1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package libcore.java.security; 18 19 import static org.junit.Assert.assertNotNull; 20 import static org.junit.Assert.assertTrue; 21 22 import java.security.Provider; 23 import java.security.Security; 24 import java.security.spec.DSAPrivateKeySpec; 25 import java.security.spec.DSAPublicKeySpec; 26 import java.security.spec.ECPrivateKeySpec; 27 import java.security.spec.ECPublicKeySpec; 28 import java.security.spec.KeySpec; 29 import java.security.spec.RSAPrivateCrtKeySpec; 30 import java.security.spec.RSAPublicKeySpec; 31 import java.util.Arrays; 32 import java.util.HashMap; 33 import java.util.HashSet; 34 import java.util.List; 35 import java.util.Locale; 36 import java.util.Map; 37 import java.util.Set; 38 import javax.crypto.spec.DHPrivateKeySpec; 39 import javax.crypto.spec.DHPublicKeySpec; 40 41 /** 42 * This class defines expected string names for protocols, key types, 43 * client and server auth types, cipher suites. 44 * 45 * Initially based on "Appendix A: Standard Names" of 46 * <a href="http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#AppA"> 47 * Java ™ Secure Socket Extension (JSSE) Reference Guide 48 * for the Java ™ 2 Platform Standard Edition 5 49 * </a>. 50 * 51 * Updated based on the 52 * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/SunProviders.html"> 53 * Java ™ Cryptography Architecture Oracle Providers Documentation 54 * for Java ™ Platform Standard Edition 7 55 * </a>. 56 * See also the 57 * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/StandardNames.html"> 58 * Java ™ Cryptography Architecture Standard Algorithm Name Documentation 59 * </a>. 60 * 61 * Further updates based on the 62 * <a href=http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html"> 63 * Java ™ PKCS#11 Reference Guide 64 * </a>. 65 */ 66 public final class StandardNames { 67 68 public static final boolean IS_RI 69 = !"Dalvik Core Library".equals(System.getProperty("java.specification.name")); 70 71 public static final String JSSE_PROVIDER_NAME = (IS_RI) ? "SunJSSE" : "AndroidOpenSSL"; 72 public static final String SECURITY_PROVIDER_NAME = (IS_RI) ? "SUN" : "BC"; 73 74 public static final String KEY_STORE_ALGORITHM = (IS_RI) ? "JKS" : "BKS"; 75 76 /** 77 * RFC 5746's Signaling Cipher Suite Value to indicate a request for secure renegotiation 78 */ 79 private static final String CIPHER_SUITE_SECURE_RENEGOTIATION 80 = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 81 82 /** 83 * A map from algorithm type (e.g. Cipher) to a set of algorithms (e.g. AES, DES, ...) 84 */ 85 static final Map<String,Set<String>> PROVIDER_ALGORITHMS 86 = new HashMap<>(); 87 88 private static final Map<String,Set<String>> CIPHER_MODES 89 = new HashMap<>(); 90 91 private static final Map<String,Set<String>> CIPHER_PADDINGS 92 = new HashMap<>(); 93 provide(String type, String algorithm)94 private static void provide(String type, String algorithm) { 95 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 96 if (algorithms == null) { 97 algorithms = new HashSet<>(); 98 PROVIDER_ALGORITHMS.put(type, algorithms); 99 } 100 assertTrue("Duplicate " + type + " " + algorithm, 101 algorithms.add(algorithm.toUpperCase(Locale.ROOT))); 102 } 103 // Only add to PROVIDER_ALGORITHMS if actually present provideOptional(String type, String algorithm)104 private static void provideOptional(String type, String algorithm) { 105 for (Provider p : Security.getProviders()) { 106 if (p.getService(type, algorithm) != null) { 107 provide(type, algorithm); 108 return; 109 } 110 } 111 } unprovide(String type, String algorithm)112 private static void unprovide(String type, String algorithm) { 113 Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); 114 assertNotNull(algorithms); 115 assertTrue(algorithm, algorithms.remove(algorithm.toUpperCase(Locale.ROOT))); 116 if (algorithms.isEmpty()) { 117 assertNotNull(PROVIDER_ALGORITHMS.remove(type)); 118 } 119 } provideCipherModes(String algorithm, String newModes[])120 private static void provideCipherModes(String algorithm, String newModes[]) { 121 Set<String> modes = CIPHER_MODES.get(algorithm); 122 if (modes == null) { 123 modes = new HashSet<>(); 124 CIPHER_MODES.put(algorithm, modes); 125 } 126 modes.addAll(Arrays.asList(newModes)); 127 } provideCipherPaddings(String algorithm, String newPaddings[])128 private static void provideCipherPaddings(String algorithm, String newPaddings[]) { 129 Set<String> paddings = CIPHER_PADDINGS.get(algorithm); 130 if (paddings == null) { 131 paddings = new HashSet<>(); 132 CIPHER_PADDINGS.put(algorithm, paddings); 133 } 134 paddings.addAll(Arrays.asList(newPaddings)); 135 } 136 static { 137 provide("AlgorithmParameterGenerator", "DSA"); 138 provide("AlgorithmParameterGenerator", "DiffieHellman"); 139 provide("AlgorithmParameters", "AES"); 140 provide("AlgorithmParameters", "Blowfish"); 141 provide("AlgorithmParameters", "DES"); 142 provide("AlgorithmParameters", "DESede"); 143 provide("AlgorithmParameters", "DSA"); 144 provide("AlgorithmParameters", "DiffieHellman"); 145 provide("AlgorithmParameters", "GCM"); 146 provide("AlgorithmParameters", "OAEP"); 147 provide("AlgorithmParameters", "PBEWithMD5AndDES"); 148 provide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 149 provide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 150 provide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 151 provide("AlgorithmParameters", "PSS"); 152 provide("AlgorithmParameters", "RC2"); 153 provide("AlgorithmParameters", "PBEWITHHMACSHA1ANDAES_128"); 154 provide("AlgorithmParameters", "PBEWITHHMACSHA1ANDAES_256"); 155 provide("AlgorithmParameters", "PBEWITHHMACSHA224ANDAES_128"); 156 provide("AlgorithmParameters", "PBEWITHHMACSHA224ANDAES_256"); 157 provide("AlgorithmParameters", "PBEWITHHMACSHA256ANDAES_128"); 158 provide("AlgorithmParameters", "PBEWITHHMACSHA256ANDAES_256"); 159 provide("AlgorithmParameters", "PBEWITHHMACSHA384ANDAES_128"); 160 provide("AlgorithmParameters", "PBEWITHHMACSHA384ANDAES_256"); 161 provide("AlgorithmParameters", "PBEWITHHMACSHA512ANDAES_128"); 162 provide("AlgorithmParameters", "PBEWITHHMACSHA512ANDAES_256"); 163 provide("SecretKeyFactory", "PBEWITHHMACSHA1ANDAES_128"); 164 provide("SecretKeyFactory", "PBEWITHHMACSHA1ANDAES_256"); 165 provide("SecretKeyFactory", "PBEWITHHMACSHA224ANDAES_128"); 166 provide("SecretKeyFactory", "PBEWITHHMACSHA224ANDAES_256"); 167 provide("SecretKeyFactory", "PBEWITHHMACSHA256ANDAES_128"); 168 provide("SecretKeyFactory", "PBEWITHHMACSHA256ANDAES_256"); 169 provide("SecretKeyFactory", "PBEWITHHMACSHA384ANDAES_128"); 170 provide("SecretKeyFactory", "PBEWITHHMACSHA384ANDAES_256"); 171 provide("SecretKeyFactory", "PBEWITHHMACSHA512ANDAES_128"); 172 provide("SecretKeyFactory", "PBEWITHHMACSHA512ANDAES_256"); 173 provide("CertPathBuilder", "PKIX"); 174 provide("CertPathValidator", "PKIX"); 175 provide("CertStore", "Collection"); 176 provide("CertStore", "LDAP"); 177 provide("CertificateFactory", "X.509"); 178 // TODO: provideCipherModes and provideCipherPaddings for other Ciphers 179 provide("Cipher", "AES"); 180 provideCipherModes("AES", new String[] { "CBC", "CFB", "CTR", "CTS", "ECB", "OFB" }); 181 provideCipherPaddings("AES", new String[] { "NoPadding", "PKCS5Padding" }); 182 provide("Cipher", "AESWrap"); 183 provide("Cipher", "ARCFOUR"); 184 provide("Cipher", "Blowfish"); 185 provide("Cipher", "DES"); 186 provide("Cipher", "DESede"); 187 provide("Cipher", "DESedeWrap"); 188 provide("Cipher", "PBEWithMD5AndDES"); 189 provide("Cipher", "PBEWithMD5AndTripleDES"); 190 provide("Cipher", "PBEWithSHA1AndDESede"); 191 provide("Cipher", "PBEWithSHA1AndRC2_40"); 192 provide("Cipher", "RC2"); 193 provide("Cipher", "RSA"); 194 // TODO: None? 195 provideCipherModes("RSA", new String[] { "ECB" }); 196 // TODO: OAEPPadding 197 provideCipherPaddings("RSA", new String[] { "NoPadding", "PKCS1Padding" }); 198 provide("Configuration", "JavaLoginConfig"); 199 provide("KeyAgreement", "DiffieHellman"); 200 provide("KeyFactory", "DSA"); 201 provide("KeyFactory", "DiffieHellman"); 202 provide("KeyFactory", "RSA"); 203 provide("KeyGenerator", "AES"); 204 provide("KeyGenerator", "ARCFOUR"); 205 provide("KeyGenerator", "Blowfish"); 206 provide("KeyGenerator", "DES"); 207 provide("KeyGenerator", "DESede"); 208 provide("KeyGenerator", "HmacMD5"); 209 provide("KeyGenerator", "HmacSHA1"); 210 provide("KeyGenerator", "HmacSHA224"); 211 provide("KeyGenerator", "HmacSHA256"); 212 provide("KeyGenerator", "HmacSHA384"); 213 provide("KeyGenerator", "HmacSHA512"); 214 provide("KeyGenerator", "RC2"); 215 provide("KeyInfoFactory", "DOM"); 216 provide("KeyManagerFactory", "PKIX"); 217 provide("KeyPairGenerator", "DSA"); 218 provide("KeyPairGenerator", "DiffieHellman"); 219 provide("KeyPairGenerator", "RSA"); 220 provide("KeyStore", "JCEKS"); 221 provide("KeyStore", "JKS"); 222 provide("KeyStore", "PKCS12"); 223 provide("Mac", "HmacMD5"); 224 provide("Mac", "HmacSHA1"); 225 provide("Mac", "HmacSHA224"); 226 provide("Mac", "HmacSHA256"); 227 provide("Mac", "HmacSHA384"); 228 provide("Mac", "HmacSHA512"); 229 provide("Mac", "PBEWITHHMACSHA224"); 230 provide("Mac", "PBEWITHHMACSHA256"); 231 provide("Mac", "PBEWITHHMACSHA384"); 232 provide("Mac", "PBEWITHHMACSHA512"); 233 // If adding a new MessageDigest, consider adding it to JarVerifier 234 provide("MessageDigest", "MD2"); 235 provide("MessageDigest", "MD5"); 236 provide("MessageDigest", "SHA-224"); 237 provide("MessageDigest", "SHA-256"); 238 provide("MessageDigest", "SHA-384"); 239 provide("MessageDigest", "SHA-512"); 240 provide("Policy", "JavaPolicy"); 241 // Android does not support SSLv3 242 if (IS_RI) { 243 provide("SSLContext", "SSLv3"); 244 } 245 provide("SSLContext", "TLSv1"); 246 provide("SSLContext", "TLSv1.1"); 247 provide("SSLContext", "TLSv1.2"); 248 provide("SSLContext", "TLSv1.3"); 249 provide("SecretKeyFactory", "DES"); 250 provide("SecretKeyFactory", "DESede"); 251 provide("SecretKeyFactory", "PBEWithMD5AndDES"); 252 provide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 253 provide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 254 provide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 255 provide("SecretKeyFactory", "PBKDF2WithHmacSHA1"); 256 provide("SecretKeyFactory", "PBKDF2WithHmacSHA224"); 257 provide("SecretKeyFactory", "PBKDF2WithHmacSHA256"); 258 provide("SecretKeyFactory", "PBKDF2WithHmacSHA384"); 259 provide("SecretKeyFactory", "PBKDF2WithHmacSHA512"); 260 provide("SecretKeyFactory", "PBKDF2WithHmacSHA1And8bit"); 261 provide("SecureRandom", "SHA1PRNG"); 262 provide("Signature", "MD2withRSA"); 263 provide("Signature", "MD5withRSA"); 264 provide("Signature", "NONEwithDSA"); 265 provide("Signature", "SHA1withDSA"); 266 provide("Signature", "SHA224withDSA"); 267 provide("Signature", "SHA256withDSA"); 268 provide("Signature", "SHA1withRSA"); 269 provide("Signature", "SHA224withRSA"); 270 provide("Signature", "SHA256withRSA"); 271 provide("Signature", "SHA384withRSA"); 272 provide("Signature", "SHA512withRSA"); 273 provide("TerminalFactory", "PC/SC"); 274 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#base64"); 275 provide("TransformService", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"); 276 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#"); 277 provide("TransformService", "http://www.w3.org/2001/10/xml-exc-c14n#WithComments"); 278 provide("TransformService", "http://www.w3.org/2002/06/xmldsig-filter2"); 279 provide("TransformService", "http://www.w3.org/TR/1999/REC-xpath-19991116"); 280 provide("TransformService", "http://www.w3.org/TR/1999/REC-xslt-19991116"); 281 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); 282 provide("TransformService", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"); 283 provide("TrustManagerFactory", "PKIX"); 284 provide("XMLSignatureFactory", "DOM"); 285 286 // Not clearly documented by RI 287 provide("GssApiMechanism", "1.2.840.113554.1.2.2"); 288 provide("GssApiMechanism", "1.3.6.1.5.5.2"); 289 290 // Not correctly documented by RI which left off the Factory suffix 291 provide("SaslClientFactory", "CRAM-MD5"); 292 provide("SaslClientFactory", "DIGEST-MD5"); 293 provide("SaslClientFactory", "EXTERNAL"); 294 provide("SaslClientFactory", "GSSAPI"); 295 provide("SaslClientFactory", "PLAIN"); 296 provide("SaslServerFactory", "CRAM-MD5"); 297 provide("SaslServerFactory", "DIGEST-MD5"); 298 provide("SaslServerFactory", "GSSAPI"); 299 300 // Documentation seems to list alias instead of actual name 301 // provide("MessageDigest", "SHA-1"); 302 provide("MessageDigest", "SHA"); 303 304 // Mentioned in javadoc, not documentation 305 provide("SSLContext", "Default"); 306 307 // Not documented as in RI 6 but mentioned in Standard Names 308 provide("AlgorithmParameters", "PBE"); 309 provide("SSLContext", "SSL"); 310 provide("SSLContext", "TLS"); 311 312 // Not documented as in RI 6 but that exist in RI 6 313 if (IS_RI) { 314 provide("CertStore", "com.sun.security.IndexedCollection"); 315 provide("KeyGenerator", "SunTlsKeyMaterial"); 316 provide("KeyGenerator", "SunTlsMasterSecret"); 317 provide("KeyGenerator", "SunTlsPrf"); 318 provide("KeyGenerator", "SunTlsRsaPremasterSecret"); 319 provide("KeyStore", "CaseExactJKS"); 320 provide("Mac", "HmacPBESHA1"); 321 provide("Mac", "SslMacMD5"); 322 provide("Mac", "SslMacSHA1"); 323 provide("SecureRandom", "NativePRNG"); 324 provide("Signature", "MD5andSHA1withRSA"); 325 provide("TrustManagerFactory", "SunX509"); 326 } 327 328 // Only available with the SunPKCS11-NSS provider, 329 // which seems to be enabled in OpenJDK 6 but not Oracle Java 6 330 if (Security.getProvider("SunPKCS11-NSS") != null) { 331 provide("Cipher", "AES/CBC/NOPADDING"); 332 provide("Cipher", "DES/CBC/NOPADDING"); 333 provide("Cipher", "DESEDE/CBC/NOPADDING"); 334 provide("Cipher", "RSA/ECB/PKCS1PADDING"); 335 provide("KeyAgreement", "DH"); 336 provide("KeyFactory", "DH"); 337 provide("KeyPairGenerator", "DH"); 338 provide("KeyStore", "PKCS11"); 339 provide("MessageDigest", "SHA1"); 340 provide("SecretKeyFactory", "AES"); 341 provide("SecretKeyFactory", "ARCFOUR"); 342 provide("SecureRandom", "PKCS11"); 343 provide("Signature", "DSA"); 344 provide("Signature", "RAWDSA"); 345 } 346 347 if (Security.getProvider("SunPKCS11-NSS") != null || 348 Security.getProvider("SunEC") != null) { 349 provide("AlgorithmParameters", "EC"); 350 provide("KeyAgreement", "ECDH"); 351 provide("KeyFactory", "EC"); 352 provide("KeyPairGenerator", "EC"); 353 provide("Signature", "NONEWITHECDSA"); 354 provide("Signature", "SHA1WITHECDSA"); 355 provide("Signature", "SHA224WITHECDSA"); 356 provide("Signature", "SHA256WITHECDSA"); 357 provide("Signature", "SHA384WITHECDSA"); 358 provide("Signature", "SHA512WITHECDSA"); 359 } 360 361 // Documented as Standard Names, but do not exit in RI 6 362 if (IS_RI) { 363 unprovide("SSLContext", "TLSv1.1"); 364 unprovide("SSLContext", "TLSv1.2"); 365 } 366 367 // Fixups for the RI 368 if (IS_RI) { 369 // different names: Standard Names says PKIX, JSSE Reference Guide says SunX509 or NewSunX509 370 unprovide("KeyManagerFactory", "PKIX"); 371 provide("KeyManagerFactory", "SunX509"); 372 provide("KeyManagerFactory", "NewSunX509"); 373 } 374 375 // Fixups for dalvik 376 if (!IS_RI) { 377 378 // whole types that we do not provide 379 PROVIDER_ALGORITHMS.remove("Configuration"); 380 PROVIDER_ALGORITHMS.remove("GssApiMechanism"); 381 PROVIDER_ALGORITHMS.remove("KeyInfoFactory"); 382 PROVIDER_ALGORITHMS.remove("Policy"); 383 PROVIDER_ALGORITHMS.remove("SaslClientFactory"); 384 PROVIDER_ALGORITHMS.remove("SaslServerFactory"); 385 PROVIDER_ALGORITHMS.remove("TerminalFactory"); 386 PROVIDER_ALGORITHMS.remove("TransformService"); 387 PROVIDER_ALGORITHMS.remove("XMLSignatureFactory"); 388 389 // different names Diffie-Hellman vs DH 390 unprovide("AlgorithmParameterGenerator", "DiffieHellman"); 391 provide("AlgorithmParameterGenerator", "DH"); 392 unprovide("AlgorithmParameters", "DiffieHellman"); 393 provide("AlgorithmParameters", "DH"); 394 unprovide("KeyAgreement", "DiffieHellman"); 395 provide("KeyAgreement", "DH"); 396 unprovide("KeyFactory", "DiffieHellman"); 397 provide("KeyFactory", "DH"); 398 unprovide("KeyPairGenerator", "DiffieHellman"); 399 provide("KeyPairGenerator", "DH"); 400 401 // different names PBEWithSHA1AndDESede vs PBEWithSHAAnd3-KEYTripleDES-CBC 402 unprovide("AlgorithmParameters", "PBEWithSHA1AndDESede"); 403 unprovide("Cipher", "PBEWithSHA1AndDESede"); 404 unprovide("SecretKeyFactory", "PBEWithSHA1AndDESede"); 405 provide("AlgorithmParameters", "PKCS12PBE"); 406 provide("Cipher", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 407 provide("SecretKeyFactory", "PBEWithSHAAnd3-KEYTripleDES-CBC"); 408 409 // different names: BouncyCastle actually uses the Standard name of SHA-1 vs SHA 410 unprovide("MessageDigest", "SHA"); 411 provide("MessageDigest", "SHA-1"); 412 413 // Added to support Android KeyStore operations 414 provide("Signature", "NONEwithRSA"); 415 provide("Cipher", "RSA/ECB/NOPADDING"); 416 provide("Cipher", "RSA/ECB/PKCS1PADDING"); 417 provide("Cipher", "RSA/ECB/OAEPPadding"); 418 provide("Cipher", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"); 419 provide("Cipher", "RSA/ECB/OAEPWithSHA-224AndMGF1Padding"); 420 provide("Cipher", "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"); 421 provide("Cipher", "RSA/ECB/OAEPWithSHA-384AndMGF1Padding"); 422 provide("Cipher", "RSA/ECB/OAEPWithSHA-512AndMGF1Padding"); 423 provide("SecretKeyFactory", "AES"); 424 provide("SecretKeyFactory", "HmacSHA1"); 425 provide("SecretKeyFactory", "HmacSHA224"); 426 provide("SecretKeyFactory", "HmacSHA256"); 427 provide("SecretKeyFactory", "HmacSHA384"); 428 provide("SecretKeyFactory", "HmacSHA512"); 429 provide("Signature", "SHA1withRSA/PSS"); 430 provide("Signature", "SHA224withRSA/PSS"); 431 provide("Signature", "SHA256withRSA/PSS"); 432 provide("Signature", "SHA384withRSA/PSS"); 433 provide("Signature", "SHA512withRSA/PSS"); 434 provideOptional("Signature", "ED25519"); 435 436 // different names: ARCFOUR vs ARC4 437 unprovide("Cipher", "ARCFOUR"); 438 provide("Cipher", "ARC4"); 439 unprovide("KeyGenerator", "ARCFOUR"); 440 provide("KeyGenerator", "ARC4"); 441 442 // different case names: Blowfish vs BLOWFISH 443 unprovide("AlgorithmParameters", "Blowfish"); 444 provide("AlgorithmParameters", "BLOWFISH"); 445 unprovide("Cipher", "Blowfish"); 446 provide("Cipher", "BLOWFISH"); 447 unprovide("KeyGenerator", "Blowfish"); 448 provide("KeyGenerator", "BLOWFISH"); 449 450 // Harmony has X.509, BouncyCastle X509 451 // TODO remove one, probably Harmony's 452 provide("CertificateFactory", "X509"); 453 454 // not just different names, but different binary formats 455 unprovide("KeyStore", "JKS"); 456 provide("KeyStore", "BKS"); 457 unprovide("KeyStore", "JCEKS"); 458 provide("KeyStore", "BouncyCastle"); 459 460 // Noise to support KeyStore.PKCS12 461 provide("Cipher", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 462 provide("Cipher", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 463 provide("Cipher", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 464 provide("Cipher", "PBEWITHMD5ANDRC2"); 465 provide("Cipher", "PBEWITHSHA1ANDDES"); 466 provide("Cipher", "PBEWITHSHA1ANDRC2"); 467 provide("Cipher", "PBEWITHSHA256AND128BITAES-CBC-BC"); 468 provide("Cipher", "PBEWITHSHA256AND192BITAES-CBC-BC"); 469 provide("Cipher", "PBEWITHSHA256AND256BITAES-CBC-BC"); 470 provide("Cipher", "PBEWITHSHAAND128BITAES-CBC-BC"); 471 provide("Cipher", "PBEWITHSHAAND128BITRC2-CBC"); 472 provide("Cipher", "PBEWITHSHAAND128BITRC4"); 473 provide("Cipher", "PBEWITHSHAAND192BITAES-CBC-BC"); 474 provide("Cipher", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 475 provide("Cipher", "PBEWITHSHAAND256BITAES-CBC-BC"); 476 provide("Cipher", "PBEWITHSHAAND40BITRC2-CBC"); 477 provide("Cipher", "PBEWITHSHAAND40BITRC4"); 478 provide("Cipher", "PBEWITHSHAANDTWOFISH-CBC"); 479 provide("Cipher", "PBEWithHmacSHA1AndAES_128"); 480 provide("Cipher", "PBEWithHmacSHA224AndAES_128"); 481 provide("Cipher", "PBEWithHmacSHA256AndAES_128"); 482 provide("Cipher", "PBEWithHmacSHA384AndAES_128"); 483 provide("Cipher", "PBEWithHmacSHA512AndAES_128"); 484 provide("Cipher", "PBEWithHmacSHA1AndAES_256"); 485 provide("Cipher", "PBEWithHmacSHA224AndAES_256"); 486 provide("Cipher", "PBEWithHmacSHA256AndAES_256"); 487 provide("Cipher", "PBEWithHmacSHA384AndAES_256"); 488 provide("Cipher", "PBEWithHmacSHA512AndAES_256"); 489 provide("Mac", "PBEWITHHMACSHA"); 490 provide("Mac", "PBEWITHHMACSHA1"); 491 provide("SecretKeyFactory", "PBEWITHHMACSHA1"); 492 provide("SecretKeyFactory", "PBEWITHMD5AND128BITAES-CBC-OPENSSL"); 493 provide("SecretKeyFactory", "PBEWITHMD5AND192BITAES-CBC-OPENSSL"); 494 provide("SecretKeyFactory", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"); 495 provide("SecretKeyFactory", "PBEWITHMD5ANDRC2"); 496 provide("SecretKeyFactory", "PBEWITHSHA1ANDDES"); 497 provide("SecretKeyFactory", "PBEWITHSHA1ANDRC2"); 498 provide("SecretKeyFactory", "PBEWITHSHA256AND128BITAES-CBC-BC"); 499 provide("SecretKeyFactory", "PBEWITHSHA256AND192BITAES-CBC-BC"); 500 provide("SecretKeyFactory", "PBEWITHSHA256AND256BITAES-CBC-BC"); 501 provide("SecretKeyFactory", "PBEWITHSHAAND128BITAES-CBC-BC"); 502 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC2-CBC"); 503 provide("SecretKeyFactory", "PBEWITHSHAAND128BITRC4"); 504 provide("SecretKeyFactory", "PBEWITHSHAAND192BITAES-CBC-BC"); 505 provide("SecretKeyFactory", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); 506 provide("SecretKeyFactory", "PBEWITHSHAAND256BITAES-CBC-BC"); 507 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC2-CBC"); 508 provide("SecretKeyFactory", "PBEWITHSHAAND40BITRC4"); 509 provide("SecretKeyFactory", "PBEWITHSHAANDTWOFISH-CBC"); 510 511 // Needed by our OpenSSL provider 512 provide("Cipher", "AES/CBC/NOPADDING"); 513 provide("Cipher", "AES/CBC/PKCS5PADDING"); 514 provide("Cipher", "AES/CBC/PKCS7PADDING"); 515 provide("Cipher", "AES/CFB/NOPADDING"); 516 provide("Cipher", "AES/CFB/PKCS5PADDING"); 517 provide("Cipher", "AES/CFB/PKCS7PADDING"); 518 provide("Cipher", "AES/CTR/NOPADDING"); 519 provide("Cipher", "AES/CTR/PKCS5PADDING"); 520 provide("Cipher", "AES/CTR/PKCS7PADDING"); 521 provide("Cipher", "AES/ECB/NOPADDING"); 522 provide("Cipher", "AES/ECB/PKCS5PADDING"); 523 provide("Cipher", "AES/ECB/PKCS7PADDING"); 524 provide("Cipher", "AES/GCM/NOPADDING"); 525 provide("Cipher", "AES/GCM-SIV/NOPADDING"); 526 provide("Cipher", "AES/OFB/NOPADDING"); 527 provide("Cipher", "AES/OFB/PKCS5PADDING"); 528 provide("Cipher", "AES/OFB/PKCS7PADDING"); 529 provide("Cipher", "AES_128/CBC/NOPADDING"); 530 provide("Cipher", "AES_128/CBC/PKCS5PADDING"); 531 provide("Cipher", "AES_128/CBC/PKCS7PADDING"); 532 provide("Cipher", "AES_128/ECB/NOPADDING"); 533 provide("Cipher", "AES_128/ECB/PKCS5PADDING"); 534 provide("Cipher", "AES_128/ECB/PKCS7PADDING"); 535 provide("Cipher", "AES_128/GCM/NOPADDING"); 536 provide("Cipher", "AES_128/GCM-SIV/NOPADDING"); 537 provide("Cipher", "AES_256/CBC/NOPADDING"); 538 provide("Cipher", "AES_256/CBC/PKCS5PADDING"); 539 provide("Cipher", "AES_256/CBC/PKCS7PADDING"); 540 provide("Cipher", "AES_256/ECB/NOPADDING"); 541 provide("Cipher", "AES_256/ECB/PKCS5PADDING"); 542 provide("Cipher", "AES_256/ECB/PKCS7PADDING"); 543 provide("Cipher", "AES_256/GCM/NOPADDING"); 544 provide("Cipher", "AES_256/GCM-SIV/NOPADDING"); 545 provide("Cipher", "DESEDE/CBC/NOPADDING"); 546 provide("Cipher", "DESEDE/CBC/PKCS5PADDING"); 547 provide("Cipher", "DESEDE/CBC/PKCS7PADDING"); 548 provide("Cipher", "DESEDE/CFB/NOPADDING"); 549 provide("Cipher", "DESEDE/CFB/PKCS5PADDING"); 550 provide("Cipher", "DESEDE/CFB/PKCS7PADDING"); 551 provide("Cipher", "DESEDE/ECB/NOPADDING"); 552 provide("Cipher", "DESEDE/ECB/PKCS5PADDING"); 553 provide("Cipher", "DESEDE/ECB/PKCS7PADDING"); 554 provide("Cipher", "DESEDE/OFB/NOPADDING"); 555 provide("Cipher", "DESEDE/OFB/PKCS5PADDING"); 556 provide("Cipher", "DESEDE/OFB/PKCS7PADDING"); 557 558 // Provided by our OpenSSL provider 559 provide("AlgorithmParameters", "ChaCha20"); 560 provide("Cipher", "ChaCha20"); 561 provide("Cipher", "ChaCha20/Poly1305/NoPadding"); 562 provide("KeyGenerator", "ChaCha20"); 563 provideCipherPaddings("AES", new String[] { "PKCS7Padding" }); 564 565 // removed LDAP 566 unprovide("CertStore", "LDAP"); 567 568 // removed MD2 569 unprovide("MessageDigest", "MD2"); 570 unprovide("Signature", "MD2withRSA"); 571 572 // removed RC2 573 // NOTE the implementation remains to support PKCS12 keystores 574 unprovide("AlgorithmParameters", "PBEWithSHA1AndRC2_40"); 575 unprovide("AlgorithmParameters", "RC2"); 576 unprovide("Cipher", "PBEWithSHA1AndRC2_40"); 577 unprovide("Cipher", "RC2"); 578 unprovide("KeyGenerator", "RC2"); 579 unprovide("SecretKeyFactory", "PBEWithSHA1AndRC2_40"); 580 581 // PBEWithMD5AndTripleDES is Sun proprietary 582 unprovide("AlgorithmParameters", "PBEWithMD5AndTripleDES"); 583 unprovide("Cipher", "PBEWithMD5AndTripleDES"); 584 unprovide("SecretKeyFactory", "PBEWithMD5AndTripleDES"); 585 586 // missing from Bouncy Castle 587 // Standard Names document says to use specific PBEWith*And* 588 unprovide("AlgorithmParameters", "PBE"); 589 590 // missing from Bouncy Castle 591 // TODO add to JDKAlgorithmParameters perhaps as wrapper on PBES2Parameters 592 // For now, can use AlgorithmParametersSpec javax.crypto.spec.PBEParameterSpec instead 593 unprovide("AlgorithmParameters", "PBEWithMD5AndDES"); // 1.2.840.113549.1.5.3 594 595 // EC support 596 provide("AlgorithmParameters", "EC"); 597 provide("KeyAgreement", "ECDH"); 598 provide("KeyFactory", "EC"); 599 provide("KeyPairGenerator", "EC"); 600 provide("Signature", "NONEWITHECDSA"); 601 provide("Signature", "SHA1WITHECDSA"); 602 provide("Signature", "SHA224WITHECDSA"); 603 provide("Signature", "SHA256WITHECDSA"); 604 provide("Signature", "SHA384WITHECDSA"); 605 provide("Signature", "SHA512WITHECDSA"); 606 607 // Android's CA store 608 provide("KeyStore", "AndroidCAStore"); 609 610 // Android's KeyStore provider 611 if (Security.getProvider("AndroidKeyStore") != null) { 612 provide("KeyStore", "AndroidKeyStore"); 613 provideOptional("KeyFactory", "ED25519"); 614 provideOptional("KeyPairGenerator", "ED25519"); 615 } 616 617 // TimaKeyStore provider 618 if (Security.getProvider("TimaKeyStore") != null) { 619 provide("KeyStore", "TimaKeyStore"); 620 } 621 // KnoxAndroidKeyStore provider 622 if (Security.getProvider("KnoxAndroidKeyStore") != null) { 623 provide("KeyStore", "KnoxAndroidKeyStore"); 624 } 625 626 // Elliptic curve Diffie-Hellman 627 provide("KeyAgreement", "XDH"); 628 provide("KeyFactory", "XDH"); 629 provide("KeyPairGenerator", "XDH"); 630 631 // AES-CMAC Mac 632 provide("Mac", "AESCMAC"); 633 } 634 } 635 636 public static final Set<String> KEY_TYPES = new HashSet<>(Arrays.asList( 637 "RSA", 638 "DSA", 639 "DH_RSA", 640 "DH_DSA", 641 "EC", 642 "EC_EC", 643 "EC_RSA")); 644 static { 645 if (IS_RI) { 646 // DH_* are specified by standard names, but do not seem to be supported by RI 647 KEY_TYPES.remove("DH_RSA"); 648 KEY_TYPES.remove("DH_DSA"); 649 } 650 } 651 652 /** 653 * Valid values for X509TrustManager.checkClientTrusted authType, 654 * either the algorithm of the public key or UNKNOWN. 655 */ 656 public static final Set<String> CLIENT_AUTH_TYPES = new HashSet<>(Arrays.asList( 657 "RSA", 658 "DSA", 659 "EC", 660 "UNKNOWN")); 661 662 /** 663 * Valid values for X509TrustManager.checkServerTrusted authType, 664 * either key exchange algorithm part of the cipher suite, UNKNOWN, 665 * or GENERIC (for TLS 1.3 cipher suites that don't imply a specific 666 * key exchange method). 667 */ 668 public static final Set<String> SERVER_AUTH_TYPES = new HashSet<>(Arrays.asList( 669 "DHE_DSS", 670 "DHE_DSS_EXPORT", 671 "DHE_RSA", 672 "DHE_RSA_EXPORT", 673 "DH_DSS_EXPORT", 674 "DH_RSA_EXPORT", 675 "DH_anon", 676 "DH_anon_EXPORT", 677 "KRB5", 678 "KRB5_EXPORT", 679 "RSA", 680 "RSA_EXPORT", 681 "RSA_EXPORT1024", 682 "ECDH_ECDSA", 683 "ECDH_RSA", 684 "ECDHE_ECDSA", 685 "ECDHE_RSA", 686 "UNKNOWN", 687 "GENERIC")); 688 689 /** 690 * Cipher suites that are only supported with TLS 1.3. 691 */ 692 public static final List<String> CIPHER_SUITES_TLS13 = Arrays.asList( 693 "TLS_AES_128_GCM_SHA256", 694 "TLS_AES_256_GCM_SHA384", 695 "TLS_CHACHA20_POLY1305_SHA256"); 696 697 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 698 // javax.net.ssl.SSLEngine. 699 private static final List<String> CIPHER_SUITES_ANDROID_AES_HARDWARE = Arrays.asList( 700 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 701 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 702 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", 703 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 704 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 705 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 706 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 707 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 708 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 709 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 710 "TLS_RSA_WITH_AES_128_GCM_SHA256", 711 "TLS_RSA_WITH_AES_256_GCM_SHA384", 712 "TLS_RSA_WITH_AES_128_CBC_SHA", 713 "TLS_RSA_WITH_AES_256_CBC_SHA", 714 CIPHER_SUITE_SECURE_RENEGOTIATION 715 ); 716 717 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 718 // javax.net.ssl.SSLEngine. 719 private static final List<String> CIPHER_SUITES_ANDROID_SOFTWARE = Arrays.asList( 720 "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", 721 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 722 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 723 "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 724 "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 725 "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 726 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 727 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 728 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 729 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 730 "TLS_RSA_WITH_AES_128_GCM_SHA256", 731 "TLS_RSA_WITH_AES_256_GCM_SHA384", 732 "TLS_RSA_WITH_AES_128_CBC_SHA", 733 "TLS_RSA_WITH_AES_256_CBC_SHA", 734 CIPHER_SUITE_SECURE_RENEGOTIATION 735 ); 736 737 // NOTE: This list needs to be kept in sync with Javadoc of javax.net.ssl.SSLSocket and 738 // javax.net.ssl.SSLEngine. 739 public static final List<String> CIPHER_SUITES_DEFAULT = (IS_RI) 740 ? Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", 741 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", 742 "TLS_RSA_WITH_AES_256_CBC_SHA256", 743 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", 744 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", 745 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", 746 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", 747 "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 748 "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 749 "TLS_RSA_WITH_AES_256_CBC_SHA", 750 "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 751 "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 752 "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 753 "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 754 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", 755 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", 756 "TLS_RSA_WITH_AES_128_CBC_SHA256", 757 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", 758 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", 759 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", 760 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", 761 "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 762 "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 763 "TLS_RSA_WITH_AES_128_CBC_SHA", 764 "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 765 "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 766 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 767 "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 768 "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 769 "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 770 "SSL_RSA_WITH_RC4_128_SHA", 771 "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 772 "TLS_ECDH_RSA_WITH_RC4_128_SHA", 773 "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 774 "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 775 "SSL_RSA_WITH_3DES_EDE_CBC_SHA", 776 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 777 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 778 "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 779 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 780 "SSL_RSA_WITH_RC4_128_MD5", 781 "TLS_EMPTY_RENEGOTIATION_INFO_SCSV") 782 : CpuFeatures.isAesHardwareAccelerated() ? CIPHER_SUITES_ANDROID_AES_HARDWARE 783 : CIPHER_SUITES_ANDROID_SOFTWARE; 784 785 private static final Map<String, Class<? extends KeySpec>> PRIVATE_KEY_SPEC_CLASSES; 786 private static final Map<String, Class<? extends KeySpec>> PUBLIC_KEY_SPEC_CLASSES; 787 private static final Map<String, Integer> MINIMUM_KEY_SIZE; 788 static { 789 PRIVATE_KEY_SPEC_CLASSES = new HashMap<>(); 790 PUBLIC_KEY_SPEC_CLASSES = new HashMap<>(); 791 MINIMUM_KEY_SIZE = new HashMap<>(); 792 PRIVATE_KEY_SPEC_CLASSES.put("RSA", RSAPrivateCrtKeySpec.class); 793 PUBLIC_KEY_SPEC_CLASSES.put("RSA", RSAPublicKeySpec.class); 794 MINIMUM_KEY_SIZE.put("RSA", 512); 795 PRIVATE_KEY_SPEC_CLASSES.put("DSA", DSAPrivateKeySpec.class); 796 PUBLIC_KEY_SPEC_CLASSES.put("DSA", DSAPublicKeySpec.class); 797 MINIMUM_KEY_SIZE.put("DSA", 512); 798 PRIVATE_KEY_SPEC_CLASSES.put("DH", DHPrivateKeySpec.class); 799 PUBLIC_KEY_SPEC_CLASSES.put("DH", DHPublicKeySpec.class); 800 MINIMUM_KEY_SIZE.put("DH", 256); 801 PRIVATE_KEY_SPEC_CLASSES.put("EC", ECPrivateKeySpec.class); 802 PUBLIC_KEY_SPEC_CLASSES.put("EC", ECPublicKeySpec.class); 803 MINIMUM_KEY_SIZE.put("EC", 256); 804 } 805 getPrivateKeySpecClass(String algName)806 public static Class<? extends KeySpec> getPrivateKeySpecClass(String algName) { 807 return PRIVATE_KEY_SPEC_CLASSES.get(algName); 808 } 809 getPublicKeySpecClass(String algName)810 public static Class<? extends KeySpec> getPublicKeySpecClass(String algName) { 811 return PUBLIC_KEY_SPEC_CLASSES.get(algName); 812 } 813 getMinimumKeySize(String algName)814 public static int getMinimumKeySize(String algName) { 815 return MINIMUM_KEY_SIZE.get(algName); 816 } 817 818 } 819