1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package libcore.java.security; 18 19 import static org.junit.Assert.assertNotNull; 20 import static org.junit.Assert.assertTrue; 21 22 import java.security.Security; 23 import java.security.spec.DSAPrivateKeySpec; 24 import java.security.spec.DSAPublicKeySpec; 25 import java.security.spec.ECPrivateKeySpec; 26 import java.security.spec.ECPublicKeySpec; 27 import java.security.spec.KeySpec; 28 import java.security.spec.RSAPrivateCrtKeySpec; 29 import java.security.spec.RSAPublicKeySpec; 30 import java.util.Arrays; 31 import java.util.HashMap; 32 import java.util.HashSet; 33 import java.util.List; 34 import java.util.Locale; 35 import java.util.Map; 36 import java.util.Set; 37 import javax.crypto.spec.DHPrivateKeySpec; 38 import javax.crypto.spec.DHPublicKeySpec; 39 40 /** 41 * This class defines expected string names for protocols, key types, 42 * client and server auth types, cipher suites. 43 * 44 * Initially based on "Appendix A: Standard Names" of 45 * <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#AppA"> 46 * Java ™ Secure Socket Extension (JSSE) Reference Guide 47 * for the Java ™ 2 Platform Standard Edition 5 48 * </a>. 49 * 50 * Updated based on the 51 * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/SunProviders.html"> 52 * Java ™ Cryptography Architecture Oracle Providers Documentation 53 * for Java ™ Platform Standard Edition 7 54 * </a>. 55 * See also the 56 * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/StandardNames.html"> 57 * Java ™ Cryptography Architecture Standard Algorithm Name Documentation 58 * </a>. 59 * 60 * Further updates based on the 61 * <a href=http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html"> 62 * Java ™ PKCS#11 Reference Guide 63 * </a>. 64 */ 65 public final class StandardNames { 66 67 public static final boolean IS_RI 68 = !"Dalvik Core Library".equals(System.getProperty("java.specification.name")); 69 70 public static final String SECURITY_PROVIDER_NAME = (IS_RI) ? "SUN" : "BC"; 71 72 public static final String KEY_STORE_ALGORITHM = (IS_RI) ? "JKS" : "BKS"; 73 74 /** 75 * RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation 76 */ 77 private static final String CIPHER_SUITE_SECURE_RENEGOTIATION 78 = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 79 80 /** 81 * A map from algorithm type (e.g. Cipher) to a set of algorithms (e.g. AES, DES, ...) 82 */ 83 static final Map<String,Set<String>> PROVIDER_ALGORITHMS 84 = new HashMap<>(); 85 86 private static final Map<String,Set<String>> CIPHER_MODES 87 = new HashMap<>(); 88 89 private static final Map<String,Set<String>> CIPHER_PADDINGS 90 = new HashMap<>(); 91 provide(String type, String algorithm)92 private static void provide(String type, String algorithm) { 93 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 94 if (algorithms == null) { 95 algorithms = new HashSet<>(); 96 PROVIDER_ALGORITHMS.put(type, algorithms); 97 } 98 assertTrue("Duplicate " + type + " " + algorithm, 99 algorithms.add(algorithm.toUpperCase(Locale.ROOT))); 100 } unprovide(String type, String algorithm)101 private static void unprovide(String type, String algorithm) { 102 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 103 assertNotNull(algorithms); 104 assertTrue(algorithm, algorithms.remove(algorithm.toUpperCase(Locale.ROOT))); 105 if (algorithms.isEmpty()) { 106 assertNotNull(PROVIDER_ALGORITHMS.remove(type)); 107 } 108 } provideCipherModes(String algorithm, String newModes[])109 private static void provideCipherModes(String algorithm, String newModes[]) { 110 Set<String> modes = CIPHER_MODES.get(algorithm); 111 if (modes == null) { 112 modes = new HashSet<>(); 113 CIPHER_MODES.put(algorithm, modes); 114 } 115 modes.addAll(Arrays.asList(newModes)); 116 } provideCipherPaddings(String algorithm, String newPaddings[])117 private static void provideCipherPaddings(String algorithm, String newPaddings[]) { 118 Set<String> paddings = CIPHER_PADDINGS.get(algorithm); 119 if (paddings == null) { 120 paddings = new HashSet<>(); 121 CIPHER_PADDINGS.put(algorithm, paddings); 122 } 123 paddings.addAll(Arrays.asList(newPaddings)); 124 } 125 static { 126 provide("AlgorithmParameterGenerator", "DSA"); 127 provide("AlgorithmParameterGenerator", "DiffieHellman"); 128 provide("AlgorithmParameters", "AES"); 129 provide("AlgorithmParameters", "Blowfish"); 130 provide("AlgorithmParameters", "DES"); 131 provide("AlgorithmParameters", "DESede"); 132 provide("AlgorithmParameters", "DSA"); 133 provide("AlgorithmParameters", "DiffieHellman"); 134 provide("AlgorithmParameters", "GCM"); 135 provide("AlgorithmParameters", "OAEP"); 136 provide("AlgorithmParameters", "PBEWithMD5AndDES"); 137 provide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 138 provide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 139 provide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 140 provide("AlgorithmParameters", "PSS"); 141 provide("AlgorithmParameters", "RC2"); 142 provide("AlgorithmParameters", "PBEWITHHMACSHA1ANDAES_128"); 143 provide("AlgorithmParameters", "PBEWITHHMACSHA1ANDAES_256"); 144 provide("AlgorithmParameters", "PBEWITHHMACSHA224ANDAES_128"); 145 provide("AlgorithmParameters", "PBEWITHHMACSHA224ANDAES_256"); 146 provide("AlgorithmParameters", "PBEWITHHMACSHA256ANDAES_128"); 147 provide("AlgorithmParameters", "PBEWITHHMACSHA256ANDAES_256"); 148 provide("AlgorithmParameters", "PBEWITHHMACSHA384ANDAES_128"); 149 provide("AlgorithmParameters", "PBEWITHHMACSHA384ANDAES_256"); 150 provide("AlgorithmParameters", "PBEWITHHMACSHA512ANDAES_128"); 151 provide("AlgorithmParameters", "PBEWITHHMACSHA512ANDAES_256"); 152 provide("SecretKeyFactory", "PBEWITHHMACSHA1ANDAES_128"); 153 provide("SecretKeyFactory", "PBEWITHHMACSHA1ANDAES_256"); 154 provide("SecretKeyFactory", "PBEWITHHMACSHA224ANDAES_128"); 155 provide("SecretKeyFactory", "PBEWITHHMACSHA224ANDAES_256"); 156 provide("SecretKeyFactory", "PBEWITHHMACSHA256ANDAES_128"); 157 provide("SecretKeyFactory", "PBEWITHHMACSHA256ANDAES_256"); 158 provide("SecretKeyFactory", "PBEWITHHMACSHA384ANDAES_128"); 159 provide("SecretKeyFactory", "PBEWITHHMACSHA384ANDAES_256"); 160 provide("SecretKeyFactory", "PBEWITHHMACSHA512ANDAES_128"); 161 provide("SecretKeyFactory", "PBEWITHHMACSHA512ANDAES_256"); 162 provide("CertPathBuilder", "PKIX"); 163 provide("CertPathValidator", "PKIX"); 164 provide("CertStore", "Collection"); 165 provide("CertStore", "LDAP"); 166 provide("CertificateFactory", "X.509"); 167 // TODO: provideCipherModes and provideCipherPaddings for other Ciphers 168 provide("Cipher", "AES"); 169 provideCipherModes("AES", new String[] { "CBC", "CFB", "CTR", "CTS", "ECB", "OFB" }); 170 provideCipherPaddings("AES", new String[] { "NoPadding", "PKCS5Padding" }); 171 provide("Cipher", "AESWrap"); 172 provide("Cipher", "ARCFOUR"); 173 provide("Cipher", "Blowfish"); 174 provide("Cipher", "DES"); 175 provide("Cipher", "DESede"); 176 provide("Cipher", "DESedeWrap"); 177 provide("Cipher", "PBEWithMD5AndDES"); 178 provide("Cipher", "PBEWithMD5AndTripleDES"); 179 provide("Cipher", "PBEWithSHA1AndDESede"); 180 provide("Cipher", "PBEWithSHA1AndRC2_40"); 181 provide("Cipher", "RC2"); 182 provide("Cipher", "RSA"); 183 // TODO: None? 184 provideCipherModes("RSA", new String[] { "ECB" }); 185 // TODO: OAEPPadding 186 provideCipherPaddings("RSA", new String[] { "NoPadding", "PKCS1Padding" }); 187 provide("Configuration", "JavaLoginConfig"); 188 provide("KeyAgreement", "DiffieHellman"); 189 provide("KeyFactory", "DSA"); 190 provide("KeyFactory", "DiffieHellman"); 191 provide("KeyFactory", "RSA"); 192 provide("KeyGenerator", "AES"); 193 provide("KeyGenerator", "ARCFOUR"); 194 provide("KeyGenerator", "Blowfish"); 195 provide("KeyGenerator", "DES"); 196 provide("KeyGenerator", "DESede"); 197 provide("KeyGenerator", "HmacMD5"); 198 provide("KeyGenerator", "HmacSHA1"); 199 provide("KeyGenerator", "HmacSHA224"); 200 provide("KeyGenerator", "HmacSHA256"); 201 provide("KeyGenerator", "HmacSHA384"); 202 provide("KeyGenerator", "HmacSHA512"); 203 provide("KeyGenerator", "RC2"); 204 provide("KeyInfoFactory", "DOM"); 205 provide("KeyManagerFactory", "PKIX"); 206 provide("KeyPairGenerator", "DSA"); 207 provide("KeyPairGenerator", "DiffieHellman"); 208 provide("KeyPairGenerator", "RSA"); 209 provide("KeyStore", "JCEKS"); 210 provide("KeyStore", "JKS"); 211 provide("KeyStore", "PKCS12"); 212 provide("Mac", "HmacMD5"); 213 provide("Mac", "HmacSHA1"); 214 provide("Mac", "HmacSHA224"); 215 provide("Mac", "HmacSHA256"); 216 provide("Mac", "HmacSHA384"); 217 provide("Mac", "HmacSHA512"); 218 provide("Mac", "PBEWITHHMACSHA224"); 219 provide("Mac", "PBEWITHHMACSHA256"); 220 provide("Mac", "PBEWITHHMACSHA384"); 221 provide("Mac", "PBEWITHHMACSHA512"); 222 // If adding a new MessageDigest, consider adding it to JarVerifier 223 provide("MessageDigest", "MD2"); 224 provide("MessageDigest", "MD5"); 225 provide("MessageDigest", "SHA-224"); 226 provide("MessageDigest", "SHA-256"); 227 provide("MessageDigest", "SHA-384"); 228 provide("MessageDigest", "SHA-512"); 229 provide("Policy", "JavaPolicy"); 230 // Android does not support SSLv3 231 if (IS_RI) { 232 provide("SSLContext", "SSLv3"); 233 } 234 provide("SSLContext", "TLSv1"); 235 provide("SSLContext", "TLSv1.1"); 236 provide("SSLContext", "TLSv1.2"); 237 provide("SSLContext", "TLSv1.3"); 238 provide("SecretKeyFactory", "DES"); 239 provide("SecretKeyFactory", "DESede"); 240 provide("SecretKeyFactory", "PBEWithMD5AndDES"); 241 provide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 242 provide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 243 provide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 244 provide("SecretKeyFactory", "PBKDF2WithHmacSHA1"); 245 provide("SecretKeyFactory", "PBKDF2WithHmacSHA224"); 246 provide("SecretKeyFactory", "PBKDF2WithHmacSHA256"); 247 provide("SecretKeyFactory", "PBKDF2WithHmacSHA384"); 248 provide("SecretKeyFactory", "PBKDF2WithHmacSHA512"); 249 provide("SecretKeyFactory", "PBKDF2WithHmacSHA1And8bit"); 250 provide("SecureRandom", "SHA1PRNG"); 251 provide("Signature", "MD2withRSA"); 252 provide("Signature", "MD5withRSA"); 253 provide("Signature", "NONEwithDSA"); 254 provide("Signature", "SHA1withDSA"); 255 provide("Signature", "SHA224withDSA"); 256 provide("Signature", "SHA256withDSA"); 257 provide("Signature", "SHA1withRSA"); 258 provide("Signature", "SHA224withRSA"); 259 provide("Signature", "SHA256withRSA"); 260 provide("Signature", "SHA384withRSA"); 261 provide("Signature", "SHA512withRSA"); 262 provide("TerminalFactory", "PC/SC"); 263 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#base64"); 264 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"); 265 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#"); 266 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"); 267 provide("TransformService", "http://www.w3.org/2002/06/xmldsig-filter2"); 268 provide("TransformService", "http://www.w3.org/TR/1999/REC-xpath-19991116"); 269 provide("TransformService", "http://www.w3.org/TR/1999/REC-xslt-19991116"); 270 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); 271 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"); 272 provide("TrustManagerFactory", "PKIX"); 273 provide("XMLSignatureFactory", "DOM"); 274 275 // Not clearly documented by RI 276 provide("GssApiMechanism", "1.2.840.113554.1.2.2"); 277 provide("GssApiMechanism", "1.3.6.1.5.5.2"); 278 279 // Not correctly documented by RI which left off the Factory suffix 280 provide("SaslClientFactory", "CRAM-MD5"); 281 provide("SaslClientFactory", "DIGEST-MD5"); 282 provide("SaslClientFactory", "EXTERNAL"); 283 provide("SaslClientFactory", "GSSAPI"); 284 provide("SaslClientFactory", "PLAIN"); 285 provide("SaslServerFactory", "CRAM-MD5"); 286 provide("SaslServerFactory", "DIGEST-MD5"); 287 provide("SaslServerFactory", "GSSAPI"); 288 289 // Documentation seems to list alias instead of actual name 290 // provide("MessageDigest", "SHA-1"); 291 provide("MessageDigest", "SHA"); 292 293 // Mentioned in javadoc, not documentation 294 provide("SSLContext", "Default"); 295 296 // Not documented as in RI 6 but mentioned in Standard Names 297 provide("AlgorithmParameters", "PBE"); 298 provide("SSLContext", "SSL"); 299 provide("SSLContext", "TLS"); 300 301 // Not documented as in RI 6 but that exist in RI 6 302 if (IS_RI) { 303 provide("CertStore", "com.sun.security.IndexedCollection"); 304 provide("KeyGenerator", "SunTlsKeyMaterial"); 305 provide("KeyGenerator", "SunTlsMasterSecret"); 306 provide("KeyGenerator", "SunTlsPrf"); 307 provide("KeyGenerator", "SunTlsRsaPremasterSecret"); 308 provide("KeyStore", "CaseExactJKS"); 309 provide("Mac", "HmacPBESHA1"); 310 provide("Mac", "SslMacMD5"); 311 provide("Mac", "SslMacSHA1"); 312 provide("SecureRandom", "NativePRNG"); 313 provide("Signature", "MD5andSHA1withRSA"); 314 provide("TrustManagerFactory", "SunX509"); 315 } 316 317 // Only available with the SunPKCS11-NSS provider, 318 // which seems to be enabled in OpenJDK 6 but not Oracle Java 6 319 if (Security.getProvider("SunPKCS11-NSS") != null) { 320 provide("Cipher", "AES/CBC/NOPADDING"); 321 provide("Cipher", "DES/CBC/NOPADDING"); 322 provide("Cipher", "DESEDE/CBC/NOPADDING"); 323 provide("Cipher", "RSA/ECB/PKCS1PADDING"); 324 provide("KeyAgreement", "DH"); 325 provide("KeyFactory", "DH"); 326 provide("KeyPairGenerator", "DH"); 327 provide("KeyStore", "PKCS11"); 328 provide("MessageDigest", "SHA1"); 329 provide("SecretKeyFactory", "AES"); 330 provide("SecretKeyFactory", "ARCFOUR"); 331 provide("SecureRandom", "PKCS11"); 332 provide("Signature", "DSA"); 333 provide("Signature", "RAWDSA"); 334 } 335 336 if (Security.getProvider("SunPKCS11-NSS") != null || 337 Security.getProvider("SunEC") != null) { 338 provide("AlgorithmParameters", "EC"); 339 provide("KeyAgreement", "ECDH"); 340 provide("KeyFactory", "EC"); 341 provide("KeyPairGenerator", "EC"); 342 provide("Signature", "NONEWITHECDSA"); 343 provide("Signature", "SHA1WITHECDSA"); 344 provide("Signature", "SHA224WITHECDSA"); 345 provide("Signature", "SHA256WITHECDSA"); 346 provide("Signature", "SHA384WITHECDSA"); 347 provide("Signature", "SHA512WITHECDSA"); 348 } 349 350 // Documented as Standard Names, but do not exit in RI 6 351 if (IS_RI) { 352 unprovide("SSLContext", "TLSv1.1"); 353 unprovide("SSLContext", "TLSv1.2"); 354 } 355 356 // Fixups for the RI 357 if (IS_RI) { 358 // different names: Standard Names says PKIX, JSSE Reference Guide says SunX509 or NewSunX509 359 unprovide("KeyManagerFactory", "PKIX"); 360 provide("KeyManagerFactory", "SunX509"); 361 provide("KeyManagerFactory", "NewSunX509"); 362 } 363 364 // Fixups for dalvik 365 if (!IS_RI) { 366 367 // whole types that we do not provide 368 PROVIDER_ALGORITHMS.remove("Configuration"); 369 PROVIDER_ALGORITHMS.remove("GssApiMechanism"); 370 PROVIDER_ALGORITHMS.remove("KeyInfoFactory"); 371 PROVIDER_ALGORITHMS.remove("Policy"); 372 PROVIDER_ALGORITHMS.remove("SaslClientFactory"); 373 PROVIDER_ALGORITHMS.remove("SaslServerFactory"); 374 PROVIDER_ALGORITHMS.remove("TerminalFactory"); 375 PROVIDER_ALGORITHMS.remove("TransformService"); 376 PROVIDER_ALGORITHMS.remove("XMLSignatureFactory"); 377 378 // different names Diffie-Hellman vs DH 379 unprovide("AlgorithmParameterGenerator", "DiffieHellman"); 380 provide("AlgorithmParameterGenerator", "DH"); 381 unprovide("AlgorithmParameters", "DiffieHellman"); 382 provide("AlgorithmParameters", "DH"); 383 unprovide("KeyAgreement", "DiffieHellman"); 384 provide("KeyAgreement", "DH"); 385 unprovide("KeyFactory", "DiffieHellman"); 386 provide("KeyFactory", "DH"); 387 unprovide("KeyPairGenerator", "DiffieHellman"); 388 provide("KeyPairGenerator", "DH"); 389 390 // different names PBEWithSHA1AndDESede vs PBEWithSHAAnd3-KEYTripleDES-CBC 391 unprovide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 392 unprovide("Cipher", "PBEWithSHA1AndDESede"); 393 unprovide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 394 provide("AlgorithmParameters", "PKCS12PBE"); 395 provide("Cipher", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 396 provide("SecretKeyFactory", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 397 398 // different names: BouncyCastle actually uses the Standard name of SHA-1 vs SHA 399 unprovide("MessageDigest", "SHA"); 400 provide("MessageDigest", "SHA-1"); 401 402 // Added to support Android KeyStore operations 403 provide("Signature", "NONEwithRSA"); 404 provide("Cipher", "RSA/ECB/NOPADDING"); 405 provide("Cipher", "RSA/ECB/PKCS1PADDING"); 406 provide("Cipher", "RSA/ECB/OAEPPadding"); 407 provide("Cipher", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"); 408 provide("Cipher", "RSA/ECB/OAEPWithSHA-224AndMGF1Padding"); 409 provide("Cipher", "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); 410 provide("Cipher", "RSA/ECB/OAEPWithSHA-384AndMGF1Padding"); 411 provide("Cipher", "RSA/ECB/OAEPWithSHA-512AndMGF1Padding"); 412 provide("SecretKeyFactory", "AES"); 413 provide("SecretKeyFactory", "HmacSHA1"); 414 provide("SecretKeyFactory", "HmacSHA224"); 415 provide("SecretKeyFactory", "HmacSHA256"); 416 provide("SecretKeyFactory", "HmacSHA384"); 417 provide("SecretKeyFactory", "HmacSHA512"); 418 provide("Signature", "SHA1withRSA/PSS"); 419 provide("Signature", "SHA224withRSA/PSS"); 420 provide("Signature", "SHA256withRSA/PSS"); 421 provide("Signature", "SHA384withRSA/PSS"); 422 provide("Signature", "SHA512withRSA/PSS"); 423 424 // different names: ARCFOUR vs ARC4 425 unprovide("Cipher", "ARCFOUR"); 426 provide("Cipher", "ARC4"); 427 unprovide("KeyGenerator", "ARCFOUR"); 428 provide("KeyGenerator", "ARC4"); 429 430 // different case names: Blowfish vs BLOWFISH 431 unprovide("AlgorithmParameters", "Blowfish"); 432 provide("AlgorithmParameters", "BLOWFISH"); 433 unprovide("Cipher", "Blowfish"); 434 provide("Cipher", "BLOWFISH"); 435 unprovide("KeyGenerator", "Blowfish"); 436 provide("KeyGenerator", "BLOWFISH"); 437 438 // Harmony has X.509, BouncyCastle X509 439 // TODO remove one, probably Harmony's 440 provide("CertificateFactory", "X509"); 441 442 // not just different names, but different binary formats 443 unprovide("KeyStore", "JKS"); 444 provide("KeyStore", "BKS"); 445 unprovide("KeyStore", "JCEKS"); 446 provide("KeyStore", "BouncyCastle"); 447 448 // Noise to support KeyStore.PKCS12 449 provide("Cipher", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 450 provide("Cipher", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 451 provide("Cipher", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 452 provide("Cipher", "PBEWITHMD5ANDRC2"); 453 provide("Cipher", "PBEWITHSHA1ANDDES"); 454 provide("Cipher", "PBEWITHSHA1ANDRC2"); 455 provide("Cipher", "PBEWITHSHA256AND128BITAES-CBC-BC"); 456 provide("Cipher", "PBEWITHSHA256AND192BITAES-CBC-BC"); 457 provide("Cipher", "PBEWITHSHA256AND256BITAES-CBC-BC"); 458 provide("Cipher", "PBEWITHSHAAND128BITAES-CBC-BC"); 459 provide("Cipher", "PBEWITHSHAAND128BITRC2-CBC"); 460 provide("Cipher", "PBEWITHSHAAND128BITRC4"); 461 provide("Cipher", "PBEWITHSHAAND192BITAES-CBC-BC"); 462 provide("Cipher", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 463 provide("Cipher", "PBEWITHSHAAND256BITAES-CBC-BC"); 464 provide("Cipher", "PBEWITHSHAAND40BITRC2-CBC"); 465 provide("Cipher", "PBEWITHSHAAND40BITRC4"); 466 provide("Cipher", "PBEWITHSHAANDTWOFISH-CBC"); 467 provide("Cipher", "PBEWithHmacSHA1AndAES_128"); 468 provide("Cipher", "PBEWithHmacSHA224AndAES_128"); 469 provide("Cipher", "PBEWithHmacSHA256AndAES_128"); 470 provide("Cipher", "PBEWithHmacSHA384AndAES_128"); 471 provide("Cipher", "PBEWithHmacSHA512AndAES_128"); 472 provide("Cipher", "PBEWithHmacSHA1AndAES_256"); 473 provide("Cipher", "PBEWithHmacSHA224AndAES_256"); 474 provide("Cipher", "PBEWithHmacSHA256AndAES_256"); 475 provide("Cipher", "PBEWithHmacSHA384AndAES_256"); 476 provide("Cipher", "PBEWithHmacSHA512AndAES_256"); 477 provide("Mac", "PBEWITHHMACSHA"); 478 provide("Mac", "PBEWITHHMACSHA1"); 479 provide("SecretKeyFactory", "PBEWITHHMACSHA1"); 480 provide("SecretKeyFactory", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 481 provide("SecretKeyFactory", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 482 provide("SecretKeyFactory", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 483 provide("SecretKeyFactory", "PBEWITHMD5ANDRC2"); 484 provide("SecretKeyFactory", "PBEWITHSHA1ANDDES"); 485 provide("SecretKeyFactory", "PBEWITHSHA1ANDRC2"); 486 provide("SecretKeyFactory", "PBEWITHSHA256AND128BITAES-CBC-BC"); 487 provide("SecretKeyFactory", "PBEWITHSHA256AND192BITAES-CBC-BC"); 488 provide("SecretKeyFactory", "PBEWITHSHA256AND256BITAES-CBC-BC"); 489 provide("SecretKeyFactory", "PBEWITHSHAAND128BITAES-CBC-BC"); 490 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC2-CBC"); 491 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC4"); 492 provide("SecretKeyFactory", "PBEWITHSHAAND192BITAES-CBC-BC"); 493 provide("SecretKeyFactory", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 494 provide("SecretKeyFactory", "PBEWITHSHAAND256BITAES-CBC-BC"); 495 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC2-CBC"); 496 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC4"); 497 provide("SecretKeyFactory", "PBEWITHSHAANDTWOFISH-CBC"); 498 499 // Needed by our OpenSSL provider 500 provide("Cipher", "AES/CBC/NOPADDING"); 501 provide("Cipher", "AES/CBC/PKCS5PADDING"); 502 provide("Cipher", "AES/CBC/PKCS7PADDING"); 503 provide("Cipher", "AES/CFB/NOPADDING"); 504 provide("Cipher", "AES/CFB/PKCS5PADDING"); 505 provide("Cipher", "AES/CFB/PKCS7PADDING"); 506 provide("Cipher", "AES/CTR/NOPADDING"); 507 provide("Cipher", "AES/CTR/PKCS5PADDING"); 508 provide("Cipher", "AES/CTR/PKCS7PADDING"); 509 provide("Cipher", "AES/ECB/NOPADDING"); 510 provide("Cipher", "AES/ECB/PKCS5PADDING"); 511 provide("Cipher", "AES/ECB/PKCS7PADDING"); 512 provide("Cipher", "AES/GCM/NOPADDING"); 513 provide("Cipher", "AES/GCM-SIV/NOPADDING"); 514 provide("Cipher", "AES/OFB/NOPADDING"); 515 provide("Cipher", "AES/OFB/PKCS5PADDING"); 516 provide("Cipher", "AES/OFB/PKCS7PADDING"); 517 provide("Cipher", "AES_128/CBC/NOPADDING"); 518 provide("Cipher", "AES_128/CBC/PKCS5PADDING"); 519 provide("Cipher", "AES_128/CBC/PKCS7PADDING"); 520 provide("Cipher", "AES_128/ECB/NOPADDING"); 521 provide("Cipher", "AES_128/ECB/PKCS5PADDING"); 522 provide("Cipher", "AES_128/ECB/PKCS7PADDING"); 523 provide("Cipher", "AES_128/GCM/NOPADDING"); 524 provide("Cipher", "AES_128/GCM-SIV/NOPADDING"); 525 provide("Cipher", "AES_256/CBC/NOPADDING"); 526 provide("Cipher", "AES_256/CBC/PKCS5PADDING"); 527 provide("Cipher", "AES_256/CBC/PKCS7PADDING"); 528 provide("Cipher", "AES_256/ECB/NOPADDING"); 529 provide("Cipher", "AES_256/ECB/PKCS5PADDING"); 530 provide("Cipher", "AES_256/ECB/PKCS7PADDING"); 531 provide("Cipher", "AES_256/GCM/NOPADDING"); 532 provide("Cipher", "AES_256/GCM-SIV/NOPADDING"); 533 provide("Cipher", "DESEDE/CBC/NOPADDING"); 534 provide("Cipher", "DESEDE/CBC/PKCS5PADDING"); 535 provide("Cipher", "DESEDE/CBC/PKCS7PADDING"); 536 provide("Cipher", "DESEDE/CFB/NOPADDING"); 537 provide("Cipher", "DESEDE/CFB/PKCS5PADDING"); 538 provide("Cipher", "DESEDE/CFB/PKCS7PADDING"); 539 provide("Cipher", "DESEDE/ECB/NOPADDING"); 540 provide("Cipher", "DESEDE/ECB/PKCS5PADDING"); 541 provide("Cipher", "DESEDE/ECB/PKCS7PADDING"); 542 provide("Cipher", "DESEDE/OFB/NOPADDING"); 543 provide("Cipher", "DESEDE/OFB/PKCS5PADDING"); 544 provide("Cipher", "DESEDE/OFB/PKCS7PADDING"); 545 546 // Provided by our OpenSSL provider 547 provide("AlgorithmParameters", "ChaCha20"); 548 provide("Cipher", "ChaCha20"); 549 provide("Cipher", "ChaCha20/Poly1305/NoPadding"); 550 provide("KeyGenerator", "ChaCha20"); 551 provideCipherPaddings("AES", new String[] { "PKCS7Padding" }); 552 553 // removed LDAP 554 unprovide("CertStore", "LDAP"); 555 556 // removed MD2 557 unprovide("MessageDigest", "MD2"); 558 unprovide("Signature", "MD2withRSA"); 559 560 // removed RC2 561 // NOTE the implementation remains to support PKCS12 keystores 562 unprovide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 563 unprovide("AlgorithmParameters", "RC2"); 564 unprovide("Cipher", "PBEWithSHA1AndRC2_40"); 565 unprovide("Cipher", "RC2"); 566 unprovide("KeyGenerator", "RC2"); 567 unprovide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 568 569 // PBEWithMD5AndTripleDES is Sun proprietary 570 unprovide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 571 unprovide("Cipher", "PBEWithMD5AndTripleDES"); 572 unprovide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 573 574 // missing from Bouncy Castle 575 // Standard Names document says to use specific PBEWith*And* 576 unprovide("AlgorithmParameters", "PBE"); 577 578 // missing from Bouncy Castle 579 // TODO add to JDKAlgorithmParameters perhaps as wrapper on PBES2Parameters 580 // For now, can use AlgorithmParametersSpec javax.crypto.spec.PBEParameterSpec instead 581 unprovide("AlgorithmParameters", "PBEWithMD5AndDES"); // 1.2.840.113549.1.5.3 582 583 // EC support 584 provide("AlgorithmParameters", "EC"); 585 provide("KeyAgreement", "ECDH"); 586 provide("KeyFactory", "EC"); 587 provide("KeyPairGenerator", "EC"); 588 provide("Signature", "NONEWITHECDSA"); 589 provide("Signature", "SHA1WITHECDSA"); 590 provide("Signature", "SHA224WITHECDSA"); 591 provide("Signature", "SHA256WITHECDSA"); 592 provide("Signature", "SHA384WITHECDSA"); 593 provide("Signature", "SHA512WITHECDSA"); 594 595 // Android's CA store 596 provide("KeyStore", "AndroidCAStore"); 597 598 // Android's KeyStore provider 599 if (Security.getProvider("AndroidKeyStore") != null) { 600 provide("KeyStore", "AndroidKeyStore"); 601 } 602 603 // TimaKeyStore provider 604 if (Security.getProvider("TimaKeyStore") != null) { 605 provide("KeyStore", "TimaKeyStore"); 606 } 607 // KnoxAndroidKeyStore provider 608 if (Security.getProvider("KnoxAndroidKeyStore") != null) { 609 provide("KeyStore", "KnoxAndroidKeyStore"); 610 } 611 } 612 } 613 614 public static final Set<String> KEY_TYPES = new HashSet<>(Arrays.asList( 615 "RSA", 616 "DSA", 617 "DH_RSA", 618 "DH_DSA", 619 "EC", 620 "EC_EC", 621 "EC_RSA")); 622 static { 623 if (IS_RI) { 624 // DH_* are specified by standard names, but do not seem to be supported by RI 625 KEY_TYPES.remove("DH_RSA"); 626 KEY_TYPES.remove("DH_DSA"); 627 } 628 } 629 630 /** 631 * Valid values for X509TrustManager.checkClientTrusted authType, 632 * either the algorithm of the public key or UNKNOWN. 633 */ 634 public static final Set<String> CLIENT_AUTH_TYPES = new HashSet<>(Arrays.asList( 635 "RSA", 636 "DSA", 637 "EC", 638 "UNKNOWN")); 639 640 /** 641 * Valid values for X509TrustManager.checkServerTrusted authType, 642 * either key exchange algorithm part of the cipher suite, UNKNOWN, 643 * or GENERIC (for TLS 1.3 cipher suites that don't imply a specific 644 * key exchange method). 645 */ 646 public static final Set<String> SERVER_AUTH_TYPES = new HashSet<>(Arrays.asList( 647 "DHE_DSS", 648 "DHE_DSS_EXPORT", 649 "DHE_RSA", 650 "DHE_RSA_EXPORT", 651 "DH_DSS_EXPORT", 652 "DH_RSA_EXPORT", 653 "DH_anon", 654 "DH_anon_EXPORT", 655 "KRB5", 656 "KRB5_EXPORT", 657 "RSA", 658 "RSA_EXPORT", 659 "RSA_EXPORT1024", 660 "ECDH_ECDSA", 661 "ECDH_RSA", 662 "ECDHE_ECDSA", 663 "ECDHE_RSA", 664 "UNKNOWN", 665 "GENERIC")); 666 667 /** 668 * Cipher suites that are only supported with TLS 1.3. 669 */ 670 public static final List<String> CIPHER_SUITES_TLS13 = Arrays.asList( 671 "TLS_AES_128_GCM_SHA256", 672 "TLS_AES_256_GCM_SHA384", 673 "TLS_CHACHA20_POLY1305_SHA256"); 674 675 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 676 // javax.net.ssl.SSLEngine. 677 private static final List<String> CIPHER_SUITES_ANDROID_AES_HARDWARE = Arrays.asList( 678 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 679 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 680 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", 681 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 682 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 683 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 684 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 685 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 686 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 687 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 688 "TLS_RSA_WITH_AES_128_GCM_SHA256", 689 "TLS_RSA_WITH_AES_256_GCM_SHA384", 690 "TLS_RSA_WITH_AES_128_CBC_SHA", 691 "TLS_RSA_WITH_AES_256_CBC_SHA", 692 CIPHER_SUITE_SECURE_RENEGOTIATION 693 ); 694 695 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 696 // javax.net.ssl.SSLEngine. 697 private static final List<String> CIPHER_SUITES_ANDROID_SOFTWARE = Arrays.asList( 698 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", 699 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 700 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 701 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 702 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 703 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 704 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 705 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 706 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 707 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 708 "TLS_RSA_WITH_AES_128_GCM_SHA256", 709 "TLS_RSA_WITH_AES_256_GCM_SHA384", 710 "TLS_RSA_WITH_AES_128_CBC_SHA", 711 "TLS_RSA_WITH_AES_256_CBC_SHA", 712 CIPHER_SUITE_SECURE_RENEGOTIATION 713 ); 714 715 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 716 // javax.net.ssl.SSLEngine. 717 public static final List<String> CIPHER_SUITES_DEFAULT = (IS_RI) 718 ? Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", 719 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", 720 "TLS_RSA_WITH_AES_256_CBC_SHA256", 721 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", 722 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", 723 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", 724 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", 725 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 726 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 727 "TLS_RSA_WITH_AES_256_CBC_SHA", 728 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 729 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 730 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 731 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 732 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", 733 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", 734 "TLS_RSA_WITH_AES_128_CBC_SHA256", 735 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", 736 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", 737 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", 738 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", 739 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 740 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 741 "TLS_RSA_WITH_AES_128_CBC_SHA", 742 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 743 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 744 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 745 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 746 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 747 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 748 "SSL_RSA_WITH_RC4_128_SHA", 749 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 750 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 751 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 752 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 753 "SSL_RSA_WITH_3DES_EDE_CBC_SHA", 754 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 755 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 756 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 757 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 758 "SSL_RSA_WITH_RC4_128_MD5", 759 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV") 760 : CpuFeatures.isAesHardwareAccelerated() ? CIPHER_SUITES_ANDROID_AES_HARDWARE 761 : CIPHER_SUITES_ANDROID_SOFTWARE; 762 763 private static final Map<String, Class<? extends KeySpec>> PRIVATE_KEY_SPEC_CLASSES; 764 private static final Map<String, Class<? extends KeySpec>> PUBLIC_KEY_SPEC_CLASSES; 765 private static final Map<String, Integer> MINIMUM_KEY_SIZE; 766 static { 767 PRIVATE_KEY_SPEC_CLASSES = new HashMap<>(); 768 PUBLIC_KEY_SPEC_CLASSES = new HashMap<>(); 769 MINIMUM_KEY_SIZE = new HashMap<>(); 770 PRIVATE_KEY_SPEC_CLASSES.put("RSA", RSAPrivateCrtKeySpec.class); 771 PUBLIC_KEY_SPEC_CLASSES.put("RSA", RSAPublicKeySpec.class); 772 MINIMUM_KEY_SIZE.put("RSA", 512); 773 PRIVATE_KEY_SPEC_CLASSES.put("DSA", DSAPrivateKeySpec.class); 774 PUBLIC_KEY_SPEC_CLASSES.put("DSA", DSAPublicKeySpec.class); 775 MINIMUM_KEY_SIZE.put("DSA", 512); 776 PRIVATE_KEY_SPEC_CLASSES.put("DH", DHPrivateKeySpec.class); 777 PUBLIC_KEY_SPEC_CLASSES.put("DH", DHPublicKeySpec.class); 778 MINIMUM_KEY_SIZE.put("DH", 256); 779 PRIVATE_KEY_SPEC_CLASSES.put("EC", ECPrivateKeySpec.class); 780 PUBLIC_KEY_SPEC_CLASSES.put("EC", ECPublicKeySpec.class); 781 MINIMUM_KEY_SIZE.put("EC", 256); 782 } 783 getPrivateKeySpecClass(String algName)784 public static Class<? extends KeySpec> getPrivateKeySpecClass(String algName) { 785 return PRIVATE_KEY_SPEC_CLASSES.get(algName); 786 } 787 getPublicKeySpecClass(String algName)788 public static Class<? extends KeySpec> getPublicKeySpecClass(String algName) { 789 return PUBLIC_KEY_SPEC_CLASSES.get(algName); 790 } 791 getMinimumKeySize(String algName)792 public static int getMinimumKeySize(String algName) { 793 return MINIMUM_KEY_SIZE.get(algName); 794 } 795 796 } 797