8aa540d2f7
Imported GNU Classpath 0.90
* scripts/makemake.tcl: Set gnu/java/awt/peer/swing to ignore.
* gnu/classpath/jdwp/VMFrame.java (SIZE): New constant.
* java/lang/VMCompiler.java: Use gnu.java.security.hash.MD5.
* java/lang/Math.java: New override file.
* java/lang/Character.java: Merged from Classpath.
(start, end): Now 'int's.
(canonicalName): New field.
(CANONICAL_NAME, NO_SPACES_NAME, CONSTANT_NAME): New constants.
(UnicodeBlock): Added argument.
(of): New overload.
(forName): New method.
Updated unicode blocks.
(sets): Updated.
* sources.am: Regenerated.
* Makefile.in: Likewise.
From-SVN: r111942
754 lines
35 KiB
Java
754 lines
35 KiB
Java
/* CipherSuite.java -- Supported cipher suites.
|
|
Copyright (C) 2006 Free Software Foundation, Inc.
|
|
|
|
This file is a part of GNU Classpath.
|
|
|
|
GNU Classpath is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or (at
|
|
your option) any later version.
|
|
|
|
GNU Classpath is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with GNU Classpath; if not, write to the Free Software
|
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
|
|
USA
|
|
|
|
Linking this library statically or dynamically with other modules is
|
|
making a combined work based on this library. Thus, the terms and
|
|
conditions of the GNU General Public License cover the whole
|
|
combination.
|
|
|
|
As a special exception, the copyright holders of this library give you
|
|
permission to link this library with independent modules to produce an
|
|
executable, regardless of the license terms of these independent
|
|
modules, and to copy and distribute the resulting executable under
|
|
terms of your choice, provided that you also meet, for each linked
|
|
independent module, the terms and conditions of the license of that
|
|
module. An independent module is a module which is not derived from
|
|
or based on this library. If you modify this library, you may extend
|
|
this exception to your version of the library, but you are not
|
|
obligated to do so. If you do not wish to do so, delete this
|
|
exception statement from your version. */
|
|
|
|
|
|
package gnu.javax.net.ssl.provider;
|
|
|
|
import java.io.DataInputStream;
|
|
import java.io.InputStream;
|
|
import java.io.IOException;
|
|
import java.io.OutputStream;
|
|
|
|
import java.lang.reflect.Field;
|
|
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.security.NoSuchProviderException;
|
|
import java.security.Provider;
|
|
import java.security.Security;
|
|
|
|
import java.util.HashMap;
|
|
import java.util.Iterator;
|
|
import java.util.LinkedList;
|
|
import java.util.List;
|
|
import java.util.Set;
|
|
|
|
import javax.crypto.Cipher;
|
|
import javax.crypto.Mac;
|
|
import javax.crypto.NoSuchPaddingException;
|
|
|
|
import gnu.javax.crypto.cipher.CipherFactory;
|
|
import gnu.javax.crypto.cipher.IBlockCipher;
|
|
import gnu.javax.crypto.mac.IMac;
|
|
import gnu.javax.crypto.mac.MacFactory;
|
|
import gnu.javax.crypto.mode.IMode;
|
|
import gnu.javax.crypto.mode.ModeFactory;
|
|
|
|
final class CipherSuite implements Constructed
|
|
{
|
|
|
|
// Constants and fields.
|
|
// -------------------------------------------------------------------------
|
|
|
|
private static final List tlsSuiteNames = new LinkedList();
|
|
private static final HashMap namesToSuites = new HashMap();
|
|
|
|
// SSL CipherSuites.
|
|
static final CipherSuite SSL_NULL_WITH_NULL_NULL =
|
|
new CipherSuite("null", "null", "null", "null", 0, 0x00, 0x00,
|
|
"SSL_NULL_WITH_NULL_NULL", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_NULL_MD5 =
|
|
new CipherSuite("null", "RSA", "RSA", "SSLMAC-MD5", 0, 0x00, 0x01,
|
|
"SSL_RSA_WITH_NULL_MD5", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_NULL_SHA =
|
|
new CipherSuite("null", "RSA", "RSA", "SSLMAC-SHA", 0, 0x00, 0x02,
|
|
"SSL_RSA_WITH_NULL_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_EXPORT_WITH_RC4_40_MD5 =
|
|
new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-MD5", 5, 0x00, 0x03,
|
|
"SSL_RSA_EXPORT_WITH_RC4_40_MD5", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_RC4_128_MD5 =
|
|
new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-MD5", 16, 0x00, 0x04,
|
|
"SSL_RSA_WITH_RC4_128_MD5", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_RC4_128_SHA =
|
|
new CipherSuite("RC4", "RSA", "RSA", "SSLMAC-SHA", 16, 0x00, 0x05,
|
|
"SSL_RSA_WITH_RC4_128_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "RSA", "RSA", "SSLMAC-SHA", 5, 0x00, 0x08,
|
|
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "RSA", "RSA", "SSLMAC-SHA", 8, 0x00, 0x09,
|
|
"SSL_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "RSA", "RSA", "SSLMAC-SHA", 24, 0x00, 0x0A,
|
|
"SSL_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "DSS", "SSLMAC-SHA", 5, 0x00, 0x0B,
|
|
"SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_DSS_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "DSS", "SSLMAC-SHA", 8, 0x00, 0x0C,
|
|
"SSL_DH_DSS_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DH", "DSS", "SSLMAC-SHA", 24, 0x00, 0x0D,
|
|
"SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "RSA", "SSLMAC-SHA", 5, 0x00, 0x0E,
|
|
"SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "RSA", "SSLMAC-SHA", 8, 0x00, 0x0F,
|
|
"SSL_DH_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DH", "RSA", "SSLMAC-SHA", 24, 0x00, 0x10,
|
|
"SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "DSS", "SSLMAC-SHA", 5, 0x00, 0x11,
|
|
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "DSS", "SSLMAC-SHA", 8, 0x00, 0x12,
|
|
"SSL_DHE_DSS_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DHE", "DSS", "SSLMAC-SHA", 24, 0x00, 0x13,
|
|
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "RSA", "SSLMAC-SHA", 5, 0x00, 0x14,
|
|
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "RSA", "SSLMAC-SHA", 8, 0x00, 0x15,
|
|
"SSL_DHE_RSA_WITH_DES_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DHE", "RSA", "SSLMAC-SHA", 24, 0x00, 0x16,
|
|
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.SSL_3);
|
|
|
|
// AES CipherSuites.
|
|
static final CipherSuite SSL_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "RSA", "RSA", "SSLMAC-SHA", 16, 0x00, 0x2F,
|
|
"SSL_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_DSS_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "DSS", "SSLMAC-SHA", 16, 0x00, 0x30,
|
|
"SSL_DH_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "RSA", "SSLMAC-SHA", 16, 0x00, 0x31,
|
|
"SSL_DH_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "DSS", "SSLMAC-SHA", 16, 0x00, 0x32,
|
|
"SSL_DHE_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "RSA", "SSLMAC-SHA", 16, 0x00, 0x33,
|
|
"SSL_DHE_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "RSA", "RSA", "SSLMAC-SHA", 32, 0x00, 0x35,
|
|
"SSL_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_DSS_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "DSS", "SSLMAC-SHA", 32, 0x00, 0x36,
|
|
"SSL_DH_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DH_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "RSA", "SSLMAC-SHA", 32, 0x00, 0x37,
|
|
"SSL_DH_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "DSS", "SSLMAC-SHA", 32, 0x00, 0x38,
|
|
"SSL_DHE_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "RSA", "SSLMAC-SHA", 32, 0x00, 0x39,
|
|
"SSL_DHE_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.SSL_3);
|
|
|
|
// Ciphersuites from the OpenPGP extension draft.
|
|
static final CipherSuite SSL_DHE_DSS_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x70,
|
|
"SSL_DHE_DSS_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x71,
|
|
"SSL_DHE_DSS_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-RIPEMD-160", 24, 0x00, 0x72,
|
|
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x73,
|
|
"SSL_DHE_DSS_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_DSS_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 32, 0x00, 0x74,
|
|
"SSL_DHE_DSS_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x75,
|
|
"SSL_DHE_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x76,
|
|
"SSL_DHE_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x77,
|
|
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x78,
|
|
"SSL_DHE_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_DHE_RSA_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x79,
|
|
"SSL_DHE_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x7A,
|
|
"SSL_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7B,
|
|
"SSL_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x7C,
|
|
"SSL_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7D,
|
|
"SSL_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.SSL_3);
|
|
static final CipherSuite SSL_RSA_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x7E,
|
|
"SSL_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.SSL_3);
|
|
|
|
static final CipherSuite TLS_NULL_WITH_NULL_NULL =
|
|
new CipherSuite("null", "null", "null", "null", 0, 0x00, 0x00,
|
|
"TLS_NULL_WITH_NULL_NULL", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_NULL_MD5 =
|
|
new CipherSuite("null", "RSA", "RSA", "HMAC-MD5", 0, 0x00, 0x01,
|
|
"TLS_RSA_WITH_NULL_MD5", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_NULL_SHA =
|
|
new CipherSuite("null", "RSA", "RSA", "HMAC-SHA", 0, 0x00, 0x02,
|
|
"TLS_RSA_WITH_NULL_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 =
|
|
new CipherSuite("RC4", "RSA", "RSA", "HMAC-MD5", 5, 0x00, 0x03,
|
|
"TLS_RSA_EXPORT_WITH_RC4_40_MD5", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_RC4_128_MD5 =
|
|
new CipherSuite("RC4", "RSA", "RSA", "HMAC-MD5", 16, 0x00, 0x04,
|
|
"TLS_RSA_WITH_RC4_128_MD5", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_RC4_128_SHA =
|
|
new CipherSuite("RC4", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x05,
|
|
"TLS_RSA_WITH_RC4_128_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "RSA", "RSA", "HMAC-SHA", 5, 0x00, 0x08,
|
|
"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "RSA", "RSA", "HMAC-SHA", 8, 0x00, 0x09,
|
|
"TLS_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-SHA", 24, 0x00, 0x0A,
|
|
"TLS_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "DSS", "HMAC-SHA", 5, 0x00, 0x0B,
|
|
"TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "DSS", "HMAC-SHA", 8, 0x00, 0x0C,
|
|
"TLS_DH_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DH", "DSS", "HMAC-SHA", 24, 0x00, 0x0D,
|
|
"TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 5, 0x00, 0x0E,
|
|
"TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 8, 0x00, 0x0F,
|
|
"TLS_DH_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DH", "RSA", "HMAC-SHA", 24, 0x00, 0x10,
|
|
"TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 5, 0x00, 0x11,
|
|
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 8, 0x00, 0x12,
|
|
"TLS_DHE_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-SHA", 24, 0x00, 0x13,
|
|
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 5, 0x00, 0x14,
|
|
"TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA =
|
|
new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 8, 0x00, 0x15,
|
|
"TLS_DHE_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-SHA", 24, 0x00, 0x16,
|
|
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
|
|
// AES CipherSuites.
|
|
static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x2F,
|
|
"TLS_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 16, 0x00, 0x30,
|
|
"TLS_DH_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 16, 0x00, 0x31,
|
|
"TLS_DH_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x32,
|
|
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x33,
|
|
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 32, 0x00, 0x35,
|
|
"TLS_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 32, 0x00, 0x36,
|
|
"TLS_DH_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 32, 0x00, 0x37,
|
|
"TLS_DH_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 32, 0x00, 0x38,
|
|
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 32, 0x00, 0x39,
|
|
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
|
|
// Secure remote password (SRP) ciphersuites
|
|
static final CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "SRP", "anon", "HMAC-SHA", 24, 0x00, 0x50,
|
|
"TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "SRP", "RSA", "HMAC-SHA", 24, 0x00, 0x51,
|
|
"TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA =
|
|
new CipherSuite("TripleDES", "SRP", "DSS", "HMAC-SHA", 24, 0x00, 0x52,
|
|
"TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 16, 0x00, 0x53,
|
|
"TLS_SRP_SHA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 16, 0x00, 0x54,
|
|
"TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 16, 0x00, 0x55,
|
|
"TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 32, 0x00, 0x56,
|
|
"TLS_SRP_SHA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 32, 0x00, 0x57,
|
|
"TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA =
|
|
new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 32, 0x00, 0x58,
|
|
"TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
|
|
|
|
// Ciphersuites from the OpenPGP extension draft.
|
|
static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x70,
|
|
"TLS_DHE_DSS_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x71,
|
|
"TLS_DHE_DSS_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-RIPEMD-160", 24, 0x00, 0x72,
|
|
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x73,
|
|
"TLS_DHE_DSS_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 32, 0x00, 0x74,
|
|
"TLS_DHE_DSS_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x75,
|
|
"TLS_DHE_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x76,
|
|
"TLS_DHE_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x77,
|
|
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x78,
|
|
"TLS_DHE_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x79,
|
|
"TLS_DHE_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_SHA =
|
|
new CipherSuite("CAST5", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x7A,
|
|
"TLS_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_RMD =
|
|
new CipherSuite("CAST5", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7B,
|
|
"TLS_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_RMD =
|
|
new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x7C,
|
|
"TLS_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_AES_128_CBC_RMD =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7D,
|
|
"TLS_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
|
|
static final CipherSuite TLS_RSA_WITH_AES_256_CBC_RMD =
|
|
new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x7E,
|
|
"TLS_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);
|
|
|
|
private final String cipherName;
|
|
private final String kexName;
|
|
private final String sigName;
|
|
private final String macName;
|
|
private final boolean exportable;
|
|
private final boolean isStream;
|
|
private final int keyLength;
|
|
private final byte[] id;
|
|
private final String name;
|
|
private final ProtocolVersion version;
|
|
|
|
// Constructors.
|
|
// -------------------------------------------------------------------------
|
|
|
|
private CipherSuite(String cipherName, String kexName, String sigName,
|
|
String macName, int keyLength, int id1, int id2,
|
|
String name, ProtocolVersion version)
|
|
{
|
|
this.cipherName = cipherName.intern();
|
|
this.kexName = kexName.intern();
|
|
this.sigName = sigName.intern();
|
|
this.macName = macName.intern();
|
|
this.exportable = keyLength <= 5;
|
|
this.isStream = cipherName.equals("null") || cipherName.equals("RC4");
|
|
this.keyLength = keyLength;
|
|
this.id = new byte[] { (byte) id1, (byte) id2 };
|
|
this.name = name.intern();
|
|
this.version = version;
|
|
namesToSuites.put(name, this);
|
|
if (name.startsWith("TLS"))
|
|
{
|
|
tlsSuiteNames.add(name);
|
|
}
|
|
}
|
|
|
|
private CipherSuite(byte[] id)
|
|
{
|
|
cipherName = null;
|
|
kexName = null;
|
|
sigName = null;
|
|
macName = null;
|
|
exportable = false;
|
|
isStream = false;
|
|
keyLength = 0;
|
|
this.id = id;
|
|
name = null;
|
|
version = null;
|
|
}
|
|
|
|
// Class methods.
|
|
// -------------------------------------------------------------------------
|
|
|
|
/**
|
|
* Returns the cipher suite for the given name, or null if there is no
|
|
* such suite.
|
|
*
|
|
* @return The named cipher suite.
|
|
*/
|
|
static CipherSuite forName(String name)
|
|
{
|
|
return (CipherSuite) namesToSuites.get(name);
|
|
}
|
|
|
|
static List availableSuiteNames()
|
|
{
|
|
return tlsSuiteNames;
|
|
}
|
|
|
|
static CipherSuite read(InputStream in) throws IOException
|
|
{
|
|
DataInputStream din = new DataInputStream(in);
|
|
byte[] id = new byte[2];
|
|
din.readFully(id);
|
|
return new CipherSuite(id);
|
|
}
|
|
|
|
static IMode getCipher(String cbcCipherName)
|
|
{
|
|
IBlockCipher cipher = CipherFactory.getInstance(cbcCipherName);
|
|
if (cipher == null)
|
|
{
|
|
return null;
|
|
}
|
|
return ModeFactory.getInstance("CBC", cipher, cipher.defaultBlockSize());
|
|
}
|
|
|
|
static Cipher getJCECipher (final String name)
|
|
throws NoSuchAlgorithmException, NoSuchPaddingException
|
|
{
|
|
final String provider = Util.getSecurityProperty ("jessie.with.jce.provider");
|
|
if (name.equals ("RC4"))
|
|
{
|
|
if (provider != null)
|
|
{
|
|
try
|
|
{
|
|
return Cipher.getInstance (name, provider);
|
|
}
|
|
catch (NoSuchProviderException nsae)
|
|
{
|
|
// Fall through. Try any available provider.
|
|
}
|
|
}
|
|
|
|
return Cipher.getInstance (name);
|
|
}
|
|
else
|
|
{
|
|
// Oh, hey! Look! Something else Sun doesn't understand: SSLv3 padding
|
|
// is different than TLSv1 in subtle, but important, ways. But they
|
|
// sorta look the same, so why not make them equivalent?
|
|
//
|
|
// There should be a seperate padding "TLS1Padding".
|
|
if (provider != null)
|
|
{
|
|
try
|
|
{
|
|
return Cipher.getInstance (name + "/CBC/SSL3Padding", provider);
|
|
}
|
|
catch (NoSuchProviderException nspe)
|
|
{
|
|
// Fall through. Try any available provider.
|
|
}
|
|
}
|
|
return Cipher.getInstance (name + "/CBC/SSL3Padding");
|
|
}
|
|
}
|
|
|
|
static IMac getMac(String macName)
|
|
{
|
|
if (macName.startsWith("SSLMAC-"))
|
|
{
|
|
return new SSLHMac(macName.substring(7));
|
|
}
|
|
else
|
|
{
|
|
return MacFactory.getInstance(macName);
|
|
}
|
|
}
|
|
|
|
static Mac getJCEMac (final String name)
|
|
throws NoSuchAlgorithmException
|
|
{
|
|
final String provider = Util.getSecurityProperty ("jessie.with.jce.provider");
|
|
if (provider != null)
|
|
{
|
|
try
|
|
{
|
|
return Mac.getInstance (name, provider);
|
|
}
|
|
catch (NoSuchProviderException nspe)
|
|
{
|
|
// Fall through. Try any available provider.
|
|
}
|
|
}
|
|
return Mac.getInstance (name);
|
|
}
|
|
|
|
// Intance methods.
|
|
// -------------------------------------------------------------------------
|
|
|
|
public void write(OutputStream out) throws IOException
|
|
{
|
|
out.write(id);
|
|
}
|
|
|
|
CipherSuite resolve(ProtocolVersion version)
|
|
{
|
|
if (version == ProtocolVersion.SSL_3)
|
|
{
|
|
if (id[0] == 0x00) switch (id[1])
|
|
{
|
|
case 0x00: return SSL_NULL_WITH_NULL_NULL;
|
|
case 0x01: return SSL_RSA_WITH_NULL_MD5;
|
|
case 0x02: return SSL_RSA_WITH_NULL_SHA;
|
|
case 0x03: return SSL_RSA_EXPORT_WITH_RC4_40_MD5;
|
|
case 0x04: return SSL_RSA_WITH_RC4_128_MD5;
|
|
case 0x05: return SSL_RSA_WITH_RC4_128_SHA;
|
|
case 0x08: return SSL_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x09: return SSL_RSA_WITH_DES_CBC_SHA;
|
|
case 0x0A: return SSL_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x0B: return SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x0C: return SSL_DH_DSS_WITH_DES_CBC_SHA;
|
|
case 0x0D: return SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x0E: return SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x0F: return SSL_DH_RSA_WITH_DES_CBC_SHA;
|
|
case 0x10: return SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x11: return SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x12: return SSL_DHE_DSS_WITH_DES_CBC_SHA;
|
|
case 0x13: return SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x14: return SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x15: return SSL_DHE_RSA_WITH_DES_CBC_SHA;
|
|
case 0x16: return SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x2F: return SSL_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x30: return SSL_DH_DSS_WITH_AES_128_CBC_SHA;
|
|
case 0x31: return SSL_DH_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x32: return SSL_DHE_DSS_WITH_AES_128_CBC_SHA;
|
|
case 0x33: return SSL_DHE_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x35: return SSL_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x36: return SSL_DH_DSS_WITH_AES_256_CBC_SHA;
|
|
case 0x37: return SSL_DH_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x38: return SSL_DHE_DSS_WITH_AES_256_CBC_SHA;
|
|
case 0x39: return SSL_DHE_RSA_WITH_AES_256_CBC_SHA;
|
|
}
|
|
}
|
|
else if (version == ProtocolVersion.TLS_1 ||
|
|
version == ProtocolVersion.TLS_1_1)
|
|
{
|
|
if (id[0] == 0x00) switch (id[1])
|
|
{
|
|
case 0x00: return TLS_NULL_WITH_NULL_NULL;
|
|
case 0x01: return TLS_RSA_WITH_NULL_MD5;
|
|
case 0x02: return TLS_RSA_WITH_NULL_SHA;
|
|
case 0x03: return TLS_RSA_EXPORT_WITH_RC4_40_MD5;
|
|
case 0x04: return TLS_RSA_WITH_RC4_128_MD5;
|
|
case 0x05: return TLS_RSA_WITH_RC4_128_SHA;
|
|
case 0x08: return TLS_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x09: return TLS_RSA_WITH_DES_CBC_SHA;
|
|
case 0x0A: return TLS_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x0B: return TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x0C: return TLS_DH_DSS_WITH_DES_CBC_SHA;
|
|
case 0x0D: return TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x0E: return TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x0F: return TLS_DH_RSA_WITH_DES_CBC_SHA;
|
|
case 0x10: return TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x11: return TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x12: return TLS_DHE_DSS_WITH_DES_CBC_SHA;
|
|
case 0x13: return TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x14: return TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
|
case 0x15: return TLS_DHE_RSA_WITH_DES_CBC_SHA;
|
|
case 0x16: return TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x2F: return TLS_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x30: return TLS_DH_DSS_WITH_AES_128_CBC_SHA;
|
|
case 0x31: return TLS_DH_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x32: return TLS_DHE_DSS_WITH_AES_128_CBC_SHA;
|
|
case 0x33: return TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x35: return TLS_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x36: return TLS_DH_DSS_WITH_AES_256_CBC_SHA;
|
|
case 0x37: return TLS_DH_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x38: return TLS_DHE_DSS_WITH_AES_256_CBC_SHA;
|
|
case 0x39: return TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x50: return TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x51: return TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x52: return TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA;
|
|
case 0x53: return TLS_SRP_SHA_WITH_AES_128_CBC_SHA;
|
|
case 0x54: return TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA;
|
|
case 0x55: return TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA;
|
|
case 0x56: return TLS_SRP_SHA_WITH_AES_256_CBC_SHA;
|
|
case 0x57: return TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA;
|
|
case 0x58: return TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA;
|
|
case 0x70: return TLS_DHE_DSS_WITH_CAST_128_CBC_SHA;
|
|
case 0x71: return TLS_DHE_DSS_WITH_CAST_128_CBC_RMD;
|
|
case 0x72: return TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD;
|
|
case 0x73: return TLS_DHE_DSS_WITH_AES_128_CBC_RMD;
|
|
case 0x74: return TLS_DHE_DSS_WITH_AES_256_CBC_RMD;
|
|
case 0x75: return TLS_DHE_RSA_WITH_CAST_128_CBC_SHA;
|
|
case 0x76: return TLS_DHE_RSA_WITH_CAST_128_CBC_RMD;
|
|
case 0x77: return TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD;
|
|
case 0x78: return TLS_DHE_RSA_WITH_AES_128_CBC_RMD;
|
|
case 0x79: return TLS_DHE_RSA_WITH_AES_256_CBC_RMD;
|
|
case 0x7A: return TLS_RSA_WITH_CAST_128_CBC_SHA;
|
|
case 0x7B: return TLS_RSA_WITH_CAST_128_CBC_RMD;
|
|
case 0x7C: return TLS_RSA_WITH_3DES_EDE_CBC_RMD;
|
|
case 0x7D: return TLS_RSA_WITH_AES_128_CBC_RMD;
|
|
case 0x7E: return TLS_RSA_WITH_AES_256_CBC_RMD;
|
|
}
|
|
}
|
|
return this;
|
|
}
|
|
|
|
String getCipher()
|
|
{
|
|
return cipherName;
|
|
}
|
|
|
|
int getKeyLength()
|
|
{
|
|
return keyLength;
|
|
}
|
|
|
|
String getKeyExchange()
|
|
{
|
|
return kexName;
|
|
}
|
|
|
|
String getSignature()
|
|
{
|
|
return sigName;
|
|
}
|
|
|
|
String getMac()
|
|
{
|
|
return macName;
|
|
}
|
|
|
|
boolean isExportable()
|
|
{
|
|
return exportable;
|
|
}
|
|
|
|
boolean isStreamCipher()
|
|
{
|
|
return isStream;
|
|
}
|
|
|
|
String getAuthType()
|
|
{
|
|
if (kexName.equals("RSA"))
|
|
{
|
|
if (isExportable())
|
|
{
|
|
return "RSA_EXPORT";
|
|
}
|
|
return "RSA";
|
|
}
|
|
return kexName + "_" + sigName;
|
|
}
|
|
|
|
byte[] getId()
|
|
{
|
|
return id;
|
|
}
|
|
|
|
ProtocolVersion getVersion()
|
|
{
|
|
return version;
|
|
}
|
|
|
|
public boolean equals(Object o)
|
|
{
|
|
if (!(o instanceof CipherSuite))
|
|
{
|
|
return false;
|
|
}
|
|
if (o == this)
|
|
return true;
|
|
byte[] id = ((CipherSuite) o).getId();
|
|
return id[0] == this.id[0] &&
|
|
id[1] == this.id[1];
|
|
}
|
|
|
|
public int hashCode()
|
|
{
|
|
if (version == null)
|
|
{
|
|
return 0xFFFF0000 | (id[0] & 0xFF) << 8 | (id[1] & 0xFF);
|
|
}
|
|
return version.getMajor() << 24 | version.getMinor() << 16
|
|
| (id[0] & 0xFF) << 8 | (id[1] & 0xFF);
|
|
}
|
|
|
|
public String toString()
|
|
{
|
|
if (name == null)
|
|
{
|
|
return "UNKNOWN { " + (id[0] & 0xFF) + ", " + (id[1] & 0xFF) + " }";
|
|
}
|
|
return name;
|
|
}
|
|
}
|