You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/12/22 17:00:21 UTC
svn commit: r1819068 - in /tomcat/trunk: java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java

Author: markt
Date: Fri Dec 22 17:00:21 2017
New Revision: 1819068

URL: http://svn.apache.org/viewvc?rev=1819068&view=rev
Log:
Remove ARIA ciphers from DEFAULT
Set up aliases for ARIA ciphers

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
    tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1819068&r1=1819067&r2=1819068&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java Fri Dec 22 17:00:21 2017
@@ -264,6 +264,18 @@ public class OpenSSLCipherConfigurationP
      */
     private static final String AESCCM8 = "AESCCM8";
     /**
+     * Cipher suites using either 128 bit ARIA.
+     */
+    private static final String ARIA128 = "ARIA128";
+    /**
+     * Cipher suites using either 256 bit ARIA.
+     */
+    private static final String ARIA256 = "ARIA";
+    /**
+     * Cipher suites using either 128 or 256 bit ARIA.
+     */
+    private static final String ARIA = "ARIA";
+    /**
      * Cipher suites using 128 bit CAMELLIA.
      */
     private static final String CAMELLIA128 = "CAMELLIA128";
@@ -488,6 +500,9 @@ public class OpenSSLCipherConfigurationP
         addListAlias(AES128, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128CCM, Encryption.AES128CCM8, Encryption.AES128GCM))));
         addListAlias(AES256, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES256, Encryption.AES256CCM, Encryption.AES256CCM8, Encryption.AES256GCM))));
         addListAlias(AES, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128CCM, Encryption.AES128CCM8, Encryption.AES128GCM, Encryption.AES256, Encryption.AES256CCM, Encryption.AES256CCM8, Encryption.AES256GCM))));
+        addListAlias(ARIA128, filterByEncryption(allCiphers, Collections.singleton(Encryption.ARIA128GCM)));
+        addListAlias(ARIA256, filterByEncryption(allCiphers, Collections.singleton(Encryption.ARIA256GCM)));
+        addListAlias(ARIA, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.ARIA128GCM, Encryption.ARIA256GCM))));
         addListAlias(AESGCM, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES128GCM, Encryption.AES256GCM))));
         addListAlias(AESCCM, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES128CCM, Encryption.AES128CCM8, Encryption.AES256CCM, Encryption.AES256CCM8))));
         addListAlias(AESCCM8, filterByEncryption(allCiphers, new HashSet<>(Arrays.asList(Encryption.AES128CCM8, Encryption.AES256CCM8))));
@@ -524,7 +539,7 @@ public class OpenSSLCipherConfigurationP
         addListAlias(SRP, filterByKeyExchange(allCiphers, Collections.singleton(KeyExchange.SRP)));
         initialized = true;
         // Despite what the OpenSSL docs say, DEFAULT also excludes SSLv2
-        addListAlias(DEFAULT, parse("ALL:!EXPORT:!eNULL:!aNULL:!SSLv2:!DES:!RC2:!RC4:!DSS:!SEED:!IDEA:!CAMELLIA:!AESCCM:!3DES"));
+        addListAlias(DEFAULT, parse("ALL:!EXPORT:!eNULL:!aNULL:!SSLv2:!DES:!RC2:!RC4:!DSS:!SEED:!IDEA:!CAMELLIA:!AESCCM:!3DES!ARIA"));
         // COMPLEMENTOFDEFAULT is also not exactly as defined by the docs
         LinkedHashSet<Cipher> complementOfDefault = filterByKeyExchange(all, new HashSet<>(Arrays.asList(KeyExchange.EDH,KeyExchange.EECDH)));
         complementOfDefault = filterByAuthentication(complementOfDefault, Collections.singleton(Authentication.aNULL));
@@ -540,6 +555,7 @@ public class OpenSSLCipherConfigurationP
         complementOfDefault.addAll(aliases.get(IDEA));
         complementOfDefault.addAll(aliases.get(CAMELLIA));
         complementOfDefault.addAll(aliases.get(AESCCM));
+        complementOfDefault.addAll(aliases.get(ARIA));
         defaultSort(complementOfDefault);
         addListAlias(COMPLEMENTOFDEFAULT, complementOfDefault);
     }

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java?rev=1819068&r1=1819067&r2=1819068&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestOpenSSLCipherConfigurationParser.java Fri Dec 22 17:00:21 2017
@@ -530,6 +530,24 @@ public class TestOpenSSLCipherConfigurat
     }
 
 
+    @Test
+    public void testARIA() throws Exception {
+        testSpecification("ARIA");
+    }
+
+
+    @Test
+    public void testARIA128() throws Exception {
+        testSpecification("ARIA128");
+    }
+
+
+    @Test
+    public void testARIA256() throws Exception {
+        testSpecification("ARIA256");
+    }
+
+
     // TODO: Add tests for the individual operators
 
     @Test



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org