3 files changed, 13 insertions, 11 deletions

diff --git a/luni/src/main/java/javax/net/ssl/SSLEngine.java b/luni/src/main/java/javax/net/ssl/SSLEngine.java
index cbf02ac..7da8f1f 100644
--- a/luni/src/main/java/javax/net/ssl/SSLEngine.java
+++ b/luni/src/main/java/javax/net/ssl/SSLEngine.java
@@ -62,6 +62,7 @@ import java.nio.ByteBuffer;
  * </table>
  *
  * <h4>Cipher suites</h4>
+ * <!-- STOPSHIP: Update this table to reflect the removal of DSS cipher suites. -->
  * <table>
  *     <thead>
  *         <tr>
diff --git a/luni/src/main/java/javax/net/ssl/SSLSocket.java b/luni/src/main/java/javax/net/ssl/SSLSocket.java
index dc406e1..043b005 100644
--- a/luni/src/main/java/javax/net/ssl/SSLSocket.java
+++ b/luni/src/main/java/javax/net/ssl/SSLSocket.java
@@ -106,6 +106,7 @@ import java.net.UnknownHostException;
  * standard names for cipher suites since API Level 9, as listed in the table
  * below. Prior to API Level 9, non-standard (OpenSSL) names had been used (see
  * the table following this table).
+ * <!-- STOPSHIP: Update this table to reflect the removal of DSS cipher suites. -->
  * <table>
  *     <thead>
  *         <tr>
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index c28a841..02b4f61 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -709,14 +709,12 @@ public final class StandardNames extends Assert {
         addBoth(   "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
         addBoth(   "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
         addBoth(   "TLS_DHE_RSA_WITH_AES_256_CBC_SHA");
-        addBoth(   "TLS_DHE_DSS_WITH_AES_256_CBC_SHA");
         addBoth(   "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_RSA_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
-        addBoth(   "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
         addBoth(   "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA");
         addBoth(   "TLS_ECDHE_RSA_WITH_RC4_128_SHA");
         addBoth(   "SSL_RSA_WITH_RC4_128_SHA");
@@ -728,7 +726,6 @@ public final class StandardNames extends Assert {
         addBoth(   "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA");
         addBoth(   "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA");
         addBoth(   "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA");
-        addBoth(   "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA");
         addBoth(   "SSL_RSA_WITH_RC4_128_MD5");
 
         // TLSv1.2 cipher suites
@@ -741,10 +738,6 @@ public final class StandardNames extends Assert {
         addBoth(   "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256");
         addOpenSsl("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256");
         addOpenSsl("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384");
-        addBoth(   "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256");
-        addBoth(   "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256");
-        addOpenSsl("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256");
-        addOpenSsl("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384");
         addBoth(   "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
         addBoth(   "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
         addOpenSsl("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
@@ -799,13 +792,11 @@ public final class StandardNames extends Assert {
         addBoth(   "SSL_RSA_WITH_NULL_MD5");
         addBoth(   "SSL_RSA_WITH_DES_CBC_SHA");
         addBoth(   "SSL_DHE_RSA_WITH_DES_CBC_SHA");
-        addBoth(   "SSL_DHE_DSS_WITH_DES_CBC_SHA");
         addBoth(   "SSL_DH_anon_WITH_DES_CBC_SHA");
         addBoth(   "SSL_RSA_EXPORT_WITH_RC4_40_MD5");
         addBoth(   "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5");
         addBoth(   "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA");
         addBoth(   "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA");
-        addBoth(   "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
         addBoth(   "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
 
         // Android does not have Keberos support
@@ -820,6 +811,17 @@ public final class StandardNames extends Assert {
         addRi(     "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA");
         addRi(     "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5");
 
+        // Android does not have DSS support
+        addRi(     "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
+        addRi(     "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA");
+        addRi(     "SSL_DHE_DSS_WITH_DES_CBC_SHA");
+        addRi(     "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
+        addRi(     "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256");
+        addNeither("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256");
+        addRi(     "TLS_DHE_DSS_WITH_AES_256_CBC_SHA");
+        addRi(     "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256");
+        addNeither("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384");
+
         // Dropped
         addNeither("SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA");
         addNeither("SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA");
@@ -910,8 +912,6 @@ public final class StandardNames extends Assert {
                             "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                             "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
                             "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-                            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-                            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
                             "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
                             "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
                             "TLS_RSA_WITH_AES_128_GCM_SHA256",