1 /* 2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * SSL/TLS cipher suites. 26 */ 27 public enum CipherSuite { 28 29 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256( 30 0xCCAA, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 31 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256( 32 0xCCA9, KeyExAlgorithm.ECDHE_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 33 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256( 34 0xCCA8, KeyExAlgorithm.ECDHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 35 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384( 36 0xC032, KeyExAlgorithm.ECDH_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 37 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256( 38 0xC031, KeyExAlgorithm.ECDH_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 39 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384( 40 0xC030, KeyExAlgorithm.ECDHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 41 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256( 42 0xC02F, KeyExAlgorithm.ECDHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 43 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384( 44 0xC02E, KeyExAlgorithm.ECDH_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 45 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256( 46 0xC02D, KeyExAlgorithm.ECDH_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 47 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384( 48 0xC02C, KeyExAlgorithm.ECDHE_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 49 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256( 50 0xC02B, KeyExAlgorithm.ECDHE_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 51 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384( 52 0xC02A, KeyExAlgorithm.ECDH_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 53 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256( 54 0xC029, KeyExAlgorithm.ECDH_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 55 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384( 56 0xC028, KeyExAlgorithm.ECDHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 57 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256( 58 0xC027, KeyExAlgorithm.ECDHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 59 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384( 60 0xC026, KeyExAlgorithm.ECDH_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 61 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA( 62 0xC025, KeyExAlgorithm.ECDH_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 63 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256( 64 0xC025, KeyExAlgorithm.ECDH_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 65 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384( 66 0xC024, KeyExAlgorithm.ECDHE_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 67 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256( 68 0xC023, KeyExAlgorithm.ECDHE_ECDSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 69 TLS_ECDH_anon_WITH_AES_256_CBC_SHA( 70 0xC019, KeyExAlgorithm.ECDH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 71 TLS_ECDH_anon_WITH_AES_128_CBC_SHA( 72 0xC018, KeyExAlgorithm.ECDH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 73 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA( 74 0xC017, KeyExAlgorithm.ECDH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 75 TLS_ECDH_anon_WITH_RC4_128_SHA( 76 0xC016, KeyExAlgorithm.ECDH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 77 TLS_ECDH_anon_WITH_NULL_SHA( 78 0xC015, KeyExAlgorithm.ECDH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 79 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA( 80 0xC014, KeyExAlgorithm.ECDHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 81 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA( 82 0xC013, KeyExAlgorithm.ECDHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 83 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA( 84 0xC012, KeyExAlgorithm.ECDHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 85 TLS_ECDHE_RSA_WITH_RC4_128_SHA( 86 0xC011, KeyExAlgorithm.ECDHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 87 TLS_ECDHE_RSA_WITH_NULL_SHA( 88 0xC010, KeyExAlgorithm.ECDHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 89 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA( 90 0xC00F, KeyExAlgorithm.ECDH_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 91 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA( 92 0xC00E, KeyExAlgorithm.ECDH_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 93 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA( 94 0xC00D, KeyExAlgorithm.ECDH_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 95 TLS_ECDH_RSA_WITH_RC4_128_SHA( 96 0xC00C, KeyExAlgorithm.ECDH_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 97 TLS_ECDH_RSA_WITH_NULL_SHA( 98 0xC00B, KeyExAlgorithm.ECDH_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 99 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA( 100 0xC00A, KeyExAlgorithm.ECDHE_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 101 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA( 102 0xC009, KeyExAlgorithm.ECDHE_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 103 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA( 104 0xC008, KeyExAlgorithm.ECDHE_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 105 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA( 106 0xC007, KeyExAlgorithm.ECDHE_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 107 TLS_ECDHE_ECDSA_WITH_NULL_SHA( 108 0xC006, KeyExAlgorithm.ECDHE_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 109 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA( 110 0xC003, KeyExAlgorithm.ECDH_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 111 TLS_ECDH_ECDSA_WITH_RC4_128_SHA( 112 0xC002, KeyExAlgorithm.ECDH_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 113 TLS_ECDH_ECDSA_WITH_NULL_SHA( 114 0xC001, KeyExAlgorithm.ECDH_ECDSA, Protocol.SSLV3, Protocol.TLSV1_2), 115 TLS_EMPTY_RENEGOTIATION_INFO_SCSV( 116 0x00FF, KeyExAlgorithm.SCSV, Protocol.SSLV3, Protocol.TLSV1_2), 117 TLS_AES_256_GCM_SHA384( 118 0x1302, null, Protocol.TLSV1_3, Protocol.TLSV1_3), 119 TLS_AES_128_GCM_SHA256( 120 0x1301, null, Protocol.TLSV1_3, Protocol.TLSV1_3), 121 TLS_CHACHA20_POLY1305_SHA256( 122 0x1303, null, Protocol.TLSV1_3, Protocol.TLSV1_3), 123 TLS_DH_anon_WITH_AES_256_GCM_SHA384( 124 0x00A7, KeyExAlgorithm.DH_ANON, Protocol.TLSV1_2, Protocol.TLSV1_2), 125 TLS_DH_anon_WITH_AES_128_GCM_SHA256( 126 0x00A6, KeyExAlgorithm.DH_ANON, Protocol.TLSV1_2, Protocol.TLSV1_2), 127 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384( 128 0x00A3, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 129 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256( 130 0x00A2, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 131 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384( 132 0x009F, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 133 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256( 134 0x009E, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 135 TLS_RSA_WITH_AES_256_GCM_SHA384( 136 0x009D, KeyExAlgorithm.RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 137 TLS_RSA_WITH_AES_128_GCM_SHA256( 138 0x009C, KeyExAlgorithm.RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 139 TLS_DH_anon_WITH_AES_256_CBC_SHA256( 140 0x006D, KeyExAlgorithm.DH_ANON, Protocol.TLSV1_2, Protocol.TLSV1_2), 141 TLS_DH_anon_WITH_AES_128_CBC_SHA256( 142 0x006C, KeyExAlgorithm.DH_ANON, Protocol.TLSV1_2, Protocol.TLSV1_2), 143 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256( 144 0x006B, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 145 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256( 146 0x006A, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 147 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256( 148 0x0067, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 149 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA( 150 0x004C, KeyExAlgorithm.ECDH_ECDSA, Protocol.TLSV1, Protocol.TLSV1_2), 151 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256( 152 0x0040, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 153 TLS_RSA_WITH_AES_256_CBC_SHA256( 154 0x003D, KeyExAlgorithm.RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 155 TLS_RSA_WITH_AES_128_CBC_SHA256( 156 0x003C, KeyExAlgorithm.RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 157 TLS_RSA_WITH_NULL_SHA256( 158 0x003B, KeyExAlgorithm.RSA, Protocol.TLSV1_2, Protocol.TLSV1_2), 159 TLS_DH_anon_WITH_AES_256_CBC_SHA( 160 0x003A, KeyExAlgorithm.DH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 161 TLS_DHE_RSA_WITH_AES_256_CBC_SHA( 162 0x0039, KeyExAlgorithm.DHE_RSA, Protocol.TLSV1, Protocol.TLSV1_2), 163 TLS_DHE_DSS_WITH_AES_256_CBC_SHA( 164 0x0038, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 165 TLS_RSA_WITH_AES_256_CBC_SHA( 166 0x0035, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 167 TLS_DH_anon_WITH_AES_128_CBC_SHA( 168 0x0034, KeyExAlgorithm.DH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 169 TLS_DHE_RSA_WITH_AES_128_CBC_SHA( 170 0x0033, KeyExAlgorithm.DHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 171 TLS_DHE_DSS_WITH_AES_128_CBC_SHA( 172 0x0032, KeyExAlgorithm.DHE_DSS, Protocol.TLSV1_2, Protocol.TLSV1_2), 173 TLS_RSA_WITH_AES_128_CBC_SHA( 174 0x002F, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 175 TLS_KRB5_WITH_3DES_EDE_CBC_MD5( 176 0x0023, KeyExAlgorithm.KRB5, Protocol.SSLV3, Protocol.TLSV1_2), 177 TLS_KRB5_WITH_DES_CBC_MD5( 178 0x0022,KeyExAlgorithm.KRB5, Protocol.SSLV3, Protocol.TLSV1_1), 179 TLS_KRB5_WITH_3DES_EDE_CBC_SHA( 180 0x001F, KeyExAlgorithm.KRB5, Protocol.SSLV3, Protocol.TLSV1_2), 181 TLS_KRB5_WITH_DES_CBC_SHA( 182 0x001E, KeyExAlgorithm.KRB5, Protocol.SSLV3, Protocol.TLSV1_2), 183 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA( 184 0x001B, KeyExAlgorithm.DH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 185 SSL_DH_anon_WITH_DES_CBC_SHA( 186 0x001A, KeyExAlgorithm.DH_ANON, Protocol.SSLV3, Protocol.TLSV1_1), 187 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA( 188 0x0019, KeyExAlgorithm.DH_ANON_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 189 SSL_DH_anon_WITH_RC4_128_MD5( 190 0x0018, KeyExAlgorithm.DH_ANON, Protocol.SSLV3, Protocol.TLSV1_2), 191 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5( 192 0x0017, KeyExAlgorithm.DH_ANON_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 193 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA( 194 0x0016, KeyExAlgorithm.DHE_RSA, Protocol.SSLV3, Protocol.TLSV1_2), 195 SSL_DHE_RSA_WITH_DES_CBC_SHA( 196 0x0015, KeyExAlgorithm.DHE_RSA, Protocol.SSLV3, Protocol.TLSV1_1), 197 SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA( 198 0x0014, KeyExAlgorithm.DHE_RSA_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 199 SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA( 200 0x0013, KeyExAlgorithm.DHE_DSS, Protocol.SSLV3, Protocol.TLSV1_2), 201 SSL_DHE_DSS_WITH_DES_CBC_SHA( 202 0x0012, KeyExAlgorithm.DHE_DSS, Protocol.SSLV3, Protocol.TLSV1_1), 203 SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA( 204 0x0011, KeyExAlgorithm.DHE_DSS_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 205 SSL_RSA_WITH_3DES_EDE_CBC_SHA( 206 0x000A, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 207 SSL_RSA_WITH_DES_CBC_SHA( 208 0x0009, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_1), 209 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA( 210 0x0008, KeyExAlgorithm.RSA_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 211 SSL_RSA_WITH_RC4_128_SHA( 212 0x0005, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 213 SSL_RSA_WITH_RC4_128_MD5( 214 0x0004, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 215 SSL_RSA_EXPORT_WITH_RC4_40_MD5( 216 0x0003, KeyExAlgorithm.RSA_EXPORT, Protocol.SSLV3, Protocol.TLSV1), 217 SSL_RSA_WITH_NULL_SHA( 218 0x0002, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2), 219 SSL_RSA_WITH_NULL_MD5( 220 0x0001, KeyExAlgorithm.RSA, Protocol.SSLV3, Protocol.TLSV1_2); 221 222 public final int id; 223 public final KeyExAlgorithm keyExAlgorithm; 224 public final Protocol startProtocol; 225 public final Protocol endProtocol; 226 CipherSuite( int id, KeyExAlgorithm keyExAlgorithm, Protocol startProtocol, Protocol endProtocol)227 private CipherSuite( 228 int id, 229 KeyExAlgorithm keyExAlgorithm, 230 Protocol startProtocol, 231 Protocol endProtocol) { 232 this.id = id; 233 this.keyExAlgorithm = keyExAlgorithm; 234 this.startProtocol = startProtocol; 235 this.endProtocol = endProtocol; 236 } 237 supportedByProtocol(Protocol protocol)238 public boolean supportedByProtocol(Protocol protocol) { 239 return startProtocol.id <= protocol.id 240 && protocol.id <= endProtocol.id; 241 } 242 cipherSuite(String name)243 public static CipherSuite cipherSuite(String name) { 244 return CipherSuite.valueOf(CipherSuite.class, name); 245 } 246 } 247