Skip to content

Commit e62d6a2

Browse files
Alexey BakhtinVladimir Kempik
Alexey Bakhtin
authored and
Vladimir Kempik
committed
8140466: ChaCha20 and Poly1305 TLS Cipher Suites
Reviewed-by: mdoerr Backport-of: 962e755
1 parent 8a40d25 commit e62d6a2

File tree

7 files changed

+608
-4
lines changed

7 files changed

+608
-4
lines changed

src/java.base/share/classes/sun/security/ssl/CipherSuite.java

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,9 @@ enum CipherSuite {
7070
TLS_AES_256_GCM_SHA384(
7171
0x1302, true, "TLS_AES_256_GCM_SHA384",
7272
ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384),
73+
TLS_CHACHA20_POLY1305_SHA256(
74+
0x1303, true, "TLS_CHACHA20_POLY1305_SHA256",
75+
ProtocolVersion.PROTOCOLS_OF_13, B_CC20_P1305, H_SHA256),
7376

7477
// Suite B compliant cipher suites, see RFC 6460.
7578
//
@@ -91,11 +94,22 @@ enum CipherSuite {
9194
// not forward secret cipher suites.
9295
//
9396

97+
// Not suite B, but we want it to position the suite early in the list
98+
// of 1.2 suites.
99+
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(
100+
0xCCA9, true, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "",
101+
ProtocolVersion.PROTOCOLS_OF_12,
102+
K_ECDHE_ECDSA, B_CC20_P1305, M_NULL, H_SHA256),
103+
94104
// AES_256(GCM)
95105
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
96106
0xC030, true, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "",
97107
ProtocolVersion.PROTOCOLS_OF_12,
98108
K_ECDHE_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
109+
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(
110+
0xCCA8, true, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "",
111+
ProtocolVersion.PROTOCOLS_OF_12,
112+
K_ECDHE_RSA, B_CC20_P1305, M_NULL, H_SHA256),
99113
TLS_RSA_WITH_AES_256_GCM_SHA384(
100114
0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "",
101115
ProtocolVersion.PROTOCOLS_OF_12,
@@ -112,6 +126,10 @@ enum CipherSuite {
112126
0x009F, true, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "",
113127
ProtocolVersion.PROTOCOLS_OF_12,
114128
K_DHE_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
129+
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(
130+
0xCCAA, true, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", "",
131+
ProtocolVersion.PROTOCOLS_OF_12,
132+
K_DHE_RSA, B_CC20_P1305, M_NULL, H_SHA256),
115133
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(
116134
0x00A3, true, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "",
117135
ProtocolVersion.PROTOCOLS_OF_12,
@@ -484,8 +502,6 @@ enum CipherSuite {
484502

485503
// Definition of the cipher suites that are not supported but the names
486504
// are known.
487-
TLS_CHACHA20_POLY1305_SHA256( // TLS 1.3
488-
"TLS_CHACHA20_POLY1305_SHA256", 0x1303),
489505
TLS_AES_128_CCM_SHA256( // TLS 1.3
490506
"TLS_AES_128_CCM_SHA256", 0x1304),
491507
TLS_AES_128_CCM_8_SHA256( // TLS 1.3

src/java.base/share/classes/sun/security/ssl/JsseJce.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,11 @@ public Object run() {
129129
*/
130130
static final String CIPHER_AES_GCM = "AES/GCM/NoPadding";
131131

132+
/**
133+
* JCE transformation string for ChaCha20-Poly1305
134+
*/
135+
static final String CIPHER_CHACHA20_POLY1305 = "ChaCha20-Poly1305";
136+
132137
/**
133138
* JCA identifier string for DSA, i.e. a DSA with SHA-1.
134139
*/

0 commit comments

Comments
 (0)