Author: markt
Date: Fri Dec 22 17:00:21 2017
New Revision: 1819068
URL: http://svn.apache.org/viewvc?rev=1819068&view=rev
Log:
Remove ARIA ciphers from DEFAULT
Set up aliases for ARIA ciphers
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1819068&r1=1819067&r2=1819068&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
(original)
+++
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
Fri Dec 22 17:00:21 2017
@@ -264,6 +264,18 @@ public class OpenSSLCipherConfigurationP
*/
private static final String AESCCM8 = "AESCCM8";
/**
+ * Cipher suites using either 128 bit ARIA.
+ */
+ private static final String ARIA128 = "ARIA128";
+ /**
+ * Cipher suites using either 256 bit ARIA.
+ */
+ private static final String ARIA256 = "ARIA";
+ /**
+ * Cipher suites using either 128 or 256 bit ARIA.
+ */
+ private static final String ARIA = "ARIA";
+ /**
* Cipher suites using 128 bit CAMELLIA.
*/
private static final String CAMELLIA128 = "CAMELLIA128";
@@ -488,6 +500,9 @@ public class OpenSSLCipherConfigurationP
addListAlias(AES128, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128CCM,
Encryption.AES128CCM8, Encryption.AES128GCM))));
addListAlias(AES256, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES256, Encryption.AES256CCM,
Encryption.AES256CCM8, Encryption.AES256GCM))));
addListAlias(AES, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128CCM,
Encryption.AES128CCM8, Encryption.AES128GCM, Encryption.AES256,
Encryption.AES256CCM, Encryption.AES256CCM8, Encryption.AES256GCM))));
+ addListAlias(ARIA128, filterByEncryption(allCiphers,
Collections.singleton(Encryption.ARIA128GCM)));
+ addListAlias(ARIA256, filterByEncryption(allCiphers,
Collections.singleton(Encryption.ARIA256GCM)));
+ addListAlias(ARIA, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.ARIA128GCM, Encryption.ARIA256GCM))));
addListAlias(AESGCM, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES128GCM, Encryption.AES256GCM))));
addListAlias(AESCCM, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES128CCM, Encryption.AES128CCM8,
Encryption.AES256CCM, Encryption.AES256CCM8))));
addListAlias(AESCCM8, filterByEncryption(allCiphers, new
HashSet<>(Arrays.asList(Encryption.AES128CCM8, Encryption.AES256CCM8))));
@@ -524,7 +539,7 @@ public class OpenSSLCipherConfigurationP
addListAlias(SRP, filterByKeyExchange(allCiphers,
Collections.singleton(KeyExchange.SRP)));
initialized = true;
// Despite what the OpenSSL docs say, DEFAULT also excludes SSLv2
- addListAlias(DEFAULT,
parse("ALL:!EXPORT:!eNULL:!aNULL:!SSLv2:!DES:!RC2:!RC4:!DSS:!SEED:!IDEA:!CAMELLIA:!AESCCM:!3DES"));
+ addListAlias(DEFAULT,
parse("ALL:!EXPORT:!eNULL:!aNULL:!SSLv2:!DES:!RC2:!RC4:!DSS:!SEED:!IDEA:!CAMELLIA:!AESCCM:!3DES!ARIA"));
// COMPLEMENTOFDEFAULT is also not exactly as defined by the docs
LinkedHashSet<Cipher> complementOfDefault = filterByKeyExchange(all,
new HashSet<>(Arrays.asList(KeyExchange.EDH,KeyExchange.EECDH)));
complementOfDefault = filterByAuthentication(complementOfDefault,
Collections.singleton(Authentication.aNULL));
@@ -540,6 +555,7 @@ public class OpenSSLCipherConfigurationP
complementOfDefault.addAll(aliases.get(IDEA));
complementOfDefault.addAll(aliases.get(CAMELLIA));
complementOfDefault.addAll(aliases.get(AESCCM));
+ complementOfDefault.addAll(aliases.get(ARIA));
defaultSort(complementOfDefault);
addListAlias(COMPLEMENTOFDEFAULT, complementOfDefault);
}
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java?rev=1819068&r1=1819067&r2=1819068&view=diff
==============================================================================
---
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
(original)
+++
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
Fri Dec 22 17:00:21 2017
@@ -530,6 +530,24 @@ public class TestOpenSSLCipherConfigurat
}
+ @Test
+ public void testARIA() throws Exception {
+ testSpecification("ARIA");
+ }
+
+
+ @Test
+ public void testARIA128() throws Exception {
+ testSpecification("ARIA128");
+ }
+
+
+ @Test
+ public void testARIA256() throws Exception {
+ testSpecification("ARIA256");
+ }
+
+
// TODO: Add tests for the individual operators
@Test
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
