All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.wildfly.openssl.Cipher Maven / Gradle / Ivy

There is a newer version: 2.2.5.Final
Show newest version
/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.wildfly.openssl;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * All the standard cipher suites for SSL/TSL.
 *
 * @see OpenSSL cipher definitions
 * @see The cipher suite registry
 * @see Another list of cipher suites with some non-standard IDs
 * @see Oracle standard names for cipher suites
 * @see Mapping of OpenSSL cipher suites names to registry names
 * @see SSL Labs tool - list of ciphers
 * @see OpenJDK source code
 */
public enum Cipher {

    /* Cipher 0
     * TLS_NULL_WITH_NULL_NULL
     * Must never be negotiated. Used internally to represent the initial
     * unprotected state of a connection.
     */

    /* The RSA ciphers */
    // Cipher 01
    TLS_RSA_WITH_NULL_MD5(
            0x0001,
            "NULL-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.eNULL,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.STRONG_NONE,
            false,
            0,
            0,
            "SSL_RSA_WITH_NULL_MD5"
    ),
    // Cipher 02
    TLS_RSA_WITH_NULL_SHA(
            0x0002,
            "NULL-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0,
            "SSL_RSA_WITH_NULL_SHA"
    ),
    // Cipher 03
    TLS_RSA_EXPORT_WITH_RC4_40_MD5(
            0x0003,
            "EXP-RC4-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128,
            "SSL_RSA_EXPORT_WITH_RC4_40_MD5"
    ),
    // Cipher 04
    TLS_RSA_WITH_RC4_128_MD5(
            0x0004,
            "RC4-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_RSA_WITH_RC4_128_MD5"
    ),
    // Cipher 05
    TLS_RSA_WITH_RC4_128_SHA(
            0x0005,
            "RC4-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_RSA_WITH_RC4_128_SHA"
    ),
    // Cipher 06
    TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5(
            0x0006,
            "EXP-RC2-CBC-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC2,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128,
            "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
    ),
    // Cipher 07
    TLS_RSA_WITH_IDEA_CBC_SHA(
            0x0007,
            "IDEA-CBC-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.IDEA,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_RSA_WITH_IDEA_CBC_SHA"
    ),
    // Cipher 08
    TLS_RSA_EXPORT_WITH_DES40_CBC_SHA(
            0x0008,
            "EXP-DES-CBC-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56,
            "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 09
    TLS_RSA_WITH_DES_CBC_SHA(
            0x0009,
            "DES-CBC-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_RSA_WITH_DES_CBC_SHA"
    ),
    // Cipher 0A
    TLS_RSA_WITH_3DES_EDE_CBC_SHA(
            0x000A,
            "DES-CBC3-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
    ),
    /* The DH ciphers */
    // Cipher 0B
    TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA(
            0x000B,
            "EXP-DH-DSS-DES-CBC-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56,
            "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 0C
    TLS_DH_DSS_WITH_DES_CBC_SHA(
            0x000C,
            "DH-DSS-DES-CBC-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_DH_DSS_WITH_DES_CBC_SHA"
    ),
    // Cipher 0D
    TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA(
            0x000D,
            "DH-DSS-DES-CBC3-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"
    ),
    // Cipher 0E
    TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA(
            0x000E,
            "EXP-DH-RSA-DES-CBC-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56,
            "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 0F
    TLS_DH_RSA_WITH_DES_CBC_SHA(
            0x000F,
            "DH-RSA-DES-CBC-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_DH_RSA_WITH_DES_CBC_SHA"
    ),
    // Cipher 10
    TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA(
            0x0010,
            "DH-RSA-DES-CBC3-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"
    ),
    /* The Ephemeral DH ciphers */
    // Cipher 11
    TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA(
            0x0011,
            "EXP-DHE-DSS-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56,
            "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 12
    TLS_DHE_DSS_WITH_DES_CBC_SHA(
            0x0012,
            "DHE-DSS-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_DHE_DSS_WITH_DES_CBC_SHA"
    ),
    // Cipher 13
    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA(
            0x0013,
            "DHE-DSS-DES-CBC3-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
    ),
    // Cipher 14
    TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA(
            0x0014,
            "EXP-DHE-RSA-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56,
            "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 15
    TLS_DHE_RSA_WITH_DES_CBC_SHA(
            0x0015,
            "DHE-RSA-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_DHE_RSA_WITH_DES_CBC_SHA"
    ),
    // Cipher 16
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
            0x0016,
            "DHE-RSA-DES-CBC3-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
    ),
    // Cipher 17
    TLS_DH_anon_EXPORT_WITH_RC4_40_MD5(
            0x0017,
            "EXP-ADH-RC4-MD5",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128,
            "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"
    ),
    // Cipher 18
    TLS_DH_anon_WITH_RC4_128_MD5(
            0x0018,
            "ADH-RC4-MD5",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_DH_anon_WITH_RC4_128_MD5"
    ),
    // Cipher 19
    TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA(
            0x0019,
            "EXP-ADH-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128,
            "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
    ),
    // Cipher 1A
    TLS_DH_anon_WITH_DES_CBC_SHA(
            0x001A,
            "ADH-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_DH_anon_WITH_DES_CBC_SHA"
    ),
    // Cipher 1B
    TLS_DH_anon_WITH_3DES_EDE_CBC_SHA(
            0x001B,
            "ADH-DES-CBC3-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168,
            "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"
    ),
    /* Fortezza ciphersuite from SSL 3.0 spec
     * Neither OpenSSL nor Java implement these ciphers and the IDs used
     * overlap partially with the IDs used by the Kerberos ciphers
    // Cipher 1C
    SSL_FORTEZZA_DMS_WITH_NULL_SHA(
            "FZA-NULL-SHA",
            KeyExchange.FZA,
            Authentication.FZA,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.STRONG_NONE,
            false,
            0,
            0
    ),
    // Cipher 1D
    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA(
            "FZA-FZA-CBC-SHA",
            KeyExchange.FZA,
            Authentication.FZA,
            Encryption.FZA,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.STRONG_NONE,
            false,
            0,
            0
    ),
    // Cipher 1E - overlaps with Kerberos below
    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA(
            "FZA-RC4-SHA",
            KeyExchange.FZA,
            Authentication.FZA,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
     */
    /* The Kerberos ciphers. OpenSSL doesn't support these. Java does but they
     * are used for Kerberos authentication.
     */
    // Cipher 1E - overlaps with Fortezza above
    /*TLS_KRB5_WITH_DES_CBC_SHA(
            "KRB5-DES-CBC-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56
    ),
    // Cipher 1F
    TLS_KRB5_WITH_3DES_EDE_CBC_SHA(
            "KRB5-DES-CBC3-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher 20
    TLS_KRB5_WITH_RC4_128_SHA(
            "KRB5-RC4-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 21
    TLS_KRB5_WITH_IDEA_CBC_SHA(
            "KRB5-IDEA-CBC-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.IDEA,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 22
    TLS_KRB5_WITH_DES_CBC_MD5(
            "KRB5-DES-CBC-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.DES,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56
    ),
    // Cipher 23
    TLS_KRB5_WITH_3DES_EDE_CBC_MD5(
            "KRB5-DES-CBC3-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.TRIPLE_DES,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.HIGH,
            false,
            112,
            168
    ),
    // Cipher 24
    TLS_KRB5_WITH_RC4_128_MD5(
            "KRB5-RC4-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 25
    TLS_KRB5_WITH_IDEA_CBC_MD5(
            "KRB5-IDEA-CBC-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.IDEA,
            MessageDigest.MD5,
            Protocol.SSLv3,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 26
    TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA(
            "EXP-KRB5-DES-CBC-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56
    ),
    // Cipher 27
    TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA(
            "EXP-KRB5-RC2-CBC-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC2,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128
    ),
    // Cipher 28
    TLS_KRB5_EXPORT_WITH_RC4_40_SHA(
            "EXP-KRB5-RC4-SHA",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128
    ),
    // Cipher 29
    TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5(
            "EXP-KRB5-DES-CBC-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.DES,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            56
    ),
    // Cipher 2A
    TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5(
            "EXP-KRB5-RC2-CBC-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC2,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128
    ),
    // Cipher 2B
    TLS_KRB5_EXPORT_WITH_RC4_40_MD5(
            "EXP-KRB5-RC4-MD5",
            KeyExchange.KRB5,
            Authentication.KRB5,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv3,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128
    ),*/

    /* PSK cipher suites from RFC 4785
     * Unsupported by both Java and OpenSSL.
    // Cipher 2C
    TLS_PSK_WITH_NULL_SHA

    // Cipher 2D
    TLS_DHE_PSK_WITH_NULL_SHA

    // Cipher 2E
    TLS_RSA_PSK_WITH_NULL_SHA
    */

    /* New AES ciphersuites */
    // Cipher 2F
    TLS_RSA_WITH_AES_128_CBC_SHA(
            0x002f,
            "AES128-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 30
    TLS_DH_DSS_WITH_AES_128_CBC_SHA(
            0x0030,
            "DH-DSS-AES128-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 31
    TLS_DH_RSA_WITH_AES_128_CBC_SHA(
            0x0031,
            "DH-RSA-AES128-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 32
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA(
            0x0032,
            "DHE-DSS-AES128-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 33
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA(
            0x0033,
            "DHE-RSA-AES128-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 34
    TLS_DH_anon_WITH_AES_128_CBC_SHA(
            0x0034,
            "ADH-AES128-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 35
    TLS_RSA_WITH_AES_256_CBC_SHA(
            0x0035,
            "AES256-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 36
    TLS_DH_DSS_WITH_AES_256_CBC_SHA(
            0x0036,
            "DH-DSS-AES256-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 37
    TLS_DH_RSA_WITH_AES_256_CBC_SHA(
            0x0037,
            "DH-RSA-AES256-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 38
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA(
            0x0038,
            "DHE-DSS-AES256-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 39
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA(
            0x0039,
            "DHE-RSA-AES256-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 3A
    TLS_DH_anon_WITH_AES_256_CBC_SHA(
            0x003A,
            "ADH-AES256-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    /* TLS v1.2 ciphersuites */
    // Cipher 3B
    TLS_RSA_WITH_NULL_SHA256(
            0x003B,
            "NULL-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.eNULL,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher 3C
    TLS_RSA_WITH_AES_128_CBC_SHA256(
            0x003C,
            "AES128-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 3D
    TLS_RSA_WITH_AES_256_CBC_SHA256(
            0x003D,
            "AES256-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 3E
    TLS_DH_DSS_WITH_AES_128_CBC_SHA256(
            0x003E,
            "DH-DSS-AES128-SHA256",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 3F
    TLS_DH_RSA_WITH_AES_128_CBC_SHA256(
            0x003F,
            "DH-RSA-AES128-SHA256",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 40
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
            0x0040,
            "DHE-DSS-AES128-SHA256",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    /* Camellia ciphersuites from RFC4132 (
            128-bit portion) */
    // Cipher 41
    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA(
            0x0041,
            "CAMELLIA128-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher 42
    TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA(
            0x0042,
            "DH-DSS-CAMELLIA128-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher 43
    TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA(
            0x0043,
            "DH-RSA-CAMELLIA128-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher 44
    TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA(
            0x0044,
            "DHE-DSS-CAMELLIA128-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher 45
    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA(
            0x0045,
            "DHE-RSA-CAMELLIA128-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher 46
    TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA(
            0x0046,
            "ADH-CAMELLIA128-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.CAMELLIA128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    /* Experimental (and now expired) TLSv1 versions of SSLv3 ciphers.
     * Unsupported by Java and OpenSSL.
    // Cipher 60
    TLS_RSA_EXPORT1024_WITH_RC4_56_MD5(
            "EXP1024-RC4-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            128,
            "SSL_RSA_EXPORT1024_WITH_RC4_56_MD5"
    ),
    // Cipher 61
    TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5(
            "EXP1024-RC2-CBC-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC2,
            MessageDigest.MD5,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            128,
            "SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD"
    ),
    // Cipher 62
    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA(
            "EXP1024-DES-CBC-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            56,
            "SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA"
    ),
    // Cipher 63
    TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA(
            "EXP1024-DHE-DSS-DES-CBC-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            56,
            "SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA"
    ),
    // Cipher 64
    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA(
            "EXP1024-RC4-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            128,
            "SSL_RSA_EXPORT1024_WITH_RC4_56_SHA"
    ),
    // Cipher 65
    TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA(
            "EXP1024-DHE-DSS-RC4-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            true,
            EncryptionLevel.EXP56,
            false,
            56,
            128,
            "SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA"
    ),
    // Cipher 66
    TLS_DHE_DSS_WITH_RC4_128_SHA(
            "DHE-DSS-RC4-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_DHE_DSS_WITH_RC4_128_SHA"
    ),*/
    /* TLS v1.2 ciphersuites */
    // Cipher 67
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
            0x0067,
            "DHE-RSA-AES128-SHA256",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 68
    TLS_DH_DSS_WITH_AES_256_CBC_SHA256(
            0x0068,
            "DH-DSS-AES256-SHA256",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 69
    TLS_DH_RSA_WITH_AES_256_CBC_SHA256(
            0x0069,
            "DH-RSA-AES256-SHA256",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 6A
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(
            0x006A,
            "DHE-DSS-AES256-SHA256",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 6B
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(
            0x006B,
            "DHE-RSA-AES256-SHA256",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 6C
    TLS_DH_anon_WITH_AES_128_CBC_SHA256(
            0x006C,
            "ADH-AES128-SHA256",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 6D
    TLS_DH_anon_WITH_AES_256_CBC_SHA256(
            0x006D,
            "ADH-AES256-SHA256",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    /* GOST Ciphersuites. Unsupported by Java. OpenSSl lists them with IDs
     * 0x3000080 to 0x3000083 */
    /*
    // Cipher 80
    TLS_GOSTR341094_WITH_28147_CNT_IMIT(
            "GOST94-GOST89-GOST89",
            KeyExchange.GOST,
            Authentication.GOST94,
            Encryption.eGOST2814789CNT,
            MessageDigest.GOST89MAC,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 81
    TLS_GOSTR341001_WITH_28147_CNT_IMIT(
            "GOST2001-GOST89-GOST89",
            KeyExchange.GOST,
            Authentication.GOST01,
            Encryption.eGOST2814789CNT,
            MessageDigest.GOST89MAC,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 82
    TLS_GOSTR341094_WITH_NULL_GOSTR3411(
            "GOST94-NULL-GOST94",
            KeyExchange.GOST,
            Authentication.GOST94,
            Encryption.eNULL,
            MessageDigest.GOST94,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            false,
            0,
            0
    ),
    // Cipher 83
    TLS_GOSTR341001_WITH_NULL_GOSTR3411(
            "GOST2001-NULL-GOST94",
            KeyExchange.GOST,
            Authentication.GOST01,
            Encryption.eNULL,
            MessageDigest.GOST94,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            false,
            0,
            0
    ),*/
    /* Camellia ciphersuites from RFC4132 (
            256-bit portion) */
    // Cipher 84
    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA(
            0x0084,
            "CAMELLIA256-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 85
    TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA(
            0x0085,
            "DH-DSS-CAMELLIA256-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 86
    TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA(
            0x0086,
            "DH-RSA-CAMELLIA256-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 87
    TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA(
            0x0087,
            "DHE-DSS-CAMELLIA256-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 88
    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA(
            0x0088,
            "DHE-RSA-CAMELLIA256-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 89
    TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA(
            0x0089,
            "ADH-CAMELLIA256-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.CAMELLIA256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher 8A
    TLS_PSK_WITH_RC4_128_SHA(
            0x008A,
            "PSK-RC4-SHA",
            KeyExchange.PSK,
            Authentication.PSK,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 8B
    TLS_PSK_WITH_3DES_EDE_CBC_SHA(
            0x008B,
            "PSK-3DES-EDE-CBC-SHA",
            KeyExchange.PSK,
            Authentication.PSK,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher 8C
    TLS_PSK_WITH_AES_128_CBC_SHA(
            0x008C,
            "PSK-AES128-CBC-SHA",
            KeyExchange.PSK,
            Authentication.PSK,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 8D
    TLS_PSK_WITH_AES_256_CBC_SHA(
            0x008D,
            "PSK-AES256-CBC-SHA",
            KeyExchange.PSK,
            Authentication.PSK,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),

    /* PSK ciphers 0x008E to 0x0095
     * Unsupported by both Java and OpenSSL
     */

    /* SEED ciphersuites from RFC4162 */
    // Cipher 96
    TLS_RSA_WITH_SEED_CBC_SHA(
            0x0096,
            "SEED-SHA",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 97
    TLS_DH_DSS_WITH_SEED_CBC_SHA(
            0x0097,
            "DH-DSS-SEED-SHA",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 98
    TLS_DH_RSA_WITH_SEED_CBC_SHA(
            0x0098,
            "DH-RSA-SEED-SHA",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 99
    TLS_DHE_DSS_WITH_SEED_CBC_SHA(
            0x0099,
            "DHE-DSS-SEED-SHA",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 9A
    TLS_DHE_RSA_WITH_SEED_CBC_SHA(
            0x009A,
            "DHE-RSA-SEED-SHA",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 9B
    TLS_DH_anon_WITH_SEED_CBC_SHA(
            0x009B,
            "ADH-SEED-SHA",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.SEED,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    /* GCM ciphersuites from RFC5288 */
    // Cipher 9C
    TLS_RSA_WITH_AES_128_GCM_SHA256(
            0x009C,
            "AES128-GCM-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 9D
    TLS_RSA_WITH_AES_256_GCM_SHA384(
            0x009D,
            "AES256-GCM-SHA384",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher 9E
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(
            0x009E,
            "DHE-RSA-AES128-GCM-SHA256",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher 9F
    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(
            0x009F,
            "DHE-RSA-AES256-GCM-SHA384",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher A0
    TLS_DH_RSA_WITH_AES_128_GCM_SHA256(
            0x00A0,
            "DH-RSA-AES128-GCM-SHA256",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher A1
    TLS_DH_RSA_WITH_AES_256_GCM_SHA384(
            0x00A1,
            "DH-RSA-AES256-GCM-SHA384",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher A2
    TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(
            0x00A2,
            "DHE-DSS-AES128-GCM-SHA256",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher A3
    TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(
            0x00A3,
            "DHE-DSS-AES256-GCM-SHA384",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher A4
    TLS_DH_DSS_WITH_AES_128_GCM_SHA256(
            0x00A4,
            "DH-DSS-AES128-GCM-SHA256",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher A5
    TLS_DH_DSS_WITH_AES_256_GCM_SHA384(
            0x00A5,
            "DH-DSS-AES256-GCM-SHA384",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher A6
    TLS_DH_anon_WITH_AES_128_GCM_SHA256(
            0x00A6,
            "ADH-AES128-GCM-SHA256",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher A7
    TLS_DH_anon_WITH_AES_256_GCM_SHA384(
            0x00A7,
            "ADH-AES256-GCM-SHA384",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),

    /* PSK ciphers 0x00A8 to 0x00B9
     * Unsupported by both Java and OpenSSL
     */

    // Cipher BA
    TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BA,
            "CAMELLIA128-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher BB
    TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BB,
            "DH-DSS-CAMELLIA128-SHA256",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher BC
    TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BC,
            "DH-RSA-CAMELLIA128-SHA256",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher BD
    TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BD,
            "DHE-DSS-CAMELLIA128-SHA256",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher BE
    TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BE,
            "DHE-RSA-CAMELLIA128-SHA256",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher BF
    TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256(
            0x00BF,
            "ADH-CAMELLIA128-SHA256",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher C0
    TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C0,
            "CAMELLIA256-SHA256",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C1
    TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C1,
            "DH-DSS-CAMELLIA256-SHA256",
            KeyExchange.DHd,
            Authentication.DH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C2
    TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C2,
            "DH-RSA-CAMELLIA256-SHA256",
            KeyExchange.DHr,
            Authentication.DH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C3
    TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C3,
            "DHE-DSS-CAMELLIA256-SHA256",
            KeyExchange.EDH,
            Authentication.DSS,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C4
    TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C4,
            "DHE-RSA-CAMELLIA256-SHA256",
            KeyExchange.EDH,
            Authentication.RSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C5
    TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256(
            0x00C5,
            "ADH-CAMELLIA256-SHA256",
            KeyExchange.EDH,
            Authentication.aNULL,
            Encryption.CAMELLIA256,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),

    /* Cipher 0x00FF  TLS_EMPTY_RENEGOTIATION_INFO_SCSV
     * Cipher 0x5600  TLS_FALLBACK_SCSV
     *
     * No other ciphers defined until 0xC001 below
     */

    /* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (
            Mar 15, 2001) */
    // Cipher C001
    TLS_ECDH_ECDSA_WITH_NULL_SHA(
            0xC001,
            "ECDH-ECDSA-NULL-SHA",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher C002
    TLS_ECDH_ECDSA_WITH_RC4_128_SHA(
            0xC002,
            "ECDH-ECDSA-RC4-SHA",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher C003
    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
            0xC003,
            "ECDH-ECDSA-DES-CBC3-SHA",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher C004
    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(
            0xC004,
            "ECDH-ECDSA-AES128-SHA",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C005
    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(
            0xC005,
            "ECDH-ECDSA-AES256-SHA",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C006
    TLS_ECDHE_ECDSA_WITH_NULL_SHA(
            0xC006,
            "ECDHE-ECDSA-NULL-SHA",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher C007
    TLS_ECDHE_ECDSA_WITH_RC4_128_SHA(
            0xC007,
            "ECDHE-ECDSA-RC4-SHA",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher C008
    TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
            0xC008,
            "ECDHE-ECDSA-DES-CBC3-SHA",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher C009
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(
            0xC009,
            "ECDHE-ECDSA-AES128-SHA",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C00A
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(
            0xC00A,
            "ECDHE-ECDSA-AES256-SHA",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C00B
    TLS_ECDH_RSA_WITH_NULL_SHA(
            0xC00B,
            "ECDH-RSA-NULL-SHA",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher C00C
    TLS_ECDH_RSA_WITH_RC4_128_SHA(
            0xC00C,
            "ECDH-RSA-RC4-SHA",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher C00D
    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
            0xC00D,
            "ECDH-RSA-DES-CBC3-SHA",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher C00E
    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
            0xC00E,
            "ECDH-RSA-AES128-SHA",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C00F
    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(
            0xC00F,
            "ECDH-RSA-AES256-SHA",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C010
    TLS_ECDHE_RSA_WITH_NULL_SHA(
            0xC010,
            "ECDHE-RSA-NULL-SHA",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher C011
    TLS_ECDHE_RSA_WITH_RC4_128_SHA(
            0xC011,
            "ECDHE-RSA-RC4-SHA",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher C012
    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA(
            0xC012,
            "ECDHE-RSA-DES-CBC3-SHA",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher C013
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(
            0xC013,
            "ECDHE-RSA-AES128-SHA",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C014
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(
            0xC014,
            "ECDHE-RSA-AES256-SHA",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C015
    TLS_ECDH_anon_WITH_NULL_SHA(
            0xC015,
            "AECDH-NULL-SHA",
            KeyExchange.EECDH,
            Authentication.aNULL,
            Encryption.eNULL,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.STRONG_NONE,
            true,
            0,
            0
    ),
    // Cipher C016
    TLS_ECDH_anon_WITH_RC4_128_SHA(
            0xC016,
            "AECDH-RC4-SHA",
            KeyExchange.EECDH,
            Authentication.aNULL,
            Encryption.RC4,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher C017
    TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA(
            0xC017,
            "AECDH-DES-CBC3-SHA",
            KeyExchange.EECDH,
            Authentication.aNULL,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            112,
            168
    ),
    // Cipher C018
    TLS_ECDH_anon_WITH_AES_128_CBC_SHA(
            0xC018,
            "AECDH-AES128-SHA",
            KeyExchange.EECDH,
            Authentication.aNULL,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C019
    TLS_ECDH_anon_WITH_AES_256_CBC_SHA(
            0xC019,
            "AECDH-AES256-SHA",
            KeyExchange.EECDH,
            Authentication.aNULL,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    /* SRP ciphersuite from RFC 5054 */
    // Cipher C01A
    TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA(
            0xC01A,
            "SRP-3DES-EDE-CBC-SHA",
            KeyExchange.SRP,
            Authentication.SRP,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            112,
            168
    ),
    // Cipher C01B
    TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA(
            0xC01B,
            "SRP-RSA-3DES-EDE-CBC-SHA",
            KeyExchange.SRP,
            Authentication.RSA,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            112,
            168
    ),
    // Cipher C01C
    TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA(
            0xC01C,
            "SRP-DSS-3DES-EDE-CBC-SHA",
            KeyExchange.SRP,
            Authentication.DSS,
            Encryption.TRIPLE_DES,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            112,
            168
    ),
    // Cipher C01D
    TLS_SRP_SHA_WITH_AES_128_CBC_SHA(
            0xC01D,
            "SRP-AES-128-CBC-SHA",
            KeyExchange.SRP,
            Authentication.SRP,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher C01E
    TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA(
            0xC01E,
            "SRP-RSA-AES-128-CBC-SHA",
            KeyExchange.SRP,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher C01F
    TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA(
            0xC01F,
            "SRP-DSS-AES-128-CBC-SHA",
            KeyExchange.SRP,
            Authentication.DSS,
            Encryption.AES128,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            128,
            128
    ),
    // Cipher C020
    TLS_SRP_SHA_WITH_AES_256_CBC_SHA(
            0xC020,
            "SRP-AES-256-CBC-SHA",
            KeyExchange.SRP,
            Authentication.SRP,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C021
    TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA(
            0xC021,
            "SRP-RSA-AES-256-CBC-SHA",
            KeyExchange.SRP,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    // Cipher C022
    TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA(
            0xC022,
            "SRP-DSS-AES-256-CBC-SHA",
            KeyExchange.SRP,
            Authentication.DSS,
            Encryption.AES256,
            MessageDigest.SHA1,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
    ),
    /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
    // Cipher C023
    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
            0xC023,
            "ECDHE-ECDSA-AES128-SHA256",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C024
    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(
            0xC024,
            "ECDHE-ECDSA-AES256-SHA384",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C025
    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
            0xC025,
            "ECDH-ECDSA-AES128-SHA256",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C026
    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
            0xC026,
            "ECDH-ECDSA-AES256-SHA384",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C027
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
            0xC027,
            "ECDHE-RSA-AES128-SHA256",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C028
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(
            0xC028,
            "ECDHE-RSA-AES256-SHA384",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C029
    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
            0xC029,
            "ECDH-RSA-AES128-SHA256",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C02A
    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
            0xC02A,
            "ECDH-RSA-AES256-SHA384",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    /* GCM based TLS v1.2 ciphersuites from RFC5289 */
    // Cipher C02B
    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(
            0xC02B,
            "ECDHE-ECDSA-AES128-GCM-SHA256",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C02C
    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(
            0xC02C,
            "ECDHE-ECDSA-AES256-GCM-SHA384",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C02D
    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
            0xC02D,
            "ECDH-ECDSA-AES128-GCM-SHA256",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C02E
    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
            0xC02E,
            "ECDH-ECDSA-AES256-GCM-SHA384",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C02F
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
            0xC02F,
            "ECDHE-RSA-AES128-GCM-SHA256",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C030
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
            0xC030,
            "ECDHE-RSA-AES256-GCM-SHA384",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C031
    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
            0xC031,
            "ECDH-RSA-AES128-GCM-SHA256",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES128GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C032
    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
            0xC032,
            "ECDH-RSA-AES256-GCM-SHA384",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.AES256GCM,
            MessageDigest.AEAD,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),

    /* PSK ciphers 0xC033 to 0xC03B
     * Unsupported by both Java and OpenSSL
     */

    /* ARIA ciphers 0xC03C to 0xC071
     * Unsupported by both Java and OpenSSL
     */
    // Cipher C072
    TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256(
            0xC072,
            "ECDHE-ECDSA-CAMELLIA128-SHA256",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C073
    TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384(
            0xC073,
            "ECDHE-ECDSA-CAMELLIA256-SHA384",
            KeyExchange.EECDH,
            Authentication.ECDSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C074
    TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256(
            0xC074,
            "ECDH-ECDSA-CAMELLIA128-SHA256",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C075
    TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384(
            0xC075,
            "ECDH-ECDSA-CAMELLIA256-SHA384",
            KeyExchange.ECDHe,
            Authentication.ECDH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C076
    TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256(
            0xC076,
            "ECDHE-RSA-CAMELLIA128-SHA256",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C077
    TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384(
            0xC077,
            "ECDHE-RSA-CAMELLIA256-SHA384",
            KeyExchange.EECDH,
            Authentication.RSA,
            Encryption.CAMELLIA256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),
    // Cipher C078
    TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256(
            0xC078,
            "ECDH-RSA-CAMELLIA128-SHA256",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.CAMELLIA128,
            MessageDigest.SHA256,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            128,
            128
    ),
    // Cipher C079
    TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384(
            0xC079,
            "ECDH-RSA-CAMELLIA256-SHA384",
            KeyExchange.ECDHr,
            Authentication.ECDH,
            Encryption.CAMELLIA256,
            MessageDigest.SHA384,
            Protocol.TLSv1_2,
            false,
            EncryptionLevel.HIGH,
            true,
            256,
            256
    ),

    // Cipher 0x010080 (SSLv2)
    // RC4_128_WITH_MD5
    SSL_CK_RC4_128_WITH_MD5(
            -1,
            "RC4-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv2,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 0x020080 (SSLv2)
    SSL2_RC4_128_EXPORT40_WITH_MD5(
            -1,
            "EXP-RC4-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC4,
            MessageDigest.MD5,
            Protocol.SSLv2,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128,
            "SSL_RC4_128_EXPORT40_WITH_MD5"
    ),
    // Cipher 0x030080 (SSLv2)
    // RC2_128_CBC_WITH_MD5
    SSL_CK_RC2_128_CBC_WITH_MD5(
            -1,
            "RC2-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC2,
            MessageDigest.MD5,
            Protocol.SSLv2,
            false,
            EncryptionLevel.MEDIUM,
            false,
            128,
            128
    ),
    // Cipher 0x040080 (SSLv2)
    // RC2_128_CBC_EXPORT40_WITH_MD5
    SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5(
            -1,
            "EXP-RC2-CBC-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.RC2,
            MessageDigest.MD5,
            Protocol.SSLv2,
            true,
            EncryptionLevel.EXP40,
            false,
            40,
            128
    ),
    // Cipher 0x050080 (SSLv2)
    // IDEA_128_CBC_WITH_MD5
    SSL2_IDEA_128_CBC_WITH_MD5(
            -1,
            "IDEA-CBC-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.IDEA,
            MessageDigest.MD5,
            Protocol.SSLv2,
            false, EncryptionLevel.MEDIUM,
            false,
            128,
            128,
            "SSL_CK_IDEA_128_CBC_WITH_MD5"
    ),
    // Cipher 0x060040 (SSLv2)
    // DES_64_CBC_WITH_MD5
    SSL2_DES_64_CBC_WITH_MD5(
            -1,
            "DES-CBC-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.DES,
            MessageDigest.MD5,
            Protocol.SSLv2,
            false,
            EncryptionLevel.LOW,
            false,
            56,
            56,
            "SSL_CK_DES_64_CBC_WITH_MD5"
    ),
    // Cipher 0x0700C0 (SSLv2)
    // DES_192_EDE3_CBC_WITH_MD5
    SSL2_DES_192_EDE3_CBC_WITH_MD5(
            -1,
            "DES-CBC3-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.TRIPLE_DES,
            MessageDigest.MD5,
            Protocol.SSLv2,
            false,
            EncryptionLevel.HIGH,
            false,
            112,
            168,
            "SSL_CK_DES_192_EDE3_CBC_WITH_MD5"
    );

    /* TEMP_GOST_TLS*/
    /*
    // Cipher FF00
    TLS_GOSTR341094_RSA_WITH_28147_CNT_MD5(
            "GOST-MD5",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.eGOST2814789CNT,
            MessageDigest.MD5,
            Protocol.TLSv1,
            false,
            EncryptionLevel.HIGH,
            false,
            256,
            256
     ),
     TLS_RSA_WITH_28147_CNT_GOST94(
            "GOST-GOST94",
            KeyExchange.RSA,
            Authentication.RSA,
            Encryption.eGOST2814789CNT,
            MessageDigest.GOST94,
            Protocol.TLSv1,
            false, EncryptionLevel.HIGH,false,
            256,
            256
     ),
     {
     1,
     "GOST-GOST89MAC",
     0x0300ff02,
     KeyExchange.RSA,
     Authentication.RSA,
     Encryption.eGOST2814789CNT,
     MessageDigest.GOST89MAC,
     Protocol.TLSv1,
     false, EncryptionLevel.HIGH,false,

     256,
     256
     ),
     {
     1,
     "GOST-GOST89STREAM",
     0x0300ff03,
     KeyExchange.RSA,
     Authentication.RSA,
     Encryption.eGOST2814789CNT,
     MessageDigest.GOST89MAC,
     Protocol.TLSv1,
     false, EncryptionLevel.HIGH,false,
     256,
     256
     },*/


    private final int id;
    private final String openSSLAlias;
    private final Set jsseNames;
    private final KeyExchange kx;
    private final Authentication au;
    private final Encryption enc;
    private final MessageDigest mac;
    private final Protocol protocol;
    private final boolean export;
    private final EncryptionLevel level;
    private final boolean fipsCompatible;
    /**
     * Number of bits really used
     */
    private final int strength_bits;
    /**
     * Number of bits for algorithm
     */
    private final int alg_bits;

    Cipher(int id, String openSSLAlias, KeyExchange kx, Authentication au, Encryption enc,
                   MessageDigest mac, Protocol protocol, boolean export, EncryptionLevel level,
                   boolean fipsCompatible, int strength_bits, int alg_bits, String... jsseAltNames) {
        this.id = id;
        this.openSSLAlias = openSSLAlias;
        Set names = new HashSet<>();
        if (jsseAltNames != null) {
            names.addAll(Arrays.asList(jsseAltNames));
        }
        names.add(name());
        this.jsseNames = Collections.unmodifiableSet(names);
        this.kx = kx;
        this.au = au;
        this.enc = enc;
        this.mac = mac;
        this.protocol = protocol;
        this.export = export;
        this.level = level;
        this.fipsCompatible = fipsCompatible;
        this.strength_bits = strength_bits;
        this.alg_bits = alg_bits;
    }

    public int getId() {
        return id;
    }

    public String getOpenSSLAlias() {
        return openSSLAlias;
    }

    public Set getJsseNames() {
        return jsseNames;
    }

    public KeyExchange getKx() {
        return kx;
    }

    public Authentication getAu() {
        return au;
    }

    public Encryption getEnc() {
        return enc;
    }

    public MessageDigest getMac() {
        return mac;
    }

    public Protocol getProtocol() {
        return protocol;
    }

    public boolean isExport() {
        return export;
    }

    public EncryptionLevel getLevel() {
        return level;
    }

    public boolean isFipsCompatible() {
        return fipsCompatible;
    }

    public int getStrength_bits() {
        return strength_bits;
    }

    public int getAlg_bits() {
        return alg_bits;
    }


    private static final Map idMap = new HashMap<>();

    static {
        for (Cipher cipher : Cipher.values()) {
            int id = cipher.getId();

            if (id > 0 && id < 0xFFFF) {
                idMap.put(id, cipher);
            }
        }
    }


    public static Cipher valueOf(int cipherId) {
        return idMap.get(cipherId);
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy