org.bouncycastle.jsse.provider.FipsUtils Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bctls-fips Show documentation
Show all versions of bctls-fips Show documentation
The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified and used appropriately.
The newest version!
package org.bouncycastle.jsse.provider;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.bouncycastle.tls.NamedGroup;
import org.bouncycastle.tls.SignatureScheme;
abstract class FipsUtils
{
private static final boolean provAllowRSAKeyExchange = PropertyUtils
.getBooleanSystemProperty("org.bouncycastle.jsse.fips.allowRSAKeyExchange", false);
private static final Set FIPS_CIPHERSUITES = createFipsCipherSuites(false);
private static final Set FIPS_CIPHERSUITES_GCM12 = createFipsCipherSuites(true);
private static final Set FIPS_PROTOCOLS = createProtocols();
private static Set createFipsCipherSuites(boolean includeGCM12)
{
/*
* Cipher suite list current as of NIST SP 800-52 Revision 2.
*
* Static (EC)DH cipher suites commented out since not supported by BCJSSE.
*
* PSK cipher suites from Appendix C left out completely since the BCJSSE provider does not
* currently support _any_ PSK key exchange methods.
*/
final Set cs = new HashSet();
cs.add("TLS_AES_128_CCM_8_SHA256");
cs.add("TLS_AES_128_CCM_SHA256");
cs.add("TLS_AES_128_GCM_SHA256");
cs.add("TLS_AES_256_GCM_SHA384");
// cs.add("TLS_DH_DSS_WITH_AES_128_CBC_SHA");
// cs.add("TLS_DH_DSS_WITH_AES_128_CBC_SHA256");
// cs.add("TLS_DH_DSS_WITH_AES_256_CBC_SHA");
// cs.add("TLS_DH_DSS_WITH_AES_256_CBC_SHA256");
// cs.add("TLS_DH_RSA_WITH_AES_128_CBC_SHA");
// cs.add("TLS_DH_RSA_WITH_AES_128_CBC_SHA256");
// cs.add("TLS_DH_RSA_WITH_AES_256_CBC_SHA");
// cs.add("TLS_DH_RSA_WITH_AES_256_CBC_SHA256");
cs.add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
cs.add("TLS_DHE_DSS_WITH_AES_128_CBC_SHA256");
cs.add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA");
cs.add("TLS_DHE_DSS_WITH_AES_256_CBC_SHA256");
cs.add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA");
cs.add("TLS_DHE_RSA_WITH_AES_128_CBC_SHA256");
cs.add("TLS_DHE_RSA_WITH_AES_128_CCM");
cs.add("TLS_DHE_RSA_WITH_AES_128_CCM_8");
cs.add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA");
cs.add("TLS_DHE_RSA_WITH_AES_256_CBC_SHA256");
cs.add("TLS_DHE_RSA_WITH_AES_256_CCM");
cs.add("TLS_DHE_RSA_WITH_AES_256_CCM_8");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384");
// cs.add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA");
// cs.add("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256");
// cs.add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA");
// cs.add("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_128_CCM");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_256_CCM");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8");
cs.add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA");
cs.add("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256");
cs.add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
cs.add("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384");
if (includeGCM12)
{
// cs.add("TLS_DH_DSS_WITH_AES_128_GCM_SHA256");
// cs.add("TLS_DH_DSS_WITH_AES_256_GCM_SHA384");
// cs.add("TLS_DH_RSA_WITH_AES_128_GCM_SHA256");
// cs.add("TLS_DH_RSA_WITH_AES_256_GCM_SHA384");
cs.add("TLS_DHE_DSS_WITH_AES_128_GCM_SHA256");
cs.add("TLS_DHE_DSS_WITH_AES_256_GCM_SHA384");
cs.add("TLS_DHE_RSA_WITH_AES_128_GCM_SHA256");
cs.add("TLS_DHE_RSA_WITH_AES_256_GCM_SHA384");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
// cs.add("TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384");
// cs.add("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256");
// cs.add("TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
cs.add("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
cs.add("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
cs.add("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
}
if (provAllowRSAKeyExchange)
{
cs.add("TLS_RSA_WITH_AES_128_CBC_SHA");
cs.add("TLS_RSA_WITH_AES_128_CBC_SHA256");
cs.add("TLS_RSA_WITH_AES_128_CCM");
cs.add("TLS_RSA_WITH_AES_128_CCM_8");
cs.add("TLS_RSA_WITH_AES_256_CBC_SHA");
cs.add("TLS_RSA_WITH_AES_256_CBC_SHA256");
cs.add("TLS_RSA_WITH_AES_256_CCM");
cs.add("TLS_RSA_WITH_AES_256_CCM_8");
if (includeGCM12)
{
cs.add("TLS_RSA_WITH_AES_128_GCM_SHA256");
cs.add("TLS_RSA_WITH_AES_256_GCM_SHA384");
}
}
return Collections.unmodifiableSet(cs);
}
private static Set createProtocols()
{
final Set ps = new HashSet();
ps.add("TLSv1");
ps.add("TLSv1.1");
ps.add("TLSv1.2");
ps.add("TLSv1.3");
return Collections.unmodifiableSet(ps);
}
private static Set getFipsCipherSuites(boolean includeGCM12)
{
return includeGCM12 ? FIPS_CIPHERSUITES_GCM12 : FIPS_CIPHERSUITES;
}
static boolean isFipsCipherSuite(String cipherSuite, boolean includeGCM12)
{
return cipherSuite != null && getFipsCipherSuites(includeGCM12).contains(cipherSuite);
}
static boolean isFipsNamedGroup(int namedGroup)
{
/*
* NOTE: NIST SP 800-56A Revision 3 Appendix D lists several more SEC curves, however they
* are all obsolete as of TLS 1.3.
*/
switch (namedGroup)
{
case NamedGroup.secp256r1:
case NamedGroup.secp384r1:
case NamedGroup.secp521r1:
case NamedGroup.ffdhe2048:
case NamedGroup.ffdhe3072:
case NamedGroup.ffdhe4096:
case NamedGroup.ffdhe6144:
case NamedGroup.ffdhe8192:
return true;
case NamedGroup.x25519:
case NamedGroup.x448:
default:
return false;
}
}
static boolean isFipsProtocol(String protocol)
{
return protocol != null && FIPS_PROTOCOLS.contains(protocol);
}
static boolean isFipsSignatureScheme(int signatureScheme)
{
switch (signatureScheme)
{
case SignatureSchemeInfo.historical_dsa_sha1:
case SignatureSchemeInfo.historical_dsa_sha224:
case SignatureSchemeInfo.historical_dsa_sha256:
case SignatureScheme.ecdsa_sha1:
case SignatureSchemeInfo.historical_ecdsa_sha224:
case SignatureScheme.ecdsa_secp256r1_sha256:
case SignatureScheme.ecdsa_secp384r1_sha384:
case SignatureScheme.ecdsa_secp521r1_sha512:
case SignatureScheme.rsa_pkcs1_sha1:
case SignatureSchemeInfo.historical_rsa_sha224:
case SignatureScheme.rsa_pkcs1_sha256:
case SignatureScheme.rsa_pkcs1_sha384:
case SignatureScheme.rsa_pkcs1_sha512:
case SignatureScheme.rsa_pss_pss_sha256:
case SignatureScheme.rsa_pss_pss_sha384:
case SignatureScheme.rsa_pss_pss_sha512:
case SignatureScheme.rsa_pss_rsae_sha256:
case SignatureScheme.rsa_pss_rsae_sha384:
case SignatureScheme.rsa_pss_rsae_sha512:
return true;
case SignatureScheme.ed25519:
case SignatureScheme.ed448:
default:
return false;
}
}
static void removeNonFipsCipherSuites(Collection cipherSuites, boolean includeGCM12)
{
cipherSuites.retainAll(getFipsCipherSuites(includeGCM12));
}
static void removeNonFipsProtocols(Collection protocols)
{
protocols.retainAll(FIPS_PROTOCOLS);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy