summaryrefslogtreecommitdiffstats
path: root/support/src
diff options
context:
space:
mode:
authorKenny Root <kroot@google.com>2015-06-03 15:57:25 -0700
committerKenny Root <kroot@google.com>2015-06-04 09:36:30 -0700
commit90b217a3543f119bb7aa20d7a0e55fd5343e9ce7 (patch)
tree0ed43bde3fd3228adc7a63bea9f5b37c0697f09b /support/src
parent62c50e98430e8f17d77057c6123f075c433979b7 (diff)
downloadlibcore-90b217a3543f119bb7aa20d7a0e55fd5343e9ce7.zip
libcore-90b217a3543f119bb7aa20d7a0e55fd5343e9ce7.tar.gz
libcore-90b217a3543f119bb7aa20d7a0e55fd5343e9ce7.tar.bz2
Update offered ciphers
Dropped support for non-ephemeral Diffie-Hellman cipher suites, anonymous authentication, some DES cipher suites, and export cipher suites. Bug: 21522548 Change-Id: Ie2048d303890935969cc7c1ac7bc9d93705c7a90
Diffstat (limited to 'support/src')
-rw-r--r--support/src/test/java/libcore/java/security/StandardNames.java96
1 files changed, 48 insertions, 48 deletions
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index 414da7c..017c466 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -714,30 +714,18 @@ public final class StandardNames extends Assert {
addBoth( "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");
addBoth( "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
addBoth( "TLS_RSA_WITH_AES_256_CBC_SHA");
- addBoth( "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
- addBoth( "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
addBoth( "TLS_DHE_RSA_WITH_AES_256_CBC_SHA");
addBoth( "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
addBoth( "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
addBoth( "TLS_RSA_WITH_AES_128_CBC_SHA");
- addBoth( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
- addBoth( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
addBoth( "TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
addBoth( "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA");
addBoth( "TLS_ECDHE_RSA_WITH_RC4_128_SHA");
addBoth( "SSL_RSA_WITH_RC4_128_SHA");
- addBoth( "TLS_ECDH_ECDSA_WITH_RC4_128_SHA");
- addBoth( "TLS_ECDH_RSA_WITH_RC4_128_SHA");
- addBoth( "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA");
- addBoth( "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA");
addBoth( "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
- addBoth( "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
- addBoth( "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
- addBoth( "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA");
addBoth( "SSL_RSA_WITH_RC4_128_MD5");
// TLSv1.2 cipher suites
- addBoth( "TLS_RSA_WITH_NULL_SHA256");
addBoth( "TLS_RSA_WITH_AES_128_CBC_SHA256");
addBoth( "TLS_RSA_WITH_AES_256_CBC_SHA256");
addOpenSsl("TLS_RSA_WITH_AES_128_GCM_SHA256");
@@ -746,14 +734,6 @@ public final class StandardNames extends Assert {
addBoth( "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256");
addOpenSsl("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256");
addOpenSsl("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384");
- addBoth( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
- addBoth( "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
- addOpenSsl("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
- addOpenSsl("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
- addBoth( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
- addBoth( "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
- addOpenSsl("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
- addOpenSsl("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
addBoth( "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256");
addBoth( "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");
addOpenSsl("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
@@ -762,14 +742,9 @@ public final class StandardNames extends Assert {
addBoth( "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384");
addOpenSsl("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
addOpenSsl("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
- addBoth( "TLS_DH_anon_WITH_AES_128_CBC_SHA256");
- addBoth( "TLS_DH_anon_WITH_AES_256_CBC_SHA256");
- addOpenSsl("TLS_DH_anon_WITH_AES_128_GCM_SHA256");
- addOpenSsl("TLS_DH_anon_WITH_AES_256_GCM_SHA384");
// Pre-Shared Key (PSK) cipher suites
addOpenSsl("TLS_PSK_WITH_RC4_128_SHA");
- addOpenSsl("TLS_PSK_WITH_3DES_EDE_CBC_SHA");
addOpenSsl("TLS_PSK_WITH_AES_128_CBC_SHA");
addOpenSsl("TLS_PSK_WITH_AES_256_CBC_SHA");
addOpenSsl("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA");
@@ -783,29 +758,6 @@ public final class StandardNames extends Assert {
addOpenSsl(CIPHER_SUITE_FALLBACK);
// non-defaultCipherSuites
- addBoth( "TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
- addBoth( "TLS_DH_anon_WITH_AES_256_CBC_SHA");
- addBoth( "TLS_ECDH_anon_WITH_AES_128_CBC_SHA");
- addBoth( "TLS_DH_anon_WITH_AES_128_CBC_SHA");
- addBoth( "TLS_ECDH_anon_WITH_RC4_128_SHA");
- addBoth( "SSL_DH_anon_WITH_RC4_128_MD5");
- addBoth( "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA");
- addBoth( "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA");
- addBoth( "TLS_ECDHE_ECDSA_WITH_NULL_SHA");
- addBoth( "TLS_ECDHE_RSA_WITH_NULL_SHA");
- addBoth( "SSL_RSA_WITH_NULL_SHA");
- addBoth( "TLS_ECDH_ECDSA_WITH_NULL_SHA");
- addBoth( "TLS_ECDH_RSA_WITH_NULL_SHA");
- addBoth( "TLS_ECDH_anon_WITH_NULL_SHA");
- addBoth( "SSL_RSA_WITH_NULL_MD5");
- addBoth( "SSL_RSA_WITH_DES_CBC_SHA");
- addBoth( "SSL_DHE_RSA_WITH_DES_CBC_SHA");
- addBoth( "SSL_DH_anon_WITH_DES_CBC_SHA");
- addBoth( "SSL_RSA_EXPORT_WITH_RC4_40_MD5");
- addBoth( "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5");
- addBoth( "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA");
- addBoth( "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA");
- addBoth( "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
// Android does not have Kerberos support
addRi( "TLS_KRB5_WITH_RC4_128_SHA");
@@ -833,6 +785,54 @@ public final class StandardNames extends Assert {
// Dropped
addNeither("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA");
addNeither("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA");
+ addRi( "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA");
+ addRi( "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA");
+ addRi( "SSL_DHE_RSA_WITH_DES_CBC_SHA");
+ addRi( "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
+ addRi( "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5");
+ addRi( "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA");
+ addRi( "SSL_DH_anon_WITH_DES_CBC_SHA");
+ addRi( "SSL_DH_anon_WITH_RC4_128_MD5");
+ addRi( "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA");
+ addRi( "SSL_RSA_EXPORT_WITH_RC4_40_MD5");
+ addRi( "SSL_RSA_WITH_DES_CBC_SHA");
+ addRi( "SSL_RSA_WITH_NULL_MD5");
+ addRi( "SSL_RSA_WITH_NULL_SHA");
+ addRi( "TLS_DH_anon_WITH_AES_128_CBC_SHA");
+ addRi( "TLS_DH_anon_WITH_AES_128_CBC_SHA256");
+ addNeither("TLS_DH_anon_WITH_AES_128_GCM_SHA256");
+ addRi( "TLS_DH_anon_WITH_AES_256_CBC_SHA");
+ addRi( "TLS_DH_anon_WITH_AES_256_CBC_SHA256");
+ addNeither("TLS_DH_anon_WITH_AES_256_GCM_SHA384");
+ addRi( "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_ECDHE_ECDSA_WITH_NULL_SHA");
+ addRi( "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_ECDHE_RSA_WITH_NULL_SHA");
+ addRi( "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
+ addRi( "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
+ addNeither("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
+ addRi( "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
+ addRi( "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
+ addNeither("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
+ addRi( "TLS_ECDH_ECDSA_WITH_NULL_SHA");
+ addRi( "TLS_ECDH_ECDSA_WITH_RC4_128_SHA");
+ addRi( "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
+ addRi( "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
+ addNeither("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
+ addRi( "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
+ addRi( "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
+ addNeither("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
+ addRi( "TLS_ECDH_RSA_WITH_NULL_SHA");
+ addRi( "TLS_ECDH_RSA_WITH_RC4_128_SHA");
+ addRi( "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_ECDH_anon_WITH_AES_128_CBC_SHA");
+ addRi( "TLS_ECDH_anon_WITH_AES_256_CBC_SHA");
+ addRi( "TLS_ECDH_anon_WITH_NULL_SHA");
+ addRi( "TLS_ECDH_anon_WITH_RC4_128_SHA");
+ addNeither("TLS_PSK_WITH_3DES_EDE_CBC_SHA");
+ addRi( "TLS_RSA_WITH_NULL_SHA256");
// Old non standard exportable encryption
addNeither("SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA");
generated by cgit v1.1 at 2025-01-08 16:48:57 +0000