1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package libcore.java.security; 18 19 import java.security.Security; 20 import java.security.spec.DSAPrivateKeySpec; 21 import java.security.spec.DSAPublicKeySpec; 22 import java.security.spec.ECPrivateKeySpec; 23 import java.security.spec.ECPublicKeySpec; 24 import java.security.spec.KeySpec; 25 import java.security.spec.RSAPrivateCrtKeySpec; 26 import java.security.spec.RSAPublicKeySpec; 27 import java.util.Arrays; 28 import java.util.Collections; 29 import java.util.HashMap; 30 import java.util.HashSet; 31 import java.util.Iterator; 32 import java.util.LinkedHashSet; 33 import java.util.List; 34 import java.util.Map; 35 import java.util.Set; 36 import javax.crypto.spec.DHPrivateKeySpec; 37 import javax.crypto.spec.DHPublicKeySpec; 38 import junit.framework.Assert; 39 40 /** 41 * This class defines expected string names for protocols, key types, 42 * client and server auth types, cipher suites. 43 * 44 * Initially based on "Appendix A: Standard Names" of 45 * <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#AppA"> 46 * Java ™ Secure Socket Extension (JSSE) Reference Guide 47 * for the Java ™ 2 Platform Standard Edition 5 48 * </a>. 49 * 50 * Updated based on the 51 * <a href="http://download.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html"> 52 * Java ™ Cryptography Architecture Oracle Providers Documentation 53 * for Java ™ Platform Standard Edition 7 54 * </a>. 55 * See also the 56 * <a href="http://download.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html"> 57 * Java ™ Cryptography Architecture Standard Algorithm Name Documentation 58 * </a>. 59 * 60 * Further updates based on the 61 * <a href=http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html"> 62 * Java ™ PKCS#11 Reference Guide 63 * </a>. 64 */ 65 public final class StandardNames extends Assert { 66 67 public static final boolean IS_RI 68 = !"Dalvik Core Library".equals(System.getProperty("java.specification.name")); 69 public static final String JSSE_PROVIDER_NAME = (IS_RI) ? "SunJSSE" : "AndroidOpenSSL"; 70 public static final String SECURITY_PROVIDER_NAME = (IS_RI) ? "SUN" : "BC"; 71 72 public static final String KEY_MANAGER_FACTORY_DEFAULT = (IS_RI) ? "SunX509" : "X509"; 73 public static final String TRUST_MANAGER_FACTORY_DEFAULT = (IS_RI) ? "PKIX" : "X509"; 74 75 public static final String KEY_STORE_ALGORITHM = (IS_RI) ? "JKS" : "BKS"; 76 77 /** 78 * RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation 79 */ 80 public static final String CIPHER_SUITE_SECURE_RENEGOTIATION 81 = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 82 83 /** 84 * A map from algorithm type (e.g. Cipher) to a set of algorithms (e.g. AES, DES, ...) 85 */ 86 public static final Map<String,Set<String>> PROVIDER_ALGORITHMS 87 = new HashMap<String,Set<String>>(); 88 private static void provide(String type, String algorithm) { 89 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 90 if (algorithms == null) { 91 algorithms = new HashSet(); 92 PROVIDER_ALGORITHMS.put(type, algorithms); 93 } 94 assertTrue("Duplicate " + type + " " + algorithm, 95 algorithms.add(algorithm.toUpperCase())); 96 } 97 private static void unprovide(String type, String algorithm) { 98 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 99 assertNotNull(algorithms); 100 assertTrue(algorithm, algorithms.remove(algorithm.toUpperCase())); 101 if (algorithms.isEmpty()) { 102 assertNotNull(PROVIDER_ALGORITHMS.remove(type)); 103 } 104 } 105 static { 106 provide("AlgorithmParameterGenerator", "DSA"); 107 provide("AlgorithmParameterGenerator", "DiffieHellman"); 108 provide("AlgorithmParameters", "AES"); 109 provide("AlgorithmParameters", "Blowfish"); 110 provide("AlgorithmParameters", "DES"); 111 provide("AlgorithmParameters", "DESede"); 112 provide("AlgorithmParameters", "DSA"); 113 provide("AlgorithmParameters", "DiffieHellman"); 114 provide("AlgorithmParameters", "OAEP"); 115 provide("AlgorithmParameters", "PBEWithMD5AndDES"); 116 provide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 117 provide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 118 provide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 119 provide("AlgorithmParameters", "RC2"); 120 provide("CertPathBuilder", "PKIX"); 121 provide("CertPathValidator", "PKIX"); 122 provide("CertStore", "Collection"); 123 provide("CertStore", "LDAP"); 124 provide("CertificateFactory", "X.509"); 125 provide("Cipher", "AES"); 126 provide("Cipher", "AESWrap"); 127 provide("Cipher", "ARCFOUR"); 128 provide("Cipher", "Blowfish"); 129 provide("Cipher", "DES"); 130 provide("Cipher", "DESede"); 131 provide("Cipher", "DESedeWrap"); 132 provide("Cipher", "PBEWithMD5AndDES"); 133 provide("Cipher", "PBEWithMD5AndTripleDES"); 134 provide("Cipher", "PBEWithSHA1AndDESede"); 135 provide("Cipher", "PBEWithSHA1AndRC2_40"); 136 provide("Cipher", "RC2"); 137 provide("Cipher", "RSA"); 138 provide("Configuration", "JavaLoginConfig"); 139 provide("KeyAgreement", "DiffieHellman"); 140 provide("KeyFactory", "DSA"); 141 provide("KeyFactory", "DiffieHellman"); 142 provide("KeyFactory", "RSA"); 143 provide("KeyGenerator", "AES"); 144 provide("KeyGenerator", "ARCFOUR"); 145 provide("KeyGenerator", "Blowfish"); 146 provide("KeyGenerator", "DES"); 147 provide("KeyGenerator", "DESede"); 148 provide("KeyGenerator", "HmacMD5"); 149 provide("KeyGenerator", "HmacSHA1"); 150 provide("KeyGenerator", "HmacSHA256"); 151 provide("KeyGenerator", "HmacSHA384"); 152 provide("KeyGenerator", "HmacSHA512"); 153 provide("KeyGenerator", "RC2"); 154 provide("KeyInfoFactory", "DOM"); 155 provide("KeyManagerFactory", "SunX509"); 156 provide("KeyPairGenerator", "DSA"); 157 provide("KeyPairGenerator", "DiffieHellman"); 158 provide("KeyPairGenerator", "RSA"); 159 provide("KeyStore", "JCEKS"); 160 provide("KeyStore", "JKS"); 161 provide("KeyStore", "PKCS12"); 162 provide("Mac", "HmacMD5"); 163 provide("Mac", "HmacSHA1"); 164 provide("Mac", "HmacSHA256"); 165 provide("Mac", "HmacSHA384"); 166 provide("Mac", "HmacSHA512"); 167 provide("MessageDigest", "MD2"); 168 provide("MessageDigest", "MD5"); 169 provide("MessageDigest", "SHA-256"); 170 provide("MessageDigest", "SHA-384"); 171 provide("MessageDigest", "SHA-512"); 172 provide("Policy", "JavaPolicy"); 173 provide("SSLContext", "SSLv3"); 174 provide("SSLContext", "TLSv1"); 175 provide("SSLContext", "TLSv1.1"); 176 provide("SSLContext", "TLSv1.2"); 177 provide("SecretKeyFactory", "DES"); 178 provide("SecretKeyFactory", "DESede"); 179 provide("SecretKeyFactory", "PBEWithMD5AndDES"); 180 provide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 181 provide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 182 provide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 183 provide("SecretKeyFactory", "PBKDF2WithHmacSHA1"); 184 provide("SecureRandom", "SHA1PRNG"); 185 provide("Signature", "MD2withRSA"); 186 provide("Signature", "MD5withRSA"); 187 provide("Signature", "NONEwithDSA"); 188 provide("Signature", "SHA1withDSA"); 189 provide("Signature", "SHA1withRSA"); 190 provide("Signature", "SHA256withRSA"); 191 provide("Signature", "SHA384withRSA"); 192 provide("Signature", "SHA512withRSA"); 193 provide("TerminalFactory", "PC/SC"); 194 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#base64"); 195 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"); 196 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#"); 197 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"); 198 provide("TransformService", "http://www.w3.org/2002/06/xmldsig-filter2"); 199 provide("TransformService", "http://www.w3.org/TR/1999/REC-xpath-19991116"); 200 provide("TransformService", "http://www.w3.org/TR/1999/REC-xslt-19991116"); 201 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); 202 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"); 203 provide("TrustManagerFactory", "PKIX"); 204 provide("XMLSignatureFactory", "DOM"); 205 206 // Not clearly documented by RI 207 provide("GssApiMechanism", "1.2.840.113554.1.2.2"); 208 provide("GssApiMechanism", "1.3.6.1.5.5.2"); 209 210 // Not correctly documented by RI which left off the Factory suffix 211 provide("SaslClientFactory", "CRAM-MD5"); 212 provide("SaslClientFactory", "DIGEST-MD5"); 213 provide("SaslClientFactory", "EXTERNAL"); 214 provide("SaslClientFactory", "GSSAPI"); 215 provide("SaslClientFactory", "PLAIN"); 216 provide("SaslServerFactory", "CRAM-MD5"); 217 provide("SaslServerFactory", "DIGEST-MD5"); 218 provide("SaslServerFactory", "GSSAPI"); 219 220 // Documentation seems to list alias instead of actual name 221 // provide("MessageDigest", "SHA-1"); 222 provide("MessageDigest", "SHA"); 223 224 // Mentioned in javadoc, not documentation 225 provide("SSLContext", "Default"); 226 227 // Not documented as in RI 6 but mentioned in Standard Names 228 provide("AlgorithmParameters", "PBE"); 229 provide("SSLContext", "SSL"); 230 provide("SSLContext", "TLS"); 231 232 // Not documented as in RI 6 but that exist in RI 6 233 if (IS_RI) { 234 provide("CertStore", "com.sun.security.IndexedCollection"); 235 provide("KeyGenerator", "SunTlsKeyMaterial"); 236 provide("KeyGenerator", "SunTlsMasterSecret"); 237 provide("KeyGenerator", "SunTlsPrf"); 238 provide("KeyGenerator", "SunTlsRsaPremasterSecret"); 239 provide("KeyManagerFactory", "NewSunX509"); 240 provide("KeyStore", "CaseExactJKS"); 241 provide("Mac", "HmacPBESHA1"); 242 provide("Mac", "SslMacMD5"); 243 provide("Mac", "SslMacSHA1"); 244 provide("SecureRandom", "NativePRNG"); 245 provide("Signature", "MD5andSHA1withRSA"); 246 provide("TrustManagerFactory", "SunX509"); 247 } 248 249 // Only available with the SunPKCS11-NSS provider, 250 // which seems to be enabled in OpenJDK 6 but not Oracle Java 6 251 if (Security.getProvider("SunPKCS11-NSS") != null) { 252 provide("AlgorithmParameters", "EC"); 253 provide("Cipher", "AES/CBC/NOPADDING"); 254 provide("Cipher", "DES/CBC/NOPADDING"); 255 provide("Cipher", "DESEDE/CBC/NOPADDING"); 256 provide("Cipher", "RSA/ECB/PKCS1PADDING"); 257 provide("KeyAgreement", "DH"); 258 provide("KeyAgreement", "ECDH"); 259 provide("KeyFactory", "DH"); 260 provide("KeyFactory", "EC"); 261 provide("KeyPairGenerator", "DH"); 262 provide("KeyPairGenerator", "EC"); 263 provide("KeyStore", "PKCS11"); 264 provide("MessageDigest", "SHA1"); 265 provide("SecretKeyFactory", "AES"); 266 provide("SecretKeyFactory", "ARCFOUR"); 267 provide("SecureRandom", "PKCS11"); 268 provide("Signature", "DSA"); 269 provide("Signature", "NONEWITHECDSA"); 270 provide("Signature", "RAWDSA"); 271 provide("Signature", "SHA1WITHECDSA"); 272 provide("Signature", "SHA256WITHECDSA"); 273 provide("Signature", "SHA384WITHECDSA"); 274 provide("Signature", "SHA512WITHECDSA"); 275 } 276 277 // Fixups for dalvik 278 if (!IS_RI) { 279 280 // whole types that we do not provide 281 PROVIDER_ALGORITHMS.remove("Configuration"); 282 PROVIDER_ALGORITHMS.remove("GssApiMechanism"); 283 PROVIDER_ALGORITHMS.remove("KeyInfoFactory"); 284 PROVIDER_ALGORITHMS.remove("Policy"); 285 PROVIDER_ALGORITHMS.remove("SaslClientFactory"); 286 PROVIDER_ALGORITHMS.remove("SaslServerFactory"); 287 PROVIDER_ALGORITHMS.remove("TerminalFactory"); 288 PROVIDER_ALGORITHMS.remove("TransformService"); 289 PROVIDER_ALGORITHMS.remove("XMLSignatureFactory"); 290 291 // different names Diffie-Hellman vs DH 292 unprovide("AlgorithmParameterGenerator", "DiffieHellman"); 293 provide("AlgorithmParameterGenerator", "DH"); 294 unprovide("AlgorithmParameters", "DiffieHellman"); 295 provide("AlgorithmParameters", "DH"); 296 unprovide("KeyAgreement", "DiffieHellman"); 297 provide("KeyAgreement", "DH"); 298 unprovide("KeyFactory", "DiffieHellman"); 299 provide("KeyFactory", "DH"); 300 unprovide("KeyPairGenerator", "DiffieHellman"); 301 provide("KeyPairGenerator", "DH"); 302 303 // different names PBEWithSHA1AndDESede vs PBEWithSHAAnd3-KEYTripleDES-CBC 304 unprovide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 305 unprovide("Cipher", "PBEWithSHA1AndDESede"); 306 unprovide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 307 provide("AlgorithmParameters", "PKCS12PBE"); 308 provide("Cipher", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 309 provide("SecretKeyFactory", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 310 311 // different names: dropped Sun 312 unprovide("KeyManagerFactory", "SunX509"); 313 provide("KeyManagerFactory", "X509"); 314 315 // different names: BouncyCastle actually uses the Standard name of SHA-1 vs SHA 316 unprovide("MessageDigest", "SHA"); 317 provide("MessageDigest", "SHA-1"); 318 319 // different names: added "Encryption" suffix 320 unprovide("Signature", "MD5withRSA"); 321 provide("Signature", "MD5WithRSAEncryption"); 322 unprovide("Signature", "SHA1withRSA"); 323 provide("Signature", "SHA1WithRSAEncryption"); 324 unprovide("Signature", "SHA256WithRSA"); 325 provide("Signature", "SHA256WithRSAEncryption"); 326 unprovide("Signature", "SHA384WithRSA"); 327 provide("Signature", "SHA384WithRSAEncryption"); 328 unprovide("Signature", "SHA512WithRSA"); 329 provide("Signature", "SHA512WithRSAEncryption"); 330 331 // different names: JSSE Reference Guide says PKIX aka X509 332 unprovide("TrustManagerFactory", "PKIX"); 333 provide("TrustManagerFactory", "X509"); 334 335 // different names: ARCFOUR vs ARC4 336 unprovide("Cipher", "ARCFOUR"); 337 provide("Cipher", "ARC4"); 338 unprovide("KeyGenerator", "ARCFOUR"); 339 provide("KeyGenerator", "ARC4"); 340 341 // different case names: Blowfish vs BLOWFISH 342 unprovide("AlgorithmParameters", "Blowfish"); 343 provide("AlgorithmParameters", "BLOWFISH"); 344 unprovide("Cipher", "Blowfish"); 345 provide("Cipher", "BLOWFISH"); 346 unprovide("KeyGenerator", "Blowfish"); 347 provide("KeyGenerator", "BLOWFISH"); 348 349 // Harmony has X.509, BouncyCastle X509 350 // TODO remove one, probably Harmony's 351 provide("CertificateFactory", "X509"); 352 353 // not just different names, but different binary formats 354 unprovide("KeyStore", "JKS"); 355 provide("KeyStore", "BKS"); 356 unprovide("KeyStore", "JCEKS"); 357 provide("KeyStore", "BouncyCastle"); 358 359 // Noise to support KeyStore.PKCS12 360 provide("Cipher", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 361 provide("Cipher", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 362 provide("Cipher", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 363 provide("Cipher", "PBEWITHMD5ANDRC2"); 364 provide("Cipher", "PBEWITHSHA1ANDDES"); 365 provide("Cipher", "PBEWITHSHA1ANDRC2"); 366 provide("Cipher", "PBEWITHSHA256AND128BITAES-CBC-BC"); 367 provide("Cipher", "PBEWITHSHA256AND192BITAES-CBC-BC"); 368 provide("Cipher", "PBEWITHSHA256AND256BITAES-CBC-BC"); 369 provide("Cipher", "PBEWITHSHAAND128BITAES-CBC-BC"); 370 provide("Cipher", "PBEWITHSHAAND128BITRC2-CBC"); 371 provide("Cipher", "PBEWITHSHAAND128BITRC4"); 372 provide("Cipher", "PBEWITHSHAAND192BITAES-CBC-BC"); 373 provide("Cipher", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 374 provide("Cipher", "PBEWITHSHAAND256BITAES-CBC-BC"); 375 provide("Cipher", "PBEWITHSHAAND40BITRC2-CBC"); 376 provide("Cipher", "PBEWITHSHAAND40BITRC4"); 377 provide("Cipher", "PBEWITHSHAANDTWOFISH-CBC"); 378 provide("Mac", "PBEWITHHMACSHA"); 379 provide("Mac", "PBEWITHHMACSHA1"); 380 provide("SecretKeyFactory", "PBEWITHHMACSHA1"); 381 provide("SecretKeyFactory", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 382 provide("SecretKeyFactory", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 383 provide("SecretKeyFactory", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 384 provide("SecretKeyFactory", "PBEWITHMD5ANDRC2"); 385 provide("SecretKeyFactory", "PBEWITHSHA1ANDDES"); 386 provide("SecretKeyFactory", "PBEWITHSHA1ANDRC2"); 387 provide("SecretKeyFactory", "PBEWITHSHA256AND128BITAES-CBC-BC"); 388 provide("SecretKeyFactory", "PBEWITHSHA256AND192BITAES-CBC-BC"); 389 provide("SecretKeyFactory", "PBEWITHSHA256AND256BITAES-CBC-BC"); 390 provide("SecretKeyFactory", "PBEWITHSHAAND128BITAES-CBC-BC"); 391 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC2-CBC"); 392 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC4"); 393 provide("SecretKeyFactory", "PBEWITHSHAAND192BITAES-CBC-BC"); 394 provide("SecretKeyFactory", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 395 provide("SecretKeyFactory", "PBEWITHSHAAND256BITAES-CBC-BC"); 396 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC2-CBC"); 397 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC4"); 398 provide("SecretKeyFactory", "PBEWITHSHAANDTWOFISH-CBC"); 399 400 // removed LDAP 401 unprovide("CertStore", "LDAP"); 402 403 // removed MD2 404 unprovide("MessageDigest", "MD2"); 405 unprovide("Signature", "MD2withRSA"); 406 407 // removed RC2 408 // NOTE the implementation remains to support PKCS12 keystores 409 unprovide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 410 unprovide("AlgorithmParameters", "RC2"); 411 unprovide("Cipher", "PBEWithSHA1AndRC2_40"); 412 unprovide("Cipher", "RC2"); 413 unprovide("KeyGenerator", "RC2"); 414 unprovide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 415 416 // PBEWithMD5AndTripleDES is Sun proprietary 417 unprovide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 418 unprovide("Cipher", "PBEWithMD5AndTripleDES"); 419 unprovide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 420 421 // missing from Bouncy Castle 422 // Standard Names document says to use specific PBEWith*And* 423 unprovide("AlgorithmParameters", "PBE"); 424 425 // missing from Bouncy Castle 426 // TODO add to JDKAlgorithmParameters perhaps as wrapper on PBES2Parameters 427 // For now, can use AlgorithmParametersSpec javax.crypto.spec.PBEParameterSpec instead 428 unprovide("AlgorithmParameters", "PBEWithMD5AndDES"); // 1.2.840.113549.1.5.3 429 430 // EC support 431 // provide("AlgorithmParameters", "EC"); 432 provide("KeyAgreement", "ECDH"); 433 provide("KeyFactory", "EC"); 434 provide("KeyPairGenerator", "EC"); 435 provide("Signature", "NONEWITHECDSA"); 436 provide("Signature", "ECDSA"); // as opposed to SHA1WITHECDSA 437 provide("Signature", "SHA256WITHECDSA"); 438 provide("Signature", "SHA384WITHECDSA"); 439 provide("Signature", "SHA512WITHECDSA"); 440 441 // Android's CA store 442 provide("KeyStore", "AndroidCAStore"); 443 } 444 } 445 446 public static final String SSL_CONTEXT_PROTOCOLS_DEFAULT = "Default"; 447 public static final Set<String> SSL_CONTEXT_PROTOCOLS = new HashSet<String>(Arrays.asList( 448 SSL_CONTEXT_PROTOCOLS_DEFAULT, 449 "SSL", 450 // "SSLv2", 451 "SSLv3", 452 "TLS", 453 "TLSv1", 454 "TLSv1.1", 455 "TLSv1.2")); 456 public static final String SSL_CONTEXT_PROTOCOL_DEFAULT = "TLS"; 457 458 public static final Set<String> KEY_TYPES = new HashSet<String>(Arrays.asList( 459 "RSA", 460 "DSA", 461 // DH_* are specified by standard names, but do not seem to be supported by RI 462 // "DH_RSA", 463 // "DH_DSA", 464 "EC", 465 "EC_EC", 466 "EC_RSA")); 467 468 public static final Set<String> SSL_SOCKET_PROTOCOLS = new HashSet<String>(Arrays.asList( 469 // "SSLv2", 470 "SSLv3", 471 "TLSv1", 472 "TLSv1.1", 473 "TLSv1.2")); 474 static { 475 if (IS_RI) { 476 /* Even though we use OpenSSL's SSLv23_method which 477 * supports sending SSLv2 client hello messages, the 478 * OpenSSL implementation in s23_client_hello disables 479 * this if SSL_OP_NO_SSLv2 is specified, which we always 480 * do to disable general use of SSLv2. 481 */ 482 SSL_SOCKET_PROTOCOLS.add("SSLv2Hello"); 483 } 484 } 485 486 public static final Set<String> SSL_SOCKET_PROTOCOLS_SSLENGINE = new HashSet<String>(SSL_SOCKET_PROTOCOLS); 487 static { 488 // No TLSv1.1 or TLSv1.2 support on SSLEngine based provider 489 if (!IS_RI) { 490 SSL_SOCKET_PROTOCOLS_SSLENGINE.remove("TLSv1.1"); 491 SSL_SOCKET_PROTOCOLS_SSLENGINE.remove("TLSv1.2"); 492 } 493 } 494 495 /** 496 * Valid values for X509TrustManager.checkClientTrusted authType, 497 * either the algorithm of the public key or UNKNOWN. 498 */ 499 public static final Set<String> CLIENT_AUTH_TYPES = new HashSet<String>(Arrays.asList( 500 "RSA", 501 "DSA", 502 "EC", 503 "UNKNOWN")); 504 505 /** 506 * Valid values for X509TrustManager.checkServerTrusted authType, 507 * either key exchange algorithm part of the cipher suite 508 * or UNKNOWN. 509 */ 510 public static final Set<String> SERVER_AUTH_TYPES = new HashSet<String>(Arrays.asList( 511 "DHE_DSS", 512 "DHE_DSS_EXPORT", 513 "DHE_RSA", 514 "DHE_RSA_EXPORT", 515 "DH_DSS_EXPORT", 516 "DH_RSA_EXPORT", 517 "DH_anon", 518 "DH_anon_EXPORT", 519 "KRB5", 520 "KRB5_EXPORT", 521 "RSA", 522 "RSA_EXPORT", 523 "RSA_EXPORT1024", 524 "ECDH_ECDSA", 525 "ECDH_RSA", 526 "ECDHE_ECDSA", 527 "ECDHE_RSA", 528 "UNKNOWN")); 529 530 public static final String CIPHER_SUITE_INVALID = "SSL_NULL_WITH_NULL_NULL"; 531 532 public static final Set<String> CIPHER_SUITES_NEITHER = new HashSet<String>(); 533 534 public static final Set<String> CIPHER_SUITES_RI = new LinkedHashSet<String>(); 535 public static final Set<String> CIPHER_SUITES_OPENSSL = new LinkedHashSet<String>(); 536 537 public static final Set<String> CIPHER_SUITES; 538 539 private static final void addRi(String cipherSuite) { 540 CIPHER_SUITES_RI.add(cipherSuite); 541 } 542 543 private static final void addOpenSsl(String cipherSuite) { 544 CIPHER_SUITES_OPENSSL.add(cipherSuite); 545 } 546 547 private static final void addBoth(String cipherSuite) { 548 addRi(cipherSuite); 549 addOpenSsl(cipherSuite); 550 } 551 552 private static final void addNeither(String cipherSuite) { 553 CIPHER_SUITES_NEITHER.add(cipherSuite); 554 } 555 556 static { 557 // Note these are added in priority order as defined by RI 7 documentation. 558 // defaultCipherSuites 559 addNeither("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"); 560 addNeither("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"); 561 addNeither("TLS_RSA_WITH_AES_256_CBC_SHA256"); 562 addNeither("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"); 563 addNeither("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"); 564 addNeither("TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"); 565 addNeither("TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"); 566 addOpenSsl("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"); 567 addOpenSsl("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); 568 addOpenSsl("TLS_RSA_WITH_AES_256_CBC_SHA"); 569 addOpenSsl("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); 570 addOpenSsl("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"); 571 addOpenSsl("TLS_DHE_RSA_WITH_AES_256_CBC_SHA"); 572 addOpenSsl("TLS_DHE_DSS_WITH_AES_256_CBC_SHA"); 573 addRi( "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"); 574 addRi( "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"); 575 addRi( "TLS_RSA_WITH_AES_128_CBC_SHA256"); 576 addRi( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"); 577 addRi( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"); 578 addRi( "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"); 579 addRi( "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"); 580 addBoth( "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"); 581 addBoth( "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"); 582 addBoth( "TLS_RSA_WITH_AES_128_CBC_SHA"); 583 addBoth( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"); 584 addBoth( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"); 585 addBoth( "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"); 586 addBoth( "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"); 587 addBoth( "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"); 588 addBoth( "TLS_ECDHE_RSA_WITH_RC4_128_SHA"); 589 addBoth( "SSL_RSA_WITH_RC4_128_SHA"); 590 addBoth( "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"); 591 addBoth( "TLS_ECDH_RSA_WITH_RC4_128_SHA"); 592 addBoth( "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"); 593 addBoth( "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"); 594 addBoth( "SSL_RSA_WITH_3DES_EDE_CBC_SHA"); 595 addBoth( "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"); 596 addBoth( "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"); 597 addBoth( "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"); 598 addBoth( "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"); 599 addBoth( "SSL_RSA_WITH_RC4_128_MD5"); 600 // RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation 601 addBoth(CIPHER_SUITE_SECURE_RENEGOTIATION); 602 603 // non-defaultCipherSuites 604 addNeither("TLS_DH_anon_WITH_AES_256_CBC_SHA256"); 605 addOpenSsl("TLS_ECDH_anon_WITH_AES_256_CBC_SHA"); 606 addOpenSsl("TLS_DH_anon_WITH_AES_256_CBC_SHA"); 607 addRi( "TLS_DH_anon_WITH_AES_128_CBC_SHA256"); 608 addBoth( "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"); 609 addBoth( "TLS_DH_anon_WITH_AES_128_CBC_SHA"); 610 addBoth( "TLS_ECDH_anon_WITH_RC4_128_SHA"); 611 addBoth( "SSL_DH_anon_WITH_RC4_128_MD5"); 612 addBoth( "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"); 613 addBoth( "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"); 614 addRi( "TLS_RSA_WITH_NULL_SHA256"); 615 addBoth( "TLS_ECDHE_ECDSA_WITH_NULL_SHA"); 616 addBoth( "TLS_ECDHE_RSA_WITH_NULL_SHA"); 617 addBoth( "SSL_RSA_WITH_NULL_SHA"); 618 addBoth( "TLS_ECDH_ECDSA_WITH_NULL_SHA"); 619 addBoth( "TLS_ECDH_RSA_WITH_NULL_SHA"); 620 addBoth( "TLS_ECDH_anon_WITH_NULL_SHA"); 621 addBoth( "SSL_RSA_WITH_NULL_MD5"); 622 addBoth( "SSL_RSA_WITH_DES_CBC_SHA"); 623 addBoth( "SSL_DHE_RSA_WITH_DES_CBC_SHA"); 624 addBoth( "SSL_DHE_DSS_WITH_DES_CBC_SHA"); 625 addBoth( "SSL_DH_anon_WITH_DES_CBC_SHA"); 626 addBoth( "SSL_RSA_EXPORT_WITH_RC4_40_MD5"); 627 addBoth( "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"); 628 addBoth( "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"); 629 addBoth( "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"); 630 addBoth( "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); 631 addBoth( "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"); 632 633 // Android does not have Keberos support 634 addRi( "TLS_KRB5_WITH_RC4_128_SHA"); 635 addRi( "TLS_KRB5_WITH_RC4_128_MD5"); 636 addRi( "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"); 637 addRi( "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"); 638 addRi( "TLS_KRB5_WITH_DES_CBC_SHA"); 639 addRi( "TLS_KRB5_WITH_DES_CBC_MD5"); 640 addRi( "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"); 641 addRi( "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"); 642 addRi( "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"); 643 addRi( "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"); 644 645 // Dropped 646 addNeither("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"); 647 addNeither("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"); 648 649 // Old non standard exportable encryption 650 addNeither("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA"); 651 addNeither("SSL_RSA_EXPORT1024_WITH_RC4_56_SHA"); 652 653 // No RC2 654 addNeither("SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"); 655 addNeither("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"); 656 addNeither("TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"); 657 658 CIPHER_SUITES = (IS_RI) ? CIPHER_SUITES_RI : CIPHER_SUITES_OPENSSL; 659 } 660 661 public static final List<String> CIPHER_SUITES_DEFAULT = (IS_RI) 662 ? Arrays.asList("TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 663 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 664 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 665 "SSL_RSA_WITH_RC4_128_SHA", 666 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 667 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 668 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 669 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 670 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 671 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 672 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 673 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 674 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 675 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 676 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 677 "TLS_RSA_WITH_AES_128_CBC_SHA", 678 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 679 "SSL_RSA_WITH_RC4_128_MD5", 680 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 681 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 682 "SSL_RSA_WITH_3DES_EDE_CBC_SHA") 683 : Arrays.asList("SSL_RSA_WITH_RC4_128_MD5", 684 "SSL_RSA_WITH_RC4_128_SHA", 685 "TLS_RSA_WITH_AES_128_CBC_SHA", 686 "TLS_RSA_WITH_AES_256_CBC_SHA", 687 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 688 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 689 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 690 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 691 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 692 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 693 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 694 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 695 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 696 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 697 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 698 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 699 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 700 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 701 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 702 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 703 "SSL_RSA_WITH_3DES_EDE_CBC_SHA", 704 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 705 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 706 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 707 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 708 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 709 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 710 "SSL_RSA_WITH_DES_CBC_SHA", 711 "SSL_DHE_RSA_WITH_DES_CBC_SHA", 712 "SSL_DHE_DSS_WITH_DES_CBC_SHA", 713 "SSL_RSA_EXPORT_WITH_RC4_40_MD5", 714 "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 715 "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 716 "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 717 CIPHER_SUITE_SECURE_RENEGOTIATION); 718 719 public static final Set<String> CIPHER_SUITES_SSLENGINE = new HashSet<String>(CIPHER_SUITES); 720 static { 721 // No Elliptic Curve support on SSLEngine based provider 722 if (!IS_RI) { 723 Iterator<String> i = CIPHER_SUITES_SSLENGINE.iterator(); 724 while (i.hasNext()) { 725 String cs = i.next(); 726 if (cs.startsWith("TLS_EC") || cs.equals(CIPHER_SUITE_SECURE_RENEGOTIATION)) { 727 i.remove(); 728 } 729 } 730 } 731 } 732 733 public static final Map<String, Class<? extends KeySpec>> PRIVATE_KEY_SPEC_CLASSES; 734 public static final Map<String, Class<? extends KeySpec>> PUBLIC_KEY_SPEC_CLASSES; 735 public static final Map<String, Integer> MINIMUM_KEY_SIZE; 736 static { 737 PRIVATE_KEY_SPEC_CLASSES = new HashMap<String, Class<? extends KeySpec>>(); 738 PUBLIC_KEY_SPEC_CLASSES = new HashMap<String, Class<? extends KeySpec>>(); 739 MINIMUM_KEY_SIZE = new HashMap<String, Integer>(); 740 PRIVATE_KEY_SPEC_CLASSES.put("RSA", RSAPrivateCrtKeySpec.class); 741 PUBLIC_KEY_SPEC_CLASSES.put("RSA", RSAPublicKeySpec.class); 742 MINIMUM_KEY_SIZE.put("RSA", 256); 743 PRIVATE_KEY_SPEC_CLASSES.put("DSA", DSAPrivateKeySpec.class); 744 PUBLIC_KEY_SPEC_CLASSES.put("DSA", DSAPublicKeySpec.class); 745 MINIMUM_KEY_SIZE.put("DSA", 512); 746 PRIVATE_KEY_SPEC_CLASSES.put("DH", DHPrivateKeySpec.class); 747 PUBLIC_KEY_SPEC_CLASSES.put("DH", DHPublicKeySpec.class); 748 MINIMUM_KEY_SIZE.put("DH", 256); 749 PRIVATE_KEY_SPEC_CLASSES.put("EC", ECPrivateKeySpec.class); 750 PUBLIC_KEY_SPEC_CLASSES.put("EC", ECPublicKeySpec.class); 751 MINIMUM_KEY_SIZE.put("EC", 256); 752 } 753 754 public static Class<? extends KeySpec> getPrivateKeySpecClass(String algName) { 755 return PRIVATE_KEY_SPEC_CLASSES.get(algName); 756 } 757 758 public static Class<? extends KeySpec> getPublicKeySpecClass(String algName) { 759 return PUBLIC_KEY_SPEC_CLASSES.get(algName); 760 } 761 762 public static int getMinimumKeySize(String algName) { 763 return MINIMUM_KEY_SIZE.get(algName); 764 } 765 766 /** 767 * Asserts that the cipher suites array is non-null and that it 768 * all of its contents are cipher suites known to this 769 * implementation. As a convenience, returns any unenabled cipher 770 * suites in a test for those that want to verify separately that 771 * all cipher suites were included. 772 */ 773 public static Set<String> assertValidCipherSuites(Set<String> expected, String[] cipherSuites) { 774 assertNotNull(cipherSuites); 775 assertTrue(cipherSuites.length != 0); 776 777 // Make sure all cipherSuites names are expected 778 Set remainingCipherSuites = new HashSet<String>(expected); 779 Set unknownCipherSuites = new HashSet<String>(); 780 for (String cipherSuite : cipherSuites) { 781 boolean removed = remainingCipherSuites.remove(cipherSuite); 782 if (!removed) { 783 unknownCipherSuites.add(cipherSuite); 784 } 785 } 786 assertEquals("Unknown cipher suites", Collections.EMPTY_SET, unknownCipherSuites); 787 return remainingCipherSuites; 788 } 789 790 /** 791 * After using assertValidCipherSuites on cipherSuites, 792 * assertSupportedCipherSuites additionally verifies that all 793 * supported cipher suites where in the input array. 794 */ 795 public static void assertSupportedCipherSuites(Set<String> expected, String[] cipherSuites) { 796 Set<String> remainingCipherSuites = assertValidCipherSuites(expected, cipherSuites); 797 assertEquals("Missing cipher suites", Collections.EMPTY_SET, remainingCipherSuites); 798 assertEquals(expected.size(), cipherSuites.length); 799 } 800 801 /** 802 * Asserts that the protocols array is non-null and that it all of 803 * its contents are protocols known to this implementation. As a 804 * convenience, returns any unenabled protocols in a test for 805 * those that want to verify separately that all protocols were 806 * included. 807 */ 808 public static Set<String> assertValidProtocols(Set<String> expected, String[] protocols) { 809 assertNotNull(protocols); 810 assertTrue(protocols.length != 0); 811 812 // Make sure all protocols names are expected 813 Set remainingProtocols = new HashSet<String>(expected); 814 Set unknownProtocols = new HashSet<String>(); 815 for (String protocol : protocols) { 816 if (!remainingProtocols.remove(protocol)) { 817 unknownProtocols.add(protocol); 818 } 819 } 820 assertEquals("Unknown protocols", Collections.EMPTY_SET, unknownProtocols); 821 return remainingProtocols; 822 } 823 824 /** 825 * After using assertValidProtocols on protocols, 826 * assertSupportedProtocols additionally verifies that all 827 * supported protocols where in the input array. 828 */ 829 public static void assertSupportedProtocols(Set<String> expected, String[] protocols) { 830 Set<String> remainingProtocols = assertValidProtocols(expected, protocols); 831 assertEquals("Missing protocols", Collections.EMPTY_SET, remainingProtocols); 832 assertEquals(expected.size(), protocols.length); 833 } 834 835 /** 836 * Assert cipher suites match the default list in content and priority order. 837 */ 838 public static void assertDefaultCipherSuites(String[] cipherSuites) { 839 assertValidCipherSuites(CIPHER_SUITES, cipherSuites); 840 assertEquals(CIPHER_SUITES_DEFAULT, Arrays.asList(cipherSuites)); 841 } 842 } 843