1 /* 2 * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27 package sun.security.ssl; 28 29 import java.util.*; 30 31 import java.security.NoSuchAlgorithmException; 32 import java.security.InvalidKeyException; 33 import java.security.SecureRandom; 34 35 import javax.crypto.SecretKey; 36 import javax.crypto.spec.IvParameterSpec; 37 import javax.crypto.spec.SecretKeySpec; 38 39 import sun.security.ssl.CipherSuite.*; 40 import static sun.security.ssl.CipherSuite.KeyExchange.*; 41 import static sun.security.ssl.CipherSuite.PRF.*; 42 import static sun.security.ssl.JsseJce.*; 43 44 /** 45 * An SSL/TLS CipherSuite. Constants for the standard key exchange, cipher, 46 * and mac algorithms are also defined in this class. 47 * 48 * The CipherSuite class and the inner classes defined in this file roughly 49 * follow the type safe enum pattern described in Effective Java. This means: 50 * 51 * . instances are immutable, classes are final 52 * 53 * . there is a unique instance of every value, i.e. there are never two 54 * instances representing the same CipherSuite, etc. This means equality 55 * tests can be performed using == instead of equals() (although that works 56 * as well). [A minor exception are *unsupported* CipherSuites read from a 57 * handshake message, but this is usually irrelevant] 58 * 59 * . instances are obtained using the static valueOf() factory methods. 60 * 61 * . properties are defined as final variables and made available as 62 * package private variables without method accessors 63 * 64 * . if the member variable allowed is false, the given algorithm is either 65 * unavailable or disabled at compile time 66 * 67 */ 68 final class CipherSuite implements Comparable { 69 70 // minimum priority for supported CipherSuites 71 final static int SUPPORTED_SUITES_PRIORITY = 1; 72 73 // minimum priority for default enabled CipherSuites 74 final static int DEFAULT_SUITES_PRIORITY = 300; 75 76 // Flag indicating if CipherSuite availability can change dynamically. 77 // This is the case when we rely on a JCE cipher implementation that 78 // may not be available in the installed JCE providers. 79 // It is true because we might not have an ECC implementation. 80 final static boolean DYNAMIC_AVAILABILITY = true; 81 82 private final static boolean ALLOW_ECC = Debug.getBooleanProperty 83 ("com.sun.net.ssl.enableECC", true); 84 85 // Map Integer(id) -> CipherSuite 86 // contains all known CipherSuites 87 private final static Map<Integer,CipherSuite> idMap; 88 89 // Map String(name) -> CipherSuite 90 // contains only supported CipherSuites (i.e. allowed == true) 91 private final static Map<String,CipherSuite> nameMap; 92 93 // Protocol defined CipherSuite name, e.g. SSL_RSA_WITH_RC4_128_MD5 94 // we use TLS_* only for new CipherSuites, still SSL_* for old ones 95 final String name; 96 97 // id in 16 bit MSB format, i.e. 0x0004 for SSL_RSA_WITH_RC4_128_MD5 98 final int id; 99 100 // priority for the internal default preference order. the higher the 101 // better. Each supported CipherSuite *must* have a unique priority. 102 // Ciphersuites with priority >= DEFAULT_SUITES_PRIORITY are enabled 103 // by default 104 final int priority; 105 106 // key exchange, bulk cipher, mac and prf algorithms. See those 107 // classes below. 108 final KeyExchange keyExchange; 109 final BulkCipher cipher; 110 final MacAlg macAlg; 111 final PRF prfAlg; 112 113 // whether a CipherSuite qualifies as exportable under 512/40 bit rules. 114 // TLS 1.1+ (RFC 4346) must not negotiate to these suites. 115 final boolean exportable; 116 117 // true iff implemented and enabled at compile time 118 final boolean allowed; 119 120 // obsoleted since protocol version 121 final int obsoleted; 122 123 // supported since protocol version 124 final int supported; 125 126 /** 127 * Constructor for implemented CipherSuites. 128 */ CipherSuite(String name, int id, int priority, KeyExchange keyExchange, BulkCipher cipher, boolean allowed, int obsoleted, int supported, PRF prfAlg)129 private CipherSuite(String name, int id, int priority, 130 KeyExchange keyExchange, BulkCipher cipher, 131 boolean allowed, int obsoleted, int supported, PRF prfAlg) { 132 this.name = name; 133 this.id = id; 134 this.priority = priority; 135 this.keyExchange = keyExchange; 136 this.cipher = cipher; 137 this.exportable = cipher.exportable; 138 if (name.endsWith("_MD5")) { 139 macAlg = M_MD5; 140 } else if (name.endsWith("_SHA")) { 141 macAlg = M_SHA; 142 } else if (name.endsWith("_SHA256")) { 143 macAlg = M_SHA256; 144 } else if (name.endsWith("_SHA384")) { 145 macAlg = M_SHA384; 146 } else if (name.endsWith("_NULL")) { 147 macAlg = M_NULL; 148 } else if (name.endsWith("_SCSV")) { 149 macAlg = M_NULL; 150 } else { 151 throw new IllegalArgumentException 152 ("Unknown MAC algorithm for ciphersuite " + name); 153 } 154 155 allowed &= keyExchange.allowed; 156 allowed &= cipher.allowed; 157 this.allowed = allowed; 158 this.obsoleted = obsoleted; 159 this.supported = supported; 160 this.prfAlg = prfAlg; 161 } 162 163 /** 164 * Constructor for unimplemented CipherSuites. 165 */ CipherSuite(String name, int id)166 private CipherSuite(String name, int id) { 167 this.name = name; 168 this.id = id; 169 this.allowed = false; 170 171 this.priority = 0; 172 this.keyExchange = null; 173 this.cipher = null; 174 this.macAlg = null; 175 this.exportable = false; 176 this.obsoleted = ProtocolVersion.LIMIT_MAX_VALUE; 177 this.supported = ProtocolVersion.LIMIT_MIN_VALUE; 178 this.prfAlg = P_NONE; 179 } 180 181 /** 182 * Return whether this CipherSuite is available for use. A 183 * CipherSuite may be unavailable even if it is supported 184 * (i.e. allowed == true) if the required JCE cipher is not installed. 185 * In some configuration, this situation may change over time, call 186 * CipherSuiteList.clearAvailableCache() before this method to obtain 187 * the most current status. 188 */ isAvailable()189 boolean isAvailable() { 190 return allowed && keyExchange.isAvailable() && cipher.isAvailable(); 191 } 192 isNegotiable()193 boolean isNegotiable() { 194 return this != C_SCSV && isAvailable(); 195 } 196 197 /** 198 * Compares CipherSuites based on their priority. Has the effect of 199 * sorting CipherSuites when put in a sorted collection, which is 200 * used by CipherSuiteList. Follows standard Comparable contract. 201 * 202 * Note that for unsupported CipherSuites parsed from a handshake 203 * message we violate the equals() contract. 204 */ compareTo(Object o)205 public int compareTo(Object o) { 206 return ((CipherSuite)o).priority - priority; 207 } 208 209 /** 210 * Returns this.name. 211 */ toString()212 public String toString() { 213 return name; 214 } 215 216 /** 217 * Return a CipherSuite for the given name. The returned CipherSuite 218 * is supported by this implementation but may not actually be 219 * currently useable. See isAvailable(). 220 * 221 * @exception IllegalArgumentException if the CipherSuite is unknown or 222 * unsupported. 223 */ valueOf(String s)224 static CipherSuite valueOf(String s) { 225 if (s == null) { 226 throw new IllegalArgumentException("Name must not be null"); 227 } 228 229 CipherSuite c = nameMap.get(s); 230 if ((c == null) || (c.allowed == false)) { 231 throw new IllegalArgumentException("Unsupported ciphersuite " + s); 232 } 233 234 return c; 235 } 236 237 /** 238 * Return a CipherSuite with the given ID. A temporary object is 239 * constructed if the ID is unknown. Use isAvailable() to verify that 240 * the CipherSuite can actually be used. 241 */ valueOf(int id1, int id2)242 static CipherSuite valueOf(int id1, int id2) { 243 id1 &= 0xff; 244 id2 &= 0xff; 245 int id = (id1 << 8) | id2; 246 CipherSuite c = idMap.get(id); 247 if (c == null) { 248 String h1 = Integer.toString(id1, 16); 249 String h2 = Integer.toString(id2, 16); 250 c = new CipherSuite("Unknown 0x" + h1 + ":0x" + h2, id); 251 } 252 return c; 253 } 254 255 // for use by CipherSuiteList only allowedCipherSuites()256 static Collection<CipherSuite> allowedCipherSuites() { 257 return nameMap.values(); 258 } 259 260 /* 261 * Use this method when all of the values need to be specified. 262 * This is primarily used when defining a new ciphersuite for 263 * TLS 1.2+ that doesn't use the "default" PRF. 264 */ add(String name, int id, int priority, KeyExchange keyExchange, BulkCipher cipher, boolean allowed, int obsoleted, int supported, PRF prf)265 private static void add(String name, int id, int priority, 266 KeyExchange keyExchange, BulkCipher cipher, 267 boolean allowed, int obsoleted, int supported, PRF prf) { 268 269 CipherSuite c = new CipherSuite(name, id, priority, keyExchange, 270 cipher, allowed, obsoleted, supported, prf); 271 if (idMap.put(id, c) != null) { 272 throw new RuntimeException("Duplicate ciphersuite definition: " 273 + id + ", " + name); 274 } 275 if (c.allowed) { 276 if (nameMap.put(name, c) != null) { 277 throw new RuntimeException("Duplicate ciphersuite definition: " 278 + id + ", " + name); 279 } 280 } 281 } 282 283 /* 284 * Use this method when there is no lower protocol limit where this 285 * suite can be used, and the PRF is P_SHA256. That is, the 286 * existing ciphersuites. From RFC 5246: 287 * 288 * All cipher suites in this document use P_SHA256. 289 */ add(String name, int id, int priority, KeyExchange keyExchange, BulkCipher cipher, boolean allowed, int obsoleted)290 private static void add(String name, int id, int priority, 291 KeyExchange keyExchange, BulkCipher cipher, 292 boolean allowed, int obsoleted) { 293 // If this is an obsoleted suite, then don't let the TLS 1.2 294 // protocol have a valid PRF value. 295 PRF prf = P_SHA256; 296 if (obsoleted < ProtocolVersion.TLS12.v) { 297 prf = P_NONE; 298 } 299 300 add(name, id, priority, keyExchange, cipher, allowed, obsoleted, 301 ProtocolVersion.LIMIT_MIN_VALUE, prf); 302 } 303 304 /* 305 * Use this method when there is no upper protocol limit. That is, 306 * suites which have not been obsoleted. 307 */ add(String name, int id, int priority, KeyExchange keyExchange, BulkCipher cipher, boolean allowed)308 private static void add(String name, int id, int priority, 309 KeyExchange keyExchange, BulkCipher cipher, boolean allowed) { 310 add(name, id, priority, keyExchange, 311 cipher, allowed, ProtocolVersion.LIMIT_MAX_VALUE); 312 } 313 314 /* 315 * Use this method to define an unimplemented suite. This provides 316 * a number<->name mapping that can be used for debugging. 317 */ add(String name, int id)318 private static void add(String name, int id) { 319 CipherSuite c = new CipherSuite(name, id); 320 if (idMap.put(id, c) != null) { 321 throw new RuntimeException("Duplicate ciphersuite definition: " 322 + id + ", " + name); 323 } 324 } 325 326 /** 327 * An SSL/TLS key exchange algorithm. 328 */ 329 static enum KeyExchange { 330 331 // key exchange algorithms 332 K_NULL ("NULL", false), 333 K_RSA ("RSA", true), 334 K_RSA_EXPORT ("RSA_EXPORT", true), 335 K_DH_RSA ("DH_RSA", false), 336 K_DH_DSS ("DH_DSS", false), 337 K_DHE_DSS ("DHE_DSS", true), 338 K_DHE_RSA ("DHE_RSA", true), 339 K_DH_ANON ("DH_anon", true), 340 341 K_ECDH_ECDSA ("ECDH_ECDSA", ALLOW_ECC), 342 K_ECDH_RSA ("ECDH_RSA", ALLOW_ECC), 343 K_ECDHE_ECDSA("ECDHE_ECDSA", ALLOW_ECC), 344 K_ECDHE_RSA ("ECDHE_RSA", ALLOW_ECC), 345 K_ECDH_ANON ("ECDH_anon", ALLOW_ECC), 346 347 // Kerberos cipher suites 348 K_KRB5 ("KRB5", true), 349 K_KRB5_EXPORT("KRB5_EXPORT", true), 350 351 // renegotiation protection request signaling cipher suite 352 K_SCSV ("SCSV", true); 353 354 // name of the key exchange algorithm, e.g. DHE_DSS 355 final String name; 356 final boolean allowed; 357 private final boolean alwaysAvailable; 358 KeyExchange(String name, boolean allowed)359 KeyExchange(String name, boolean allowed) { 360 this.name = name; 361 this.allowed = allowed; 362 this.alwaysAvailable = allowed && 363 (!name.startsWith("EC")) && (!name.startsWith("KRB")); 364 } 365 isAvailable()366 boolean isAvailable() { 367 if (alwaysAvailable) { 368 return true; 369 } 370 371 if (name.startsWith("EC")) { 372 return (allowed && JsseJce.isEcAvailable()); 373 } else if (name.startsWith("KRB")) { 374 return (allowed && JsseJce.isKerberosAvailable()); 375 } else { 376 return allowed; 377 } 378 } 379 toString()380 public String toString() { 381 return name; 382 } 383 } 384 385 /** 386 * An SSL/TLS bulk cipher algorithm. One instance per combination of 387 * cipher and key length. 388 * 389 * Also contains a factory method to obtain in initialized CipherBox 390 * for this algorithm. 391 */ 392 final static class BulkCipher { 393 394 // Map BulkCipher -> Boolean(available) 395 private final static Map<BulkCipher,Boolean> availableCache = 396 new HashMap<>(8); 397 398 // descriptive name including key size, e.g. AES/128 399 final String description; 400 401 // JCE cipher transformation string, e.g. AES/CBC/NoPadding 402 final String transformation; 403 404 // algorithm name, e.g. AES 405 final String algorithm; 406 407 // supported and compile time enabled. Also see isAvailable() 408 final boolean allowed; 409 410 // number of bytes of entropy in the key 411 final int keySize; 412 413 // length of the actual cipher key in bytes. 414 // for non-exportable ciphers, this is the same as keySize 415 final int expandedKeySize; 416 417 // size of the IV (also block size) 418 final int ivSize; 419 420 // exportable under 512/40 bit rules 421 final boolean exportable; 422 423 // Is the cipher algorithm of Cipher Block Chaining (CBC) mode? 424 final boolean isCBCMode; 425 BulkCipher(String transformation, int keySize, int expandedKeySize, int ivSize, boolean allowed)426 BulkCipher(String transformation, int keySize, 427 int expandedKeySize, int ivSize, boolean allowed) { 428 this.transformation = transformation; 429 String[] splits = transformation.split("/"); 430 this.algorithm = splits[0]; 431 this.isCBCMode = 432 splits.length <= 1 ? false : "CBC".equalsIgnoreCase(splits[1]); 433 this.description = this.algorithm + "/" + (keySize << 3); 434 this.keySize = keySize; 435 this.ivSize = ivSize; 436 this.allowed = allowed; 437 438 this.expandedKeySize = expandedKeySize; 439 this.exportable = true; 440 } 441 BulkCipher(String transformation, int keySize, int ivSize, boolean allowed)442 BulkCipher(String transformation, int keySize, 443 int ivSize, boolean allowed) { 444 this.transformation = transformation; 445 String[] splits = transformation.split("/"); 446 this.algorithm = splits[0]; 447 this.isCBCMode = 448 splits.length <= 1 ? false : "CBC".equalsIgnoreCase(splits[1]); 449 this.description = this.algorithm + "/" + (keySize << 3); 450 this.keySize = keySize; 451 this.ivSize = ivSize; 452 this.allowed = allowed; 453 454 this.expandedKeySize = keySize; 455 this.exportable = false; 456 } 457 458 /** 459 * Return an initialized CipherBox for this BulkCipher. 460 * IV must be null for stream ciphers. 461 * 462 * @exception NoSuchAlgorithmException if anything goes wrong 463 */ newCipher(ProtocolVersion version, SecretKey key, IvParameterSpec iv, SecureRandom random, boolean encrypt)464 CipherBox newCipher(ProtocolVersion version, SecretKey key, 465 IvParameterSpec iv, SecureRandom random, 466 boolean encrypt) throws NoSuchAlgorithmException { 467 return CipherBox.newCipherBox(version, this, 468 key, iv, random, encrypt); 469 } 470 471 /** 472 * Test if this bulk cipher is available. For use by CipherSuite. 473 * 474 * Currently all supported ciphers except AES are always available 475 * via the JSSE internal implementations. We also assume AES/128 476 * is always available since it is shipped with the SunJCE provider. 477 * However, AES/256 is unavailable when the default JCE policy 478 * jurisdiction files are installed because of key length restrictions. 479 */ isAvailable()480 boolean isAvailable() { 481 if (allowed == false) { 482 return false; 483 } 484 if (this == B_AES_256) { 485 return isAvailable(this); 486 } 487 488 // always available 489 return true; 490 } 491 492 // for use by CipherSuiteList.clearAvailableCache(); clearAvailableCache()493 static synchronized void clearAvailableCache() { 494 if (DYNAMIC_AVAILABILITY) { 495 availableCache.clear(); 496 } 497 } 498 isAvailable(BulkCipher cipher)499 private static synchronized boolean isAvailable(BulkCipher cipher) { 500 Boolean b = availableCache.get(cipher); 501 if (b == null) { 502 try { 503 SecretKey key = new SecretKeySpec 504 (new byte[cipher.expandedKeySize], cipher.algorithm); 505 IvParameterSpec iv = 506 new IvParameterSpec(new byte[cipher.ivSize]); 507 cipher.newCipher(ProtocolVersion.DEFAULT, 508 key, iv, null, true); 509 b = Boolean.TRUE; 510 } catch (NoSuchAlgorithmException e) { 511 b = Boolean.FALSE; 512 } 513 availableCache.put(cipher, b); 514 } 515 return b.booleanValue(); 516 } 517 toString()518 public String toString() { 519 return description; 520 } 521 } 522 523 /** 524 * An SSL/TLS key MAC algorithm. 525 * 526 * Also contains a factory method to obtain an initialized MAC 527 * for this algorithm. 528 */ 529 final static class MacAlg { 530 531 // descriptive name, e.g. MD5 532 final String name; 533 534 // size of the MAC value (and MAC key) in bytes 535 final int size; 536 537 // block size of the underlying hash algorithm 538 final int hashBlockSize; 539 540 // minimal padding size of the underlying hash algorithm 541 final int minimalPaddingSize; 542 MacAlg(String name, int size, int hashBlockSize, int minimalPaddingSize)543 MacAlg(String name, int size, 544 int hashBlockSize, int minimalPaddingSize) { 545 this.name = name; 546 this.size = size; 547 this.hashBlockSize = hashBlockSize; 548 this.minimalPaddingSize = minimalPaddingSize; 549 } 550 551 /** 552 * Return an initialized MAC for this MacAlg. ProtocolVersion 553 * must either be SSL30 (SSLv3 custom MAC) or TLS10 (std. HMAC). 554 * 555 * @exception NoSuchAlgorithmException if anything goes wrong 556 */ newMac(ProtocolVersion protocolVersion, SecretKey secret)557 MAC newMac(ProtocolVersion protocolVersion, SecretKey secret) 558 throws NoSuchAlgorithmException, InvalidKeyException { 559 return new MAC(this, protocolVersion, secret); 560 } 561 toString()562 public String toString() { 563 return name; 564 } 565 } 566 567 // export strength ciphers 568 final static BulkCipher B_NULL = 569 new BulkCipher("NULL", 0, 0, 0, true); 570 final static BulkCipher B_RC4_40 = 571 new BulkCipher(CIPHER_RC4, 5, 16, 0, true); 572 final static BulkCipher B_RC2_40 = 573 new BulkCipher("RC2", 5, 16, 8, false); 574 final static BulkCipher B_DES_40 = 575 new BulkCipher(CIPHER_DES, 5, 8, 8, true); 576 577 // domestic strength ciphers 578 final static BulkCipher B_RC4_128 = 579 new BulkCipher(CIPHER_RC4, 16, 0, true); 580 final static BulkCipher B_DES = 581 new BulkCipher(CIPHER_DES, 8, 8, true); 582 final static BulkCipher B_3DES = 583 new BulkCipher(CIPHER_3DES, 24, 8, true); 584 final static BulkCipher B_IDEA = 585 new BulkCipher("IDEA", 16, 8, false); 586 final static BulkCipher B_AES_128 = 587 new BulkCipher(CIPHER_AES, 16, 16, true); 588 final static BulkCipher B_AES_256 = 589 new BulkCipher(CIPHER_AES, 32, 16, true); 590 591 // MACs 592 final static MacAlg M_NULL = new MacAlg("NULL", 0, 0, 0); 593 final static MacAlg M_MD5 = new MacAlg("MD5", 16, 64, 9); 594 final static MacAlg M_SHA = new MacAlg("SHA", 20, 64, 9); 595 final static MacAlg M_SHA256 = new MacAlg("SHA256", 32, 64, 9); 596 final static MacAlg M_SHA384 = new MacAlg("SHA384", 48, 128, 17); 597 598 /** 599 * PRFs (PseudoRandom Function) from TLS specifications. 600 * 601 * TLS 1.1- uses a single MD5/SHA1-based PRF algorithm for generating 602 * the necessary material. 603 * 604 * In TLS 1.2+, all existing/known CipherSuites use SHA256, however 605 * new Ciphersuites (e.g. RFC 5288) can define specific PRF hash 606 * algorithms. 607 */ 608 static enum PRF { 609 610 // PRF algorithms 611 P_NONE( "NONE", 0, 0), 612 P_SHA256("SHA-256", 32, 64), 613 P_SHA384("SHA-384", 48, 128), 614 P_SHA512("SHA-512", 64, 128); // not currently used. 615 616 // PRF characteristics 617 private final String prfHashAlg; 618 private final int prfHashLength; 619 private final int prfBlockSize; 620 PRF(String prfHashAlg, int prfHashLength, int prfBlockSize)621 PRF(String prfHashAlg, int prfHashLength, int prfBlockSize) { 622 this.prfHashAlg = prfHashAlg; 623 this.prfHashLength = prfHashLength; 624 this.prfBlockSize = prfBlockSize; 625 } 626 getPRFHashAlg()627 String getPRFHashAlg() { 628 return prfHashAlg; 629 } 630 getPRFHashLength()631 int getPRFHashLength() { 632 return prfHashLength; 633 } 634 getPRFBlockSize()635 int getPRFBlockSize() { 636 return prfBlockSize; 637 } 638 } 639 640 static { 641 idMap = new HashMap<Integer,CipherSuite>(); 642 nameMap = new HashMap<String,CipherSuite>(); 643 644 final boolean F = false; 645 final boolean T = true; 646 // N: ciphersuites only allowed if we are not in FIPS mode 647 final boolean N = (SunJSSE.isFIPS() == false); 648 649 /* 650 * TLS Cipher Suite Registry, as of August 2010. 651 * 652 * http://www.iana.org/assignments/tls-parameters/tls-parameters.xml 653 * 654 * Range Registration Procedures Notes 655 * 000-191 Standards Action Refers to value of first byte 656 * 192-254 Specification Required Refers to value of first byte 657 * 255 Reserved for Private Use Refers to value of first byte 658 * 659 * Value Description Reference 660 * 0x00,0x00 TLS_NULL_WITH_NULL_NULL [RFC5246] 661 * 0x00,0x01 TLS_RSA_WITH_NULL_MD5 [RFC5246] 662 * 0x00,0x02 TLS_RSA_WITH_NULL_SHA [RFC5246] 663 * 0x00,0x03 TLS_RSA_EXPORT_WITH_RC4_40_MD5 [RFC4346] 664 * 0x00,0x04 TLS_RSA_WITH_RC4_128_MD5 [RFC5246] 665 * 0x00,0x05 TLS_RSA_WITH_RC4_128_SHA [RFC5246] 666 * 0x00,0x06 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 [RFC4346] 667 * 0x00,0x07 TLS_RSA_WITH_IDEA_CBC_SHA [RFC5469] 668 * 0x00,0x08 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 669 * 0x00,0x09 TLS_RSA_WITH_DES_CBC_SHA [RFC5469] 670 * 0x00,0x0A TLS_RSA_WITH_3DES_EDE_CBC_SHA [RFC5246] 671 * 0x00,0x0B TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 672 * 0x00,0x0C TLS_DH_DSS_WITH_DES_CBC_SHA [RFC5469] 673 * 0x00,0x0D TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA [RFC5246] 674 * 0x00,0x0E TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 675 * 0x00,0x0F TLS_DH_RSA_WITH_DES_CBC_SHA [RFC5469] 676 * 0x00,0x10 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA [RFC5246] 677 * 0x00,0x11 TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 678 * 0x00,0x12 TLS_DHE_DSS_WITH_DES_CBC_SHA [RFC5469] 679 * 0x00,0x13 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [RFC5246] 680 * 0x00,0x14 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 681 * 0x00,0x15 TLS_DHE_RSA_WITH_DES_CBC_SHA [RFC5469] 682 * 0x00,0x16 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA [RFC5246] 683 * 0x00,0x17 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 [RFC4346] 684 * 0x00,0x18 TLS_DH_anon_WITH_RC4_128_MD5 [RFC5246] 685 * 0x00,0x19 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA [RFC4346] 686 * 0x00,0x1A TLS_DH_anon_WITH_DES_CBC_SHA [RFC5469] 687 * 0x00,0x1B TLS_DH_anon_WITH_3DES_EDE_CBC_SHA [RFC5246] 688 * 0x00,0x1C-1D Reserved to avoid conflicts with SSLv3 [RFC5246] 689 * 0x00,0x1E TLS_KRB5_WITH_DES_CBC_SHA [RFC2712] 690 * 0x00,0x1F TLS_KRB5_WITH_3DES_EDE_CBC_SHA [RFC2712] 691 * 0x00,0x20 TLS_KRB5_WITH_RC4_128_SHA [RFC2712] 692 * 0x00,0x21 TLS_KRB5_WITH_IDEA_CBC_SHA [RFC2712] 693 * 0x00,0x22 TLS_KRB5_WITH_DES_CBC_MD5 [RFC2712] 694 * 0x00,0x23 TLS_KRB5_WITH_3DES_EDE_CBC_MD5 [RFC2712] 695 * 0x00,0x24 TLS_KRB5_WITH_RC4_128_MD5 [RFC2712] 696 * 0x00,0x25 TLS_KRB5_WITH_IDEA_CBC_MD5 [RFC2712] 697 * 0x00,0x26 TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA [RFC2712] 698 * 0x00,0x27 TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA [RFC2712] 699 * 0x00,0x28 TLS_KRB5_EXPORT_WITH_RC4_40_SHA [RFC2712] 700 * 0x00,0x29 TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 [RFC2712] 701 * 0x00,0x2A TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 [RFC2712] 702 * 0x00,0x2B TLS_KRB5_EXPORT_WITH_RC4_40_MD5 [RFC2712] 703 * 0x00,0x2C TLS_PSK_WITH_NULL_SHA [RFC4785] 704 * 0x00,0x2D TLS_DHE_PSK_WITH_NULL_SHA [RFC4785] 705 * 0x00,0x2E TLS_RSA_PSK_WITH_NULL_SHA [RFC4785] 706 * 0x00,0x2F TLS_RSA_WITH_AES_128_CBC_SHA [RFC5246] 707 * 0x00,0x30 TLS_DH_DSS_WITH_AES_128_CBC_SHA [RFC5246] 708 * 0x00,0x31 TLS_DH_RSA_WITH_AES_128_CBC_SHA [RFC5246] 709 * 0x00,0x32 TLS_DHE_DSS_WITH_AES_128_CBC_SHA [RFC5246] 710 * 0x00,0x33 TLS_DHE_RSA_WITH_AES_128_CBC_SHA [RFC5246] 711 * 0x00,0x34 TLS_DH_anon_WITH_AES_128_CBC_SHA [RFC5246] 712 * 0x00,0x35 TLS_RSA_WITH_AES_256_CBC_SHA [RFC5246] 713 * 0x00,0x36 TLS_DH_DSS_WITH_AES_256_CBC_SHA [RFC5246] 714 * 0x00,0x37 TLS_DH_RSA_WITH_AES_256_CBC_SHA [RFC5246] 715 * 0x00,0x38 TLS_DHE_DSS_WITH_AES_256_CBC_SHA [RFC5246] 716 * 0x00,0x39 TLS_DHE_RSA_WITH_AES_256_CBC_SHA [RFC5246] 717 * 0x00,0x3A TLS_DH_anon_WITH_AES_256_CBC_SHA [RFC5246] 718 * 0x00,0x3B TLS_RSA_WITH_NULL_SHA256 [RFC5246] 719 * 0x00,0x3C TLS_RSA_WITH_AES_128_CBC_SHA256 [RFC5246] 720 * 0x00,0x3D TLS_RSA_WITH_AES_256_CBC_SHA256 [RFC5246] 721 * 0x00,0x3E TLS_DH_DSS_WITH_AES_128_CBC_SHA256 [RFC5246] 722 * 0x00,0x3F TLS_DH_RSA_WITH_AES_128_CBC_SHA256 [RFC5246] 723 * 0x00,0x40 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 [RFC5246] 724 * 0x00,0x41 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 725 * 0x00,0x42 TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 726 * 0x00,0x43 TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 727 * 0x00,0x44 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 728 * 0x00,0x45 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 729 * 0x00,0x46 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA [RFC5932] 730 * 0x00,0x47-4F Reserved to avoid conflicts with 731 * deployed implementations [Pasi_Eronen] 732 * 0x00,0x50-58 Reserved to avoid conflicts [Pasi Eronen] 733 * 0x00,0x59-5C Reserved to avoid conflicts with 734 * deployed implementations [Pasi_Eronen] 735 * 0x00,0x5D-5F Unassigned 736 * 0x00,0x60-66 Reserved to avoid conflicts with widely 737 * deployed implementations [Pasi_Eronen] 738 * 0x00,0x67 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 [RFC5246] 739 * 0x00,0x68 TLS_DH_DSS_WITH_AES_256_CBC_SHA256 [RFC5246] 740 * 0x00,0x69 TLS_DH_RSA_WITH_AES_256_CBC_SHA256 [RFC5246] 741 * 0x00,0x6A TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 [RFC5246] 742 * 0x00,0x6B TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 [RFC5246] 743 * 0x00,0x6C TLS_DH_anon_WITH_AES_128_CBC_SHA256 [RFC5246] 744 * 0x00,0x6D TLS_DH_anon_WITH_AES_256_CBC_SHA256 [RFC5246] 745 * 0x00,0x6E-83 Unassigned 746 * 0x00,0x84 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 747 * 0x00,0x85 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 748 * 0x00,0x86 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 749 * 0x00,0x87 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 750 * 0x00,0x88 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 751 * 0x00,0x89 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA [RFC5932] 752 * 0x00,0x8A TLS_PSK_WITH_RC4_128_SHA [RFC4279] 753 * 0x00,0x8B TLS_PSK_WITH_3DES_EDE_CBC_SHA [RFC4279] 754 * 0x00,0x8C TLS_PSK_WITH_AES_128_CBC_SHA [RFC4279] 755 * 0x00,0x8D TLS_PSK_WITH_AES_256_CBC_SHA [RFC4279] 756 * 0x00,0x8E TLS_DHE_PSK_WITH_RC4_128_SHA [RFC4279] 757 * 0x00,0x8F TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA [RFC4279] 758 * 0x00,0x90 TLS_DHE_PSK_WITH_AES_128_CBC_SHA [RFC4279] 759 * 0x00,0x91 TLS_DHE_PSK_WITH_AES_256_CBC_SHA [RFC4279] 760 * 0x00,0x92 TLS_RSA_PSK_WITH_RC4_128_SHA [RFC4279] 761 * 0x00,0x93 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA [RFC4279] 762 * 0x00,0x94 TLS_RSA_PSK_WITH_AES_128_CBC_SHA [RFC4279] 763 * 0x00,0x95 TLS_RSA_PSK_WITH_AES_256_CBC_SHA [RFC4279] 764 * 0x00,0x96 TLS_RSA_WITH_SEED_CBC_SHA [RFC4162] 765 * 0x00,0x97 TLS_DH_DSS_WITH_SEED_CBC_SHA [RFC4162] 766 * 0x00,0x98 TLS_DH_RSA_WITH_SEED_CBC_SHA [RFC4162] 767 * 0x00,0x99 TLS_DHE_DSS_WITH_SEED_CBC_SHA [RFC4162] 768 * 0x00,0x9A TLS_DHE_RSA_WITH_SEED_CBC_SHA [RFC4162] 769 * 0x00,0x9B TLS_DH_anon_WITH_SEED_CBC_SHA [RFC4162] 770 * 0x00,0x9C TLS_RSA_WITH_AES_128_GCM_SHA256 [RFC5288] 771 * 0x00,0x9D TLS_RSA_WITH_AES_256_GCM_SHA384 [RFC5288] 772 * 0x00,0x9E TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 [RFC5288] 773 * 0x00,0x9F TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 [RFC5288] 774 * 0x00,0xA0 TLS_DH_RSA_WITH_AES_128_GCM_SHA256 [RFC5288] 775 * 0x00,0xA1 TLS_DH_RSA_WITH_AES_256_GCM_SHA384 [RFC5288] 776 * 0x00,0xA2 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 [RFC5288] 777 * 0x00,0xA3 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 [RFC5288] 778 * 0x00,0xA4 TLS_DH_DSS_WITH_AES_128_GCM_SHA256 [RFC5288] 779 * 0x00,0xA5 TLS_DH_DSS_WITH_AES_256_GCM_SHA384 [RFC5288] 780 * 0x00,0xA6 TLS_DH_anon_WITH_AES_128_GCM_SHA256 [RFC5288] 781 * 0x00,0xA7 TLS_DH_anon_WITH_AES_256_GCM_SHA384 [RFC5288] 782 * 0x00,0xA8 TLS_PSK_WITH_AES_128_GCM_SHA256 [RFC5487] 783 * 0x00,0xA9 TLS_PSK_WITH_AES_256_GCM_SHA384 [RFC5487] 784 * 0x00,0xAA TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 [RFC5487] 785 * 0x00,0xAB TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 [RFC5487] 786 * 0x00,0xAC TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 [RFC5487] 787 * 0x00,0xAD TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 [RFC5487] 788 * 0x00,0xAE TLS_PSK_WITH_AES_128_CBC_SHA256 [RFC5487] 789 * 0x00,0xAF TLS_PSK_WITH_AES_256_CBC_SHA384 [RFC5487] 790 * 0x00,0xB0 TLS_PSK_WITH_NULL_SHA256 [RFC5487] 791 * 0x00,0xB1 TLS_PSK_WITH_NULL_SHA384 [RFC5487] 792 * 0x00,0xB2 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 [RFC5487] 793 * 0x00,0xB3 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 [RFC5487] 794 * 0x00,0xB4 TLS_DHE_PSK_WITH_NULL_SHA256 [RFC5487] 795 * 0x00,0xB5 TLS_DHE_PSK_WITH_NULL_SHA384 [RFC5487] 796 * 0x00,0xB6 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 [RFC5487] 797 * 0x00,0xB7 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 [RFC5487] 798 * 0x00,0xB8 TLS_RSA_PSK_WITH_NULL_SHA256 [RFC5487] 799 * 0x00,0xB9 TLS_RSA_PSK_WITH_NULL_SHA384 [RFC5487] 800 * 0x00,0xBA TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 801 * 0x00,0xBB TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 802 * 0x00,0xBC TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 803 * 0x00,0xBD TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 804 * 0x00,0xBE TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 805 * 0x00,0xBF TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 [RFC5932] 806 * 0x00,0xC0 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 807 * 0x00,0xC1 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 808 * 0x00,0xC2 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 809 * 0x00,0xC3 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 810 * 0x00,0xC4 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 811 * 0x00,0xC5 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 [RFC5932] 812 * 0x00,0xC6-FE Unassigned 813 * 0x00,0xFF TLS_EMPTY_RENEGOTIATION_INFO_SCSV [RFC5746] 814 * 0x01-BF,* Unassigned 815 * 0xC0,0x01 TLS_ECDH_ECDSA_WITH_NULL_SHA [RFC4492] 816 * 0xC0,0x02 TLS_ECDH_ECDSA_WITH_RC4_128_SHA [RFC4492] 817 * 0xC0,0x03 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA [RFC4492] 818 * 0xC0,0x04 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA [RFC4492] 819 * 0xC0,0x05 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA [RFC4492] 820 * 0xC0,0x06 TLS_ECDHE_ECDSA_WITH_NULL_SHA [RFC4492] 821 * 0xC0,0x07 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA [RFC4492] 822 * 0xC0,0x08 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA [RFC4492] 823 * 0xC0,0x09 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA [RFC4492] 824 * 0xC0,0x0A TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA [RFC4492] 825 * 0xC0,0x0B TLS_ECDH_RSA_WITH_NULL_SHA [RFC4492] 826 * 0xC0,0x0C TLS_ECDH_RSA_WITH_RC4_128_SHA [RFC4492] 827 * 0xC0,0x0D TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA [RFC4492] 828 * 0xC0,0x0E TLS_ECDH_RSA_WITH_AES_128_CBC_SHA [RFC4492] 829 * 0xC0,0x0F TLS_ECDH_RSA_WITH_AES_256_CBC_SHA [RFC4492] 830 * 0xC0,0x10 TLS_ECDHE_RSA_WITH_NULL_SHA [RFC4492] 831 * 0xC0,0x11 TLS_ECDHE_RSA_WITH_RC4_128_SHA [RFC4492] 832 * 0xC0,0x12 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA [RFC4492] 833 * 0xC0,0x13 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA [RFC4492] 834 * 0xC0,0x14 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA [RFC4492] 835 * 0xC0,0x15 TLS_ECDH_anon_WITH_NULL_SHA [RFC4492] 836 * 0xC0,0x16 TLS_ECDH_anon_WITH_RC4_128_SHA [RFC4492] 837 * 0xC0,0x17 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA [RFC4492] 838 * 0xC0,0x18 TLS_ECDH_anon_WITH_AES_128_CBC_SHA [RFC4492] 839 * 0xC0,0x19 TLS_ECDH_anon_WITH_AES_256_CBC_SHA [RFC4492] 840 * 0xC0,0x1A TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA [RFC5054] 841 * 0xC0,0x1B TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA [RFC5054] 842 * 0xC0,0x1C TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA [RFC5054] 843 * 0xC0,0x1D TLS_SRP_SHA_WITH_AES_128_CBC_SHA [RFC5054] 844 * 0xC0,0x1E TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA [RFC5054] 845 * 0xC0,0x1F TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA [RFC5054] 846 * 0xC0,0x20 TLS_SRP_SHA_WITH_AES_256_CBC_SHA [RFC5054] 847 * 0xC0,0x21 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA [RFC5054] 848 * 0xC0,0x22 TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA [RFC5054] 849 * 0xC0,0x23 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 [RFC5289] 850 * 0xC0,0x24 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 [RFC5289] 851 * 0xC0,0x25 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 [RFC5289] 852 * 0xC0,0x26 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 [RFC5289] 853 * 0xC0,0x27 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 [RFC5289] 854 * 0xC0,0x28 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 [RFC5289] 855 * 0xC0,0x29 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 [RFC5289] 856 * 0xC0,0x2A TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 [RFC5289] 857 * 0xC0,0x2B TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [RFC5289] 858 * 0xC0,0x2C TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [RFC5289] 859 * 0xC0,0x2D TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 [RFC5289] 860 * 0xC0,0x2E TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 [RFC5289] 861 * 0xC0,0x2F TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [RFC5289] 862 * 0xC0,0x30 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [RFC5289] 863 * 0xC0,0x31 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 [RFC5289] 864 * 0xC0,0x32 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 [RFC5289] 865 * 0xC0,0x33 TLS_ECDHE_PSK_WITH_RC4_128_SHA [RFC5489] 866 * 0xC0,0x34 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA [RFC5489] 867 * 0xC0,0x35 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA [RFC5489] 868 * 0xC0,0x36 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA [RFC5489] 869 * 0xC0,0x37 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 [RFC5489] 870 * 0xC0,0x38 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 [RFC5489] 871 * 0xC0,0x39 TLS_ECDHE_PSK_WITH_NULL_SHA [RFC5489] 872 * 0xC0,0x3A TLS_ECDHE_PSK_WITH_NULL_SHA256 [RFC5489] 873 * 0xC0,0x3B TLS_ECDHE_PSK_WITH_NULL_SHA384 [RFC5489] 874 * 0xC0,0x3C-FF Unassigned 875 * 0xC1-FD,* Unassigned 876 * 0xFE,0x00-FD Unassigned 877 * 0xFE,0xFE-FF Reserved to avoid conflicts with widely 878 * deployed implementations [Pasi_Eronen] 879 * 0xFF,0x00-FF Reserved for Private Use [RFC5246] 880 */ 881 882 add("SSL_NULL_WITH_NULL_NULL", 883 0x0000, 1, K_NULL, B_NULL, F); 884 885 /* 886 * Definition of the CipherSuites that are enabled by default. 887 * They are listed in preference order, most preferred first, using 888 * the following criteria: 889 * 1. Prefer the stronger buld cipher, in the order of AES_256, 890 * AES_128, RC-4, 3DES-EDE. 891 * 2. Prefer the stronger MAC algorithm, in the order of SHA384, 892 * SHA256, SHA, MD5. 893 * 3. Prefer the better performance of key exchange and digital 894 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, 895 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS. 896 */ 897 int p = DEFAULT_SUITES_PRIORITY * 2; 898 899 // shorten names to fit the following table cleanly. 900 int max = ProtocolVersion.LIMIT_MAX_VALUE; 901 int tls11 = ProtocolVersion.TLS11.v; 902 int tls12 = ProtocolVersion.TLS12.v; 903 904 // ID Key Exchange Cipher A obs suprt PRF 905 // ====== ============ ========= = === ===== ======== 906 add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", 907 0xc024, --p, K_ECDHE_ECDSA, B_AES_256, T, max, tls12, P_SHA384); 908 add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", 909 0xc028, --p, K_ECDHE_RSA, B_AES_256, T, max, tls12, P_SHA384); 910 add("TLS_RSA_WITH_AES_256_CBC_SHA256", 911 0x003d, --p, K_RSA, B_AES_256, T, max, tls12, P_SHA256); 912 add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", 913 0xc026, --p, K_ECDH_ECDSA, B_AES_256, T, max, tls12, P_SHA384); 914 add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", 915 0xc02a, --p, K_ECDH_RSA, B_AES_256, T, max, tls12, P_SHA384); 916 add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", 917 0x006b, --p, K_DHE_RSA, B_AES_256, T, max, tls12, P_SHA256); 918 add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", 919 0x006a, --p, K_DHE_DSS, B_AES_256, T, max, tls12, P_SHA256); 920 921 add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 922 0xC00A, --p, K_ECDHE_ECDSA, B_AES_256, T); 923 add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 924 0xC014, --p, K_ECDHE_RSA, B_AES_256, T); 925 add("TLS_RSA_WITH_AES_256_CBC_SHA", 926 0x0035, --p, K_RSA, B_AES_256, T); 927 add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 928 0xC005, --p, K_ECDH_ECDSA, B_AES_256, T); 929 add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 930 0xC00F, --p, K_ECDH_RSA, B_AES_256, T); 931 add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 932 0x0039, --p, K_DHE_RSA, B_AES_256, T); 933 add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 934 0x0038, --p, K_DHE_DSS, B_AES_256, T); 935 936 add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", 937 0xc023, --p, K_ECDHE_ECDSA, B_AES_128, T, max, tls12, P_SHA256); 938 add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", 939 0xc027, --p, K_ECDHE_RSA, B_AES_128, T, max, tls12, P_SHA256); 940 add("TLS_RSA_WITH_AES_128_CBC_SHA256", 941 0x003c, --p, K_RSA, B_AES_128, T, max, tls12, P_SHA256); 942 add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", 943 0xc025, --p, K_ECDH_ECDSA, B_AES_128, T, max, tls12, P_SHA256); 944 add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", 945 0xc029, --p, K_ECDH_RSA, B_AES_128, T, max, tls12, P_SHA256); 946 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", 947 0x0067, --p, K_DHE_RSA, B_AES_128, T, max, tls12, P_SHA256); 948 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", 949 0x0040, --p, K_DHE_DSS, B_AES_128, T, max, tls12, P_SHA256); 950 951 add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 952 0xC009, --p, K_ECDHE_ECDSA, B_AES_128, T); 953 add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 954 0xC013, --p, K_ECDHE_RSA, B_AES_128, T); 955 add("TLS_RSA_WITH_AES_128_CBC_SHA", 956 0x002f, --p, K_RSA, B_AES_128, T); 957 add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 958 0xC004, --p, K_ECDH_ECDSA, B_AES_128, T); 959 add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 960 0xC00E, --p, K_ECDH_RSA, B_AES_128, T); 961 add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 962 0x0033, --p, K_DHE_RSA, B_AES_128, T); 963 add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 964 0x0032, --p, K_DHE_DSS, B_AES_128, T); 965 966 add("TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 967 0xC007, --p, K_ECDHE_ECDSA, B_RC4_128, N); 968 add("TLS_ECDHE_RSA_WITH_RC4_128_SHA", 969 0xC011, --p, K_ECDHE_RSA, B_RC4_128, N); 970 add("SSL_RSA_WITH_RC4_128_SHA", 971 0x0005, --p, K_RSA, B_RC4_128, N); 972 add("TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 973 0xC002, --p, K_ECDH_ECDSA, B_RC4_128, N); 974 add("TLS_ECDH_RSA_WITH_RC4_128_SHA", 975 0xC00C, --p, K_ECDH_RSA, B_RC4_128, N); 976 977 add("TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 978 0xC008, --p, K_ECDHE_ECDSA, B_3DES, T); 979 add("TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 980 0xC012, --p, K_ECDHE_RSA, B_3DES, T); 981 add("SSL_RSA_WITH_3DES_EDE_CBC_SHA", 982 0x000a, --p, K_RSA, B_3DES, T); 983 add("TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 984 0xC003, --p, K_ECDH_ECDSA, B_3DES, T); 985 add("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 986 0xC00D, --p, K_ECDH_RSA, B_3DES, T); 987 add("SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 988 0x0016, --p, K_DHE_RSA, B_3DES, T); 989 add("SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 990 0x0013, --p, K_DHE_DSS, B_3DES, N); 991 992 add("SSL_RSA_WITH_RC4_128_MD5", 993 0x0004, --p, K_RSA, B_RC4_128, N); 994 995 // Renegotiation protection request Signalling Cipher Suite Value (SCSV) 996 add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 997 0x00ff, --p, K_SCSV, B_NULL, T); 998 999 /* 1000 * Definition of the CipherSuites that are supported but not enabled 1001 * by default. 1002 * They are listed in preference order, preferred first, using the 1003 * following criteria: 1004 * 1. CipherSuites for KRB5 need additional KRB5 service 1005 * configuration, and these suites are not common in practice, 1006 * so we put KRB5 based cipher suites at the end of the supported 1007 * list. 1008 * 2. If a cipher suite has been obsoleted, we put it at the end of 1009 * the list. 1010 * 3. Prefer the stronger bulk cipher, in the order of AES_256, 1011 * AES_128, RC-4, 3DES-EDE, DES, RC4_40, DES40, NULL. 1012 * 4. Prefer the stronger MAC algorithm, in the order of SHA384, 1013 * SHA256, SHA, MD5. 1014 * 5. Prefer the better performance of key exchange and digital 1015 * signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA, 1016 * RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS, anonymous. 1017 */ 1018 p = DEFAULT_SUITES_PRIORITY; 1019 1020 add("TLS_DH_anon_WITH_AES_256_CBC_SHA256", 1021 0x006d, --p, K_DH_ANON, B_AES_256, N, max, tls12, P_SHA256); 1022 add("TLS_ECDH_anon_WITH_AES_256_CBC_SHA", 1023 0xC019, --p, K_ECDH_ANON, B_AES_256, T); 1024 add("TLS_DH_anon_WITH_AES_256_CBC_SHA", 1025 0x003a, --p, K_DH_ANON, B_AES_256, N); 1026 1027 add("TLS_DH_anon_WITH_AES_128_CBC_SHA256", 1028 0x006c, --p, K_DH_ANON, B_AES_128, N, max, tls12, P_SHA256); 1029 add("TLS_ECDH_anon_WITH_AES_128_CBC_SHA", 1030 0xC018, --p, K_ECDH_ANON, B_AES_128, T); 1031 add("TLS_DH_anon_WITH_AES_128_CBC_SHA", 1032 0x0034, --p, K_DH_ANON, B_AES_128, N); 1033 1034 add("TLS_ECDH_anon_WITH_RC4_128_SHA", 1035 0xC016, --p, K_ECDH_ANON, B_RC4_128, N); 1036 add("SSL_DH_anon_WITH_RC4_128_MD5", 1037 0x0018, --p, K_DH_ANON, B_RC4_128, N); 1038 1039 add("TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", 1040 0xC017, --p, K_ECDH_ANON, B_3DES, T); 1041 add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", 1042 0x001b, --p, K_DH_ANON, B_3DES, N); 1043 1044 add("TLS_RSA_WITH_NULL_SHA256", 1045 0x003b, --p, K_RSA, B_NULL, N, max, tls12, P_SHA256); 1046 add("TLS_ECDHE_ECDSA_WITH_NULL_SHA", 1047 0xC006, --p, K_ECDHE_ECDSA, B_NULL, N); 1048 add("TLS_ECDHE_RSA_WITH_NULL_SHA", 1049 0xC010, --p, K_ECDHE_RSA, B_NULL, N); 1050 add("SSL_RSA_WITH_NULL_SHA", 1051 0x0002, --p, K_RSA, B_NULL, N); 1052 add("TLS_ECDH_ECDSA_WITH_NULL_SHA", 1053 0xC001, --p, K_ECDH_ECDSA, B_NULL, N); 1054 add("TLS_ECDH_RSA_WITH_NULL_SHA", 1055 0xC00B, --p, K_ECDH_RSA, B_NULL, N); 1056 add("TLS_ECDH_anon_WITH_NULL_SHA", 1057 0xC015, --p, K_ECDH_ANON, B_NULL, N); 1058 add("SSL_RSA_WITH_NULL_MD5", 1059 0x0001, --p, K_RSA, B_NULL, N); 1060 1061 // weak cipher suites obsoleted in TLS 1.2 1062 add("SSL_RSA_WITH_DES_CBC_SHA", 1063 0x0009, --p, K_RSA, B_DES, N, tls12); 1064 add("SSL_DHE_RSA_WITH_DES_CBC_SHA", 1065 0x0015, --p, K_DHE_RSA, B_DES, N, tls12); 1066 add("SSL_DHE_DSS_WITH_DES_CBC_SHA", 1067 0x0012, --p, K_DHE_DSS, B_DES, N, tls12); 1068 add("SSL_DH_anon_WITH_DES_CBC_SHA", 1069 0x001a, --p, K_DH_ANON, B_DES, N, tls12); 1070 1071 // weak cipher suites obsoleted in TLS 1.1 1072 add("SSL_RSA_EXPORT_WITH_RC4_40_MD5", 1073 0x0003, --p, K_RSA_EXPORT, B_RC4_40, N, tls11); 1074 add("SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", 1075 0x0017, --p, K_DH_ANON, B_RC4_40, N, tls11); 1076 1077 add("SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 1078 0x0008, --p, K_RSA_EXPORT, B_DES_40, N, tls11); 1079 add("SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 1080 0x0014, --p, K_DHE_RSA, B_DES_40, N, tls11); 1081 add("SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 1082 0x0011, --p, K_DHE_DSS, B_DES_40, N, tls11); 1083 add("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 1084 0x0019, --p, K_DH_ANON, B_DES_40, N, tls11); 1085 1086 // Supported Kerberos ciphersuites from RFC2712 1087 add("TLS_KRB5_WITH_RC4_128_SHA", 1088 0x0020, --p, K_KRB5, B_RC4_128, N); 1089 add("TLS_KRB5_WITH_RC4_128_MD5", 1090 0x0024, --p, K_KRB5, B_RC4_128, N); 1091 add("TLS_KRB5_WITH_3DES_EDE_CBC_SHA", 1092 0x001f, --p, K_KRB5, B_3DES, N); 1093 add("TLS_KRB5_WITH_3DES_EDE_CBC_MD5", 1094 0x0023, --p, K_KRB5, B_3DES, N); 1095 add("TLS_KRB5_WITH_DES_CBC_SHA", 1096 0x001e, --p, K_KRB5, B_DES, N, tls12); 1097 add("TLS_KRB5_WITH_DES_CBC_MD5", 1098 0x0022, --p, K_KRB5, B_DES, N, tls12); 1099 add("TLS_KRB5_EXPORT_WITH_RC4_40_SHA", 1100 0x0028, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); 1101 add("TLS_KRB5_EXPORT_WITH_RC4_40_MD5", 1102 0x002b, --p, K_KRB5_EXPORT, B_RC4_40, N, tls11); 1103 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", 1104 0x0026, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); 1105 add("TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", 1106 0x0029, --p, K_KRB5_EXPORT, B_DES_40, N, tls11); 1107 1108 /* 1109 * Other values from the TLS Cipher Suite Registry, as of August 2010. 1110 * 1111 * http://www.iana.org/assignments/tls-parameters/tls-parameters.xml 1112 * 1113 * Range Registration Procedures Notes 1114 * 000-191 Standards Action Refers to value of first byte 1115 * 192-254 Specification Required Refers to value of first byte 1116 * 255 Reserved for Private Use Refers to value of first byte 1117 */ 1118 1119 // Register the names of a few additional CipherSuites. 1120 // Makes them show up as names instead of numbers in 1121 // the debug output. 1122 1123 // remaining unsupported ciphersuites defined in RFC2246. 1124 add("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", 0x0006); 1125 add("SSL_RSA_WITH_IDEA_CBC_SHA", 0x0007); 1126 add("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", 0x000b); 1127 add("SSL_DH_DSS_WITH_DES_CBC_SHA", 0x000c); 1128 add("SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", 0x000d); 1129 add("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", 0x000e); 1130 add("SSL_DH_RSA_WITH_DES_CBC_SHA", 0x000f); 1131 add("SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", 0x0010); 1132 1133 // SSL 3.0 Fortezza ciphersuites 1134 add("SSL_FORTEZZA_DMS_WITH_NULL_SHA", 0x001c); 1135 add("SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA", 0x001d); 1136 1137 // 1024/56 bit exportable ciphersuites from expired internet draft 1138 add("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA", 0x0062); 1139 add("SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", 0x0063); 1140 add("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA", 0x0064); 1141 add("SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", 0x0065); 1142 add("SSL_DHE_DSS_WITH_RC4_128_SHA", 0x0066); 1143 1144 // Netscape old and new SSL 3.0 FIPS ciphersuites 1145 // see http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html 1146 add("NETSCAPE_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xffe0); 1147 add("NETSCAPE_RSA_FIPS_WITH_DES_CBC_SHA", 0xffe1); 1148 add("SSL_RSA_FIPS_WITH_DES_CBC_SHA", 0xfefe); 1149 add("SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0xfeff); 1150 1151 // Unsupported Kerberos cipher suites from RFC 2712 1152 add("TLS_KRB5_WITH_IDEA_CBC_SHA", 0x0021); 1153 add("TLS_KRB5_WITH_IDEA_CBC_MD5", 0x0025); 1154 add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", 0x0027); 1155 add("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", 0x002a); 1156 1157 // Unsupported cipher suites from RFC 4162 1158 add("TLS_RSA_WITH_SEED_CBC_SHA", 0x0096); 1159 add("TLS_DH_DSS_WITH_SEED_CBC_SHA", 0x0097); 1160 add("TLS_DH_RSA_WITH_SEED_CBC_SHA", 0x0098); 1161 add("TLS_DHE_DSS_WITH_SEED_CBC_SHA", 0x0099); 1162 add("TLS_DHE_RSA_WITH_SEED_CBC_SHA", 0x009a); 1163 add("TLS_DH_anon_WITH_SEED_CBC_SHA", 0x009b); 1164 1165 // Unsupported cipher suites from RFC 4279 1166 add("TLS_PSK_WITH_RC4_128_SHA", 0x008a); 1167 add("TLS_PSK_WITH_3DES_EDE_CBC_SHA", 0x008b); 1168 add("TLS_PSK_WITH_AES_128_CBC_SHA", 0x008c); 1169 add("TLS_PSK_WITH_AES_256_CBC_SHA", 0x008d); 1170 add("TLS_DHE_PSK_WITH_RC4_128_SHA", 0x008e); 1171 add("TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", 0x008f); 1172 add("TLS_DHE_PSK_WITH_AES_128_CBC_SHA", 0x0090); 1173 add("TLS_DHE_PSK_WITH_AES_256_CBC_SHA", 0x0091); 1174 add("TLS_RSA_PSK_WITH_RC4_128_SHA", 0x0092); 1175 add("TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", 0x0093); 1176 add("TLS_RSA_PSK_WITH_AES_128_CBC_SHA", 0x0094); 1177 add("TLS_RSA_PSK_WITH_AES_256_CBC_SHA", 0x0095); 1178 1179 // Unsupported cipher suites from RFC 4785 1180 add("TLS_PSK_WITH_NULL_SHA", 0x002c); 1181 add("TLS_DHE_PSK_WITH_NULL_SHA", 0x002d); 1182 add("TLS_RSA_PSK_WITH_NULL_SHA", 0x002e); 1183 1184 // Unsupported cipher suites from RFC 5246 1185 add("TLS_DH_DSS_WITH_AES_128_CBC_SHA", 0x0030); 1186 add("TLS_DH_RSA_WITH_AES_128_CBC_SHA", 0x0031); 1187 add("TLS_DH_DSS_WITH_AES_256_CBC_SHA", 0x0036); 1188 add("TLS_DH_RSA_WITH_AES_256_CBC_SHA", 0x0037); 1189 add("TLS_DH_DSS_WITH_AES_128_CBC_SHA256", 0x003e); 1190 add("TLS_DH_RSA_WITH_AES_128_CBC_SHA256", 0x003f); 1191 add("TLS_DH_DSS_WITH_AES_256_CBC_SHA256", 0x0068); 1192 add("TLS_DH_RSA_WITH_AES_256_CBC_SHA256", 0x0069); 1193 1194 // Unsupported cipher suites from RFC 5288 1195 add("TLS_RSA_WITH_AES_128_GCM_SHA256", 0x009c); 1196 add("TLS_RSA_WITH_AES_256_GCM_SHA384", 0x009d); 1197 add("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", 0x009e); 1198 add("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", 0x009f); 1199 add("TLS_DH_RSA_WITH_AES_128_GCM_SHA256", 0x00a0); 1200 add("TLS_DH_RSA_WITH_AES_256_GCM_SHA384", 0x00a1); 1201 add("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", 0x00a2); 1202 add("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", 0x00a3); 1203 add("TLS_DH_DSS_WITH_AES_128_GCM_SHA256", 0x00a4); 1204 add("TLS_DH_DSS_WITH_AES_256_GCM_SHA384", 0x00a5); 1205 add("TLS_DH_anon_WITH_AES_128_GCM_SHA256", 0x00a6); 1206 add("TLS_DH_anon_WITH_AES_256_GCM_SHA384", 0x00a7); 1207 1208 // Unsupported cipher suites from RFC 5487 1209 add("TLS_PSK_WITH_AES_128_GCM_SHA256", 0x00a8); 1210 add("TLS_PSK_WITH_AES_256_GCM_SHA384", 0x00a9); 1211 add("TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", 0x00aa); 1212 add("TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", 0x00ab); 1213 add("TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", 0x00ac); 1214 add("TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", 0x00ad); 1215 add("TLS_PSK_WITH_AES_128_CBC_SHA256", 0x00ae); 1216 add("TLS_PSK_WITH_AES_256_CBC_SHA384", 0x00af); 1217 add("TLS_PSK_WITH_NULL_SHA256", 0x00b0); 1218 add("TLS_PSK_WITH_NULL_SHA384", 0x00b1); 1219 add("TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", 0x00b2); 1220 add("TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", 0x00b3); 1221 add("TLS_DHE_PSK_WITH_NULL_SHA256", 0x00b4); 1222 add("TLS_DHE_PSK_WITH_NULL_SHA384", 0x00b5); 1223 add("TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", 0x00b6); 1224 add("TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", 0x00b7); 1225 add("TLS_RSA_PSK_WITH_NULL_SHA256", 0x00b8); 1226 add("TLS_RSA_PSK_WITH_NULL_SHA384", 0x00b9); 1227 1228 // Unsupported cipher suites from RFC 5932 1229 add("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0041); 1230 add("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", 0x0042); 1231 add("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0043); 1232 add("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", 0x0044); 1233 add("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", 0x0045); 1234 add("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", 0x0046); 1235 add("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0084); 1236 add("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", 0x0085); 1237 add("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0086); 1238 add("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", 0x0087); 1239 add("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", 0x0088); 1240 add("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", 0x0089); 1241 add("TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00ba); 1242 add("TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0x00bb); 1243 add("TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00bc); 1244 add("TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0x00bd); 1245 add("TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0x00be); 1246 add("TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", 0x00bf); 1247 add("TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c0); 1248 add("TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0x00c1); 1249 add("TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c2); 1250 add("TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0x00c3); 1251 add("TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0x00c4); 1252 add("TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", 0x00c5); 1253 1254 // Unsupported cipher suites from RFC 5054 1255 add("TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", 0xc01a); 1256 add("TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", 0xc01b); 1257 add("TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", 0xc01c); 1258 add("TLS_SRP_SHA_WITH_AES_128_CBC_SHA", 0xc01d); 1259 add("TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", 0xc01e); 1260 add("TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", 0xc01f); 1261 add("TLS_SRP_SHA_WITH_AES_256_CBC_SHA", 0xc020); 1262 add("TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", 0xc021); 1263 add("TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", 0xc022); 1264 1265 // Unsupported cipher suites from RFC 5289 1266 add("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 0xc02b); 1267 add("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 0xc02c); 1268 add("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", 0xc02d); 1269 add("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", 0xc02e); 1270 add("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 0xc02f); 1271 add("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 0xc030); 1272 add("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", 0xc031); 1273 add("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", 0xc032); 1274 1275 // Unsupported cipher suites from RFC 5489 1276 add("TLS_ECDHE_PSK_WITH_RC4_128_SHA", 0xc033); 1277 add("TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", 0xc034); 1278 add("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", 0xc035); 1279 add("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", 0xc036); 1280 add("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", 0xc037); 1281 add("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", 0xc038); 1282 add("TLS_ECDHE_PSK_WITH_NULL_SHA", 0xc039); 1283 add("TLS_ECDHE_PSK_WITH_NULL_SHA256", 0xc03a); 1284 add("TLS_ECDHE_PSK_WITH_NULL_SHA384", 0xc03b); 1285 } 1286 1287 // ciphersuite SSL_NULL_WITH_NULL_NULL 1288 final static CipherSuite C_NULL = CipherSuite.valueOf(0, 0); 1289 1290 // ciphersuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV 1291 final static CipherSuite C_SCSV = CipherSuite.valueOf(0x00, 0xff); 1292 } 1293