Add support for TLS_FALLBACK_SCSV

Bug: 17750026
Change-Id: I8dec89ae59a6f745f63120b11b4f6dbe9b21a139

1 files changed, 12 insertions, 0 deletions

diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index a526c2e..528a651 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -82,6 +82,14 @@ public final class StandardNames extends Assert {
             = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
 
     /**
+     * From https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 it is a
+     * signaling cipher suite value (SCSV) to indicate that this request is a
+     * protocol fallback (e.g., TLS 1.0 -> SSL 3.0) because the server didn't respond
+     * to the first request.
+     */
+    public static final String CIPHER_SUITE_FALLBACK = "TLS_FALLBACK_SCSV";
+
+    /**
      * A map from algorithm type (e.g. Cipher) to a set of algorithms (e.g. AES, DES, ...)
      */
     public static final Map<String,Set<String>> PROVIDER_ALGORITHMS
@@ -723,6 +731,10 @@ public final class StandardNames extends Assert {
         // RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation
         addBoth(CIPHER_SUITE_SECURE_RENEGOTIATION);
 
+        // From https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 to indicate
+        // TLS fallback request
+        addOpenSsl(CIPHER_SUITE_FALLBACK);
+
         // non-defaultCipherSuites
         addBoth(   "TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
         addBoth(   "TLS_DH_anon_WITH_AES_256_CBC_SHA");