From 3b96a51f6446c8bc7d4ce7c23ad9164a4a4437ba Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Fri, 3 Oct 2014 04:03:25 -0700 Subject: Add support for TLS_FALLBACK_SCSV Bug: 17750026 (cherry picked from commit e6a6e935e98f426c7000b2bf4086f87101f4441c) Change-Id: Ia7f0714157b0dc36579122b27eb921a54f3a6818 --- .../src/test/java/libcore/java/security/StandardNames.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'support/src') diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java index a526c2e..528a651 100644 --- a/support/src/test/java/libcore/java/security/StandardNames.java +++ b/support/src/test/java/libcore/java/security/StandardNames.java @@ -82,6 +82,14 @@ public final class StandardNames extends Assert { = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; /** + * From https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 it is a + * signaling cipher suite value (SCSV) to indicate that this request is a + * protocol fallback (e.g., TLS 1.0 -> SSL 3.0) because the server didn't respond + * to the first request. + */ + public static final String CIPHER_SUITE_FALLBACK = "TLS_FALLBACK_SCSV"; + + /** * A map from algorithm type (e.g. Cipher) to a set of algorithms (e.g. AES, DES, ...) */ public static final Map> PROVIDER_ALGORITHMS @@ -723,6 +731,10 @@ public final class StandardNames extends Assert { // RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation addBoth(CIPHER_SUITE_SECURE_RENEGOTIATION); + // From https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 to indicate + // TLS fallback request + addOpenSsl(CIPHER_SUITE_FALLBACK); + // non-defaultCipherSuites addBoth( "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"); addBoth( "TLS_DH_anon_WITH_AES_256_CBC_SHA"); -- cgit v1.1