changeset 14554:f60ef263eb92

8163326: Update the default enabled cipher suites preference Reviewed-by: avoitylov, andrew
author mbalao
date Thu, 01 Jul 2021 07:04:53 +0000
parents 7ca196c6cebe
children 6573d0696a48
files src/share/classes/sun/security/ssl/CipherSuite.java test/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
diffstat 3 files changed, 491 insertions(+), 307 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/CipherSuite.java	Thu Aug 05 10:00:55 2021 +0000
+++ b/src/share/classes/sun/security/ssl/CipherSuite.java	Thu Jul 01 07:04:53 2021 +0000
@@ -56,20 +56,22 @@
     // the following criteria:
     // 1. Prefer Suite B compliant cipher suites, see RFC6460 (To be
     //    changed later, see below).
-    // 2. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
+    // 2. Prefer forward secrecy cipher suites.
+    // 3. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
     //    AES_128(GCM), AES_256, AES_128, 3DES-EDE.
-    // 3. Prefer the stronger MAC algorithm, in the order of SHA384,
+    // 4. Prefer the stronger MAC algorithm, in the order of SHA384,
     //    SHA256, SHA, MD5.
-    // 4. Prefer the better performance of key exchange and digital
+    // 5. Prefer the better performance of key exchange and digital
     //    signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA,
-    //    RSA, ECDH-ECDSA, ECDH-RSA, DHE-RSA, DHE-DSS.
+    //    DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.
 
+    // TLS 1.3 cipher suites.
+    TLS_AES_256_GCM_SHA384(
+            0x1302, true, "TLS_AES_256_GCM_SHA384",
+            ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384),
     TLS_AES_128_GCM_SHA256(
             0x1301, true, "TLS_AES_128_GCM_SHA256",
             ProtocolVersion.PROTOCOLS_OF_13, B_AES_128_GCM_IV, H_SHA256),
-    TLS_AES_256_GCM_SHA384(
-            0x1302, true, "TLS_AES_256_GCM_SHA384",
-            ProtocolVersion.PROTOCOLS_OF_13, B_AES_256_GCM_IV, H_SHA384),
 
     // Suite B compliant cipher suites, see RFC 6460.
     //
@@ -87,23 +89,23 @@
             ProtocolVersion.PROTOCOLS_OF_12,
             K_ECDHE_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256),
 
-    // AES_256(GCM)
+    //
+    // Forward screcy cipher suites.
+    //
+
+    // AES_256(GCM) - ECDHE
     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
             0xC030, true, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "",
             ProtocolVersion.PROTOCOLS_OF_12,
             K_ECDHE_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
-    TLS_RSA_WITH_AES_256_GCM_SHA384(
-            0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "",
+
+    // AES_128(GCM) - ECDHE
+    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
+            0xC02F, true, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "",
             ProtocolVersion.PROTOCOLS_OF_12,
-            K_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
-    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
-            0xC02E, true, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384),
-    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
-            0xC032, true, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+            K_ECDHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+    // AES_256(GCM) - DHE
     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(
             0x009F, true, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "",
             ProtocolVersion.PROTOCOLS_OF_12,
@@ -113,23 +115,7 @@
             ProtocolVersion.PROTOCOLS_OF_12,
             K_DHE_DSS, B_AES_256_GCM, M_NULL, H_SHA384),
 
-    // AES_128(GCM)
-    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
-            0xC02F, true, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDHE_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
-    TLS_RSA_WITH_AES_128_GCM_SHA256(
-            0x009C, true, "TLS_RSA_WITH_AES_128_GCM_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
-            0xC02D, true, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256),
-    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
-            0xC031, true, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+    // AES_128(GCM) - DHE
     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(
             0x009E, true, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "",
             ProtocolVersion.PROTOCOLS_OF_12,
@@ -139,7 +125,7 @@
             ProtocolVersion.PROTOCOLS_OF_12,
             K_DHE_DSS, B_AES_128_GCM, M_NULL, H_SHA256),
 
-    // AES_256(CBC)
+    // AES_256(CBC) - ECDHE
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(
             0xC024, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "",
             ProtocolVersion.PROTOCOLS_OF_12,
@@ -148,18 +134,18 @@
             0xC028, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "",
             ProtocolVersion.PROTOCOLS_OF_12,
             K_ECDHE_RSA, B_AES_256, M_SHA384, H_SHA384),
-    TLS_RSA_WITH_AES_256_CBC_SHA256(
-            0x003D, true, "TLS_RSA_WITH_AES_256_CBC_SHA256", "",
+
+    // AES_128(CBC) - ECDHE
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
+            0xC023, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "",
             ProtocolVersion.PROTOCOLS_OF_12,
-            K_RSA, B_AES_256, M_SHA256, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
-            0xC026, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "",
+            K_ECDHE_ECDSA, B_AES_128, M_SHA256, H_SHA256),
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
+            0xC027, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "",
             ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_ECDSA, B_AES_256, M_SHA384, H_SHA384),
-    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
-            0xC02A, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_RSA, B_AES_256, M_SHA384, H_SHA384),
+            K_ECDHE_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+    // AES_256(CBC) - DHE
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(
             0x006B, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", "",
             ProtocolVersion.PROTOCOLS_OF_12,
@@ -169,6 +155,65 @@
             ProtocolVersion.PROTOCOLS_OF_12,
             K_DHE_DSS, B_AES_256, M_SHA256, H_SHA256),
 
+    // AES_128(CBC) - DHE
+    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
+            0x0067, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_DHE_RSA, B_AES_128, M_SHA256, H_SHA256),
+    TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
+            0x0040, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_DHE_DSS, B_AES_128, M_SHA256, H_SHA256),
+
+    //
+    // not forward screcy cipher suites.
+    //
+
+    // AES_256(GCM)
+    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
+            0xC02E, true, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_ECDSA, B_AES_256_GCM, M_NULL, H_SHA384),
+    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
+            0xC032, true, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+
+    // AES_128(GCM)
+    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
+            0xC02D, true, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_ECDSA, B_AES_128_GCM, M_NULL, H_SHA256),
+    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
+            0xC031, true, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+    // AES_256(CBC)
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
+            0xC026, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_ECDSA, B_AES_256, M_SHA384, H_SHA384),
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
+            0xC02A, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_RSA, B_AES_256, M_SHA384, H_SHA384),
+
+    // AES_128(CBC)
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
+            0xC025, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_ECDSA, B_AES_128, M_SHA256, H_SHA256),
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
+            0xC029, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_ECDH_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+    //
+    // Legacy, used for compatibility
+    //
+
+    // AES_256(CBC) - ECDHE - Using SHA
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(
             0xC00A, true, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
@@ -177,18 +222,18 @@
             0xC014, true, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
             K_ECDHE_RSA, B_AES_256, M_SHA, H_SHA256),
-    TLS_RSA_WITH_AES_256_CBC_SHA(
-            0x0035, true, "TLS_RSA_WITH_AES_256_CBC_SHA", "",
+
+    // AES_128(CBC) - ECDHE - using SHA
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
+            0xC009, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
-            K_RSA, B_AES_256, M_SHA, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
-            0xC005, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "",
+            K_ECDHE_ECDSA, B_AES_128, M_SHA, H_SHA256),
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
+            0xC013, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_ECDSA, B_AES_256, M_SHA, H_SHA256),
-    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
-            0xC00F, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_RSA, B_AES_256, M_SHA, H_SHA256),
+            K_ECDHE_RSA, B_AES_128, M_SHA, H_SHA256),
+
+    // AES_256(CBC) - DHE - Using SHA
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA(
             0x0039, true, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
@@ -198,56 +243,7 @@
             ProtocolVersion.PROTOCOLS_TO_12,
             K_DHE_DSS, B_AES_256, M_SHA, H_SHA256),
 
-    // AES_128(CBC)
-    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
-            0xC023, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDHE_ECDSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
-            0xC027, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDHE_RSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_RSA_WITH_AES_128_CBC_SHA256(
-            0x003C, true, "TLS_RSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_RSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
-            0xC025, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_ECDSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
-            0xC029, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_ECDH_RSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
-            0x0067, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_DHE_RSA, B_AES_128, M_SHA256, H_SHA256),
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
-            0x0040, true, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "",
-            ProtocolVersion.PROTOCOLS_OF_12,
-            K_DHE_DSS, B_AES_128, M_SHA256, H_SHA256),
-
-    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
-            0xC009, true, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDHE_ECDSA, B_AES_128, M_SHA, H_SHA256),
-    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
-            0xC013, true, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDHE_RSA, B_AES_128, M_SHA, H_SHA256),
-    TLS_RSA_WITH_AES_128_CBC_SHA(
-            0x002F, true, "TLS_RSA_WITH_AES_128_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_RSA, B_AES_128, M_SHA, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
-            0xC004, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_ECDSA, B_AES_128, M_SHA, H_SHA256),
-    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
-            0xC00E, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_RSA, B_AES_128, M_SHA, H_SHA256),
+    // AES_128(CBC) - DHE - using SHA
     TLS_DHE_RSA_WITH_AES_128_CBC_SHA(
             0x0033, true, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
@@ -257,7 +253,67 @@
             ProtocolVersion.PROTOCOLS_TO_12,
             K_DHE_DSS, B_AES_128, M_SHA, H_SHA256),
 
-    // 3DES_EDE
+    // AES_256(CBC) - using SHA, not forward screcy
+    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
+            0xC005, true, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_ECDSA, B_AES_256, M_SHA, H_SHA256),
+    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
+            0xC00F, true, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_RSA, B_AES_256, M_SHA, H_SHA256),
+
+    // AES_128(CBC) - using SHA, not forward screcy
+    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
+            0xC004, true, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_ECDSA, B_AES_128, M_SHA, H_SHA256),
+    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
+            0xC00E, true, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_RSA, B_AES_128, M_SHA, H_SHA256),
+
+    //
+    // deprecated, used for compatibility
+    //
+
+    // RSA, AES_256(GCM)
+    TLS_RSA_WITH_AES_256_GCM_SHA384(
+            0x009D, true, "TLS_RSA_WITH_AES_256_GCM_SHA384", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_RSA, B_AES_256_GCM, M_NULL, H_SHA384),
+
+    // RSA, AES_128(GCM)
+    TLS_RSA_WITH_AES_128_GCM_SHA256(
+            0x009C, true, "TLS_RSA_WITH_AES_128_GCM_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_RSA, B_AES_128_GCM, M_NULL, H_SHA256),
+
+    // RSA, AES_256(CBC)
+    TLS_RSA_WITH_AES_256_CBC_SHA256(
+            0x003D, true, "TLS_RSA_WITH_AES_256_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_RSA, B_AES_256, M_SHA256, H_SHA256),
+
+    // RSA, AES_128(CBC)
+    TLS_RSA_WITH_AES_128_CBC_SHA256(
+            0x003C, true, "TLS_RSA_WITH_AES_128_CBC_SHA256", "",
+            ProtocolVersion.PROTOCOLS_OF_12,
+            K_RSA, B_AES_128, M_SHA256, H_SHA256),
+
+    // RSA, AES_256(CBC) - using SHA, not forward screcy
+    TLS_RSA_WITH_AES_256_CBC_SHA(
+            0x0035, true, "TLS_RSA_WITH_AES_256_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_RSA, B_AES_256, M_SHA, H_SHA256),
+
+    // RSA, AES_128(CBC) - using SHA, not forward screcy
+    TLS_RSA_WITH_AES_128_CBC_SHA(
+            0x002F, true, "TLS_RSA_WITH_AES_128_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_RSA, B_AES_128, M_SHA, H_SHA256),
+
+    // 3DES_EDE, forward secrecy.
     TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
             0xC008, true, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
@@ -266,19 +322,6 @@
             0xC012, true, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "",
             ProtocolVersion.PROTOCOLS_TO_12,
             K_ECDHE_RSA, B_3DES, M_SHA, H_SHA256),
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA(
-            0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
-                          "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_RSA, B_3DES, M_SHA, H_SHA256),
-    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
-            0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
-    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
-            0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
-            ProtocolVersion.PROTOCOLS_TO_12,
-            K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
     SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
             0x0016, true, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
                           "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
@@ -290,6 +333,21 @@
             ProtocolVersion.PROTOCOLS_TO_12,
             K_DHE_DSS, B_3DES, M_SHA, H_SHA256),
 
+    // 3DES_EDE, not forward secrecy.
+    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
+            0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
+    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
+            0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
+    SSL_RSA_WITH_3DES_EDE_CBC_SHA(
+            0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
+                          "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+            ProtocolVersion.PROTOCOLS_TO_12,
+            K_RSA, B_3DES, M_SHA, H_SHA256),
+
     // Renegotiation protection request Signalling Cipher Suite Value (SCSV).
     TLS_EMPTY_RENEGOTIATION_INFO_SCSV(        //  RFC 5746, TLS 1.2 and prior
             0x00FF, true, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", "",
--- a/test/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java	Thu Aug 05 10:00:55 2021 +0000
+++ b/test/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java	Thu Jul 01 07:04:53 2021 +0000
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 4750141 4895631 8217579
+ * @bug 4750141 4895631 8217579 8163326
  * @summary Check enabled and supported ciphersuites are correct
  * @run main/othervm -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3" CheckCipherSuites default
  * @run main/othervm -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3" CheckCipherSuites limited
@@ -38,50 +38,91 @@
     // List of enabled cipher suites when the "crypto.policy" security
     // property is set to "unlimited" (the default value).
     private final static String[] ENABLED_DEFAULT = {
+        // TLS 1.3 cipher suites
+        "TLS_AES_256_GCM_SHA384",
         "TLS_AES_128_GCM_SHA256",
-        "TLS_AES_256_GCM_SHA384",
+
+        // Suite B compliant cipher suites
         "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
         "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(GCM) - ECDHE - forward screcy
         "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+        // AES_128(GCM) - ECDHE - forward screcy
+        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(GCM) - DHE - forward screcy
         "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
         "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_128(GCM) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(CBC) - ECDHE - forward screcy
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+
+        // AES_256(CBC) - ECDHE - forward screcy
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(CBC) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+        // AES_128(CBC) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(GCM) - not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+        // AES_128(GCM) - not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
         "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_RSA_WITH_AES_256_CBC_SHA256",
+
+        // AES_256(CBC) - not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
         "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+        // AES_128(CBC) - not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(CBC) - ECDHE - using SHA
         "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
         "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+        // AES_128(CBC) - ECDHE - using SHA
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+
+        // AES_256(CBC) - DHE - using SHA
         "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
         "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA",
+
+        // AES_128(CBC) - DHE - using SHA
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+        // AES_256(CBC) - using SHA, not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+        // AES_128(CBC) - using SHA, not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+        // deprecated
+        "TLS_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_RSA_WITH_AES_256_CBC_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_RSA_WITH_AES_256_CBC_SHA",
+        "TLS_RSA_WITH_AES_128_CBC_SHA",
         "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
     };
 
@@ -91,75 +132,116 @@
         "TLS_AES_128_GCM_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
         "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
         "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
         "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA",
         "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
     };
 
     // List of supported cipher suites when the "crypto.policy" security
     // property is set to "unlimited" (the default value).
     private final static String[] SUPPORTED_DEFAULT = {
+         // TLS 1.3 cipher suites
+        "TLS_AES_256_GCM_SHA384",
         "TLS_AES_128_GCM_SHA256",
-        "TLS_AES_256_GCM_SHA384",
+
+        // Suite B compliant cipher suites
         "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
         "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(GCM) - ECDHE - forward screcy
         "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+        // AES_128(GCM) - ECDHE - forward screcy
+        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(GCM) - DHE - forward screcy
         "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
         "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+
+        // AES_128(GCM) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+
+        // AES_256(CBC) - ECDHE - forward screcy
+        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+
+        // AES_256(CBC) - ECDHE - forward screcy
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(CBC) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+        // AES_128(CBC) - DHE - forward screcy
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(GCM) - not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+
+        // AES_128(GCM) - not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
         "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_RSA_WITH_AES_256_CBC_SHA256",
+
+        // AES_256(CBC) - not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
         "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+
+        // AES_128(CBC) - not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+
+        // AES_256(CBC) - ECDHE - using SHA
         "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
         "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+        // AES_128(CBC) - ECDHE - using SHA
+        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+
+        // AES_256(CBC) - DHE - using SHA
         "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
         "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA",
+
+        // AES_128(CBC) - DHE - using SHA
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+        // AES_256(CBC) - using SHA, not forward screcy
+        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+        // AES_128(CBC) - using SHA, not forward screcy
         "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+
+        // deprecated
+        "TLS_RSA_WITH_AES_256_GCM_SHA384",
+        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_RSA_WITH_AES_256_CBC_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_RSA_WITH_AES_256_CBC_SHA",
+        "TLS_RSA_WITH_AES_128_CBC_SHA",
         "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
     };
 
@@ -169,25 +251,25 @@
         "TLS_AES_128_GCM_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
         "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
         "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
         "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
         "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
         "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+        "TLS_RSA_WITH_AES_128_GCM_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA256",
+        "TLS_RSA_WITH_AES_128_CBC_SHA",
         "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
     };
 
@@ -220,7 +302,8 @@
             throw new Exception("Illegal argument");
         }
 
-        SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
+        SSLSocketFactory factory =
+                (SSLSocketFactory)SSLSocketFactory.getDefault();
         SSLSocket socket = (SSLSocket)factory.createSocket();
         String[] enabled = socket.getEnabledCipherSuites();
 
@@ -249,5 +332,4 @@
         long end = System.currentTimeMillis();
         System.out.println("Done (" + (end - start) + " ms).");
     }
-
 }
--- a/test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java	Thu Aug 05 10:00:55 2021 +0000
+++ b/test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java	Thu Jul 01 07:04:53 2021 +0000
@@ -41,115 +41,159 @@
     // Supported ciphersuites
     private final static List<String> supportedCipherSuites
             = Arrays.<String>asList(
-        "TLS_AES_128_GCM_SHA256",
-        "TLS_AES_256_GCM_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-        "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-
-        "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
-        "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
-        "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
-        "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
-        "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
-        "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
-        "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+                    // TLS 1.3 cipher suites.
+                    "TLS_AES_256_GCM_SHA384",
+                    "TLS_AES_128_GCM_SHA256",
+                    // Suite B compliant cipher suites, see RFC 6460.
+                    "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+                    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+                    //
+                    // Forward secrecy cipher suites.
+                    //
+                    // AES_256(GCM) - ECDHE
+                    "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+                    // AES_128(GCM) - ECDHE
+                    "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+                    // AES_256(GCM) - DHE
+                    "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+                    "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+                    // AES_128(GCM) - DHE
+                    "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+                    "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+                    // AES_256(CBC) - ECDHE
+                    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+                    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+                    // AES_128(CBC) - ECDHE
+                    "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+                    "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+                    // AES_256(CBC) - DHE
+                    "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+                    "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+                    // AES_128(CBC) - DHE
+                    "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+                    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+                    //
+                    // Not forward secret cipher suites.
+                    //
+                    // AES_256(GCM)
+                    "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+                    "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+                    // AES_128(GCM)
+                    "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+                    "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+                    // AES_256(CBC)
+                    "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+                    "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+                    // AES_128(CBC)
+                    "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+                    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+                    //
+                    // Legacy, used for compatibility
+                    //
+                    // AES_256(CBC) - ECDHE - Using SHA
+                    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+                    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+                    // AES_128(CBC) - ECDHE - using SHA
+                    "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+                    "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+                    // AES_256(CBC) - DHE - Using SHA
+                    "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+                    "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+                    // AES_128(CBC) - DHE - using SHA
+                    "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+                    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+                    // AES_256(CBC) - using SHA, not forward secrecy
+                    "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+                    "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+                    // AES_128(CBC) - using SHA, not forward secrecy
+                    "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+                    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+                    //
+                    // Deprecated, used for compatibility
+                    //
+                    // RSA, AES_256(GCM)
+                    "TLS_RSA_WITH_AES_256_GCM_SHA384",
+                    // RSA, AES_128(GCM)
+                    "TLS_RSA_WITH_AES_128_GCM_SHA256",
+                    // RSA, AES_256(CBC)
+                    "TLS_RSA_WITH_AES_256_CBC_SHA256",
+                    // RSA, AES_128(CBC)
+                    "TLS_RSA_WITH_AES_128_CBC_SHA256",
+                    // RSA, AES_256(CBC) - using SHA, not forward secrecy
+                    "TLS_RSA_WITH_AES_256_CBC_SHA",
+                    // RSA, AES_128(CBC) - using SHA, not forward secrecy
+                    "TLS_RSA_WITH_AES_128_CBC_SHA",
+                    // 3DES_EDE, forward secrecy.
+                    "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
+                    "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
+                    "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
+                    "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+                    // 3DES_EDE, not forward secrecy.
+                    "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
+                    "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
+                    "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
+                    // Renegotiation protection request Signalling
+                    // Cipher Suite Value (SCSV).
+                    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
+                    // Definition of the Cipher Suites that are supported but not
+                    // enabled by default.
+                    "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
+                    "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
+                    "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
+                    "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
+                    "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+                    "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
+                    "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+                    "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+                    "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+                    "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+                    // RC4
+                    "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+                    "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+                    "SSL_RSA_WITH_RC4_128_SHA",
+                    "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+                    "TLS_ECDH_RSA_WITH_RC4_128_SHA",
+                    "SSL_RSA_WITH_RC4_128_MD5",
+                    "TLS_ECDH_anon_WITH_RC4_128_SHA",
+                    "SSL_DH_anon_WITH_RC4_128_MD5",
+                    // Weak cipher suites obsoleted in TLS 1.2 [RFC 5246]
+                    "SSL_RSA_WITH_DES_CBC_SHA",
+                    "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+                    "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+                    "SSL_DH_anon_WITH_DES_CBC_SHA",
+                    // Weak cipher suites obsoleted in TLS 1.1  [RFC 4346]
+                    "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+                    "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+                    "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
+                    "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+                    "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+                    "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
+                    // No traffic encryption cipher suites
+                    "TLS_RSA_WITH_NULL_SHA256",
+                    "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+                    "TLS_ECDHE_RSA_WITH_NULL_SHA",
+                    "SSL_RSA_WITH_NULL_SHA",
+                    "TLS_ECDH_ECDSA_WITH_NULL_SHA",
+                    "TLS_ECDH_RSA_WITH_NULL_SHA",
+                    "TLS_ECDH_anon_WITH_NULL_SHA",
+                    "SSL_RSA_WITH_NULL_MD5",
 
-        "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
-
-        "TLS_DH_anon_WITH_AES_256_GCM_SHA384",
-        "TLS_DH_anon_WITH_AES_128_GCM_SHA256",
-
-        "TLS_DH_anon_WITH_AES_256_CBC_SHA256",
-        "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
-        "TLS_DH_anon_WITH_AES_256_CBC_SHA",
-        "TLS_DH_anon_WITH_AES_128_CBC_SHA256",
-        "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
-        "TLS_DH_anon_WITH_AES_128_CBC_SHA",
-        "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
-        "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
-
-        "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
-        "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
-        "SSL_RSA_WITH_RC4_128_SHA",
-        "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
-        "TLS_ECDH_RSA_WITH_RC4_128_SHA",
-        "SSL_RSA_WITH_RC4_128_MD5",
-        "TLS_ECDH_anon_WITH_RC4_128_SHA",
-        "SSL_DH_anon_WITH_RC4_128_MD5",
-
-        "SSL_RSA_WITH_DES_CBC_SHA",
-        "SSL_DHE_RSA_WITH_DES_CBC_SHA",
-        "SSL_DHE_DSS_WITH_DES_CBC_SHA",
-        "SSL_DH_anon_WITH_DES_CBC_SHA",
-        "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
-        "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
-        "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
-        "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
-
-        "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
-        "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
-
-        "TLS_RSA_WITH_NULL_SHA256",
-        "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
-        "TLS_ECDHE_RSA_WITH_NULL_SHA",
-        "SSL_RSA_WITH_NULL_SHA",
-        "TLS_ECDH_ECDSA_WITH_NULL_SHA",
-        "TLS_ECDH_RSA_WITH_NULL_SHA",
-        "TLS_ECDH_anon_WITH_NULL_SHA",
-        "SSL_RSA_WITH_NULL_MD5",
-
-        "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
-        "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
-        "TLS_KRB5_WITH_RC4_128_SHA",
-        "TLS_KRB5_WITH_RC4_128_MD5",
-        "TLS_KRB5_WITH_DES_CBC_SHA",
-        "TLS_KRB5_WITH_DES_CBC_MD5",
-        "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
-        "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
-        "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
-        "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
-    );
+                    "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
+                    "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
+                    "TLS_KRB5_WITH_RC4_128_SHA",
+                    "TLS_KRB5_WITH_RC4_128_MD5",
+                    "TLS_KRB5_WITH_DES_CBC_SHA",
+                    "TLS_KRB5_WITH_DES_CBC_MD5",
+                    "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
+                    "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
+                    "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
+                    "TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
+                    // Definition of the cipher suites that are not supported but the names
+                    // are known.
+                    "TLS_CHACHA20_POLY1305_SHA256",
+                    "TLS_AES_128_CCM_SHA256",
+                    "TLS_AES_128_CCM_8_SHA256"
+            );
 
     private final static String[] protocols = {
         "", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"
@@ -159,7 +203,7 @@
     public static void main(String[] args) throws Exception {
         // show all of the supported cipher suites
         showSuites(supportedCipherSuites.toArray(new String[0]),
-                 "All supported cipher suites");
+                "All supported cipher suites");
 
         for (String protocol : protocols) {
             System.out.println("//");