Movatterモバイル変換

[0]ホーム
URL:

Java SE 25 & JDK 25

Java Security Standard Algorithm Names

The Java SE Security API requires and uses a set of standard namesfor algorithms, certificate and keystore types. You can find a list ofstandard algorithm names in this document.

Note that an SE implementation may support additional algorithms thatare not defined in this specification. As a best practice, if analgorithm is defined in a subsequent version of this specification andan implementation of an earlier specification supports that algorithm,the implementation should use the standard name of the algorithm that isdefined in the subsequent specification. Each SE implementation shouldalso document the algorithms that it supports or adds support for insubsequent update releases. The algorithms may be documented in releasenotes or in a separate document such as theJDKProviders Documentation.

In some cases naming conventions are given for forming names that arenot explicitly listed, to facilitate name consistency across providerimplementations. Items in angle brackets (such as<digest> and<encryption>) areplaceholders to be replaced by a specific message digest, encryptionalgorithm, or other name.

Note: Standard names are not case-sensitive.

Note: TheJDKProviders Documentation contains specific provider and algorithminformation.

AlgorithmParameterGeneratorAlgorithms

The algorithm names in this section can be specified when generatingan instance ofAlgorithmParameterGenerator.

Algorithm NameDescription
DiffieHellmanParameters for use with the Diffie-Hellmanalgorithm.
DSAParameters for use with the DigitalSignature Algorithm.

AlgorithmParametersAlgorithms

The algorithm names in this section can be specified when generatingan instance ofAlgorithmParameters.

Algorithm NameDescription
AESParameters for use with the AESalgorithm.
BlowfishParameters for use with the Blowfishalgorithm.
ChaCha20-Poly1305Parameters for use with theChaCha20-Poly1305 algorithm, as defined inRFC 8103.
DESParameters for use with the DESalgorithm.
DESedeParameters for use with the DESedealgorithm.
DiffieHellmanParameters for use with the DiffieHellmanalgorithm.
DSAParameters for use with the DigitalSignature Algorithm.
ECParameters for use with the ECalgorithm.
GCMParameters for use with the Galois/CounterMode (GCM) cipher mode, as defined inRFC 5084.
OAEPParameters for use with the OAEPalgorithm.
PBEWith<digest>And<encryption>
PBEWith<prf>And<encryption>		Parameters for use with PKCS #5password-based encryption, where <digest> is a message digest,<prf> is a pseudo-random function, and <encryption> is anencryption algorithm. Examples:PBEWithMD5AndDES, andPBEWithHmacSHA256AndAES.
PBEParameters for use with the PBE algorithm.This name should not be used, in preference to the more specificPBE-algorithm names previously listed.
PBES2Parameters for use with the PBES2password-based encryption algorithm as defined in PKCS #5:Password-Based Cryptography Specification, Version 2.1.
RC2Parameters for use with the RC2algorithm.
RSASSA-PSSParameters for use with the RSASSA-PSSsignature algorithm.

CertificateFactoryTypes

The type in this section can be specified when generating an instanceofCertificateFactory.

TypeDescription
X.509The certificate type defined in X.509,also specified inRFC5280.

CertPath Encodings

The following encodings may be passed to thegetEncodedmethod ofCertPath or thegenerateCertPath(InputStream inStream, String encoding)method ofCertificateFactory.

EncodingDescription
PKCS7A PKCS #7 SignedData object, with the onlysignificant field being certificates. In particular, the signature andthe contents are ignored. If no certificates are present, a zero-lengthCertPath is assumed.

Warning: PKCS #7 does not maintain the order ofcertificates in a certification path. This means that if aCertPath is converted to PKCS #7 encoded bytes and thenconverted back, the order of the certificates may change, potentiallyrendering theCertPath invalid. Users should be aware ofthis behavior.

SeePKCS #7:Cryptographic Message Syntax for details on PKCS #7.
PkiPathAn ASN.1 DER encoded sequence ofcertificates, defined as follows:

PkiPath ::= SEQUENCE OF Certificate

Within the sequence, the order of certificates is such that the subjectof the first certificate is the issuer of the second certificate, and soon. Each certificate inPkiPath shall be unique. Nocertificate may appear more than once in a value ofCertificate inPkiPath. ThePkiPath format is defined in defect report 279 againstX.509 (2000) and is incorporated into Technical Corrigendum 1 (DTC 2)for the ITU-T Recommendation X.509 (2000). Seethe ITU web site fordetails.

CertPathBuilderAlgorithms

The algorithm in this section can be specified when generating aninstance ofCertPathBuilder.

Algorithm NameDescription
PKIXThe PKIX certification path validationalgorithm as defined in theValidationAlgorithm service attribute.The output ofCertPathBuilder instances implementing thisalgorithm is a certification path validated against the PKIX validationalgorithm.

CertPathValidatorAlgorithms

The algorithm in this section can be specified when generating aninstance ofCertPathValidator.

Algorithm NameDescription
PKIXThe PKIX certification path validationalgorithm as defined in theValidationAlgorithm serviceattribute.

CertStore Types

The types in this section can be specified when generating aninstance ofCertStore.

TypeDescription
CollectionACertStore implementationthat retrieves certificates and CRLs from aCollection.This type ofCertStore is particularly useful inapplications where certificates or CRLs are received in a bag or somesort of attachment, such as with a signed email message or in an SSLnegotiation.
LDAPACertStore implementationthat fetches certificates and CRLs from an LDAP directory using theschema defined in theLDAPSchema serviceattribute.

Cipher Algorithms

The following names can be specified as thealgorithmcomponent in atransformationwhen requesting an instance ofCipher.

Note: It is recommended to use a transformation thatfully specifies the algorithm, mode, and padding. By not doing so, theprovider will use a default for the mode and padding which may not meetthe security requirements of your application.

Algorithm NameDescription
AESAdvanced Encryption Standard as specifiedby NIST inFIPS197. Also known as the Rijndael algorithm by Joan Daemen and VincentRijmen, AES is a 128-bit block cipher supporting keys of 128, 192, and256 bits.

To use the AES cipher with only one valid key size, use the formatAES_<n>, where <n> can be 128, 192 or 256.
AESWrapThe AES key wrapping algorithm asdescribed inRFC3394
andNISTSpecial Publication SP 800-38F.
This is same as specifying AES cipher with KW mode and NoPadding. To usethe AESWrap cipher with only one valid key size, use the formatAESWrap_<n>, where <n> can be 128, 192, or 256.
AESWrapPadThe AES key wrapping algorithm asdescribed inRFC 5649and
NISTSpecial Publication SP 800-38F.
This is same as specifying AES cipher with KWP mode and NoPadding. Touse the AESWrapPad cipher with only one valid key size, use the formatAESWrapPad_<n>, where <n> can be 128, 192, or 256.
ARCFOURA stream cipher believed to be fullyinteroperable with the RC4 cipher developed by Ron Rivest. For moreinformation, see K. Kaukonen and R. Thayer,"AStream Cipher Encryption Algorithm 'Arcfour'", Internet Draft(expired).
BlowfishTheBlowfish block cipherdesigned by Bruce Schneier.
ChaCha20The ChaCha20 stream cipher as defined inRFC 7539.
ChaCha20-Poly1305The ChaCha20 cipher in AEAD mode using thePoly1305 authenticator, as defined inRFC 7539.
DESThe Digital Encryption Standard asdescribed inFIPSPUB 46-3.
DESedeTriple DES Encryption (also known asDES-EDE, 3DES, or Triple-DES). Data is encrypted using the DES algorithmthree separate times. It is first encrypted using the first subkey, thendecrypted with the second subkey, and encrypted with the thirdsubkey.
DESedeWrapThe DESede key wrapping algorithm asdescribed inRFC3217.
ECIESElliptic Curve Integrated EncryptionScheme
PBEWith<digest>And<encryption>
PBEWith<prf>And<encryption>		The password-based encryption algorithmdefined in PKCS #5, using the specified message digest (<digest>)or pseudo-random function (<prf>) and encryption algorithm(<encryption>). Examples:

PBEWithMD5AndDES: The PBES1 password-based encryptionalgorithm as defined inPKCS #5: Password-BasedCryptography Specification, Version 2.1. Note that this algorithmimpliesCBC as the cipher mode andPKCS5Padding as the padding scheme and cannotbe used with any other cipher modes or padding schemes.

PBEWithHmacSHA256AndAES_128: The PBES2 password-basedencryption algorithm as defined inPKCS #5: Password-BasedCryptography Specification, Version 2.1.
RC2Variable-key-size encryption algorithmsdeveloped by Ron Rivest for RSA Data Security, Inc.
RC4Variable-key-size encryption algorithmsdeveloped by Ron Rivest for RSA Data Security, Inc. (See note prior forARCFOUR.)
RC5Variable-key-size encryption algorithmsdeveloped by Ron Rivest for RSA Data Security, Inc.
RSAThe RSA encryption algorithm as defined inPKCS #1 v2.2.

Cipher Algorithm Modes

The following names can be specified as themode componentin atransformationwhen requesting an instance ofCipher.

Algorithm NameDescription
NONENo mode.
CBCCipher Block Chaining Mode, as defined inFIPSPUB 81.
CCMCounter/CBC Mode, as defined inNISTSpecial Publication SP 800-38C.
CFB, CFBxCipher Feedback Mode, as defined inFIPSPUB 81.

Using modes such as CFB and OFB, block ciphers can encrypt data in unitssmaller than the cipher's actual block size. When requesting such amode, you may optionally specify the number of bits to be processed at atime by appending this number to the mode name as shown in the"DES/CFB8/NoPadding" and "DES/OFB32/PKCS5Padding"transformations. If no such number is specified, a provider-specificdefault is used. (For example, the SunJCE provider uses a default of 64bits for DES.) Thus, block ciphers can be turned into byte-orientedstream ciphers by using an 8-bit mode such as CFB8 or OFB8.
CTRA simplification of OFB, Counter modeupdates the input block as a counter.
CTSCipher Text Stealing, as described inBruce Schneier's bookApplied Cryptography-Second Edition, JohnWiley and Sons, 1996.
ECBElectronic Codebook Mode, as defined inFIPSPUB 81 (generally this mode should not be used for multiple blocksof data).
GCMGalois/Counter Mode, as defined inNISTSpecial Publication SP 800-38D.
KWKey Wrap (KW) mode, as defined inRFC 3394 andNISTSpecial Publication SP 800-38F.
KWPKey Wrap With Padding (KWP) mode, asdefined inRFC 5649andNISTSpecial Publication SP 800-38F.
OFB, OFBxOutput Feedback Mode, as defined inFIPSPUB 81.

Using modes such as CFB and OFB, block ciphers can encrypt data in unitssmaller than the cipher's actual block size. When requesting such amode, you may optionally specify the number of bits to be processed at atime by appending this number to the mode name as shown in the"DES/CFB8/NoPadding" and "DES/OFB32/PKCS5Padding"transformations. If no such number is specified, a provider-specificdefault is used. (For example, the SunJCE provider uses a default of 64bits for DES.) Thus, block ciphers can be turned into byte-orientedstream ciphers by using an 8-bit mode such as CFB8 or OFB8.
PCBCPropagating Cipher Block Chaining, asdefined byKerberos V4.

Cipher AlgorithmPaddings

The following names can be specified as thepaddingcomponent in atransformationwhen requesting an instance ofCipher.

Algorithm NameDescription
NoPaddingNo padding.
ISO10126PaddingThis padding for block ciphers isdescribed in theISO10126 standard (now withdrawn).
OAEPPadding,OAEPWith<digest>And<mgf>PaddingOptimal Asymmetric Encryption. Paddingscheme defined in PKCS #1, where <digest> should be replaced bythe message digest and <mgf> by the mask generation function.Examples:OAEPWithMD5AndMGF1Padding andOAEPWithSHA-512AndMGF1Padding.

IfOAEPPadding is used,Cipher objects areinitialized with ajavax.crypto.spec.OAEPParameterSpecobject to supply values needed for OAEPPadding.
PKCS1PaddingThe padding scheme described inPKCS #1 v2.2, used withthe RSA algorithm.
PKCS5PaddingThe padding scheme described inPKCS #5: Password-BasedCryptography Specification, version 2.1.
SSL3PaddingThe padding scheme defined in the SSLProtocol Version 3.0, November 18, 1996, section 5.2.3.2 (CBC blockcipher):

block-ciphered struct {
    opaque content[SSLCompressed.length];
    opaque MAC[CipherSpec.hash_size];
    uint8 padding[GenericBlockCipher.padding_length];
    uint8 padding_length;
} GenericBlockCipher;

The size of an instance of aGenericBlockCipher must be amultiple of the block cipher's block length. The padding length, whichis always present, contributes to the padding, which implies thatif:

sizeof(content) + sizeof(MAC) % block_length = 0,

padding has to be(block_length - 1) bytes long, because ofthe existence ofpadding_length.

This makes the padding scheme similar (but not quite) to PKCS5Padding,where the padding length is encoded in the padding (and ranges from 1 toblock_length). With the SSL scheme, thesizeof(padding) is encoded in the always presentpadding_length and therefore ranges from 0 toblock_length-1.

Configuration Types

The type in this section can be specified when generating an instanceofjavax.security.auth.login.Configuration.

TypeDescription
JavaLoginConfigThe default Configuration implementationfrom the SUN provider, as described in theConfigurationclass specification. This type acceptsjava.security.URIParameter as a validConfiguration.Parameter type. If this parameter is notspecified, then the configuration information is loaded from the sourcesdescribed in theConfigFile class specification. If thisparameter is specified, the configuration information is loaded solelyfrom the specified URI.

Exemption Mechanisms

The following exemption mechanism names can be specified in thepermission policy file that accompanies an application considered"exempt" from cryptographic restrictions.

Algorithm NameDescription
KeyEscrowAn encryption system with a backupdecryption capability that allows authorized persons (users, officers ofan organization, and government officials), under certain prescribedconditions, to decrypt ciphertext with the help of information suppliedby one or more trusted parties who hold special data recovery keys.
KeyRecoveryA method of obtaining the secret key usedto lock encrypted data. One use is as a means of providing fail-safeaccess to a corporation's own encrypted information in times ofdisaster.
KeyWeakeningA method in which a part of the key can beescrowed or recovered.

GSSAPI Mechanisms

The following mechanisms can be specified when using GSSAPI. Notethat Object Identifiers (OIDs) are specified instead of names to beconsistent with the GSSAPI standard.

Mechanism OIDDescription
1.2.840.113554.1.2.2The Kerberos v5 GSS-API mechanism definedinRFC 4121.
1.3.6.1.5.5.2The Simple and Protected GSS-APINegotiation (SPNEGO) mechanism defined inRFC 4178.

KDF Algorithms

The algorithm names in this section can be specified when requestingan instance ofKDF.

Algorithm NameDescription
HKDF-SHA256
HKDF-SHA384
HKDF-SHA512		HMAC-based KDF as defined inRFC 5869.

KEM Algorithms

The algorithm names in this section can be specified when generatingan instance ofKEM.

Algorithm NameDescription
DHKEMDH-Based KEM as defined inRFC9180.
ML-KEMThe Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) as defined inFIPS 203. Thisalgorithm supports keys with ML-KEM-512, ML-KEM-768, and ML-KEM-1024parameter sets.
ML-KEM-512The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-512 parameter set as defined inFIPS 203.
ML-KEM-768The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-768 parameter set as defined inFIPS 203.
ML-KEM-1024The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-1024 parameter set as defined inFIPS 203.

Key Algorithms

The algorithm names returned byKey.getAlgorithm().

Note: The algorithm names of keys generated orcreated by theKeyFactory,SecretKeyFactory,KeyGenerator, orKeyPairGenerator APIs shoulduse the standard names listed below, even if an alias or a standardparameter set name was used to instantiate the service. For example,KeyPairGenerator.getInstance("DiffieHellman") shouldgenerate a key with the "DH" algorithm name, andKeyPairGenerator.getInstance("ML-KEM-768") should generatea key with the "ML-KEM" algorithm name. However, some third-partyproviders may use the alias or a non-standard name as the algorithmname.

SecretKey Algorithms

Algorithm NameDescription
AESThe Advanced Encryption Standard (AES)algorithm.
ARCFOURThe ARCFOUR (RC4) algorithm.
BlowfishThe Blowfish algorithm.
ChaCha20The ChaCha20 algorithm.
DESThe Data Encryption Standard (DES)algorithm.
DESedeThe Triple Data Encryption Algorithm(DESede or Triple-DES).
GenericThis algorithm defines a general-purposesecret key. This key is not intended to be used for cryptographicoperations; rather it is typically used as input keying material forderiving other keys. This algorithm is also used to represent PKCS #11generic secret key objects (key type CKK_GENERIC_SECRET_TYPE).
PBEWith<digest>And<encryption>
PBEWith<prf>And<encryption>		PKCS #5 password-based encryption, where<digest> is a message digest, <prf> is a pseudo-randomfunction, and <encryption> is an encryption algorithm. Examples:PBEWithMD5AndDES, andPBEWithHmacSHA256AndAES.
PBKDF2With<prf>Password-based key-derivation algorithmdefined inPKCS #5:Password-Based Cryptography Specification, Version 2.1 using thespecified pseudo-random function (<prf>). Example:PBKDF2WithHmacSHA256.
RC2The RC2 algorithm.

AsymmetricKeyAlgorithms

Algorithm NameDescription
DHThe Diffie-Hellman KeyAgreementalgorithm.
DSAThe (original) Digital SignatureAlgorithm.
ECThe Elliptic Curve algorithm.
EdDSAThe Edwards-Curve signature algorithm withelliptic curves as defined inRFC 8032.
HSS/LMSThe Leighton-Micali Signature (LMS) systemwith the Hierarchical Signature System (HSS) as defined inRFC 8554.
ML-DSAThe Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) as defined inFIPS 204.
ML-KEMThe Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) as defined inFIPS 203.
RSAThe Rivest-Shamir-Adleman (RSA)algorithm.
RSASSA-PSSThe RSA Signature Scheme with Appendix -Probabilistic Signature Scheme (RSASSA-PSS) signature algorithm.
XDHThe Diffie-Hellman key agreement withelliptic curves as defined inRFC 7748.

Key Encodings

The names of primary encoding formats returned byKey.getFormat()orEncodedKeySpec.getFormat().

EncodingDescription
PKCS#1The ASN.1 data format forRSAPrivateKey as defined inPKCS #1.
PKCS#8The ASN.1 data format forPrivateKeyInfo, as defined inPKCS #8.
RAWThe raw key bytes.
X.509The ASN.1 data format forSubjectPublicKeyInfo, as defined by X.509, and alsospecified inRFC5280.

KeyAgreementAlgorithms

The following algorithm names can be specified when requesting aninstance ofKeyAgreement.

Algorithm NameDescription
DiffieHellmanDiffie-Hellman Key Agreement as defined inPKCS #3: Diffie-Hellman Key-Agreement Standard, RSA Laboratories,version 1.4, November 1993.
ECDHElliptic Curve Diffie-Hellman as definedin ANSI X9.63.
ECMQVElliptic Curve Menezes-Qu-Vanstone.
XDHDiffie-Hellman key agreement with ellipticcurves as defined inRFC7748.
X25519Diffie-Hellman key agreement withCurve25519 as defined inRFC 7748.
X448Diffie-Hellman key agreement with Curve448as defined inRFC7748.

KeyFactory Algorithms

The algorithm names in this section can be specified when generatingan instance ofKeyFactory.

(Except as noted, these classes create keys for whichKey.getAlgorithm()returns the standard algorithm name.)

Algorithm NameDescription
DiffieHellmanKeys for the Diffie-Hellman KeyAgreementalgorithm.

Note:key.getAlgorithm() will return "DH"instead of "DiffieHellman".
DSAKeys for the Digital SignatureAlgorithm.
ECKeys for the Elliptic Curvealgorithm.
EdDSAKeys for Edwards-Curve signature algorithmwith elliptic curves as defined inRFC 8032.
Ed25519Keys for Edwards-Curve signature algorithmwith Ed25519 as defined inRFC 8032.
Ed448Keys for Edwards-Curve signature algorithmwith Ed448 as defined inRFC 8032.
HSS/LMSKeys for the Leighton-Micali Signature(LMS) system with the Hierarchical Signature System (HSS) as defined inRFC 8554.
ML-DSAKeys for the Module-Lattice-Based DigitalSignature Algorithm (ML-DSA) as defined inFIPS 204. Thisalgorithm supports keys with ML-DSA-44, ML-DSA-65, and ML-DSA-87parameter sets.
ML-DSA-44Keys for the Module-Lattice-Based DigitalSignature Algorithm (ML-DSA) using the ML-DSA-44 parameter set asdefined inFIPS204.
ML-DSA-65Keys for the Module-Lattice-Based DigitalSignature Algorithm (ML-DSA) using the ML-DSA-65 parameter set asdefined inFIPS204.
ML-DSA-87Keys for the Module-Lattice-Based DigitalSignature Algorithm (ML-DSA) using the ML-DSA-87 parameter set asdefined inFIPS204.
ML-KEMKeys for the Module-Lattice-BasedKey-Encapsulation Mechanism (ML-KEM) as defined inFIPS 203. Thisalgorithm supports keys with ML-KEM-512, ML-KEM-768, and ML-KEM-1024parameter sets.
ML-KEM-512Keys for the Module-Lattice-BasedKey-Encapsulation Mechanism (ML-KEM) using the ML-KEM-512 parameter setas defined inFIPS203.
ML-KEM-768Keys for the Module-Lattice-BasedKey-Encapsulation Mechanism (ML-KEM) using the ML-KEM-768 parameter setas defined inFIPS203.
ML-KEM-1024Keys for the Module-Lattice-BasedKey-Encapsulation Mechanism (ML-KEM) using the ML-KEM-1024 parameter setas defined inFIPS203.
RSAKeys for the RSA algorithm(Signature/Cipher).
RSASSA-PSSKeys for the RSASSA-PSS algorithm(Signature).
XDHKeys for Diffie-Hellman key agreement withelliptic curves as defined inRFC 7748.
X25519Keys for Diffie-Hellman key agreement withCurve25519 as defined inRFC 7748.
X448Keys for Diffie-Hellman key agreement withCurve448 as defined inRFC7748.

KeyGeneratorAlgorithms

The following algorithm names can be specified when requesting aninstance ofKeyGenerator.

(These classes generate keys for whichKey.getAlgorithm()returns the standard algorithm name.)

Algorithm NameDescription
AESKey generator for use with the AESalgorithm.
ARCFOURKey generator for use with the ARCFOUR(RC4) algorithm.
BlowfishKey generator for use with the Blowfishalgorithm.
ChaCha20Key generator for use with the ChaCha20and ChaCha20-Poly1305 algorithms.
DESKey generator for use with the DESalgorithm.
DESedeKey generator for use with the DESede(triple-DES) algorithm.
HmacMD5Key generator for use with the HmacMD5algorithm.
HmacSHA1
HmacSHA224
HmacSHA256
HmacSHA384
HmacSHA512
HmacSHA512/224
HmacSHA512/256
HmacSHA3-224
HmacSHA3-256
HmacSHA3-384
HmacSHA3-512		Key generator for use with the variousflavors of the HmacSHA algorithms.
RC2Key generator for use with the RC2algorithm.

KeyManagerFactoryAlgorithms

The algorithm names that can be specified when generating an instanceofKeyManagerFactory.

Algorithm NameDescription
PKIXA factory forX509ExtendedKeyManagers that manage X.509 certificate-basedkey pairs for local side authentication according to the rules definedby the IETF PKIX working group inRFC 5280 or itssuccessor. TheKeyManagerFactory must supportinitialization using the classjavax.net.ssl.KeyStoreBuilderParameters.

KeyPairGeneratorAlgorithms

The algorithm names that can be specified when generating an instanceofKeyPairGenerator.

(Except as noted, these classes create keys for whichKey.getAlgorithm()returns the standard algorithm name.)

Algorithm NameDescription
DiffieHellmanGenerates keypairs for the Diffie-HellmanKeyAgreement algorithm.

Note:key.getAlgorithm() will return "DH"instead of "DiffieHellman".
DSAGenerates keypairs for the DigitalSignature Algorithm.
RSAGenerates keypairs for the RSA algorithm(Signature/Cipher).
RSASSA-PSSGenerates keypairs for the RSASSA-PSSsignature algorithm.
ECGenerates keypairs for the Elliptic Curvealgorithm.
EdDSAGenerates keypairs for Edwards-Curvesignature algorithm with elliptic curves as defined inRFC 8032.
Ed25519Generates keypairs for Edwards-Curvesignature algorithm with Ed25519 as defined inRFC 8032.
Ed448Generates keypairs for Edwards-Curvesignature algorithm with Ed448 as defined inRFC 8032.
ML-DSAGenerates keypairs for theModule-Lattice-Based Digital Signature Algorithm (ML-DSA) as defined inFIPS 204. Thisalgorithm supports keys with ML-DSA-44, ML-DSA-65, and ML-DSA-87parameter sets.
ML-DSA-44Generates keypairs for theModule-Lattice-Based Digital Signature Algorithm (ML-DSA) using theML-DSA-44 parameter set as defined inFIPS 204.
ML-DSA-65Generates keypairs for theModule-Lattice-Based Digital Signature Algorithm (ML-DSA) using theML-DSA-65 parameter set as defined inFIPS 204.
ML-DSA-87Generates keypairs for theModule-Lattice-Based Digital Signature Algorithm (ML-DSA) using theML-DSA-87 parameter set as defined inFIPS 204.
ML-KEMGenerates keypairs for theModule-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) as defined inFIPS 203. Thisalgorithm supports keys with ML-KEM-512, ML-KEM-768, and ML-KEM-1024parameter sets.
ML-KEM-512Generates keypairs for theModule-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) using theML-KEM-512 parameter set as defined inFIPS 203.
ML-KEM-768Generates keypairs for theModule-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) using theML-KEM-768 parameter set as defined inFIPS 203.
ML-KEM-1024Generates keypairs for theModule-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) using theML-KEM-1024 parameter set as defined inFIPS 203.
XDHGenerates keypairs for Diffie-Hellman keyagreement with elliptic curves as defined inRFC 7748.
X25519Generates keypairs for Diffie-Hellman keyagreement with Curve25519 as defined inRFC 7748.
X448Generates keypairs for Diffie-Hellman keyagreement with Curve448 as defined inRFC 7748.

Note: ForKeypairGenerator algorithmsthat useNamedParameterSpec names, thekey.getAlgorithm() for generated keys will return the"family" algorithm name instead of the specific parameter set name. Forexample,KeyPairGenerator.getInstance("ML-KEM-768") willgenerate a key with the algorithm name "ML-KEM".

KeyStore Types

The types in this section can be specified when generating aninstance ofKeyStore.

TypeDescription
jceksThe proprietary keystore implementationprovided by the SunJCE provider.
jksThe proprietary keystore implementationprovided by the SUN provider.
dksA domain keystore is a collection ofkeystores presented as a single logical keystore. It is specified byconfiguration data whose syntax is described in theDomainLoadStoreParameterclass.
pkcs11A keystore backed by a PKCS #11token.
pkcs12The transfer syntax for personal identityinformation as defined inPKCS #12.

Mac Algorithms

The following algorithm names can be specified when requesting aninstance ofMac.

Algorithm NameDescription
HmacMD5The HMAC-MD5 keyed-hashing algorithm asdefined inRFC 2104:"HMAC: Keyed-Hashing for Message Authentication" (February 1997).
HmacSHA1
HmacSHA224
HmacSHA256
HmacSHA384
HmacSHA512
HmacSHA512/224
HmacSHA512/256
HmacSHA3-224
HmacSHA3-256
HmacSHA3-384
HmacSHA3-512		The HmacSHA* algorithms as defined inRFC 2104 "HMAC:Keyed-Hashing for Message Authentication" (February 1997) withSHA-* with SHA, SHA-2, and SHA-3 family of digestalgorithms.
PBEWith<mac>The PBMAC1 password-based messageauthentication scheme as defined inPKCS #5: Password-BasedCryptography Specification, Version 2.1, where <mac> is aMessage Authentication Code algorithm name. Example:PBEWithHmacSHA256
HmacPBESHA1
HmacPBESHA224
HmacPBESHA256
HmacPBESHA384
HmacPBESHA512
HmacPBESHA512/224
HmacPBESHA512/256		The HMAC algorithms as defined inAppendix B.4 ofRFC 7292: "PKCS #12: Personal Information Exchange Syntax v1.1"(July 2014).

MessageDigestAlgorithms

Algorithm names that can be specified when generating an instance ofMessageDigest.

Algorithm NameDescription
MD2The MD2 message digest algorithm asdefined inRFC1319.
MD5The MD5 message digest algorithm asdefined inRFC1321.
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
SHA-512/224
SHA-512/256
Secure hash algorithms as defined inFIPSPUB 180-4.

SHA-1 produces a 160 bit digest.
SHA-224 produces a 224 bit digest.
SHA-256 produces a 256 bit digest.
SHA-384 produces a 384 bit digest.
SHA-512 produces a 512 bit digest.
SHA-512/224 produces a 224 bit digest.
SHA-512/256 produces a 256 bit digest.
SHA3-224
SHA3-256
SHA3-384
SHA3-512
SHAKE128-256
SHAKE256-512		Permutation-based hash andextendable-output functions as defined inFIPS PUB202. An input message length can vary; the length of the outputdigest is fixed.

SHA3-224 produces a 224 bit digest.
SHA3-256 produces a 256 bit digest.
SHA3-384 produces a 384 bit digest.
SHA3-512 produces a 512 bit digest.
SHAKE128-256 produces a 256 bit digest.
SHAKE256-512 produces a 512 bit digest.

ParameterSpec Names

NamedParameterSpec

TheNamedParameterSpec class in thejava.security.spec package may be used to specify a set ofparameters using the following names.

NameDescription
Ed25519Elliptic curve signature scheme using theedwards25519 curve defined inRFC 8032.
Ed448Elliptic curve signature scheme using theedwards448 curve defined inRFC 8032.
ML-DSA-44The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-44 parameter set as defined inFIPS 204.
ML-DSA-65The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-65 parameter set as defined inFIPS 204.
ML-DSA-87The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-87 parameter set as defined inFIPS 204.
ML-KEM-512The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-512 parameter set as defined inFIPS 203.
ML-KEM-768The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-768 parameter set as defined inFIPS 203.
ML-KEM-1024The Module-Lattice-Based Key-EncapsulationMechanism (ML-KEM) using the ML-KEM-1024 parameter set as defined inFIPS 203.
X25519Elliptic curve cryptography using theX25519 scalar multiplication function defined inRFC 7748.
X448Elliptic curve cryptography using the X448scalar multiplication function defined inRFC 7748.

ECGenParameterSpec

TheECGenParameterSpec class in thejava.security.spec package may be used to specify a set ofelliptic curve parameters using the following names.

NameDescription
sect163k1
sect163r1
sect163r2
sect193r1
sect193r2
sect233k1
sect233r1
sect239k1
sect283k1
sect283r1
sect409k1
sect409r1
sect571k1
sect571r1
secp160k1
secp160r1
secp160r2
secp192k1
secp192r1
secp224k1
secp224r1
secp256k1
secp256r1
secp384r1
secp521r1		The named curves as specified inSECG, SEC 2: RecommendedElliptic Curve Domain Parameters.
brainpoolP256r1
brainpoolP384r1
brainpoolP512r1		The named curves as defined inRFC 5639.

PSSParameterSpec

ThePSSParameterSpec class in thejava.security.spec package may be used to specify the hashand mask generation function algorithms for the RSASSA-PSS signaturealgorithm using the following names.

Hash Algorithm NameDescription
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
SHA-512/224
SHA-512/256		The hash algorithms as specified inAppendixA.2.3 of RFC 8017.
MGF Algorithm NameDescription
MGF1The mask generation functions as specifiedinAppendixA.2.3 of RFC 8017.

SaslClient Mechanisms

The mechanisms in this section can be specified when generating aninstance ofSaslClient.

MechanismDescription
CRAM-MD5SeeRFC 2195. This mechanismsupports a hashed user name/password authentication scheme.
DIGEST-MD5SeeRFC 2831. This mechanismdefines how HTTP Digest Authentication can be used as a SASLmechanism.
EXTERNALSeeRFC 2222. This mechanismobtains authentication information from an external channel (such as TLSor IPsec).
GSSAPISeeRFC 2222. This mechanismuses the GSSAPI for obtaining authentication information. It supportsKerberos v5 authentication.
NTLMSeeMS-NLMP.This mechanism supports the NTLM authentication scheme.
PLAINSeeRFC 2595. This mechanismsupports cleartext user name/password authentication.

SaslServer Mechanisms

The mechanisms in this section can be specified when generating aninstance ofSaslServer.

MechanismDescription
CRAM-MD5SeeRFC 2195. This mechanismsupports a hashed user name/password authentication scheme.
DIGEST-MD5SeeRFC 2831. This mechanismdefines how HTTP Digest Authentication can be used as a SASLmechanism.
GSSAPISeeRFC 2222. This mechanismuses the GSSAPI for obtaining authentication information. It supportsKerberos v5 authentication.
NTLMSeeMS-NLMP.This mechanism supports the NTLM authentication scheme.

SecretKeyFactoryAlgorithms

The following algorithm names can be specified when requesting aninstance ofSecretKeyFactory.

(These classes create keys for whichKey.getAlgorithm()returns the standard algorithm name.)

Algorithm NameDescription
AESConstructs secret keys for use with theAES algorithm.
ARCFOURConstructs secret keys for use with theARCFOUR algorithm.
ChaCha20Constructs secret keys for use with theChaCha20 and ChaCha20-Poly1305 algorithms.
DESConstructs secret keys for use with theDES algorithm.
DESedeConstructs secret keys for use with theDESede (Triple-DES) algorithm.
GenericConstructs general-purpose secret keys.ThisSecretKeyFactory is primarily useful when working withhardware-based security modules or PKCS #11 tokens where keys arenon-extractable. For PKCS#11, these are CKK_GENERIC_SECRET keys used forpurposes such as Mac algorithms, HKDF Initial Key Material (IKM), HKDFSalt, and other cryptographic operations in a PKCS #11 token.
Important: Using this factory in software-basedenvironments can lead to unexpected behavior. If the provider is PKCS#11, the key created may not be extractable and could fail when usedwith software-based cryptographic operations. For most software-basedsecurity providers, creating aSecretKeySpec object is asafer and more convenient option.
PBEWith<digest>And<encryption>
PBEWith<prf>And<encryption>		Secret-key factory for use with PKCS #5password-based encryption, where <digest> is a message digest,<prf> is a pseudo-random function, and <encryption> is anencryption algorithm. Examples:

PBEWithMD5AndDES (PKCS #5, PBES1 encryptionscheme),
PBEWithHmacSHA256AndAES_128 (PKCS #5, PBES2 encryptionscheme)

Note: These all use only the low order 8 bits of eachpassword character.
PBKDF2With<prf>Password-based key-derivation algorithmdefined inPKCS #5:Password-Based Cryptography Specification, Version 2.1 using thespecified pseudo-random function (<prf>). Example:
PBKDF2WithHmacSHA256.

SecureRandomNumber Generation Algorithms

The algorithm names in this section can be specified when generatingan instance ofSecureRandom.

Algorithm NameDescription
NativePRNGObtains random numbers from the underlyingnative OS. No assertions are made as to the blocking nature ofgenerating these numbers.
NativePRNGBlockingObtains random numbers from the underlyingnative OS, blocking if necessary. For example,/dev/randomon UNIX-like systems.
NativePRNGNonBlockingObtains random numbers from the underlyingnative OS, without blocking to prevent applications from excessivestalling. For example,/dev/urandom on UNIX-likesystems.
PKCS11Obtains random numbers from the underlyinginstalled and configured PKCS #11 library.
DRBGAn algorithm using DRBG mechanisms asdefined inNISTSP 800-90Ar1.
SHA1PRNGThe name of the pseudo-random numbergeneration (PRNG) algorithm supplied by the SUN provider. This algorithmuses SHA-1 as the foundation of the PRNG. It computes the SHA-1 hashover a true-random seed value concatenated with a 64-bit counter whichis incremented by 1 for each operation. From the 160-bit SHA-1 output,only 64 bits are used.
Windows-PRNGObtains random numbers from the underlyingWindows OS.

Service Attributes

The attributes in this section are for cryptographic services. Theservice attributes can be used as filters for selecting providers.

A cryptographic service is always associated with a particularalgorithm or type. For example, a digital signature service is alwaysassociated with a particular algorithm (for example, DSA), and aCertificateFactory service is always associated with aparticular certificate type (for example, X.509).

Note: The attribute name and value arecase-insensitive.

AttributeDescription
KeySizeThe maximum key size that the providersupports for the cryptographic service.
ImplementedInWhether the implementation for thecryptographic service is done by software or hardware. The value of thisattribute is "software" or "hardware".
LDAPSchemaThe name of the specification that definesthe LDAP schema that an implementation of an LDAPCertStoreuses to retrieve certificates and CRLs. RFCs should be specified as"RFC#" (ex: "RFC2587") and Internet Drafts as the name of the draft. AllLDAP implementations ofCertStore should provide a valuefor this attribute.
SupportedKeyClassesThe list of key classes supported by thecryptographic service. The value is a list of fully qualified classnames separated by vertical bars ("|"). For example, when aCipher service provides this attribute, the value indicatesthe kinds of keys that callers should use.
SupportedKeyFormatsThe list of key formats supported by thecryptographic service. The value is a list of key format names separatedby vertical bars ("|"). Possible key format names include those listedin theKey Encodings section.
SupportedModesThe list of modes supported by thecryptographic service. The value is a list of cipher algorithm modenames separated by vertical bars ("|"). Possible mode names includethose listed in the [Cipher Algorithm Modes] (#cipher-algorithm-modes)section.
SupportedPaddingsThe list of paddings supported by thecryptographic service. The value is a list of padding names separated byvertical bars ("|"). Possible padding names include those listed in the[Cipher Algorithm Paddings] (#cipher-algorithm-paddings) section.
ThreadSafeWhether aSecureRandomimplementation has itsSecureRandomSpi engine methodsimplemented thread safe. The value of this attribute is "true" or"false".
ValidationAlgorithmThe name of the specification that definesthe certification path validation algorithm that an implementation ofCertPathBuilder orCertPathValidator supports.RFCs should be specified as "RFC#" (ex: "RFC5280") and Internet Draftsas the name of the draft (ex:"draft-ietf-pkix-rfc2560bis-01.txt"). Values for thisattribute that are specified as selection criteria to theSecurity.getProviders method will be compared using theString.equalsIgnoreCase method. All PKIX implementations ofCertPathBuilder andCertPathValidator shouldprovide a value for this attribute.

For example,

    map.put("KeyPairGenerator.DSA",            "sun.security.provider.DSAKeyPairGenerator");    map.put("KeyPairGenerator.DSA KeySize", "2048");    map.put("KeyPairGenerator.DSA ImplementedIn", "Software");

Signature Algorithms

The algorithm names in this section can be specified when generatingan instance ofSignature.

Algorithm NameDescription
EdDSAEdwards-Curve signature algorithm asdefined inRFC8032.
Ed25519Edwards-Curve signature algorithm withEd25519 as defined inRFC8032.
Ed448Edwards-Curve signature algorithm withEd448 as defined inRFC8032.
HSS/LMSThe Leighton-Micali Signature (LMS) systemwith the Hierarchical Signature System (HSS) as defined inRFC 8554.
ML-DSAThe Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) as defined inFIPS 204. Thisalgorithm supports keys with ML-DSA-44, ML-DSA-65, and ML-DSA-87parameter sets.
ML-DSA-44The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-44 parameter set as defined inFIPS 204.
ML-DSA-65The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-65 parameter set as defined inFIPS 204.
ML-DSA-87The Module-Lattice-Based Digital SignatureAlgorithm (ML-DSA) using the ML-DSA-87 parameter set as defined inFIPS 204.
NONEwithRSAThe RSA signature algorithm which does notuse any digesting algorithm and uses only the RSASP1/RSAVP1 primitivesas defined inPKCS #1v2.2.
MD2withRSA
MD5withRSA		The RSA signature algorithm that uses theMD2/MD5 digest with the RSASSA-PKCS1-v1_5 signature scheme as defined inPKCS #1 v2.2.
SHA1withRSA
SHA224withRSA
SHA256withRSA
SHA384withRSA
SHA512withRSA
SHA512/224withRSA
SHA512/256withRSA
SHA3-224withRSA
SHA3-256withRSA
SHA3-384withRSA
SHA3-512withRSA		The RSA signature algorithm that uses theSHA-* digest with the RSASSA-PKCS1-v1_5 signature scheme as defined inPKCS #1 v2.2.
RSASSA-PSSThe signature algorithm that uses theRSASSA-PSS signature scheme as defined inPKCS #1 v2.2. Note thatthis signature algorithm needs parameters such as a hash algorithm, saltlength and MGF algorithm, to be supplied with aPSSParameterSpecobject before performing the RSA operation. See thePSSParameterSpec section for the standardalgorithm names that can be specified.
NONEwithDSAThe Digital Signature Algorithm as definedinFIPSPUB 186-2. The data must be exactly 20 bytes in length. Thisalgorithm is also known as rawDSA.
SHA1withDSA
SHA224withDSA
SHA256withDSA
SHA384withDSA
SHA512withDSA
SHA3-224withDSA
SHA3-256withDSA
SHA3-384withDSA
SHA3-512withDSA		The DSA signature algorithms that use theSHA-1, SHA-2, and SHA-3 family of digest algorithms to create and verifydigital signatures as defined inFIPSPUB 186-3 andFIPSPUB 186-4.
NONEwithECDSA
SHA1withECDSA
SHA224withECDSA
SHA256withECDSA
SHA384withECDSA
SHA512withECDSA
(ECDSA)
SHA3-224withECDSA
SHA3-256withECDSA
SHA3-384withECDSA
SHA3-512withECDSA		The ECDSA signature algorithms as definedin ANSI X9.62.

Note: "ECDSA" is an ambiguous name for the"SHA1withECDSA" algorithm and should not be used. The formal name"SHA1withECDSA" should be used instead.
NONEwithDSAinP1363Format
SHA1withDSAinP1363Format
SHA224withDSAinP1363Format
SHA256withDSAinP1363Format
SHA384withDSAinP1363Format
SHA512withDSAinP1363Format
SHA3-224withDSAinP1363Format
SHA3-256withDSAinP1363Format
SHA3-384withDSAinP1363Format
SHA3-512withDSAinP1363Format		The DSA signature algorithms as defined inFIPS PUB 186-2, 186-3, and 186-4 with an output as defined in IEEE P1363format. The format of the Signature bytes for these algorithms is theconcatenation of the integers r and s in raw bytes.
NONEwithECDSAinP1363Format
SHA1withECDSAinP1363Format
SHA224withECDSAinP1363Format
SHA256withECDSAinP1363Format
SHA384withECDSAinP1363Format
SHA512withECDSAinP1363Format
SHA3-224withECDSAinP1363Format
SHA3-256withECDSAinP1363Format
SHA3-384withECDSAinP1363Format
SHA3-512withECDSAinP1363Format		The ECDSA signature algorithms as definedin ANSI X9.62 and FIPS PUB 186-4 with an output as defined in IEEE P1363format. The format of the Signature bytes for these algorithms is theconcatenation of the integers r and s in raw bytes.
<digest>with<encryption>Use this to form a name for a signaturealgorithm with a particular message digest (such as MD2 or MD5) andalgorithm (such as RSA or DSA), just as was done for the explicitlydefined standard names in this section (MD2withRSA, and so on).

For the signature schemes defined inPKCS #1 v2.2, for whichthe <digest>with<encryption> form is insufficient,<digest>with<encryption>and<mgf> can be used to form aname. Here, <mgf> should be replaced by a mask generation functionsuch as MGF1. Example:MD5withRSAandMGF1

For the signature formats defined in IEEE P1363,<digest>with<encryption>in<format>Format can be usedto form a name. Example:SHA1withECDSAinP1363Format

SSLContext Algorithms

The algorithm names in this section can be specified when generatingan instance ofSSLContext.

Algorithm NameDescription
SSLSupports some version of SSL; may supportother SSL/TLS versions.
SSLv2Supports SSL version 2 or later; maysupport other SSL/TLS versions.
SSLv3Supports SSL version 3; may support otherSSL/TLS versions.
TLSSupports some version of TLS; may supportother SSL/TLS versions.
TLSv1SupportsRFC 2246: TLS version1.0; may support other SSL/TLS versions.
TLSv1.1SupportsRFC 4346: TLS version1.1; may support other SSL/TLS versions.
TLSv1.2SupportsRFC 5246: TLS version1.2; may support other SSL/TLS versions.
TLSv1.3SupportsRFC 8446: TLS version1.3; may support other SSL/TLS versions.
DTLSSupports the default provider-dependentversions of DTLS versions.
DTLSv1.0SupportsRFC 4347: DTLS version1.0; may support other DTLS versions.
DTLSv1.2SupportsRFC 6347: DTLS version1.2; may support other DTLS versions.

TrustManagerFactoryAlgorithms

The algorithm name in this section can be specified when generatingan instance ofTrustManagerFactory.

Algorithm NameDescription
PKIXA factory forX509ExtendedTrustManager objects that validate certificatechains according to the rules defined by the IETF PKIX working group inRFC 5280 or itssuccessor. TheTrustManagerFactory must supportinitialization using the classjavax.net.ssl.CertPathTrustManagerParameters.

XMLSignature(XMLSignatureFactory/KeyInfoFactory/TransformService)Mechanisms

The mechanism that can be specified when generating an instance ofXMLSignatureFactory,KeyInfoFactory, orTransformService.

The mechanism identifies the XML processing mechanism that animplementation uses internally to parse and generate XML signature andKeyInfo structures. Also, note that eachTransformServiceinstance supports a specific transform algorithm in addition to amechanism. The standard names for the transform algorithms are definedin the next section.

MechanismDescription
DOMThe Document Object Model.

XMLSignature Transform (TransformService) Algorithms

The algorithms in this section can be specified when generating aninstance ofTransformService.

Note: The URIs are specified instead of names to beconsistent with the XML Signature standard. API constants have beendefined for each URI, and are listed in parentheses after each URI inthe following table.

Algorithm URIDescription
http://www.w3.org/TR/2001/REC-xml-c14n-20010315(CanonicalizationMethod.INCLUSIVE)TheCanonical XML(without comments) canonicalization algorithm.
http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS)TheCanonicalXML with comments canonicalization algorithm.
http://www.w3.org/2001/10/xml-exc-c14n#(CanonicalizationMethod.EXCLUSIVE)TheExclusiveCanonical XML (without comments) canonicalization algorithm.
http://www.w3.org/2001/10/xml-exc-c14n#WithComments(CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS)TheExclusiveCanonical XML with comments canonicalization algorithm.
http://www.w3.org/2006/12/xml-c14n11(CanonicalizationMethod.INCLUSIVE_11)TheCanonical XML 1.1 (withoutcomments) canonicalization algorithm.
http://www.w3.org/2006/12/xml-c14n11#WithComments(CanonicalizationMethod.INCLUSIVE_11_WITH_COMMENTS)TheCanonical XML 1.1with comments canonicalization algorithm.
http://www.w3.org/2000/09/xmldsig#base64(Transform.BASE64)TheBase64transform algorithm.
http://www.w3.org/2000/09/xmldsig#enveloped-signature(Transform.ENVELOPED)TheEnvelopedSignature transform algorithm.
http://www.w3.org/TR/1999/REC-xpath-19991116(Transform.XPATH)TheXPath transformalgorithm.
http://www.w3.org/2002/06/xmldsig-filter2(Transform.XPATH2)TheXPathFilter 2 transform algorithm.
http://www.w3.org/TR/1999/REC-xslt-19991116(Transform.XSLT)TheXSLT transformalgorithm.

JSSE Cipher Suite Names

The following table contains the standard JSSE cipher suite names.Over time, various groups have added additional cipher suites to theSSL/TLS/DTLSnamespace.

Some JSSE cipher suite names were defined before TLSv1.0 wasfinalized, and were therefore given theSSL_ prefix. Thenames mentioned in the TLS RFCs prefixed withTLS_ arefunctionally equivalent to the JSSE cipher suites prefixed withSSL_.

Cipher Suite CodeStandard Name (IANA name ifdifferent)Valid for Datagram Transport LayerProtocolsDeprecated (Protocol)Introduced in (Protocol)References
0x00,0x00SSL_NULL_WITH_NULL_NULLIANA:TLS_NULL_WITH_NULL_NULLYesTLSv1.3N/ARFC 5246
0x00,0x01SSL_RSA_WITH_NULL_MD5IANA:TLS_RSA_WITH_NULL_MD5YesTLSv1.3N/ARFC 5246
0x00,0x02SSL_RSA_WITH_NULL_SHAIANA:TLS_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 5246
0x00,0x03SSL_RSA_EXPORT_WITH_RC4_40_MD5IANA:TLS_RSA_EXPORT_WITH_RC4_MD5NoTLSv1.1N/ARFC 4346RFC 6347
0x00,0x04SSL_RSA_WITH_RC4_128_MD5IANA:TLS_RSA_WITH_RC4_128_MD5NoTLSv1.3N/ARFC 5246RFC 6347
0x00,0x05SSL_RSA_WITH_RC4_128_SHAIANA:TLS_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 5246RFC 6347
0x00,0x06SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5IANA:TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5YesTLSv1.1N/ARFC 4346
0x00,0x07SSL_RSA_WITH_IDEA_CBC_SHAIANA:TLS_RSA_WITH_IDEA_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x08SSL_RSA_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x09SSL_RSA_WITH_DES_CBC_SHAIANA:TLS_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x0ASSL_RSA_WITH_3DES_EDE_CBC_SHAIANA:TLS_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x0BSSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x0CSSL_DH_DSS_WITH_DES_CBC_SHAIANA:TLS_DH_DSS_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5246
0x00,0x0DSSL_DH_DSS_WITH_3DES_EDE_CBC_SHAIANA:TLS_DH_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x0ESSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x0FSSL_DH_RSA_WITH_DES_CBC_SHAIANA:TLS_DH_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x10SSL_DH_RSA_WITH_3DES_EDE_CBC_SHAIANA:TLS_DH_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x11SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x12SSL_DHE_DSS_WITH_DES_CBC_SHAIANA:TLS_DHE_DSS_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x13SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHAIANA:TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x14SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x15SSL_DHE_RSA_WITH_DES_CBC_SHAIANA:TLS_DHE_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x16SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHAIANA:TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x17SSL_DH_anon_EXPORT_WITH_RC4_40_MD5IANA:TLS_DH_anon_EXPORT_WITH_RC4_40_MD5NoTLSv1.1N/ARFC 4346RFC 6347
0x00,0x18SSL_DH_anon_WITH_RC4_128_MD5IANA:TLS_DH_anon_WITH_RC4_128_MD5NoTLSv1.1N/ARFC 5246RFC 6347
0x00,0x19SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHAIANA:TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x1ASSL_DH_anon_WITH_DES_CBC_SHAIANA:TLS_DH_anon_WITH_DES_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x1BSSL_DH_anon_WITH_3DES_EDE_CBC_SHAIANA:TLS_DH_anon_WITH_3DES_EDE_CBC_SHAYesTLSv1.1N/ARFC 5246
0x00,0x1ETLS_KRB5_WITH_DES_CBC_SHAYesTLSv1.2TLSv1.0RFC 2712
0x00,0x1FTLS_KRB5_WITH_3DES_EDE_CBC_SHAYesTLSv1.3TLSv1.0RFC 2712
0x00,0x20TLS_KRB5_WITH_RC4_128_SHANoTLSv1.3TLSv1.0RFC 2712RFC 6347
0x00,0x21TLS_KRB5_WITH_IDEA_CBC_SHAYesTLSv1.2N/ARFC 2712
0x00,0x22TLS_KRB5_WITH_DES_CBC_MD5YesTLSv1.2N/ARFC 2712
0x00,0x23TLS_KRB5_WITH_3DES_EDE_CBC_MD5YesTLSv1.3N/ARFC 2712
0x00,0x24TLS_KRB5_WITH_RC4_128_MD5NoTLSv1.3N/ARFC 2712RFC 6347
0x00,0x25TLS_KRB5_WITH_IDEA_CBC_MD5YesTLSv1.2N/ARFC 2712
0x00,0x26TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHAYesTLSv1.1N/ARFC 2712
0x00,0x27TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHAYesTLSv1.1N/ARFC 2712
0x00,0x28TLS_KRB5_EXPORT_WITH_RC4_40_SHANoTLSv1.1N/ARFC 2712RFC 6347
0x00,0x29TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5YesTLSv1.1N/ARFC 2712
0x00,0x2ATLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5YesTLSv1.1N/ARFC 2712
0x00,0x2BTLS_KRB5_EXPORT_WITH_RC4_40_MD5NoTLSv1.1N/ARFC 2712RFC 6347
0x00,0x2CTLS_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2DTLS_DHE_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2ETLS_RSA_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2FTLS_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x30TLS_DH_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x31TLS_DH_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x32TLS_DHE_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x33TLS_DHE_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x34TLS_DH_anon_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x35TLS_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x36TLS_DH_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x37TLS_DH_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x38TLS_DHE_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x39TLS_DHE_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x3ATLS_DH_anon_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x3BTLS_RSA_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3CTLS_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3DTLS_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3ETLS_DH_DSS_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3FTLS_DH_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x40TLS_DHE_DSS_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x41TLS_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x42TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x43TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x44TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x45TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x46TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x67TLS_DHE_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x68TLS_DH_DSS_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x69TLS_DH_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6ATLS_DHE_DSS_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6BTLS_DHE_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6CTLS_DH_anon_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6DTLS_DH_anon_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x84TLS_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x85TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x86TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x87TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x88TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x89TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x8ATLS_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x8BTLS_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8CTLS_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8DTLS_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8ETLS_DHE_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x8FTLS_DHE_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x90TLS_DHE_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x91TLS_DHE_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x92TLS_RSA_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x93TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x94TLS_RSA_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x95TLS_RSA_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x96TLS_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x97TLS_DH_DSS_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x98TLS_DH_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x99TLS_DHE_DSS_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9ATLS_DHE_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9BTLS_DH_anon_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9CTLS_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9DTLS_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9ETLS_DHE_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9FTLS_DHE_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA0TLS_DH_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA1TLS_DH_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA2TLS_DHE_DSS_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA3TLS_DHE_DSS_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA4TLS_DH_DSS_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA5TLS_DH_DSS_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA6TLS_DH_anon_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA7TLS_DH_anon_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA8TLS_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xA9TLS_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xAATLS_DHE_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xABTLS_DHE_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xACTLS_RSA_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xADTLS_RSA_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xAETLS_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xAFTLS_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB0TLS_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB1TLS_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB2TLS_DHE_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB3TLS_DHE_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB4TLS_DHE_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB5TLS_DHE_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB6TLS_RSA_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB7TLS_RSA_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB8TLS_RSA_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB9TLS_RSA_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xBATLS_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBBTLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBCTLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBDTLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBETLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBFTLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC0TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC1TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC2TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC3TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC4TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC5TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xFFTLS_EMPTY_RENEGOTIATION_INFO_SCSVYesTLSv1.3N/ARFC 5746
0x13,0x01TLS_AES_128_GCM_SHA256YesN/ATLSv1.3RFC 8446
0x13,0x02TLS_AES_256_GCM_SHA384YesN/ATLSv1.3RFC 8446
0x13,0x03TLS_CHACHA20_POLY1305_SHA256NoN/ATLSv1.3RFC 7905
0x13,0x04TLS_AES_128_CCM_SHA256YesN/ATLSv1.3RFC 8446
0x13,0x05TLS_AES_128_CCM_8_SHA256YesN/ATLSv1.3RFC 8446
0x56,0x00TLS_FALLBACK_SCSVYesTLSv1.3N/ARFC 7507
0xC0,0x01TLS_ECDH_ECDSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x02TLS_ECDH_ECDSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x03TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x04TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x05TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x06TLS_ECDHE_ECDSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x07TLS_ECDHE_ECDSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x08TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x09TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0ATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0BTLS_ECDH_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0CTLS_ECDH_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x0DTLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0ETLS_ECDH_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0FTLS_ECDH_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x10TLS_ECDHE_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x11TLS_ECDHE_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x12TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x13TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x14TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x15TLS_ECDH_anon_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x16TLS_ECDH_anon_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x17TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x18TLS_ECDH_anon_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x19TLS_ECDH_anon_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x1ATLS_SRP_SHA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1BTLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1CTLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1DTLS_SRP_SHA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1ETLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1FTLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x20TLS_SRP_SHA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x21TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x22TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x23TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x24TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x25TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x26TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x27TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x28TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x29TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x2ATLS_ECDH_RSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x2BTLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2CTLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2DTLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2ETLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2FTLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x30TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x31TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x32TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x33TLS_ECDHE_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 5489RFC 6347
0xC0,0x34TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x35TLS_ECDHE_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x36TLS_ECDHE_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x37TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5489
0xC0,0x38TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5489
0xC0,0x39TLS_ECDHE_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x3ATLS_ECDHE_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5489
0xC0,0x3BTLS_ECDHE_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5489
0xC0,0x3CTLS_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x3DTLS_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x3ETLS_DH_DSS_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x3FTLS_DH_DSS_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x40TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x41TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x42TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x43TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x44TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x45TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x46TLS_DH_anon_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x47TLS_DH_anon_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x48TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x49TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4ATLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4BTLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4CTLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4DTLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4ETLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4FTLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x50TLS_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x51TLS_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x52TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x53TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x54TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x55TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x56TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x57TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x58TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x59TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5ATLS_DH_anon_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5BTLS_DH_anon_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5CTLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5DTLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5ETLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5FTLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x60TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x61TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x62TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x63TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x64TLS_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x65TLS_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x66TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x67TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x68TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x69TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x6ATLS_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6BTLS_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6CTLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6DTLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6ETLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6FTLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x70TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x71TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x72TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x73TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x74TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x75TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x76TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x77TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x78TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x79TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x7ATLS_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7BTLS_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7CTLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7DTLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7ETLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7FTLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x80TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x81TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x82TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x83TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x84TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x85TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x86TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x87TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x88TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x89TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8ATLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8BTLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8CTLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8DTLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8ETLS_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8FTLS_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x90TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x91TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x92TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x93TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x94TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x95TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x96TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x97TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x98TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x99TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x9ATLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x9BTLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x9CTLS_RSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9DTLS_RSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9ETLS_DHE_RSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9FTLS_DHE_RSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA0TLS_RSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA1TLS_RSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA2TLS_DHE_RSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA3TLS_DHE_RSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA4TLS_PSK_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA5TLS_PSK_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA6TLS_DHE_PSK_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA7TLS_DHE_PSK_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA8TLS_PSK_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA9TLS_PSK_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xAATLS_DHE_PSK_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xABTLS_DHE_PSK_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xACTLS_ECDHE_ECDSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 7251
0xC0,0xADTLS_ECDHE_ECDSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 7251
0xC0,0xAETLS_ECDHE_ECDSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 7251
0xC0,0xAFTLS_ECDHE_ECDSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 7251
0xCC,0xA8TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xA9TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xAATLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xABTLS_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xACTLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xADTLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xAETLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905

Additional JSSE StandardNames

Key Types

ThekeyType parameter passed to thechooseClientAlias,chooseServerAlias,getClientAliases, andgetServerAliases methodsofX509KeyManager specifies the public key types.

Each row of the table that follows lists the standard name thatshould be used forkeyType, given the specified certificatetype.

Standard Names for a Key Type
NameCertificate Type
RSARSA
DSADSA
DH_RSADiffie-Hellman with RSA signature
DH_DSADiffie-Hellman with DSA signature
ECElliptic Curve
EC_ECElliptic Curve with ECDSA signature
EC_RSAElliptic Curve with RSA signature
RSASSA-PSSRSASSA-PSS
EdDSAEdDSA (Ed25519 and Ed448)

Protocols

Theprotocols parameter passed to thesetEnabledProtocols method ofSSLSocket andSSLEngine specifies the protocol versions to be enabled foruse on the connection. The table that follows lists the standard namesthat can be passed to thesetEnabledProtocols method orthat may be returned by thegetSupportedProtocols andgetEnabledProtocols methods ofSSLSocket andSSLEngine.

These names also apply to theprotocol parameterreturned from thegetProtocol method ofSSLSession, and theprotocols parameter passedto thesetProtocols method or that may be returned by thegetProtocols method ofSSLParameters.

Standard Names for a Protocol
NameProtocol
SSLv2SSL version 2 protocol
SSLv3SSL version 3 protocol
TLSv1TLS version 1.0 protocol (defined inRFC 2246)
TLSv1.1TLS version 1.1 protocol (defined inRFC 4346)
TLSv1.2TLS version 1.2 protocol (defined inRFC 5246)
TLSv1.3TLS version 1.3 protocol (defined inRFC 8446)
DTLSv1.0DTLS version 1.0 protocol (defined inRFC 4347)
DTLSv1.2DTLS version 1.2 protocol (defined inRFC 6347)
SSLv2HelloCurrently, the SSLv3, TLSv1, and TLSv1.1protocols allow you to send SSLv3, TLSv1, and TLSv1.1 hellosencapsulated in an SSLv2 format hello. For more details on the reasonsfor allowing this compatibility in these protocols, see Appendix E inthe appropriate RFCs (previously listed).

Note: Some SSL/TLS servers do not support the v2 helloformat and require that client hellos conform to the SSLv3 or TLSv1client hello formats.

The SSLv2Hello option controls the SSLv2 encapsulation. If SSLv2Hello isdisabled on the client, then all outgoing messages will conform to theSSLv3/TLSv1 client hello format. If SSLv2Hello is disabled on theserver, then all incoming messages must conform to the SSLv3/TLSv1client hello format.

Authentication Types

TheauthType parameter passed to thecheckClientTrusted andcheckServerTrustedmethods ofX509TrustManager indicates the authenticationtype. The table that follows specifies what standard names should beused for the client or server certificate chains.

Standard Names for Client or Server Certificate Chain
Client or Server Certificate ChainAuthentication Type Standard Name
ClientDetermined by the actual certificate used.For instance, if RSAPublicKey is used, theauthType shouldbe "RSA".
ServerThe key exchange algorithm portion of thecipher suites represented as a String, such as "RSA" or "DHE_DSS".

Note: For some exportable cipher suites, the keyexchange algorithm is determined at runtime during the handshake.

For instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5, theauthType should be "RSA_EXPORT" when an ephemeral RSA keyis used for the key exchange, and "RSA" when the key from the servercertificate is used. Or it can take the value "UNKNOWN".

Endpoint IdentificationAlgorithms

The endpoint identification algorithm indicates the endpointidentification or verification procedures during SSL/TLS/DTLShandshaking. The algorithm name can be passed to thesetEndpointIdentificationAlgorithm method ofjavax.net.ssl.SSLParameters.

The following table shows the standard endpoint identificationnames.

Endpoint Identification Algorithm Name
Endpoint Identification AlgorithmNameSpecification
HTTPSRFC 2818
LDAPSRFC 2830

Signature Schemes

The following table contains the standard signature scheme names,which are the algorithms used in the digital signatures of TLSconnections and are also defined in theSignatureSchemesection of the IANA TLS Registry.

Signature SchemeSpecification
ecdsa_secp256r1_sha256RFC 8446
ecdsa_secp384r1_sha384RFC 8446
ecdsa_secp521r1_sha512RFC 8446
ecdsa_sha1RFC 8446
ed25519RFC 8446
ed448RFC 8446
rsa_pkcs1_sha1RFC 8446
rsa_pkcs1_sha256RFC 8446
rsa_pkcs1_sha384RFC 8446
rsa_pkcs1_sha512RFC 8446
rsa_pss_pss_sha256RFC 8446
rsa_pss_pss_sha384RFC 8446
rsa_pss_pss_sha512RFC 8446
rsa_pss_rsae_sha256RFC 8446
rsa_pss_rsae_sha384RFC 8446
rsa_pss_rsae_sha512RFC 8446

Named Groups

The following table contains the standard group names, which are thenamed groups used in key exchange algorithms of TLS connections and arealso defined in theSupportedGroups section of the IANA TLS Registry.

Name
secp256r1
secp384r1
secp521r1		The NIST elliptic curves as specified inRFC 8422.
x25519
x448
The elliptic curves as specified inRFC 8446 andRFC 8442.
ffdhe2048
ffdhe3072
ffdhe4096
ffdhe6144
ffdhe8192		The Finite Field Diffie-Hellman Ephemeral (FFDHE) groups asspecified inRFC7919.

Security AlgorithmSpecification

This section specifies details concerning some of the algorithmsdefined in this document. Any provider supplying an implementation ofthe listed algorithms must comply with the specifications in thissection.

Specification Template

The following table shows the fields of the algorithmspecifications.

FieldDescription
NameThe name by which the algorithm is known.This is the name passed to thegetInstance method (whenrequesting the algorithm), and returned by thegetAlgorithmmethod to determine the name of an existing algorithm object. Thesemethods are in the relevant engine classes:Signature,MessageDigest,KeyPairGenerator, andAlgorithmParameterGenerator .
TypeThe type of algorithm:Signature,MessageDigest,KeyPairGenerator, orAlgorithmParameterGenerator.
DescriptionGeneral notes about the algorithm,including any standards implemented by the algorithm, applicablepatents, and so on.
KeyPair Algorithm(optional)TheKeyPair algorithm forthis algorithm.
Keysize (optional)For a keyed algorithm or key generationalgorithm: the valid keysizes.
Size (optional)For an algorithm parameter generationalgorithm: the valid "sizes" for algorithm parameter generation.
Parameter Defaults(optional)For a key generation algorithm: thedefault parameter values.
Signature Format(optional)For aSignature algorithm,the format of the signature, that is, the input and output of the verifyand sign methods, respectively.

Algorithm Specifications

SHA-1 Message Digest Algorithm
FieldDescription
NameSHA-1
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 160-bit digest.
SHA-224 Message Digest Algorithm
FieldDescription
NameSHA-224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 224-bit digest.
SHA-256 Message Digest Algorithm
FieldDescription
NameSHA-256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 256-bit digest.
SHA-384 Message Digest Algorithm
FieldDescription
NameSHA-384
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 384-bit digest.
SHA-512 Message Digest Algorithm
FieldDescription
NameSHA-512
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 512-bit digest.
SHA-512/224 Message Digest Algorithm
FieldDescription
NameSHA-512/224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 224-bit digest.
SHA-512/256 Message Digest Algorithm
FieldDescription
NameSHA-512/256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS180-4. The output of this algorithm is a 256-bit digest.
SHA3-224 Message Digest Algorithms
FieldDescription
NameSHA3-224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPSPUB 202. The output of this algorithm is a 224-bit digest.
SHA3-256 Message Digest Algorithms
FieldDescription
NameSHA3-256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPSPUB 202. The output of this algorithm is a 256-bit digest.
SHA3-384 Message Digest Algorithms
FieldDescription
NameSHA3-384
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPSPUB 202. The output of this algorithm is a 384-bit digest.
SHA3-512 Message Digest Algorithms
FieldDescription
NameSHA3-512
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPSPUB 202. The output of this algorithm is a 512-bit digest.
MD2 Message Digest Algorithm
FieldDescription
NameMD2
TypeMessageDigest
DescriptionThe message digest algorithm as defined inRFC 1319. The outputof this algorithm is a 128-bit digest.
MD5 Message Digest Algorithm
FieldDescription
NameMD5
TypeMessageDigest
DescriptionThe message digest algorithm as defined inRFC 1321. The outputof this algorithm is a 128-bit digest.
The Digital Signature Algorithms, with SHA-1 or SHA-2
FieldDescription
NameSHA1withDSA, SHA224withDSA, SHA256withDSA,SHA384withDSA, and SHA512withDSA
TypeSignature
DescriptionThe signature algorithm described inNISTFIPS 186-3, using DSA with the SHA-1, SHA-224, SHA-256, SHA-384, andSHA-512 message digest algorithms.
KeyPair AlgorithmDSA
Signature FormatASN.1 sequence of two INTEGER values:r ands, in that order:

SEQUENCE { r INTEGER, s INTEGER }
RSA-based Signature Algorithms, with MD2, MD5, SHA-1, orSHA-2
FieldDescription
NamesMD2withRSA, MD5withRSA, SHA1withRSA,SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA,SHA512/224withRSA, SHA512/256withRSA
TypeSignature
DescriptionThese are the signature algorithms thatuse the MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 messagedigest algorithms (respectively) with RSA encryption.
KeyPair AlgorithmRSA
Signature FormatDER-encoded PKCS #1 block as defined inRSA Laboratories, PKCS #1v2.2. The data encrypted is the digest of the data signed.
RSASSA-PSS-based Signature Algorithms
FieldDescription
NamesRSASSA-PSS
TypeSignature
DescriptionThis signature algorithm requires PSSparameters to be explicitly supplied before data can be processed.
KeyPair AlgorithmRSA or RSASSA-PSS
Signature FormatDER-encoded PKCS1 block as defined inRSA Laboratories, PKCS #1v2.2. The data encrypted is the digest of the data signed.
DSA KeyPair Generation Algorithm
FieldDescription
NameDSA
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generationalgorithm described inNIST FIPS186 for DSA.
KeysizeThe length, in bits, of the modulusp. This must be a multiple of 64, ranging from 512 to 1024(inclusive), 2048, or 3072.
Parameter DefaultsSee below for the parameter values.

The following are the parameter values for keysizes of 512, 768, and1024 bits:

512-bit Key Parameters

 SEED =     b869c82b 35d70e1b 1ff91b28 e37a62ec dc34409b counter = 123 p =     fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3     ae1617ae 01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151     bdc43ee7 37592e17 q =     962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5 g =     678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d     14271b9e 35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a     6c416e50 be794ca4

768-bit key parameters

 SEED =     77d0f8c4 dad15eb8 c4f2f8d6 726cefd9 6d5bb399 counter = 263 p =     e9e64259 9d355f37 c97ffd35 67120b8e 25c9cd43 e927b3a9 670fbec5     d8901419 22d2c3b3 ad248009 3799869d 1e846aab 49fab0ad 26d2ce6a     22219d47 0bce7d77 7d4a21fb e9c270b5 7f607002 f3cef839 3694cf45     ee3688c1 1a8c56ab 127a3daf q =     9cdbd84c 9f1ac2f3 8d0f80f4 2ab952e7 338bf511 g =     30470ad5 a005fb14 ce2d9dcd 87e38bc7 d1b1c5fa cbaecbe9 5f190aa7     a31d23c4 dbbcbe06 17454440 1a5b2c02 0965d8c2 bd2171d3 66844577     1f74ba08 4d2029d8 3c1c1585 47f3a9f1 a2715be2 3d51ae4d 3e5a1f6a     7064f316 933a346d 3f529252

1024-bit key parameters

 SEED =     8d515589 4229d5e6 89ee01e6 018a237e 2cae64cd counter = 92 p =     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80     b6512669 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b     801d346f f26660b7 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6     1bf83b57 e7c6a8a6 150f04fb 83f6d3c5 1ec30235 54135a16 9132f675     f3ae2b61 d72aeff2 2203199d d14801c7 q =     9760508f 15230bcc b292b982 a2eb840b f0581cf5 g =     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b     3d078267 5159578e bad4594f e6710710 8180b449 167123e8 4c281613     b7cf0932 8cc8a6e1 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f     0bfa2135 62f1fb62 7a01243b cca4f1be a8519089 a883dfe1 5ae59f06     928b665e 807b5525 64014c3b fecf492a

The following are the default values for larger DSA key sizesidentified by (L,N) pairs:

(L,N) = (2048, 256)

 SEED =     b0b44176 01b59cbc 9d8ac8f9 35cadaec 4f5fbb2f 23785609 ae466748     d9b5a536 counter = 497 p =     95475cf5 d93e596c 3fcd1d90 2add02f4 27f5f3c7 210313bb 45fb4d5b     b2e5fe1c bd678cd4 bbdd84c9 836be1f3 1c077772 5aeb6c2f c38b85f4     8076fa76 bcd8146c c89a6fb2 f706dd71 9898c208 3dc8d896 f84062e2     c9c94d13 7b054a8d 8096adb8 d5195239 8eeca852 a0af12df 83e475aa     65d4ec0c 38a9560d 5661186f f98b9fc9 eb60eee8 b030376b 236bc73b     e3acdbd7 4fd61c1d 2475fa30 77b8f080 467881ff 7e1ca56f ee066d79     506ade51 edbb5443 a563927d bc4ba520 08674617 5c888592 5ebc64c6     14790677 3496990c b714ec66 7304e261 faee33b3 cbdf008e 0c3fa906     50d97d39 09c9275b f4ac86ff cb3d03e6 dfc8ada5 934242dd 6d3bcca2     a406cb0b q =     f8183668 ba5fc5bb 06b5981e 6d8b795d 30b8978d 43ca0ec5 72e37e09     939a9773 g =     42debb9d a5b3d88c c956e087 87ec3f3a 09bba5f4 8b889a74 aaf53174     aa0fbe7e 3c5b8fcd 7a53bef5 63b0e985 60328960 a9517f40 14d3325f     c7962bf1 e049370d 76d1314a 76137e79 2f3f0db8 59d095e4 a5b93202     4f079ecf 2ef09c79 7452b077 0e135078 2ed57ddf 794979dc ef23cb96     f1830619 65c4ebc9 3c9c71c5 6b925955 a75f94cc cf1449ac 43d586d0     beee4325 1b0b2287 349d68de 0d144403 f13e802f 4146d882 e057af19     b6f6275c 6676c8fa 0e3ca271 3a3257fd 1b27d063 9f695e34 7d8d1cf9     ac819a26 ca9b04cb 0eb9b7b0 35988d15 bbac6521 2a55239c fc7e58fa     e38d7250 ab9991ff bc971340 25fe8ce0 4c4399ad 96569be9 1a546f49     78693c7a

(L,N) = (2048, 224)

 SEED =     58423608 0cfa43c0 9b023541 35f4cc51 98a19efa da08bd86 6d601ba4 counter = 2666 p =     8f7935d9 b9aae9bf abed887a cf4951b6 f32ec59e 3baf3718 e8eac496     1f3efd36 06e74351 a9c41833 39b809e7 c2ae1c53 9ba7475b 85d011ad     b8b47987 75498469 5cac0e8f 14b33608 28a22ffa 27110a3d 62a99345     3409a0fe 696c4658 f84bdd20 819c3709 a01057b1 95adcd00 233dba54     84b6291f 9d648ef8 83448677 979cec04 b434a6ac 2e75e998 5de23db0     292fc111 8c9ffa9d 8181e733 8db792b7 30d7b9e3 49592f68 09987215     3915ea3d 6b8b4653 c633458f 803b32a4 c2e0f272 90256e4e 3f8a3b08     38a1c450 e4e18c1a 29a37ddf 5ea143de 4b66ff04 903ed5cf 1623e158     d487c608 e97f211c d81dca23 cb6e3807 65f822e3 42be484c 05763939     601cd667 q =     baf696a6 8578f7df dee7fa67 c977c785 ef32b233 bae580c0 bcd5695d g =     16a65c58 20485070 4e7502a3 9757040d 34da3a34 78c154d4 e4a5c02d     242ee04f 96e61e4b d0904abd ac8f37ee b1e09f31 82d23c90 43cb642f     88004160 edf9ca09 b32076a7 9c32a627 f2473e91 879ba2c4 e744bd20     81544cb5 5b802c36 8d1fa83e d489e94e 0fa0688e 32428a5c 78c478c6     8d0527b7 1c9a3abb 0b0be12c 44689639 e7d3ce74 db101a65 aa2b87f6     4c6826db 3ec72f4b 5599834b b4edb02f 7c90e9a4 96d3a55d 535bebfc     45d4f619 f63f3ded bb873925 c2f224e0 7731296d a887ec1e 4748f87e     fb5fdeb7 5484316b 2232dee5 53ddaf02 112b0d1f 02da3097 3224fe27     aeda8b9d 4b2922d9 ba8be39e d9e103a6 3c52810b c688b7e2 ed4316e1     ef17dbde
RSA KeyPair Generation Algorithm
FieldDescription
NamesRSA
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generationalgorithm described inPKCS #1 v2.2.
StrengthThe length, in bits, of the modulusn. This must be a multiple of 8 that is greater than orequal to 512
RSASSA-PSS KeyPair Generation Algorithm
FieldDescription
NamesRSASSA-PSS
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generationalgorithm described inPKCS #1 v2.2.
StrengthThe length, in bits, of the modulusn. This must be a multiple of 8 that is greater than orequal to 512
DSA Parameter Generation Algorithm
FieldDescription
NamesDSA
TypeAlgorithmParameterGenerator
DescriptionThis algorithm is the parameter generationalgorithm described inNIST FIPS186 for DSA.
StrengthThe length, in bits, of the modulusp. This must be a multiple of 64, ranging from from 512 to1024 (inclusive), 2048, or 3072.
Alternatively, generate DSA parameters with theDSAGenParameterSpecclass. Note that this class supports the latest version of DSA standard,FIPSPUB 186-3, and only allows certain length of prime P and Q to beused. Valid sizes for length of prime P and sub-prime Q in bits are asfollows:

(1024, 160)
(2048, 224)
(2048, 256)
(3072, 256)

SecurityAlgorithm Implementation Requirements

This section defines the security algorithm requirements for Java SEimplementations. The security algorithm requirements are intended toimprove the interoperability of Java SE implementations and applicationsthat use these algorithms.

Note: The requirements in this section arenot a measure of the strength or security of thealgorithm. For example, recent advances in cryptanalysis have foundweaknesses in the strength of the DESede (Triple DES) cipher algorithm.It is your responsibility to determine whether the algorithm meets thesecurity requirements of your application.

Every implementation of this version of the Java SE platform mustsupport the specified algorithms in the table that follows. Theserequirements do not apply to 3rd party providers. Consult the releasedocumentation for your implementation to see if any other algorithms aresupported.

ClassAlgorithm Name(s)
AlgorithmParameterGenerator
Implementations must support the key sizes in parentheses.		DiffieHellman (1024, 2048)
DSA (1024, 2048)
AlgorithmParameters
For the "EC" algorithm, implementations must support the curves inparentheses. For the "RSASSA-PSS" algorithm, implementations mustsupport the parameters in parentheses.		AES
ChaCha20-Poly1305
DESede
DiffieHellman
DSA
EC (secp256r1, secp384r1)
RSASSA-PSS (MGF1 mask generation function and SHA-256 or SHA-384 hashalgorithms)
CertificateFactoryX.509
CertPath EncodingPKCS7
PkiPath
CertPathBuilderPKIX
CertPathValidatorPKIX
CertStoreCollection
Cipher
Implementations must support the key sizes in parentheses.		AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
AES/GCM/NoPadding (128, 256)
ChaCha20-Poly1305
DESede/CBC/NoPadding (168)
DESede/CBC/PKCS5Padding (168)
DESede/ECB/NoPadding (168)
DESede/ECB/PKCS5Padding (168)
RSA/ECB/PKCS1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)
Configuration[1]
KeyAgreement
For the "ECDH" algorithm, implementations must support the curves inparentheses.		DiffieHellman
ECDH (secp256r1, secp384r1)
X25519
KeyFactoryDiffieHellman
DSA
EC
RSA
RSASSA-PSS
X25519
KeyGenerator
Implementations must support the key sizes in parentheses.		AES (128, 256)
ChaCha20
DESede (168)
HmacSHA1
HmacSHA256
KeyPairGenerator
For the "EC" algorithm, implementations must support the curves inparentheses. For other algorithms, implementations must support the keysizes in parentheses.		DiffieHellman (1024, 2048, 3072,4096)
DSA (1024, 2048)
EC (secp256r1, secp384r1)
RSA (1024, 2048, 3072, 4096)
RSASSA-PSS (2048, 3072, 4096)
X25519
KeyStorePKCS12
MacHmacSHA1
HmacSHA256
MessageDigestSHA-1
SHA-256
SHA-384
SecretKeyFactoryDESede
SecureRandom[1]
Signature
For the "RSASSA-PSS" algorithm, implementations must support theparameters in parentheses. For the "SHA256withECDSA" and"SHA384withECDSA" algorithms, implementations must support the curves inparentheses.		RSASSA-PSS (MGF1 mask generation functionand SHA-256 or SHA-384 hash algorithms)
SHA1withDSA
SHA256withDSA
SHA256withECDSA (secp256r1)
SHA384withECDSA (secp384r1)
SHA1withRSA
SHA256withRSA
SHA384withRSA
SSLContextTLSv1.2
TLSv1.3
TrustManagerFactoryPKIX

[1] No specificConfiguration type orSecureRandom algorithmis required; however, an implementation-specific default must beprovided.

XML Signature Algorithms

Every implementation of this version of the Java SE platform mustsupport the specified XML Signature algorithms in the table thatfollows. These requirements do not apply to 3rd party providers. Consultthe release documentation for your implementation to see if any otheralgorithms are supported.

ClassAlgorithm Name(s)
TransformServicehttp://www.w3.org/2001/10/xml-exc-c14n#(CanonicalizationMethod.EXCLUSIVE)
http://www.w3.org/TR/2001/REC-xml-c14n-20010315(CanonicalizationMethod.INCLUSIVE)
http://www.w3.org/2000/09/xmldsig#base64(Transform.BASE64)
http://www.w3.org/2000/09/xmldsig#enveloped-signature(Transform.ENVELOPED)
XMLSignatureFactoryDOM
[8]ページ先頭
©2009-2025 Movatter.jp