Author: markt
Date: Mon Aug 10 14:42:19 2015
New Revision: 1695089
URL: http://svn.apache.org/r1695089
Log:
Support both EDH and DHE versions of OpenSSL cipher names
Adds general support for OpenDSSL ciphers having old /alternative names
Should enable better code alignment between trunk and 8.0.x
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParserOnly.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java?rev=1695089&r1=1695088&r2=1695089&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java Mon
Aug 10 14:42:19 2015
@@ -65,7 +65,8 @@ public enum Cipher {
false,
0,
0,
- "SSL_RSA_WITH_NULL_MD5"
+ new String[] {"SSL_RSA_WITH_NULL_MD5"},
+ null
),
// Cipher 02
TLS_RSA_WITH_NULL_SHA(
@@ -81,7 +82,8 @@ public enum Cipher {
true,
0,
0,
- "SSL_RSA_WITH_NULL_SHA"
+ new String[] {"SSL_RSA_WITH_NULL_SHA"},
+ null
),
// Cipher 03
TLS_RSA_EXPORT_WITH_RC4_40_MD5(
@@ -97,7 +99,8 @@ public enum Cipher {
false,
40,
128,
- "SSL_RSA_EXPORT_WITH_RC4_40_MD5"
+ new String[] {"SSL_RSA_EXPORT_WITH_RC4_40_MD5"},
+ null
),
// Cipher 04
TLS_RSA_WITH_RC4_128_MD5(
@@ -113,7 +116,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_RSA_WITH_RC4_128_MD5"
+ new String[] {"SSL_RSA_WITH_RC4_128_MD5"},
+ null
),
// Cipher 05
TLS_RSA_WITH_RC4_128_SHA(
@@ -129,7 +133,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_RSA_WITH_RC4_128_SHA"
+ new String[] {"SSL_RSA_WITH_RC4_128_SHA"},
+ null
),
// Cipher 06
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5(
@@ -145,7 +150,8 @@ public enum Cipher {
false,
40,
128,
- "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
+ new String[] {"SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
+ null
),
// Cipher 07
TLS_RSA_WITH_IDEA_CBC_SHA(
@@ -161,7 +167,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_RSA_WITH_IDEA_CBC_SHA"
+ new String[] {"SSL_RSA_WITH_IDEA_CBC_SHA"},
+ null
),
// Cipher 08
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA(
@@ -177,7 +184,8 @@ public enum Cipher {
false,
40,
56,
- "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ null
),
// Cipher 09
TLS_RSA_WITH_DES_CBC_SHA(
@@ -193,7 +201,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_RSA_WITH_DES_CBC_SHA"
+ new String[] {"SSL_RSA_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 0A
TLS_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -209,7 +218,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_RSA_WITH_3DES_EDE_CBC_SHA"},
+ null
),
/* The DH ciphers */
// Cipher 0B
@@ -226,7 +236,8 @@ public enum Cipher {
false,
40,
56,
- "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ null
),
// Cipher 0C
TLS_DH_DSS_WITH_DES_CBC_SHA(
@@ -242,7 +253,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DH_DSS_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DH_DSS_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 0D
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA(
@@ -258,7 +270,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
+ null
),
// Cipher 0E
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA(
@@ -274,7 +287,8 @@ public enum Cipher {
false,
40,
56,
- "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ null
),
// Cipher 0F
TLS_DH_RSA_WITH_DES_CBC_SHA(
@@ -290,7 +304,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DH_RSA_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DH_RSA_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 10
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -306,7 +321,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
+ null
),
/* The Ephemeral DH ciphers */
// Cipher 11
@@ -323,7 +339,8 @@ public enum Cipher {
false,
40,
56,
- "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+ new String[] {"EXP-EDH-DSS-DES-CBC-SHA"}
),
// Cipher 12
TLS_DHE_DSS_WITH_DES_CBC_SHA(
@@ -339,7 +356,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DHE_DSS_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DHE_DSS_WITH_DES_CBC_SHA"},
+ new String[] {"EDH-DSS-DES-CBC-SHA"}
),
// Cipher 13
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA(
@@ -355,7 +373,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
+ new String[] {"EDH-DSS-DES-CBC3-SHA"}
),
// Cipher 14
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA(
@@ -371,7 +390,8 @@ public enum Cipher {
false,
40,
56,
- "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+ new String[] {"EXP-EDH-RSA-DES-CBC-SHA"}
),
// Cipher 15
TLS_DHE_RSA_WITH_DES_CBC_SHA(
@@ -387,7 +407,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DHE_RSA_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DHE_RSA_WITH_DES_CBC_SHA"},
+ new String[] {"EDH-RSA-DES-CBC-SHA"}
),
// Cipher 16
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -403,7 +424,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
+ new String[] {"EDH-RSA-DES-CBC3-SHA"}
),
// Cipher 17
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5(
@@ -419,7 +441,8 @@ public enum Cipher {
false,
40,
128,
- "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"
+ new String[] {"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"},
+ null
),
// Cipher 18
TLS_DH_anon_WITH_RC4_128_MD5(
@@ -435,7 +458,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_DH_anon_WITH_RC4_128_MD5"
+ new String[] {"SSL_DH_anon_WITH_RC4_128_MD5"},
+ null
),
// Cipher 19
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA(
@@ -451,7 +475,8 @@ public enum Cipher {
false,
40,
128,
- "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
+ new String[] {"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
+ null
),
// Cipher 1A
TLS_DH_anon_WITH_DES_CBC_SHA(
@@ -467,7 +492,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DH_anon_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DH_anon_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 1B
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA(
@@ -483,7 +509,8 @@ public enum Cipher {
true,
112,
168,
- "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"
+ new String[] {"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"},
+ null
),
/* Fortezza ciphersuite from SSL 3.0 spec
* Neither OpenSSL nor Java implement these ciphers and the IDs used
@@ -500,7 +527,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
false,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher 1D
SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA(
@@ -514,7 +543,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
false,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher 1E - overlaps with Kerberos below
SSL_FORTEZZA_DMS_WITH_RC4_128_SHA(
@@ -528,7 +559,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
*/
/* The Kerberos ciphers. OpenSSL doesn't support these. Java does but they
@@ -546,7 +579,9 @@ public enum Cipher {
EncryptionLevel.LOW,
false,
56,
- 56
+ 56,
+ null,
+ null
),
// Cipher 1F
TLS_KRB5_WITH_3DES_EDE_CBC_SHA(
@@ -560,7 +595,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher 20
TLS_KRB5_WITH_RC4_128_SHA(
@@ -574,7 +611,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 21
TLS_KRB5_WITH_IDEA_CBC_SHA(
@@ -588,7 +627,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 22
TLS_KRB5_WITH_DES_CBC_MD5(
@@ -602,7 +643,9 @@ public enum Cipher {
EncryptionLevel.LOW,
false,
56,
- 56
+ 56,
+ null,
+ null
),
// Cipher 23
TLS_KRB5_WITH_3DES_EDE_CBC_MD5(
@@ -616,7 +659,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher 24
TLS_KRB5_WITH_RC4_128_MD5(
@@ -630,7 +675,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 25
TLS_KRB5_WITH_IDEA_CBC_MD5(
@@ -644,7 +691,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 26
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA(
@@ -658,7 +707,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 56
+ 56,
+ null,
+ null
),
// Cipher 27
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA(
@@ -672,7 +723,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 128
+ 128,
+ null,
+ null
),
// Cipher 28
TLS_KRB5_EXPORT_WITH_RC4_40_SHA(
@@ -686,7 +739,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 128
+ 128,
+ null,
+ null
),
// Cipher 29
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5(
@@ -700,7 +755,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 56
+ 56,
+ null,
+ null
),
// Cipher 2A
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5(
@@ -714,7 +771,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 128
+ 128,
+ null,
+ null
),
// Cipher 2B
TLS_KRB5_EXPORT_WITH_RC4_40_MD5(
@@ -728,7 +787,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 128
+ 128,
+ null,
+ null
),*/
/* PSK cipher suites from RFC 4785 */
@@ -745,8 +806,10 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0),
-
+ 0,
+ null,
+ null
+ ),
// Cipher 2D
TLS_DHE_PSK_WITH_NULL_SHA(
0x002d,
@@ -760,8 +823,10 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0),
-
+ 0,
+ null,
+ null
+ ),
// Cipher 2E
TLS_RSA_PSK_WITH_NULL_SHA(
0x002e,
@@ -775,8 +840,10 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0),
-
+ 0,
+ null,
+ null
+ ),
/* New AES ciphersuites */
// Cipher 2F
TLS_RSA_WITH_AES_128_CBC_SHA(
@@ -791,7 +858,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 30
TLS_DH_DSS_WITH_AES_128_CBC_SHA(
@@ -806,7 +875,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 31
TLS_DH_RSA_WITH_AES_128_CBC_SHA(
@@ -821,7 +892,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 32
TLS_DHE_DSS_WITH_AES_128_CBC_SHA(
@@ -836,7 +909,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 33
TLS_DHE_RSA_WITH_AES_128_CBC_SHA(
@@ -851,7 +926,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 34
TLS_DH_anon_WITH_AES_128_CBC_SHA(
@@ -866,7 +943,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 35
TLS_RSA_WITH_AES_256_CBC_SHA(
@@ -881,7 +960,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 36
TLS_DH_DSS_WITH_AES_256_CBC_SHA(
@@ -896,7 +977,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 37
TLS_DH_RSA_WITH_AES_256_CBC_SHA(
@@ -911,7 +994,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 38
TLS_DHE_DSS_WITH_AES_256_CBC_SHA(
@@ -926,7 +1011,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 39
TLS_DHE_RSA_WITH_AES_256_CBC_SHA(
@@ -941,7 +1028,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 3A
TLS_DH_anon_WITH_AES_256_CBC_SHA(
@@ -956,7 +1045,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
/* TLS v1.2 ciphersuites */
// Cipher 3B
@@ -972,7 +1063,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher 3C
TLS_RSA_WITH_AES_128_CBC_SHA256(
@@ -987,7 +1080,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 3D
TLS_RSA_WITH_AES_256_CBC_SHA256(
@@ -1002,7 +1097,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 3E
TLS_DH_DSS_WITH_AES_128_CBC_SHA256(
@@ -1017,7 +1114,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 3F
TLS_DH_RSA_WITH_AES_128_CBC_SHA256(
@@ -1032,7 +1131,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 40
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
@@ -1047,7 +1148,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
/* Camellia ciphersuites from RFC4132 (
128-bit portion) */
@@ -1064,7 +1167,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 42
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA(
@@ -1079,7 +1184,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 43
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA(
@@ -1094,7 +1201,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 44
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA(
@@ -1109,7 +1218,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 45
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA(
@@ -1124,7 +1235,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 46
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA(
@@ -1139,7 +1252,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
/* Experimental (and now expired) TLSv1 versions of SSLv3 ciphers.
* Unsupported by Java and OpenSSL.
@@ -1156,7 +1271,8 @@ public enum Cipher {
false,
56,
128,
- "SSL_RSA_EXPORT1024_WITH_RC4_56_MD5"
+ new String[] {"SSL_RSA_EXPORT1024_WITH_RC4_56_MD5"},
+ null
),
// Cipher 61
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5(
@@ -1171,7 +1287,8 @@ public enum Cipher {
false,
56,
128,
- "SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD"
+ new String[] {"SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD"},
+ null
),
// Cipher 62
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA(
@@ -1186,7 +1303,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA"
+ new String[] {"SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 63
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA(
@@ -1201,7 +1319,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA"
+ new String[] {"SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA"},
+ null
),
// Cipher 64
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA(
@@ -1216,7 +1335,8 @@ public enum Cipher {
false,
56,
128,
- "SSL_RSA_EXPORT1024_WITH_RC4_56_SHA"
+ new String[] {"SSL_RSA_EXPORT1024_WITH_RC4_56_SHA"},
+ null
),
// Cipher 65
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA(
@@ -1231,7 +1351,8 @@ public enum Cipher {
false,
56,
128,
- "SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA"
+ new String[] {"SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA"},
+ null
),
// Cipher 66
TLS_DHE_DSS_WITH_RC4_128_SHA(
@@ -1246,7 +1367,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_DHE_DSS_WITH_RC4_128_SHA"
+ new String[] {"SSL_DHE_DSS_WITH_RC4_128_SHA"},
+ null
),*/
/* TLS v1.2 ciphersuites */
// Cipher 67
@@ -1262,7 +1384,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 68
TLS_DH_DSS_WITH_AES_256_CBC_SHA256(
@@ -1277,7 +1401,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 69
TLS_DH_RSA_WITH_AES_256_CBC_SHA256(
@@ -1292,7 +1418,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 6A
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(
@@ -1307,7 +1435,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 6B
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(
@@ -1322,7 +1452,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 6C
TLS_DH_anon_WITH_AES_128_CBC_SHA256(
@@ -1337,7 +1469,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 6D
TLS_DH_anon_WITH_AES_256_CBC_SHA256(
@@ -1352,7 +1486,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
/* GOST Ciphersuites. Unsupported by Java. OpenSSl lists them with IDs
* 0x3000080 to 0x3000083 */
@@ -1369,7 +1505,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 81
TLS_GOSTR341001_WITH_28147_CNT_IMIT(
@@ -1383,7 +1521,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 82
TLS_GOSTR341094_WITH_NULL_GOSTR3411(
@@ -1397,7 +1537,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
false,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher 83
TLS_GOSTR341001_WITH_NULL_GOSTR3411(
@@ -1411,7 +1553,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
false,
0,
- 0
+ 0,
+ null,
+ null
),*/
/* Camellia ciphersuites from RFC4132 (
256-bit portion) */
@@ -1428,7 +1572,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 85
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA(
@@ -1443,7 +1589,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 86
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA(
@@ -1458,7 +1606,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 87
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA(
@@ -1473,7 +1623,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 88
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA(
@@ -1488,7 +1640,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 89
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA(
@@ -1503,7 +1657,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 8A
TLS_PSK_WITH_RC4_128_SHA(
@@ -1518,7 +1674,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 8B
TLS_PSK_WITH_3DES_EDE_CBC_SHA(
@@ -1533,7 +1691,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher 8C
TLS_PSK_WITH_AES_128_CBC_SHA(
@@ -1548,7 +1708,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 8D
TLS_PSK_WITH_AES_256_CBC_SHA(
@@ -1563,7 +1725,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 8E
TLS_DHE_PSK_WITH_RC4_128_SHA(
@@ -1578,7 +1742,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 8F
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA(
@@ -1593,7 +1759,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher 90
TLS_DHE_PSK_WITH_AES_128_CBC_SHA(
@@ -1608,7 +1776,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 91
TLS_DHE_PSK_WITH_AES_256_CBC_SHA(
@@ -1623,7 +1793,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 92
TLS_RSA_PSK_WITH_RC4_128_SHA(
@@ -1638,7 +1810,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 93
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA(
@@ -1653,7 +1827,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher 94
TLS_RSA_PSK_WITH_AES_128_CBC_SHA(
@@ -1668,7 +1844,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 95
TLS_RSA_PSK_WITH_AES_256_CBC_SHA(
@@ -1683,7 +1861,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
/* SEED ciphersuites from RFC4162 */
// Cipher 96
@@ -1699,7 +1879,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 97
TLS_DH_DSS_WITH_SEED_CBC_SHA(
@@ -1714,7 +1896,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 98
TLS_DH_RSA_WITH_SEED_CBC_SHA(
@@ -1729,7 +1913,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 99
TLS_DHE_DSS_WITH_SEED_CBC_SHA(
@@ -1744,7 +1930,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 9A
TLS_DHE_RSA_WITH_SEED_CBC_SHA(
@@ -1759,7 +1947,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 9B
TLS_DH_anon_WITH_SEED_CBC_SHA(
@@ -1774,7 +1964,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
/* GCM ciphersuites from RFC5288 */
// Cipher 9C
@@ -1790,7 +1982,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 9D
TLS_RSA_WITH_AES_256_GCM_SHA384(
@@ -1805,7 +1999,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 9E
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(
@@ -1820,7 +2016,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 9F
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(
@@ -1835,7 +2033,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher A0
TLS_DH_RSA_WITH_AES_128_GCM_SHA256(
@@ -1850,7 +2050,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher A1
TLS_DH_RSA_WITH_AES_256_GCM_SHA384(
@@ -1865,7 +2067,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher A2
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(
@@ -1880,7 +2084,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher A3
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(
@@ -1895,7 +2101,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher A4
TLS_DH_DSS_WITH_AES_128_GCM_SHA256(
@@ -1910,7 +2118,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher A5
TLS_DH_DSS_WITH_AES_256_GCM_SHA384(
@@ -1925,7 +2135,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher A6
TLS_DH_anon_WITH_AES_128_GCM_SHA256(
@@ -1940,7 +2152,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher A7
TLS_DH_anon_WITH_AES_256_GCM_SHA384(
@@ -1955,7 +2169,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher A8
TLS_PSK_WITH_AES_128_GCM_SHA256(
@@ -1970,7 +2186,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher A9
TLS_PSK_WITH_AES_256_GCM_SHA384(
@@ -1985,7 +2203,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher AA
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256(
@@ -2000,7 +2220,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher AB
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384(
@@ -2015,7 +2237,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher AC
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256(
@@ -2030,7 +2254,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher AD
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384(
@@ -2045,7 +2271,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher AE
TLS_PSK_WITH_AES_128_CBC_SHA256 (
@@ -2060,7 +2288,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher AF
TLS_PSK_WITH_AES_256_CBC_SHA384 (
@@ -2075,7 +2305,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher B0
TLS_PSK_WITH_NULL_SHA256 (
@@ -2090,7 +2322,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher B1
TLS_PSK_WITH_NULL_SHA384 (
@@ -2105,7 +2339,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher B2
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256(
@@ -2120,7 +2356,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher B3
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384(
@@ -2135,7 +2373,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher B4
TLS_DHE_PSK_WITH_NULL_SHA256 (
@@ -2150,7 +2390,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher B5
TLS_DHE_PSK_WITH_NULL_SHA384 (
@@ -2165,7 +2407,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher B6
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256(
@@ -2180,7 +2424,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher B7
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384(
@@ -2195,7 +2441,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher B8
TLS_RSA_PSK_WITH_NULL_SHA256 (
@@ -2210,7 +2458,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher B9
TLS_RSA_PSK_WITH_NULL_SHA384 (
@@ -2225,7 +2475,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher BA
@@ -2241,7 +2493,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher BB
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256(
@@ -2256,7 +2510,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher BC
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256(
@@ -2271,7 +2527,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher BD
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256(
@@ -2286,7 +2544,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher BE
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256(
@@ -2301,7 +2561,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher BF
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256(
@@ -2316,7 +2578,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C0
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2331,7 +2595,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C1
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2346,7 +2612,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C2
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2361,7 +2629,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C3
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2376,7 +2646,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C4
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2391,7 +2663,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C5
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256(
@@ -2406,7 +2680,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
/* Cipher 0x00FF TLS_EMPTY_RENEGOTIATION_INFO_SCSV
@@ -2430,7 +2706,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher C002
TLS_ECDH_ECDSA_WITH_RC4_128_SHA(
@@ -2445,7 +2723,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C003
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
@@ -2460,7 +2740,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C004
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
@@ -2475,7 +2757,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C005
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
@@ -2490,7 +2774,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C006
TLS_ECDHE_ECDSA_WITH_NULL_SHA(
@@ -2505,7 +2791,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher C007
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA(
@@ -2520,7 +2808,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C008
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
@@ -2535,7 +2825,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C009
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
@@ -2550,7 +2842,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C00A
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(
@@ -2565,7 +2859,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C00B
TLS_ECDH_RSA_WITH_NULL_SHA(
@@ -2580,7 +2876,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher C00C
TLS_ECDH_RSA_WITH_RC4_128_SHA(
@@ -2595,7 +2893,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C00D
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -2610,7 +2910,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C00E
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
@@ -2625,7 +2927,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C00F
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
@@ -2640,7 +2944,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C010
TLS_ECDHE_RSA_WITH_NULL_SHA(
@@ -2655,7 +2961,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher C011
TLS_ECDHE_RSA_WITH_RC4_128_SHA(
@@ -2670,7 +2978,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C012
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -2685,7 +2995,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C013
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
@@ -2700,7 +3012,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C014
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(
@@ -2715,7 +3029,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C015
TLS_ECDH_anon_WITH_NULL_SHA(
@@ -2730,7 +3046,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
// Cipher C016
TLS_ECDH_anon_WITH_RC4_128_SHA(
@@ -2745,7 +3063,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C017
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA(
@@ -2760,7 +3080,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C018
TLS_ECDH_anon_WITH_AES_128_CBC_SHA(
@@ -2775,7 +3097,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C019
TLS_ECDH_anon_WITH_AES_256_CBC_SHA(
@@ -2790,7 +3114,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
/* SRP ciphersuite from RFC 5054 */
// Cipher C01A
@@ -2806,7 +3132,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C01B
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA(
@@ -2821,7 +3149,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C01C
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA(
@@ -2836,7 +3166,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C01D
TLS_SRP_SHA_WITH_AES_128_CBC_SHA(
@@ -2851,7 +3183,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C01E
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA(
@@ -2866,7 +3200,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C01F
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA(
@@ -2881,7 +3217,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C020
TLS_SRP_SHA_WITH_AES_256_CBC_SHA(
@@ -2896,7 +3234,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C021
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA(
@@ -2911,7 +3251,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C022
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA(
@@ -2926,7 +3268,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
// Cipher C023
@@ -2942,7 +3286,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C024
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(
@@ -2957,7 +3303,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C025
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
@@ -2972,7 +3320,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C026
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
@@ -2987,7 +3337,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C027
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
@@ -3002,7 +3354,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C028
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(
@@ -3017,7 +3371,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C029
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
@@ -3032,7 +3388,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C02A
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
@@ -3047,7 +3405,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
/* GCM based TLS v1.2 ciphersuites from RFC5289 */
// Cipher C02B
@@ -3063,7 +3423,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C02C
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(
@@ -3078,7 +3440,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C02D
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
@@ -3093,7 +3457,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C02E
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
@@ -3108,7 +3474,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C02F
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
@@ -3123,7 +3491,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C030
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
@@ -3138,7 +3508,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C031
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
@@ -3153,7 +3525,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C032
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
@@ -3168,7 +3542,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C033
TLS_ECDHE_PSK_WITH_RC4_128_SHA(
@@ -3183,7 +3559,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C034
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA(
@@ -3198,7 +3576,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
112,
- 168
+ 168,
+ null,
+ null
),
// Cipher C035
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA(
@@ -3213,7 +3593,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C036
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA(
@@ -3228,7 +3610,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256(
@@ -3243,7 +3627,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384(
0xC038,
@@ -3257,7 +3643,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
TLS_ECDHE_PSK_WITH_NULL_SHA(
0xC039,
@@ -3271,7 +3659,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
TLS_ECDHE_PSK_WITH_NULL_SHA256(
0xC03A,
@@ -3285,7 +3675,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
TLS_ECDHE_PSK_WITH_NULL_SHA384(
0xC03B,
@@ -3299,7 +3691,9 @@ public enum Cipher {
EncryptionLevel.STRONG_NONE,
true,
0,
- 0
+ 0,
+ null,
+ null
),
/* ARIA ciphers 0xC03C to 0xC071
@@ -3318,7 +3712,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C073
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3333,7 +3729,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C074
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3348,7 +3746,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C075
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3363,7 +3763,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C076
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3378,7 +3780,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C077
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3393,7 +3797,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C078
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3408,7 +3814,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C079
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3423,7 +3831,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
true,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C094
@@ -3439,7 +3849,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C095
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3454,7 +3866,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C096
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3469,7 +3883,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C097
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3484,7 +3900,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C098
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3499,7 +3917,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C099
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3514,7 +3934,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher C09A
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256(
@@ -3529,7 +3951,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher C09B
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384(
@@ -3544,7 +3968,9 @@ public enum Cipher {
EncryptionLevel.HIGH,
false,
256,
- 256
+ 256,
+ null,
+ null
),
// Cipher 0x010080 (SSLv2)
@@ -3561,7 +3987,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 0x020080 (SSLv2)
SSL2_RC4_128_EXPORT40_WITH_MD5(
@@ -3577,7 +4005,8 @@ public enum Cipher {
false,
40,
128,
- "SSL_RC4_128_EXPORT40_WITH_MD5"
+ new String[] {"SSL_RC4_128_EXPORT40_WITH_MD5"},
+ null
),
// Cipher 0x030080 (SSLv2)
// RC2_128_CBC_WITH_MD5
@@ -3593,7 +4022,9 @@ public enum Cipher {
EncryptionLevel.MEDIUM,
false,
128,
- 128
+ 128,
+ null,
+ null
),
// Cipher 0x040080 (SSLv2)
// RC2_128_CBC_EXPORT40_WITH_MD5
@@ -3609,7 +4040,9 @@ public enum Cipher {
EncryptionLevel.EXP40,
false,
40,
- 128
+ 128,
+ null,
+ null
),
// Cipher 0x050080 (SSLv2)
// IDEA_128_CBC_WITH_MD5
@@ -3625,7 +4058,8 @@ public enum Cipher {
false,
128,
128,
- "SSL_CK_IDEA_128_CBC_WITH_MD5"
+ new String[] {"SSL_CK_IDEA_128_CBC_WITH_MD5"},
+ null
),
// Cipher 0x060040 (SSLv2)
// DES_64_CBC_WITH_MD5
@@ -3642,7 +4076,8 @@ public enum Cipher {
false,
56,
56,
- "SSL_CK_DES_64_CBC_WITH_MD5"
+ new String[] {"SSL_CK_DES_64_CBC_WITH_MD5"},
+ null
),
// Cipher 0x0700C0 (SSLv2)
// DES_192_EDE3_CBC_WITH_MD5
@@ -3659,7 +4094,8 @@ public enum Cipher {
false,
112,
168,
- "SSL_CK_DES_192_EDE3_CBC_WITH_MD5"
+ new String[] {"SSL_CK_DES_192_EDE3_CBC_WITH_MD5"},
+ null
);
/* TEMP_GOST_TLS*/
@@ -3720,6 +4156,7 @@ public enum Cipher {
private final int id;
private final String openSSLAlias;
+ private final Set<String> openSSLAltNames;
private final Set<String> jsseNames;
private final KeyExchange kx;
private final Authentication au;
@@ -3740,15 +4177,23 @@ public enum Cipher {
private Cipher(int id, String openSSLAlias, KeyExchange kx, Authentication
au, Encryption enc,
MessageDigest mac, Protocol protocol, boolean export,
EncryptionLevel level,
- boolean fipsCompatible, int strength_bits, int alg_bits, String...
jsseAltNames) {
+ boolean fipsCompatible, int strength_bits, int alg_bits, String[]
jsseAltNames,
+ String[] openSSlAltNames) {
this.id = id;
this.openSSLAlias = openSSLAlias;
- Set<String> names = new HashSet<>();
- if (jsseAltNames != null) {
- names.addAll(Arrays.asList(jsseAltNames));
+ if (openSSlAltNames != null && openSSlAltNames.length != 0) {
+ Set<String> altNames = new HashSet<>();
+ altNames.addAll(Arrays.asList(openSSlAltNames));
+ this.openSSLAltNames = Collections.unmodifiableSet(altNames);
+ } else {
+ this.openSSLAltNames = Collections.emptySet();
+ }
+ Set<String> jsseNames = new HashSet<>();
+ if (jsseAltNames != null && jsseAltNames.length != 0) {
+ jsseNames.addAll(Arrays.asList(jsseAltNames));
}
- names.add(name());
- this.jsseNames = Collections.unmodifiableSet(names);
+ jsseNames.add(name());
+ this.jsseNames = Collections.unmodifiableSet(jsseNames);
this.kx = kx;
this.au = au;
this.enc = enc;
@@ -3769,6 +4214,10 @@ public enum Cipher {
return openSSLAlias;
}
+ public Set<String> getOpenSSLAltNames() {
+ return openSSLAltNames;
+ }
+
public Set<String> getJsseNames() {
return jsseNames;
}
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1695089&r1=1695088&r2=1695089&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
(original)
+++
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
Mon Aug 10 14:42:19 2015
@@ -374,6 +374,17 @@ public class OpenSSLCipherConfigurationP
}
aliases.put(cipher.name(), Collections.singletonList(cipher));
+ for (String openSSlAltName : cipher.getOpenSSLAltNames()) {
+ if (aliases.containsKey(openSSlAltName)) {
+ aliases.get(openSSlAltName).add(cipher);
+ } else {
+ List<Cipher> list = new ArrayList<>();
+ list.add(cipher);
+ aliases.put(openSSlAltName, list);
+ }
+
+ }
+
jsseToOpenSSL.put(cipher.name(), cipher.getOpenSSLAlias());
Set<String> jsseNames = cipher.getJsseNames();
for (String jsseName : jsseNames) {
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParserOnly.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParserOnly.java?rev=1695089&r1=1695088&r2=1695089&view=diff
==============================================================================
---
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParserOnly.java
(original)
+++
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParserOnly.java
Mon Aug 10 14:42:19 2015
@@ -66,4 +66,14 @@ public class TestOpenSSLCipherConfigurat
Assert.assertEquals(expected.toString(), result.toString());
}
+ @Test
+ public void testRename01() throws Exception {
+ // EDH -> DHE
+ LinkedHashSet<Cipher> result =
+
OpenSSLCipherConfigurationParser.parse("EXP-EDH-DSS-DES-CBC-SHA");
+ LinkedHashSet<Cipher> expected = new LinkedHashSet<>();
+ expected.add(Cipher.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA);
+
+ Assert.assertEquals(expected, result);
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
