ciphersuite.java

linux下建立JAVA虚拟机的源码KAFFE

  static final CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA =
    new CipherSuite("DES", "DH", "DSS", "HMAC-SHA", 8, 0x00, 0x0C,
                    "TLS_DH_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "DH", "DSS", "HMAC-SHA", 24, 0x00, 0x0D,
                    "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA =
    new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 5, 0x00, 0x0E,
                    "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA =
    new CipherSuite("DES", "DH", "RSA", "HMAC-SHA", 8, 0x00, 0x0F,
                    "TLS_DH_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "DH", "RSA", "HMAC-SHA", 24, 0x00, 0x10,
                    "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA =
    new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 5, 0x00, 0x11,
                    "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA =
    new CipherSuite("DES", "DHE", "DSS", "HMAC-SHA", 8, 0x00, 0x12,
                    "TLS_DHE_DSS_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-SHA", 24, 0x00, 0x13,
                    "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA =
    new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 5, 0x00, 0x14,
                    "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA =
    new CipherSuite("DES", "DHE", "RSA", "HMAC-SHA", 8, 0x00, 0x15,
                    "TLS_DHE_RSA_WITH_DES_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-SHA", 24, 0x00, 0x16,
                    "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);

  // AES CipherSuites.
  static final CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x2F,
                    "TLS_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 16, 0x00, 0x30,
                    "TLS_DH_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 16, 0x00, 0x31,
                    "TLS_DH_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x32,
                    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x33,
                    "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "RSA", "RSA", "HMAC-SHA", 32, 0x00, 0x35,
                    "TLS_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "DH", "DSS", "HMAC-SHA", 32, 0x00, 0x36,
                    "TLS_DH_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "DH", "RSA", "HMAC-SHA", 32, 0x00, 0x37,
                    "TLS_DH_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "DHE", "DSS", "HMAC-SHA", 32, 0x00, 0x38,
                    "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "DHE", "RSA", "HMAC-SHA", 32, 0x00, 0x39,
                    "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);

  // Secure remote password (SRP) ciphersuites
  static final CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "SRP", "anon", "HMAC-SHA", 24, 0x00, 0x50,
                    "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "SRP", "RSA", "HMAC-SHA", 24, 0x00, 0x51,
                    "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA =
    new CipherSuite("TripleDES", "SRP", "DSS", "HMAC-SHA", 24, 0x00, 0x52,
                    "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 16, 0x00, 0x53,
                    "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 16, 0x00, 0x54,
                    "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA =
    new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 16, 0x00, 0x55,
                    "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "SRP", "anon", "HMAC-SHA", 32, 0x00, 0x56,
                    "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "SRP", "RSA", "HMAC-SHA", 32, 0x00, 0x57,
                    "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA =
    new CipherSuite("AES", "SRP", "DSS", "HMAC-SHA", 32, 0x00, 0x58,
                    "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", ProtocolVersion.TLS_1);

  // Ciphersuites from the OpenPGP extension draft.
  static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_SHA =
    new CipherSuite("CAST5", "DHE", "DSS", "HMAC-SHA", 16, 0x00, 0x70,
                    "TLS_DHE_DSS_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_CAST_128_CBC_RMD =
    new CipherSuite("CAST5", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x71,
                    "TLS_DHE_DSS_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD =
    new CipherSuite("TripleDES", "DHE", "DSS", "HMAC-RIPEMD-160", 24, 0x00, 0x72,
                    "TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_RMD =
    new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 16, 0x00, 0x73,
                    "TLS_DHE_DSS_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_RMD =
    new CipherSuite("AES", "DHE", "DSS", "HMAC-RIPEMD-160", 32, 0x00, 0x74,
                    "TLS_DHE_DSS_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_SHA =
    new CipherSuite("CAST5", "DHE", "RSA", "HMAC-SHA", 16, 0x00, 0x75,
                    "TLS_DHE_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_CAST_128_CBC_RMD =
    new CipherSuite("CAST5", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x76,
                    "TLS_DHE_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD =
    new CipherSuite("TripleDES", "DHE", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x77,
                    "TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_RMD =
    new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x78,
                    "TLS_DHE_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_RMD =
    new CipherSuite("AES", "DHE", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x79,
                    "TLS_DHE_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_SHA =
    new CipherSuite("CAST5", "RSA", "RSA", "HMAC-SHA", 16, 0x00, 0x7A,
                    "TLS_RSA_WITH_CAST_128_CBC_SHA", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_CAST_128_CBC_RMD =
    new CipherSuite("CAST5", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7B,
                    "TLS_RSA_WITH_CAST_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_RMD =
    new CipherSuite("TripleDES", "RSA", "RSA", "HMAC-RIPEMD-160", 24, 0x00, 0x7C,
                    "TLS_RSA_WITH_3DES_EDE_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_AES_128_CBC_RMD =
    new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 16, 0x00, 0x7D,
                    "TLS_RSA_WITH_AES_128_CBC_RMD", ProtocolVersion.TLS_1);
  static final CipherSuite TLS_RSA_WITH_AES_256_CBC_RMD =
    new CipherSuite("AES", "RSA", "RSA", "HMAC-RIPEMD-160", 32, 0x00, 0x7E,
                    "TLS_RSA_WITH_AES_256_CBC_RMD", ProtocolVersion.TLS_1);

  private final String cipherName;
  private final String kexName;
  private final String sigName;
  private final String macName;
  private final boolean exportable;
  private final boolean isStream;
  private final int keyLength;
  private final byte[] id;
  private final String name;
  private final ProtocolVersion version;

  // Constructors.
  // -------------------------------------------------------------------------

  private CipherSuite(String cipherName, String kexName, String sigName,
                      String macName, int keyLength, int id1, int id2,
                      String name, ProtocolVersion version)
  {
    this.cipherName = cipherName.intern();
    this.kexName = kexName.intern();
    this.sigName = sigName.intern();
    this.macName = macName.intern();
    this.exportable = keyLength <= 5;
    this.isStream = cipherName.equals("null") || cipherName.equals("RC4");
    this.keyLength = keyLength;
    this.id = new byte[] { (byte) id1, (byte) id2 };
    this.name = name.intern();
    this.version = version;
    namesToSuites.put(name, this);
    if (name.startsWith("TLS"))
      {
        tlsSuiteNames.add(name);
      }
  }

  private CipherSuite(byte[] id)
  {
    cipherName = null;
    kexName = null;
    sigName = null;
    macName = null;
    exportable = false;
    isStream = false;
    keyLength = 0;
    this.id = id;
    name = null;
    version = null;
  }

  // Class methods.
  // -------------------------------------------------------------------------

  /**
   * Returns the cipher suite for the given name, or null if there is no
   * such suite.
   *
   * @return The named cipher suite.
   */
  static CipherSuite forName(String name)
  {
    return (CipherSuite) namesToSuites.get(name);
  }

  static List availableSuiteNames()
  {
    return tlsSuiteNames;
  }

  static CipherSuite read(InputStream in) throws IOException
  {
    DataInputStream din = new DataInputStream(in);
    byte[] id = new byte[2];
    din.readFully(id);
    return new CipherSuite(id);
  }

  static IMode getCipher(String cbcCipherName)
  {
    IBlockCipher cipher = CipherFactory.getInstance(cbcCipherName);
    if (cipher == null)
      {
        return null;
      }
    return ModeFactory.getInstance("CBC", cipher, cipher.defaultBlockSize());
  }

  static Cipher getJCECipher (final String name)
    throws NoSuchAlgorithmException, NoSuchPaddingException
  {
    final String provider = Util.getSecurityProperty ("jessie.with.jce.provider");
    if (name.equals ("RC4"))
      {
        if (provider != null)
          {
            try
              {
                return Cipher.getInstance (name, provider);
              }
            catch (NoSuchProviderException nsae)
              {
                // Fall through. Try any available provider.
              }
          }

        return Cipher.getInstance (name);
      }
    else
      {
        // Oh, hey! Look! Something else Sun doesn't understand: SSLv3 padding
        // is different than TLSv1 in subtle, but important, ways. But they