECDH_ECDSA, B_3DES, T);
553: add("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 0xC00D, --p,
554: K_ECDH_RSA, B_3DES, T);
555: add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 0xC008, --p,
556: K_ECDHE_ECDSA, B_3DES, T);
557: add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 0xC012, --p,
558: K_ECDHE_RSA, B_3DES, T);
559: add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 0x0016, --p,
560: K_DHE_RSA, B_3DES, T);
561: add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 0x0013, --p,
562: K_DHE_DSS, B_3DES, N);
563:
564: add("SSL_RSA_WITH_DES_CBC_SHA", 0x0009, --p, K_RSA, B_DES, N);
565: add("SSL_DHE_RSA_WITH_DES_CBC_SHA", 0x0015, --p, K_DHE_RSA,
566: B_DES, N);
567: add("SSL_DHE_DSS_WITH_DES_CBC_SHA", 0x0012, --p, K_DHE_DSS,
568: B_DES, N);
569: add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", 0x0003, --p,
570: K_RSA_EXPORT, B_RC4_40, N);
571: add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 0x0008, --p,
572: K_RSA_EXPORT, B_DES_40, N);
573: add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 0x0014, --p,
574: K_DHE_RSA, B_DES_40, N);
575: add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 0x0011, --p,
576: K_DHE_DSS, B_DES_40, N);
577:
578: // Definition of the CipherSuites that are supported but not enabled
579: // by default.
580: // They are listed in preference order, preferred first.
581: p = DEFAULT_SUITES_PRIORITY;
582:
583: // Anonymous key exchange and the NULL ciphers
584: add("SSL_RSA_WITH_NULL_MD5", 0x0001, --p, K_RSA, B_NULL, N);
585: add("SSL_RSA_WITH_NULL_SHA", 0x0002, --p, K_RSA, B_NULL, N);
586: add("TLS_ECDH_ECDSA_WITH_NULL_SHA", 0xC001, --p, K_ECDH_ECDSA,
587: B_NULL, N);
588: add("TLS_ECDH_RSA_WITH_NULL_SHA", 0xC00B, --p, K_ECDH_RSA,
589: B_NULL, N);
590: add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", 0xC006, --p,
591: K_ECDHE_ECDSA, B_NULL, N);
592: add("TLS_ECDHE_RSA_WITH_NULL_SHA", 0xC010, --p, K_ECDHE_RSA,
593: B_NULL, N);
594:
595: add("SSL_DH_anon_WITH_RC4_128_MD5", 0x0018, --p, K_DH_ANON,
596: B_RC4_128, N);
597: add("TLS_DH_anon_WITH_AES_128_CBC_SHA", 0x0034, --p, K_DH_ANON,
598: B_AES_128, N);
599: add("TLS_DH_anon_WITH_AES_256_CBC_SHA", 0x003a, --p, K_DH_ANON,
600: B_AES_256, N);
601: add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", 0x001b, --p,
602: K_DH_ANON, B_3DES, N);
603: add("SSL_DH_anon_WITH_DES_CBC_SHA", 0x001a, --p, K_DH_ANON,
604: B_DES, N);
605:
606: add("TLS_ECDH_anon_WITH_RC4_128_SHA", 0xC016, --p, K_ECDH_ANON,
607: B_RC4_128, N);
608: add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", 0xC018, --p,
609: K_ECDH_ANON, B_AES_128, T);
610: add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA", 0xC019, --p,
611: K_ECDH_ANON, B_AES_256, T);
612: add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", 0xC017, --p,
613: K_ECDH_ANON, B_3DES, T);
614:
615: add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", 0x0017, --p,
616: K_DH_ANON, B_RC4_40, N);
617: add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 0x0019, --p,
618: K_DH_ANON, B_DES_40, N);
619:
620: add("TLS_ECDH_anon_WITH_NULL_SHA", 0xC015, --p, K_ECDH_ANON,
621: B_NULL, N);
622:
623: // Supported Kerberos ciphersuites from RFC2712
624: add("TLS_KRB5_WITH_RC4_128_SHA", 0x0020, --p, K_KRB5,
625: B_RC4_128, N);
626: add("TLS_KRB5_WITH_RC4_128_MD5", 0x0024, --p, K_KRB5,
627: B_RC4_128, N);
628: add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", 0x001f, --p, K_KRB5,
629: B_3DES, N);
630: add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", 0x0023, --p, K_KRB5,
631: B_3DES, N);
632: add("TLS_KRB5_WITH_DES_CBC_SHA", 0x001e, --p, K_KRB5, B_DES, N);
633: add("TLS_KRB5_WITH_DES_CBC_MD5", 0x0022, --p, K_KRB5, B_DES, N);
634: add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", 0x0028, --p,
635: K_KRB5_EXPORT, B_RC4_40, N);
636: add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", 0x002b, --p,
637: K_KRB5_EXPORT, B_RC4_40, N);
638: add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", 0x0026, --p,
639: K_KRB5_EXPORT, B_DES_40, N);
640: add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", 0x0029, --p,
641: K_KRB5_EXPORT, B_DES_40, N);
642:
643: // Register the names of a few additional CipherSuites.
644: // Makes them show up as names instead of numbers in
645: // the debug output.
646:
647: // remaining unsupported ciphersuites defined in RFC2246.
648: add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", 0x0006);
649: add("SSL_RSA_WITH_IDEA_CBC_SHA", 0x0007);
650: add("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", 0x000b);
651: add("SSL_DH_DSS_WITH_DES_CBC_SHA", 0x000c);
652: add("SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", 0x000d);
653: add("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", 0x000e);
654: add("SSL_DH_RSA_WITH_DES_CBC_SHA", 0x000f);
655: add("SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", 0x0010);
656:
657: // SSL 3.0 Fortezza ciphersuites
658: add("SSL_FORTEZZA_DMS_WITH_NULL_SHA", 0x001c);
659: add("SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA", 0x001d);
660:
661: // 1024/56 bit exportable ciphersuites from expired internet draft
662: add("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", 0x0062);
663: add("SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", 0x0063);
664: add("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", 0x0064);
665: add("SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", 0x0065);
666: add("SSL_DHE_DSS_WITH_RC4_128_SHA", 0x0066);
667:
668: // Netscape old and new SSL 3.0 FIPS ciphersuites
669: // see http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html
670: add("NETSCAPE_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xffe0);
671: add("NETSCAPE_RSA_FIPS_WITH_DES_CBC_SHA", 0xffe1);
672: add("SSL_RSA_FIPS_WITH_DES_CBC_SHA", 0xfefe);
673: add("SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xfeff);
674:
675: // Unsupported Kerberos cipher suites from RFC 2712
676: add("TLS_KRB5_WITH_IDEA_CBC_SHA", 0x0021);
677: add("TLS_KRB5_WITH_IDEA_CBC_MD5", 0x0025);
678: add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", 0x0027);
679: add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", 0x002a);
680:
681: }
682:
683: // ciphersuite SSL_NULL_WITH_NULL_NULL
684: final static CipherSuite C_NULL = CipherSuite.valueOf(0, 0);
685:
686: }
|