< prev index next >
src/java.base/share/classes/sun/security/ssl/SSLAlgorithmDecomposer.java
Print this page
@@ -25,13 +25,26 @@
package sun.security.ssl;
import java.util.HashSet;
import java.util.Set;
-import sun.security.util.AlgorithmDecomposer;
-import static sun.security.ssl.CipherSuite.*;
+import sun.security.ssl.CipherSuite.HashAlg;
+import sun.security.ssl.CipherSuite.KeyExchange;
import static sun.security.ssl.CipherSuite.KeyExchange.*;
+import sun.security.ssl.CipherSuite.MacAlg;
+import static sun.security.ssl.SSLCipher.B_3DES;
+import static sun.security.ssl.SSLCipher.B_AES_128;
+import static sun.security.ssl.SSLCipher.B_AES_128_GCM;
+import static sun.security.ssl.SSLCipher.B_AES_256;
+import static sun.security.ssl.SSLCipher.B_AES_256_GCM;
+import static sun.security.ssl.SSLCipher.B_DES;
+import static sun.security.ssl.SSLCipher.B_DES_40;
+import static sun.security.ssl.SSLCipher.B_NULL;
+import static sun.security.ssl.SSLCipher.B_RC2_40;
+import static sun.security.ssl.SSLCipher.B_RC4_128;
+import static sun.security.ssl.SSLCipher.B_RC4_40;
+import sun.security.util.AlgorithmDecomposer;
/**
* The class decomposes standard SSL/TLS cipher suites into sub-elements.
*/
class SSLAlgorithmDecomposer extends AlgorithmDecomposer {
@@ -124,22 +137,17 @@
components.add("ANON");
components.add("ECDH_ANON");
}
break;
default:
- if (ClientKeyExchangeService.find(keyExchange.name) != null) {
- if (!onlyX509) {
- components.add(keyExchange.name);
- }
- }
// otherwise ignore
}
return components;
}
- private Set<String> decomposes(CipherSuite.BulkCipher bulkCipher) {
+ private Set<String> decomposes(SSLCipher bulkCipher) {
Set<String> components = new HashSet<>();
if (bulkCipher.transformation != null) {
components.addAll(super.decompose(bulkCipher.transformation));
}
@@ -183,11 +191,11 @@
return components;
}
private Set<String> decomposes(CipherSuite.MacAlg macAlg,
- BulkCipher cipher) {
+ SSLCipher cipher) {
Set<String> components = new HashSet<>();
if (macAlg == CipherSuite.MacAlg.M_NULL
&& cipher.cipherType != CipherType.AEAD_CIPHER) {
components.add("M_NULL");
@@ -209,12 +217,30 @@
}
return components;
}
- private Set<String> decompose(KeyExchange keyExchange, BulkCipher cipher,
- MacAlg macAlg) {
+ private Set<String> decomposes(CipherSuite.HashAlg hashAlg) {
+ Set<String> components = new HashSet<>();
+
+ if (hashAlg == CipherSuite.HashAlg.H_SHA256) {
+ components.add("SHA256");
+ components.add("SHA-256");
+ components.add("HmacSHA256");
+ } else if (hashAlg == CipherSuite.HashAlg.H_SHA384) {
+ components.add("SHA384");
+ components.add("SHA-384");
+ components.add("HmacSHA384");
+ }
+
+ return components;
+ }
+
+ private Set<String> decompose(KeyExchange keyExchange,
+ SSLCipher cipher,
+ MacAlg macAlg,
+ HashAlg hashAlg) {
Set<String> components = new HashSet<>();
if (keyExchange != null) {
components.addAll(decomposes(keyExchange));
}
@@ -231,28 +257,33 @@
if (macAlg != null) {
components.addAll(decomposes(macAlg, cipher));
}
+ if (hashAlg != null) {
+ components.addAll(decomposes(hashAlg));
+ }
+
return components;
}
@Override
public Set<String> decompose(String algorithm) {
if (algorithm.startsWith("SSL_") || algorithm.startsWith("TLS_")) {
CipherSuite cipherSuite = null;
try {
- cipherSuite = CipherSuite.valueOf(algorithm);
+ cipherSuite = CipherSuite.nameOf(algorithm);
} catch (IllegalArgumentException iae) {
// ignore: unknown or unsupported ciphersuite
}
if (cipherSuite != null) {
- return decompose(cipherSuite.keyExchange, cipherSuite.cipher,
- cipherSuite.macAlg);
+ return decompose(cipherSuite.keyExchange,
+ cipherSuite.bulkCipher,
+ cipherSuite.macAlg,
+ cipherSuite.hashAlg);
}
}
return super.decompose(algorithm);
}
-
}
< prev index next >