Protocol.java

markt Fri, 16 Mar 2018 03:41:01 -0700

Author: markt
Date: Fri Mar 16 10:40:37 2018
New Revision: 1826958

URL: http://svn.apache.org/viewvc?rev=1826958&view=rev
Log:
Add draft 1.3 cipher definitions as OpenSSL master is starting to advertise them


Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/Constants.java
    
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java
    tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
    
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java
    tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Constants.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Constants.java?rev=1826958&r1=1826957&r2=1826958&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/Constants.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Constants.java Fri Mar 16 
10:40:37 2018
@@ -29,6 +29,7 @@ public class Constants {
      */
     public static final String SSL_PROTO_ALL        = "all";
     public static final String SSL_PROTO_TLS        = "TLS";
+    public static final String SSL_PROTO_TLSv1_3    = "TLSv1.3";
     public static final String SSL_PROTO_TLSv1_2    = "TLSv1.2";
     public static final String SSL_PROTO_TLSv1_1    = "TLSv1.1";
     // Two different forms for TLS 1.0

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java?rev=1826958&r1=1826957&r2=1826958&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Authentication.java
 Fri Mar 16 10:40:37 2018
@@ -18,16 +18,17 @@
 package org.apache.tomcat.util.net.openssl.ciphers;
 
 public enum Authentication {
-    RSA /* RSA auth */,
-    DSS /* DSS auth */,
-    aNULL /* no auth (i.e. use ADH or AECDH) */,
-    DH /* Fixed DH auth (kDHd or kDHr) */,
-    ECDH /* Fixed ECDH auth (kECDHe or kECDHr) */,
-    KRB5 /* KRB5 auth */,
-    ECDSA/* ECDSA auth*/,
-    PSK /* PSK auth */,
+    RSA    /* RSA auth */,
+    DSS    /* DSS auth */,
+    aNULL  /* no auth (i.e. use ADH or AECDH) */,
+    DH     /* Fixed DH auth (kDHd or kDHr) */,
+    ECDH   /* Fixed ECDH auth (kECDHe or kECDHr) */,
+    KRB5   /* KRB5 auth */,
+    ECDSA  /* ECDSA auth*/,
+    PSK    /* PSK auth */,
     GOST94 /* GOST R 34.10-94 signature auth */,
     GOST01 /* GOST R 34.10-2001 */,
-    FZA /* Fortezza */,
-    SRP
+    FZA    /* Fortezza */,
+    SRP,
+    ANY    /* TLS 1.3 */
 }

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java?rev=1826958&r1=1826957&r2=1826958&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Cipher.java 
Fri Mar 16 10:40:37 2018
@@ -2695,7 +2695,96 @@ public enum Cipher {
             null
     ),
 
-    /* Cipher 0x00FF  TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+    // Cipher 0x00FF  TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+
+    // TLS 1.3 ciphers (draft - v26)
+    // Cipher 1301
+    TLS_AES_128_GCM_SHA256(
+            0x1301,
+            "TLS_AES_128_GCM_SHA256",
+            KeyExchange.ANY,
+            Authentication.ANY,
+            Encryption.AES128GCM,
+            MessageDigest.AEAD,
+            Protocol.TLSv1_3,
+            false,
+            EncryptionLevel.HIGH,
+            true,
+            128,
+            128,
+            null,
+            null
+    ),
+    // Cipher 1302
+    TLS_AES_256_GCM_SHA384(
+            0x1302,
+            "TLS_AES_256_GCM_SHA384",
+            KeyExchange.ANY,
+            Authentication.ANY,
+            Encryption.AES256GCM,
+            MessageDigest.AEAD,
+            Protocol.TLSv1_3,
+            false,
+            EncryptionLevel.HIGH,
+            true,
+            256,
+            256,
+            null,
+            null
+    ),
+    // Cipher 1303
+    TLS_CHACHA20_POLY1305_SHA256(
+            0x1303,
+            "TLS_CHACHA20_POLY1305_SHA256",
+            KeyExchange.ANY,
+            Authentication.ANY,
+            Encryption.CHACHA20POLY1305,
+            MessageDigest.AEAD,
+            Protocol.TLSv1_3,
+            false,
+            EncryptionLevel.HIGH,
+            true,
+            256,
+            256,
+            null,
+            null
+    ),
+    // Cipher 1304
+    TLS_AES_128_CCM_SHA256(
+            0x1304,
+            "TLS_AES_128_CCM_SHA256",
+            KeyExchange.ANY,
+            Authentication.ANY,
+            Encryption.AES128CCM,
+            MessageDigest.AEAD,
+            Protocol.TLSv1_3,
+            false,
+            EncryptionLevel.HIGH,
+            true,
+            128,
+            128,
+            null,
+            null
+    ),
+    // Cipher 1305
+    TLS_AES_128_CCM_8_SHA256(
+            0x1305,
+            "TLS_AES_128_CCM_8_SHA256",
+            KeyExchange.ANY,
+            Authentication.ANY,
+            Encryption.AES128CCM8,
+            MessageDigest.AEAD,
+            Protocol.TLSv1_3,
+            false,
+            EncryptionLevel.HIGH,
+            true,
+            128,
+            128,
+            null,
+            null
+    ),
+
+    /*
      * Cipher 0x5600  TLS_FALLBACK_SCSV
      *
      * No other ciphers defined until 0xC001 below

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java?rev=1826958&r1=1826957&r2=1826958&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/KeyExchange.java 
Fri Mar 16 10:40:37 2018
@@ -32,5 +32,6 @@ enum KeyExchange {
     SRP   /* SSL_kSRP   - SRP */,
     RSAPSK,
     ECDHEPSK,
-    DHEPSK
+    DHEPSK,
+    ANY   /* TLS 1.3 */
 }

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java?rev=1826958&r1=1826957&r2=1826958&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java 
Fri Mar 16 10:40:37 2018
@@ -24,7 +24,8 @@ enum Protocol {
     SSLv3(Constants.SSL_PROTO_SSLv3),
     SSLv2(Constants.SSL_PROTO_SSLv2),
     TLSv1(Constants.SSL_PROTO_TLSv1),
-    TLSv1_2(Constants.SSL_PROTO_TLSv1_2);
+    TLSv1_2(Constants.SSL_PROTO_TLSv1_2),
+    TLSv1_3(Constants.SSL_PROTO_TLSv1_3);
 
     private final String openSSLName;
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1826958 - in /tomcat/trunk/java/org/apache/tomcat/util/net: Constants.java openssl/ciphers/Authentication.java openssl/ciphers/Cipher.java openssl/ciphers/KeyExchange.java openssl/ciphers/Protocol.java

Reply via email to