Movatterモバイル変換

[0]ホーム
URL:

Thisspecificationisnotfinalandissubjecttochange.Useissubjecttolicenseterms.
Java SE2324 & JDK2324
DRAFT24-ea+31-3600

Java Security Standard Algorithm Names

The Java SE Security API requires and uses a set of standard names for algorithms, certificate and keystore types. You can find a list of standard algorithm names in this document.

Note that an SE implementation may support additional algorithms that are not defined in this specification. As a best practice, if an algorithm is defined in a subsequent version of this specification and an implementation of an earlier specification supports that algorithm, the implementation should use the standard name of the algorithm that is defined in the subsequent specification. Each SE implementation should also document the algorithms that it supports or adds support for in subsequent update releases. The algorithms may be documented in release notes or in a separate document such as theJDK Providers Documentation.

In some cases naming conventions are given for forming names that are not explicitly listed, to facilitate name consistency across provider implementations. Items in angle brackets (such as<digest> and<encryption>) are placeholders to be replaced by a specific message digest, encryption algorithm, or other name.

Note: Standard names are not case-sensitive.

Note: TheJDK Providers Documentation contains specific provider and algorithm information.

AlgorithmParameterGenerator Algorithms

The algorithm names in this section can be specified when generating an instance ofAlgorithmParameterGenerator.

Algorithm NameDescription
DiffieHellmanParameters for use with the Diffie-Hellman algorithm.
DSAParameters for use with the Digital Signature Algorithm.

AlgorithmParameters Algorithms

The algorithm names in this section can be specified when generating an instance ofAlgorithmParameters.

Algorithm NameDescription
AESParameters for use with the AES algorithm.
BlowfishParameters for use with the Blowfish algorithm.
ChaCha20-Poly1305Parameters for use with the ChaCha20-Poly1305 algorithm, as defined inRFC 8103.
DESParameters for use with the DES algorithm.
DESedeParameters for use with the DESede algorithm.
DiffieHellmanParameters for use with the DiffieHellman algorithm.
DSAParameters for use with the Digital Signature Algorithm.
ECParameters for use with the EC algorithm.
GCMParameters for use with the Galois/Counter Mode (GCM) cipher mode, as defined inRFC 5084.
OAEPParameters for use with the OAEP algorithm.
PBEWith<digest>And<encryption> PBEWith<prf>And<encryption>Parameters for use with PKCS #5 password-based encryption, where <digest> is a message digest, <prf> is a pseudo-random function, and <encryption> is an encryption algorithm. Examples:PBEWithMD5AndDES, andPBEWithHmacSHA256AndAES.
PBEParameters for use with the PBE algorithm.This name should not be used, in preference to the more specific PBE-algorithm names previously listed.
RC2Parameters for use with the RC2 algorithm.
RSASSA-PSSParameters for use with the RSASSA-PSS signature algorithm.

CertificateFactory Types

The type in this section can be specified when generating an instance ofCertificateFactory.

TypeDescription
X.509The certificate type defined in X.509, also specified inRFC 5280.

CertPath Encodings

The following encodings may be passed to thegetEncoded method ofCertPath or thegenerateCertPath(InputStream inStream, String encoding) method ofCertificateFactory.

EncodingDescription
PKCS7A PKCS #7 SignedData object, with the only significant field being certificates. In particular, the signature and the contents are ignored. If no certificates are present, a zero-lengthCertPath is assumed.

Warning: PKCS #7 does not maintain the order of certificates in a certification path. This means that if aCertPath is converted to PKCS #7 encoded bytes and then converted back, the order of the certificates may change, potentially rendering theCertPath invalid. Users should be aware of this behavior.

SeePKCS #7: Cryptographic Message Syntax for details on PKCS #7.
PkiPathAn ASN.1 DER encoded sequence of certificates, defined as follows:

PkiPath ::= SEQUENCE OF Certificate

Within the sequence, the order of certificates is such that the subject of the first certificate is the issuer of the second certificate, and so on. Each certificate inPkiPath shall be unique. No certificate may appear more than once in a value ofCertificate inPkiPath. ThePkiPath format is defined in defect report 279 against X.509 (2000) and is incorporated into Technical Corrigendum 1 (DTC 2) for the ITU-T Recommendation X.509 (2000). Seethe ITU web site for details.

CertPathBuilder Algorithms

The algorithm in this section can be specified when generating an instance ofCertPathBuilder.

Algorithm NameDescription
PKIXThe PKIX certification path validation algorithm as defined in theValidationAlgorithm service attribute. The output ofCertPathBuilder instances implementing this algorithm is a certification path validated against the PKIX validation algorithm.

CertPathValidator Algorithms

The algorithm in this section can be specified when generating an instance ofCertPathValidator.

Algorithm NameDescription
PKIXThe PKIX certification path validation algorithm as defined in theValidationAlgorithm service attribute.

CertStore Types

The types in this section can be specified when generating an instance ofCertStore.

TypeDescription
CollectionACertStore implementation that retrieves certificates and CRLs from aCollection. This type ofCertStore is particularly useful in applications where certificates or CRLs are received in a bag or some sort of attachment, such as with a signed email message or in an SSL negotiation.
LDAPACertStore implementation that fetches certificates and CRLs from an LDAP directory using the schema defined in theLDAPSchema service attribute.

Cipher Algorithms

The following names can be specified as thealgorithm component in atransformation when requesting an instance ofCipher.

Note: It is recommended to use a transformation that fully specifies the algorithm, mode, and padding. By not doing so, the provider will use a default for the mode and padding which may not meet the security requirements of your application.

Algorithm NameDescription
AESAdvanced Encryption Standard as specified by NIST inFIPS 197. Also known as the Rijndael algorithm by Joan Daemen and Vincent Rijmen, AES is a 128-bit block cipher supporting keys of 128, 192, and 256 bits.

To use the AES cipher with only one valid key size, use the format AES_<n>, where <n> can be 128, 192 or 256.
AESWrapThe AES key wrapping algorithm as described inRFC 3394
andNIST Special Publication SP 800-38F.
This is same as specifying AES cipher with KW mode and NoPadding. To use the AESWrap cipher with only one valid key size, use the format AESWrap_<n>, where <n> can be 128, 192, or 256.
AESWrapPadThe AES key wrapping algorithm as described inRFC 5649 and
NIST Special Publication SP 800-38F.
This is same as specifying AES cipher with KWP mode and NoPadding. To use the AESWrapPad cipher with only one valid key size, use the format AESWrapPad_<n>, where <n> can be 128, 192, or 256.
ARCFOURA stream cipher believed to be fully interoperable with the RC4 cipher developed by Ron Rivest. For more information, see K. Kaukonen and R. Thayer,"A Stream Cipher Encryption Algorithm 'Arcfour'", Internet Draft (expired).
BlowfishTheBlowfish block cipher designed by Bruce Schneier.
ChaCha20The ChaCha20 stream cipher as defined inRFC 7539.
ChaCha20-Poly1305The ChaCha20 cipher in AEAD mode using the Poly1305 authenticator, as defined inRFC 7539.
DESThe Digital Encryption Standard as described inFIPS PUB 46-3.
DESedeTriple DES Encryption (also known as DES-EDE, 3DES, or Triple-DES). Data is encrypted using the DES algorithm three separate times. It is first encrypted using the first subkey, then decrypted with the second subkey, and encrypted with the third subkey.
DESedeWrapThe DESede key wrapping algorithm as described inRFC 3217.
ECIESElliptic Curve Integrated Encryption Scheme
PBEWith<digest>And<encryption> PBEWith<prf>And<encryption>The password-based encryption algorithm defined in PKCS #5, using the specified message digest (<digest>) or pseudo-random function (<prf>) and encryption algorithm (<encryption>). Examples:

PBEWithMD5AndDES: The PBES1 password-based encryption algorithm as defined inPKCS #5: Password-Based Cryptography Specification, Version 2.1. Note that this algorithm impliesCBC as the cipher mode andPKCS5Padding as the padding scheme and cannot be used with any other cipher modes or padding schemes.

PBEWithHmacSHA256AndAES_128: The PBES2 password-based encryption algorithm as defined inPKCS #5: Password-Based Cryptography Specification, Version 2.1.
RC2Variable-key-size encryption algorithms developed by Ron Rivest for RSA Data Security, Inc.
RC4Variable-key-size encryption algorithms developed by Ron Rivest for RSA Data Security, Inc. (See note prior for ARCFOUR.)
RC5Variable-key-size encryption algorithms developed by Ron Rivest for RSA Data Security, Inc.
RSAThe RSA encryption algorithm as defined inPKCS #1 v2.2.

Cipher Algorithm Modes

The following names can be specified as themode component in atransformation when requesting an instance ofCipher.

Algorithm NameDescription
NONENo mode.
CBCCipher Block Chaining Mode, as defined inFIPS PUB 81.
CCMCounter/CBC Mode, as defined inNIST Special Publication SP 800-38C.
CFB, CFBxCipher Feedback Mode, as defined inFIPS PUB 81.

Using modes such as CFB and OFB, block ciphers can encrypt data in units smaller than the cipher's actual block size. When requesting such a mode, you may optionally specify the number of bits to be processed at a time by appending this number to the mode name as shown in the "DES/CFB8/NoPadding" and "DES/OFB32/PKCS5Padding" transformations. If no such number is specified, a provider-specific default is used. (For example, the SunJCE provider uses a default of 64 bits for DES.) Thus, block ciphers can be turned into byte-oriented stream ciphers by using an 8-bit mode such as CFB8 or OFB8.
CTRA simplification of OFB, Counter mode updates the input block as a counter.
CTSCipher Text Stealing, as described in Bruce Schneier's bookApplied Cryptography-Second Edition, John Wiley and Sons, 1996.
ECBElectronic Codebook Mode, as defined inFIPS PUB 81 (generally this mode should not be used for multiple blocks of data).
GCMGalois/Counter Mode, as defined inNIST Special Publication SP 800-38D.
KWKey Wrap (KW) mode, as defined inRFC 3394 andNIST Special Publication SP 800-38F.
KWPKey Wrap With Padding (KWP) mode, as defined inRFC 5649 andNIST Special Publication SP 800-38F.
OFB, OFBxOutput Feedback Mode, as defined inFIPS PUB 81.

Using modes such as CFB and OFB, block ciphers can encrypt data in units smaller than the cipher's actual block size. When requesting such a mode, you may optionally specify the number of bits to be processed at a time by appending this number to the mode name as shown in the "DES/CFB8/NoPadding" and "DES/OFB32/PKCS5Padding" transformations. If no such number is specified, a provider-specific default is used. (For example, the SunJCE provider uses a default of 64 bits for DES.) Thus, block ciphers can be turned into byte-oriented stream ciphers by using an 8-bit mode such as CFB8 or OFB8.
PCBCPropagating Cipher Block Chaining, as defined byKerberos V4.

Cipher Algorithm Paddings

The following names can be specified as thepadding component in atransformation when requesting an instance ofCipher.

Algorithm NameDescription
NoPaddingNo padding.
ISO10126PaddingThis padding for block ciphers is described in theISO 10126 standard (now withdrawn).
OAEPPadding, OAEPWith<digest>And<mgf>PaddingOptimal Asymmetric Encryption. Padding scheme defined in PKCS #1, where <digest> should be replaced by the message digest and <mgf> by the mask generation function. Examples:OAEPWithMD5AndMGF1Padding andOAEPWithSHA-512AndMGF1Padding.

IfOAEPPadding is used,Cipher objects are initialized with ajavax.crypto.spec.OAEPParameterSpec object to supply values needed for OAEPPadding.
PKCS1PaddingThe padding scheme described inPKCS #1 v2.2, used with the RSA algorithm.
PKCS5PaddingThe padding scheme described inPKCS #5: Password-Based Cryptography Specification, version 2.1.
SSL3PaddingThe padding scheme defined in the SSL Protocol Version 3.0, November 18, 1996, section 5.2.3.2 (CBC block cipher):

block-ciphered struct {
   opaque content[SSLCompressed.length];
   opaque MAC[CipherSpec.hash_size];
   uint8 padding[GenericBlockCipher.padding_length];
   uint8 padding_length;
} GenericBlockCipher;

The size of an instance of aGenericBlockCipher must be a multiple of the block cipher's block length. The padding length, which is always present, contributes to the padding, which implies that if:

sizeof(content) + sizeof(MAC) % block_length = 0,

padding has to be(block_length - 1) bytes long, because of the existence ofpadding_length.

This makes the padding scheme similar (but not quite) to PKCS5Padding, where the padding length is encoded in the padding (and ranges from 1 toblock_length). With the SSL scheme, thesizeof(padding) is encoded in the always presentpadding_length and therefore ranges from 0 toblock_length-1.

Configuration Types

The type in this section can be specified when generating an instance ofjavax.security.auth.login.Configuration.

TypeDescription
JavaLoginConfigThe default Configuration implementation from the SUN provider, as described in theConfiguration class specification. This type acceptsjava.security.URIParameter as a validConfiguration.Parameter type. If this parameter is not specified, then the configuration information is loaded from the sources described in theConfigFile class specification. If this parameter is specified, the configuration information is loaded solely from the specified URI.

Exemption Mechanisms

The following exemption mechanism names can be specified in the permission policy file that accompanies an application considered "exempt" from cryptographic restrictions.

Algorithm NameDescription
KeyEscrowAn encryption system with a backup decryption capability that allows authorized persons (users, officers of an organization, and government officials), under certain prescribed conditions, to decrypt ciphertext with the help of information supplied by one or more trusted parties who hold special data recovery keys.
KeyRecoveryA method of obtaining the secret key used to lock encrypted data. One use is as a means of providing fail-safe access to a corporation's own encrypted information in times of disaster.
KeyWeakeningA method in which a part of the key can be escrowed or recovered.

GSSAPI Mechanisms

The following mechanisms can be specified when using GSSAPI. Note that Object Identifiers (OIDs) are specified instead of names to be consistent with the GSSAPI standard.

Mechanism OIDDescription
1.2.840.113554.1.2.2The Kerberos v5 GSS-API mechanism defined inRFC 4121.
1.3.6.1.5.5.2The Simple and Protected GSS-API Negotiation (SPNEGO) mechanism defined inRFC 4178.

KDFAlgorithms

ThealgorithmnamesinthissectioncanbespecifiedwhenrequestinganinstanceofKDF.

AlgorithmNameDescription
HKDF-SHA256
HKDF-SHA384
HKDF-SHA512		HMAC-basedKDFasdefinedinRFC5869.

KEM Algorithms

The algorithm names in this section can be specified when generating an instance ofKEM.

Algorithm NameDescription
DHKEMDH-Based KEM as defined inRFC 9180.
ML-KEMTheModule-Lattice-Based Key-EncapsulationMechanism(ML-KEM)asdefinedinFIPS203.ThisalgorithmsupportskeyswithML-KEM-512,ML-KEM-768,andML-KEM-1024parametersets.
ML-KEM-512TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-512parametersetasdefinedinFIPS203.
ML-KEM-768TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-768parametersetasdefinedinFIPS203.
ML-KEM-1024TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-1024parametersetasdefinedinFIPS203.

Key Encodings

The names of primary encoding formats returned byKey.getFormat() orEncodedKeySpec.getFormat().

EncodingDescription
PKCS#1The ASN.1 data format forRSAPrivateKey as defined inPKCS #1.
PKCS#8The ASN.1 data format forPrivateKeyInfo, as defined inPKCS #8.
RAWThe raw key bytes.
X.509The ASN.1 data format forSubjectPublicKeyInfo, as defined by X.509, and also specified inRFC 5280.

KeyAgreement Algorithms

The following algorithm names can be specified when requesting an instance ofKeyAgreement.

Algorithm NameDescription
DiffieHellmanDiffie-Hellman Key Agreement as defined in PKCS #3: Diffie-Hellman Key-Agreement Standard, RSA Laboratories, version 1.4, November 1993.
ECDHElliptic Curve Diffie-Hellman as defined in ANSI X9.63 and as described inRFC 3278: "Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)."
ECMQVElliptic Curve Menezes-Qu-Vanstone.
XDHDiffie-Hellman key agreement with elliptic curves as defined inRFC 7748.
X25519Diffie-Hellman key agreement with Curve25519 as defined inRFC 7748.
X448Diffie-Hellman key agreement with Curve448 as defined inRFC 7748.

KeyFactory Algorithms

The algorithm names in this section can be specified when generating an instance ofKeyFactory.

(Except as noted, these classes create keys for whichKey.getAlgorithm() returns the standard algorithm name.)

Algorithm NameDescription
DiffieHellmanKeys for the Diffie-Hellman KeyAgreement algorithm.

Note:key.getAlgorithm() will return "DH" instead of "DiffieHellman".
DSAKeys for the Digital Signature Algorithm.
ECKeys for the Elliptic Curve algorithm.
EdDSAKeys for Edwards-Curve signature algorithm with elliptic curves as defined inRFC 8032.
Ed25519Keys for Edwards-Curve signature algorithm with Ed25519 as defined inRFC 8032.
Ed448Keys for Edwards-Curve signature algorithm with Ed448 as defined inRFC 8032.
HSS/LMSKeys for the Leighton-Micali Signature (LMS) system with the Hierarchical Signature System (HSS) as defined inRFC 8554.
ML-DSAKeysfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)asdefinedinFIPS204.ThisalgorithmsupportskeyswithML-DSA-44,ML-DSA-65,andML-DSA-87parametersets.
ML-DSA-44KeysfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-44parametersetasdefinedinFIPS204.
ML-DSA-65KeysfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-65parametersetasdefinedinFIPS204.
ML-DSA-87KeysfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-87parametersetasdefinedinFIPS204.
ML-KEMKeysfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)asdefinedinFIPS203.ThisalgorithmsupportskeyswithML-KEM-512,ML-KEM-768,andML-KEM-1024parametersets.
ML-KEM-512KeysfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-512parametersetasdefinedinFIPS203.
ML-KEM-768KeysfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-768parametersetasdefinedinFIPS203.
ML-KEM-1024KeysfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-1024parametersetasdefinedinFIPS203.
RSAKeys for the RSA algorithm (Signature/Cipher).
RSASSA-PSSKeys for the RSASSA-PSS algorithm (Signature).
XDHKeys for Diffie-Hellman key agreement with elliptic curves as defined inRFC 7748.
X25519Keys for Diffie-Hellman key agreement with Curve25519 as defined inRFC 7748.
X448Keys for Diffie-Hellman key agreement with Curve448 as defined inRFC 7748.

KeyGenerator Algorithms

The following algorithm names can be specified when requesting an instance ofKeyGenerator.

(These classes generate keys for whichKey.getAlgorithm() returns the standard algorithm name.)

Algorithm NameDescription
AESKey generator for use with the AES algorithm.
ARCFOURKey generator for use with the ARCFOUR (RC4) algorithm.
BlowfishKey generator for use with the Blowfish algorithm.
ChaCha20Key generator for use with the ChaCha20 and ChaCha20-Poly1305 algorithms.
DESKey generator for use with the DES algorithm.
DESedeKey generator for use with the DESede (triple-DES) algorithm.
HmacMD5Key generator for use with the HmacMD5 algorithm.
HmacSHA1
HmacSHA224
HmacSHA256
HmacSHA384
HmacSHA512
HmacSHA512/224
HmacSHA512/256
HmacSHA3-224
HmacSHA3-256
HmacSHA3-384
HmacSHA3-512		Key generator for use with the various flavors of the HmacSHA algorithms.
RC2Key generator for use with the RC2 algorithm.

KeyManagerFactory Algorithms

The algorithm names that can be specified when generating an instance ofKeyManagerFactory.

Algorithm NameDescription
PKIXA factory forX509ExtendedKeyManagers that manage X.509 certificate-based key pairs for local side authentication according to the rules defined by the IETF PKIX working group inRFC 5280 or its successor. TheKeyManagerFactory must support initialization using the classjavax.net.ssl.KeyStoreBuilderParameters.

KeyPairGenerator Algorithms

The algorithm names that can be specified when generating an instance ofKeyPairGenerator.

(Except as noted, these classes create keys for whichKey.getAlgorithm() returns the standard algorithm name.)

Algorithm NameDescription
DiffieHellmanGenerates keypairs for the Diffie-Hellman KeyAgreement algorithm.

Note:key.getAlgorithm() will return "DH" instead of "DiffieHellman".
DSAGenerates keypairs for the Digital Signature Algorithm.
RSAGenerates keypairs for the RSA algorithm (Signature/Cipher).
RSASSA-PSSGenerates keypairs for the RSASSA-PSS signature algorithm.
ECGenerates keypairs for the Elliptic Curve algorithm.
EdDSAGenerates keypairs for Edwards-Curve signature algorithm with elliptic curves as defined inRFC 8032.
Ed25519Generates keypairs for Edwards-Curve signature algorithm with Ed25519 as defined inRFC 8032.
Ed448Generates keypairs for Edwards-Curve signature algorithm with Ed448 as defined inRFC 8032.
ML-DSAGenerateskeypairsfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)asdefinedinFIPS204.ThisalgorithmsupportskeyswithML-DSA-44,ML-DSA-65,andML-DSA-87parametersets.
ML-DSA-44GenerateskeypairsfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-44parametersetasdefinedinFIPS204.
ML-DSA-65GenerateskeypairsfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-65parametersetasdefinedinFIPS204.
ML-DSA-87GenerateskeypairsfortheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-87parametersetasdefinedinFIPS204.
ML-KEMGenerateskeypairsfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)asdefinedinFIPS203.ThisalgorithmsupportskeyswithML-KEM-512,ML-KEM-768,andML-KEM-1024parametersets.
ML-KEM-512GenerateskeypairsfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-512parametersetasdefinedinFIPS203.
ML-KEM-768GenerateskeypairsfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-768parametersetasdefinedinFIPS203.
ML-KEM-1024GenerateskeypairsfortheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-1024parametersetasdefinedinFIPS203.
XDHGenerates keypairs for Diffie-Hellman key agreement with elliptic curves as defined inRFC 7748.
X25519Generates keypairs for Diffie-Hellman key agreement with Curve25519 as defined inRFC 7748.
X448Generates keypairs for Diffie-Hellman key agreement with Curve448 as defined inRFC 7748.

KeyStore Types

The types in this section can be specified when generating an instance ofKeyStore.

TypeDescription
jceksThe proprietary keystore implementation provided by the SunJCE provider.
jksThe proprietary keystore implementation provided by the SUN provider.
dksA domain keystore is a collection of keystores presented as a single logical keystore. It is specified by configuration data whose syntax is described in theDomainLoadStoreParameter class.
pkcs11A keystore backed by a PKCS #11 token.
pkcs12The transfer syntax for personal identity information as defined inPKCS #12.

Mac Algorithms

The following algorithm names can be specified when requesting an instance ofMac.

Algorithm NameDescription
HmacMD5The HMAC-MD5 keyed-hashing algorithm as defined inRFC 2104: "HMAC: Keyed-Hashing for Message Authentication" (February 1997).
HmacSHA1
HmacSHA224
HmacSHA256
HmacSHA384
HmacSHA512
HmacSHA512/224
HmacSHA512/256
HmacSHA3-224
HmacSHA3-256
HmacSHA3-384
HmacSHA3-512		The HmacSHA* algorithms as defined inRFC 2104 "HMAC: Keyed-Hashing for Message Authentication" (February 1997) withSHA-* with SHA, SHA-2, and SHA-3 family of digest algorithms.
PBEWith<mac>The PBMAC1 password-based message authentication scheme as defined inPKCS #5: Password-Based Cryptography Specification, Version 2.1, where <mac> is a Message Authentication Code algorithm name. Example:PBEWithHmacSHA256
HmacPBESHA1
HmacPBESHA224
HmacPBESHA256
HmacPBESHA384
HmacPBESHA512
HmacPBESHA512/224
HmacPBESHA512/256		The HMAC algorithms as defined inAppendix B.4 of RFC 7292: "PKCS #12: Personal Information Exchange Syntax v1.1" (July 2014).

MessageDigest Algorithms

Algorithm names that can be specified when generating an instance ofMessageDigest.

Algorithm NameDescription
MD2The MD2 message digest algorithm as defined inRFC 1319.
MD5The MD5 message digest algorithm as defined inRFC 1321.
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
SHA-512/224
SHA-512/256
Secure hash algorithms as defined inFIPS PUB 180-4.

SHA-1 produces a 160 bit digest.
SHA-224 produces a 224 bit digest.
SHA-256 produces a 256 bit digest.
SHA-384 produces a 384 bit digest.
SHA-512 produces a 512 bit digest.
SHA-512/224 produces a 224 bit digest.
SHA-512/256 produces a 256 bit digest.
SHA3-224
SHA3-256
SHA3-384
SHA3-512		Permutation-based hash and extendable-output functions as defined inFIPS PUB 202. An input message length can vary; the length of the output digest is fixed.

SHA3-224 produces a 224 bit digest.
SHA3-256 produces a 256 bit digest.
SHA3-384 produces a 384 bit digest.
SHA3-512 produces a 512 bit digest.

ParameterSpec Names

NamedParameterSpec

TheNamedParameterSpec class in thejava.security.spec package may be used to specify a set of parameters using the following names.

NameDescription
Ed25519Ellipticcurvesignatureschemeusingtheedwards25519curvedefinedinRFC8032.
Ed448Ellipticcurvesignatureschemeusingtheedwards448curvedefinedinRFC8032.
ML-DSA-44TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-44parametersetasdefinedinFIPS204.
ML-DSA-65TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-65parametersetasdefinedinFIPS204.
ML-DSA-87TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-87parametersetasdefinedinFIPS204.
ML-KEM-512TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-512parametersetasdefinedinFIPS203.
ML-KEM-768TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-768parametersetasdefinedinFIPS203.
ML-KEM-1024TheModule-Lattice-BasedKey-EncapsulationMechanism(ML-KEM)usingtheML-KEM-1024parametersetasdefinedinFIPS203.
X25519Elliptic curve cryptography using the X25519 scalar multiplication function defined inRFC 7748.
X448Elliptic curve cryptography using the X448 scalar multiplication function defined inRFC 7748.
Ed25519Ellipticcurvesignatureschemeusingtheedwards25519curvedefinedinRFC8032.
Ed448Ellipticcurvesignatureschemeusingtheedwards448curvedefinedinRFC8032.

ECGenParameterSpec

TheECGenParameterSpec class in thejava.security.spec package may be used to specify a set of elliptic curve parameters using the following names.

NameDescription
sect163k1
sect163r1
sect163r2
sect193r1
sect193r2
sect233k1
sect233r1
sect239k1
sect283k1
sect283r1
sect409k1
sect409r1
sect571k1
sect571r1
secp160k1
secp160r1
secp160r2
secp192k1
secp192r1
secp224k1
secp224r1
secp256k1
secp256r1
secp384r1
secp521r1		The named curves as specified inSECG, SEC 2: Recommended Elliptic Curve Domain Parameters.
brainpoolP256r1
brainpoolP384r1
brainpoolP512r1		The named curves as defined inRFC 5639.

Policy Types

The type in this section can be specified when generating an instance ofPolicy.

TypeDescription
JavaPolicyThe default Policy implementation from the SUN provider, as described in theDefault Policy Implementation and Policy File Syntax section of theJava Platform, Standard Edition Security Developer's Guide. This type acceptsjava.security.URIParameter as a validPolicy.Parameter type. If this parameter is not specified, then the policy information is loaded from the sources described in theDefault Policy File Locations section of theJava Platform, Standard Edition Security Developer's Guide. If this parameter is specified, the policy information is loaded solely from the specified URI.

PSSParameterSpec

ThePSSParameterSpec class in thejava.security.spec package may be used to specify the hashand mask generation function algorithms for the RSASSA-PSS signaturealgorithm using the following names.

Hash Algorithm NameDescription
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
SHA-512/224
SHA-512/256		The hash algorithms as specified inAppendixA.2.3 of RFC 8017.
MGF Algorithm NameDescription
MGF1The mask generation functions as specifiedinAppendixA.2.3 of RFC 8017.

SaslClient Mechanisms

The mechanisms in this section can be specified when generating an instance ofSaslClient.

MechanismDescription
CRAM-MD5SeeRFC 2195. This mechanism supports a hashed user name/password authentication scheme.
DIGEST-MD5SeeRFC 2831. This mechanism defines how HTTP Digest Authentication can be used as a SASL mechanism.
EXTERNALSeeRFC 2222. This mechanism obtains authentication information from an external channel (such as TLS or IPsec).
GSSAPISeeRFC 2222. This mechanism uses the GSSAPI for obtaining authentication information. It supports Kerberos v5 authentication.
NTLMSeeMS-NLMP. This mechanism supports the NTLM authentication scheme.
PLAINSeeRFC 2595. This mechanism supports cleartext user name/password authentication.

SaslServer Mechanisms

The mechanisms in this section can be specified when generating an instance ofSaslServer.

MechanismDescription
CRAM-MD5SeeRFC 2195. This mechanism supports a hashed user name/password authentication scheme.
DIGEST-MD5SeeRFC 2831. This mechanism defines how HTTP Digest Authentication can be used as a SASL mechanism.
GSSAPISeeRFC 2222. This mechanism uses the GSSAPI for obtaining authentication information. It supports Kerberos v5 authentication.
NTLMSeeMS-NLMP. This mechanism supports the NTLM authentication scheme.

SecretKeyFactory Algorithms

The following algorithm names can be specified when requesting an instance ofSecretKeyFactory.

(These classes create keys for whichKey.getAlgorithm() returns the standard algorithm name.)

Algorithm NameDescription
AESConstructs secret keys for use with the AES algorithm.
ARCFOURConstructs secret keys for use with the ARCFOUR algorithm.
ChaCha20Constructs secret keys for use with the ChaCha20 and ChaCha20-Poly1305 algorithms.
DESConstructs secrets keys for use with the DES algorithm.
DESedeConstructs secrets keys for use with the DESede (Triple-DES) algorithm.
PBEWith<digest>And<encryption>
PBEWith<prf>And<encryption>		Secret-key factory for use with PKCS #5 password-based encryption, where <digest> is a message digest, <prf> is a pseudo-random function, and <encryption> is an encryption algorithm. Examples:

PBEWithMD5AndDES (PKCS #5, PBES1 encryption scheme),
PBEWithHmacSHA256AndAES_128 (PKCS #5, PBES2 encryption scheme)

Note: These all use only the low order 8 bits of each password character.
PBKDF2With<prf>Password-based key-derivation algorithm defined inPKCS #5: Password-Based Cryptography Specification, Version 2.1 using the specified pseudo-random function (<prf>). Example:
PBKDF2WithHmacSHA256.

SecureRandom Number Generation Algorithms

The algorithm names in this section can be specified when generating an instance ofSecureRandom.

Algorithm NameDescription
NativePRNGObtains random numbers from the underlying native OS. No assertions are made as to the blocking nature of generating these numbers.
NativePRNGBlockingObtains random numbers from the underlying native OS, blocking if necessary. For example,/dev/random on UNIX-like systems.
NativePRNGNonBlockingObtains random numbers from the underlying native OS, without blocking to prevent applications from excessive stalling. For example,/dev/urandom on UNIX-like systems.
PKCS11Obtains random numbers from the underlying installed and configured PKCS #11 library.
DRBGAn algorithm using DRBG mechanisms as defined inNIST SP 800-90Ar1.
SHA1PRNGThe name of the pseudo-random number generation (PRNG) algorithm supplied by the SUN provider. This algorithm uses SHA-1 as the foundation of the PRNG. It computes the SHA-1 hash over a true-random seed value concatenated with a 64-bit counter which is incremented by 1 for each operation. From the 160-bit SHA-1 output, only 64 bits are used.
Windows-PRNGObtains random numbers from the underlying Windows OS.

Service Attributes

The attributes in this section are for cryptographic services. The service attributes can be used as filters for selecting providers.

A cryptographic service is always associated with a particular algorithm or type. For example, a digital signature service is always associated with a particular algorithm (for example, DSA), and aCertificateFactory service is always associated with a particular certificate type (for example, X.509).

Note: The attribute name and value are case-insensitive.

AttributeDescription
KeySizeThe maximum key size that the provider supports for the cryptographic service.
ImplementedInWhether the implementation for the cryptographic service is done by software or hardware. The value of this attribute is "software" or "hardware".
LDAPSchemaThe name of the specification that defines the LDAP schema that an implementation of an LDAPCertStore uses to retrieve certificates and CRLs. RFCs should be specified as "RFC#" (ex: "RFC2587") and Internet Drafts as the name of the draft. All LDAP implementations ofCertStore should provide a value for this attribute.
SupportedKeyClassesThe list of key classes supported by the cryptographic service. The value is a list of fully qualified class names separated by vertical bars ("|"). For example, when aCipher service provides this attribute, the value indicates the kinds of keys that callers should use.
SupportedKeyFormatsThe list of key formats supported by the cryptographic service. The value is a list of key format names separated by vertical bars ("|"). Possible key format names include those listed in theKey Encodings section.
SupportedModesThe list of modes supported by the cryptographic service. The value is a list of cipher algorithm mode names separated by vertical bars ("|"). Possible mode names include those listed in the [Cipher Algorithm Modes] (#cipher-algorithm-modes) section.
SupportedPaddingsThe list of paddings supported by the cryptographic service. The value is a list of padding names separated by vertical bars ("|"). Possible padding names include those listed in the [Cipher Algorithm Paddings] (#cipher-algorithm-paddings) section.
ThreadSafeWhether aSecureRandom implementation has itsSecureRandomSpi engine methods implemented thread safe. The value of this attribute is "true" or "false".
ValidationAlgorithmThe name of the specification that defines the certification path validation algorithm that an implementation ofCertPathBuilder orCertPathValidator supports. RFCs should be specified as "RFC#" (ex: "RFC5280") and Internet Drafts as the name of the draft (ex: "draft-ietf-pkix-rfc2560bis-01.txt"). Values for this attribute that are specified as selection criteria to theSecurity.getProviders method will be compared using theString.equalsIgnoreCase method. All PKIX implementations ofCertPathBuilder andCertPathValidator should provide a value for this attribute.

For example,

    map.put("KeyPairGenerator.DSA",            "sun.security.provider.DSAKeyPairGenerator");    map.put("KeyPairGenerator.DSA KeySize", "2048");    map.put("KeyPairGenerator.DSA ImplementedIn", "Software");

Signature Algorithms

The algorithm names in this section can be specified when generating an instance ofSignature.

Algorithm NameDescription
EdDSAEdwards-Curve signature algorithm as defined inRFC 8032.
Ed25519Edwards-Curve signature algorithm with Ed25519 as defined inRFC 8032.
Ed448Edwards-Curve signature algorithm with Ed448 as defined inRFC 8032.
HSS/LMSThe Leighton-Micali Signature (LMS) system with the Hierarchical Signature System (HSS) as defined inRFC 8554.
ML-DSATheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)asdefinedinFIPS204.ThisalgorithmsupportskeyswithML-DSA-44,ML-DSA-65,andML-DSA-87parametersets.
ML-DSA-44TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-44parametersetasdefinedinFIPS204.
ML-DSA-65TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-65parametersetasdefinedinFIPS204.
ML-DSA-87TheModule-Lattice-BasedDigitalSignatureAlgorithm(ML-DSA)usingtheML-DSA-87parametersetasdefinedinFIPS204.
NONEwithRSAThe RSA signature algorithm which does not use any digesting algorithm and uses only the RSASP1/RSAVP1 primitives as defined inPKCS #1 v2.2.
MD2withRSA
MD5withRSA		The RSA signature algorithm that uses the MD2/MD5 digest with the RSASSA-PKCS1-v1_5 signature scheme as defined inPKCS #1 v2.2.
SHA1withRSA
SHA224withRSA
SHA256withRSA
SHA384withRSA
SHA512withRSA
SHA512/224withRSA
SHA512/256withRSA
SHA3-224withRSA
SHA3-256withRSA
SHA3-384withRSA
SHA3-512withRSA		The RSA signature algorithm that uses the SHA-* digest with the RSASSA-PKCS1-v1_5 signature scheme as defined inPKCS #1 v2.2.
RSASSA-PSSThe signature algorithm that uses the RSASSA-PSS signature scheme as defined inPKCS #1 v2.2. Note that this signature algorithm needs parameters such as adigestinghash algorithm, salt length andMGF1MGF algorithm, to be suppliedwithaPSSParameterSpecobject before performing the RSA operation.SeethePSSParameterSpecsectionforthestandardalgorithmnamesthatcanbespecified.
NONEwithDSAThe Digital Signature Algorithm as defined inFIPS PUB 186-2. The data must be exactly 20 bytes in length. This algorithm is also known as rawDSA.
SHA1withDSA
SHA224withDSA
SHA256withDSA
SHA384withDSA
SHA512withDSA
SHA3-224withDSA
SHA3-256withDSA
SHA3-384withDSA
SHA3-512withDSA		The DSA signature algorithms that use the SHA-1, SHA-2, and SHA-3 family of digest algorithms to create and verify digital signatures as defined inFIPS PUB 186-3 andFIPS PUB 186-4.
NONEwithECDSA
SHA1withECDSA
SHA224withECDSA
SHA256withECDSA
SHA384withECDSA
SHA512withECDSA
(ECDSA)
SHA3-224withECDSA
SHA3-256withECDSA
SHA3-384withECDSA
SHA3-512withECDSA		The ECDSA signature algorithms as defined in ANSI X9.62.

Note: "ECDSA" is an ambiguous name for the "SHA1withECDSA" algorithm and should not be used. The formal name "SHA1withECDSA" should be used instead.
NONEwithDSAinP1363Format
SHA1withDSAinP1363Format
SHA224withDSAinP1363Format
SHA256withDSAinP1363Format
SHA384withDSAinP1363Format
SHA512withDSAinP1363Format
SHA3-224withDSAinP1363Format
SHA3-256withDSAinP1363Format
SHA3-384withDSAinP1363Format
SHA3-512withDSAinP1363Format		The DSA signature algorithms as defined in FIPS PUB 186-2, 186-3, and 186-4 with an output as defined in IEEE P1363 format. The format of the Signature bytes for these algorithms is the concatenation of the integers r and s in raw bytes.
NONEwithECDSAinP1363Format
SHA1withECDSAinP1363Format
SHA224withECDSAinP1363Format
SHA256withECDSAinP1363Format
SHA384withECDSAinP1363Format
SHA512withECDSAinP1363Format
SHA3-224withECDSAinP1363Format
SHA3-256withECDSAinP1363Format
SHA3-384withECDSAinP1363Format
SHA3-512withECDSAinP1363Format		The ECDSA signature algorithms as defined in ANSI X9.62 and FIPS PUB 186-4 with an output as defined in IEEE P1363 format. The format of the Signature bytes for these algorithms is the concatenation of the integers r and s in raw bytes.
<digest>with<encryption>Use this to form a name for a signature algorithm with a particular message digest (such as MD2 or MD5) and algorithm (such as RSA or DSA), just as was done for the explicitly defined standard names in this section (MD2withRSA, and so on).

For the signature schemes defined inPKCS #1 v2.2, for which the <digest>with<encryption> form is insufficient, <digest>with<encryption>and<mgf> can be used to form a name. Here, <mgf> should be replaced by a mask generation function such as MGF1. Example:MD5withRSAandMGF1

For the signature formats defined in IEEE P1363, <digest>with<encryption>in<format>Format can be used to form a name. Example:SHA1withECDSAinP1363Format

SSLContext Algorithms

The algorithm names in this section can be specified when generating an instance ofSSLContext.

Algorithm NameDescription
SSLSupports some version of SSL; may support other SSL/TLS versions.
SSLv2Supports SSL version 2 or later; may support other SSL/TLS versions.
SSLv3Supports SSL version 3; may support other SSL/TLS versions.
TLSSupports some version of TLS; may support other SSL/TLS versions.
TLSv1SupportsRFC 2246: TLS version 1.0; may support other SSL/TLS versions.
TLSv1.1SupportsRFC 4346: TLS version 1.1; may support other SSL/TLS versions.
TLSv1.2SupportsRFC 5246: TLS version 1.2; may support other SSL/TLS versions.
TLSv1.3SupportsRFC 8446: TLS version 1.3; may support other SSL/TLS versions.
DTLSSupports the default provider-dependent versions of DTLS versions.
DTLSv1.0SupportsRFC 4347: DTLS version 1.0; may support other DTLS versions.
DTLSv1.2SupportsRFC 6347: DTLS version 1.2; may support other DTLS versions.

TrustManagerFactory Algorithms

The algorithm name in this section can be specified when generating an instance ofTrustManagerFactory.

Algorithm NameDescription
PKIXA factory forX509ExtendedTrustManager objects that validate certificate chains according to the rules defined by the IETF PKIX working group inRFC 5280 or its successor. TheTrustManagerFactory must support initialization using the classjavax.net.ssl.CertPathTrustManagerParameters.

XML Signature (XMLSignatureFactory/KeyInfoFactory/TransformService) Mechanisms

The mechanism that can be specified when generating an instance ofXMLSignatureFactory,KeyInfoFactory, orTransformService.

The mechanism identifies the XML processing mechanism that an implementation uses internally to parse and generate XML signature and KeyInfo structures. Also, note that eachTransformService instance supports a specific transform algorithm in addition to a mechanism. The standard names for the transform algorithms are defined in the next section.

MechanismDescription
DOMThe Document Object Model.

XML Signature Transform (TransformService) Algorithms

The algorithms in this section can be specified when generating an instance ofTransformService.

Note: The URIs are specified instead of names to be consistent with the XML Signature standard. API constants have been defined for each URI, and are listed in parentheses after each URI in the following table.

Algorithm URIDescription
http://www.w3.org/TR/2001/REC-xml-c14n-20010315 (CanonicalizationMethod.INCLUSIVE)TheCanonical XML (without comments) canonicalization algorithm.
http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS)TheCanonical XML with comments canonicalization algorithm.
http://www.w3.org/2001/10/xml-exc-c14n# (CanonicalizationMethod.EXCLUSIVE)TheExclusive Canonical XML (without comments) canonicalization algorithm.
http://www.w3.org/2001/10/xml-exc-c14n#WithComments (CanonicalizationMethod.EXCLUSIVE_WITH_COMMENTS)TheExclusive Canonical XML with comments canonicalization algorithm.
http://www.w3.org/2006/12/xml-c14n11 (CanonicalizationMethod.INCLUSIVE_11)TheCanonical XML 1.1 (without comments) canonicalization algorithm.
http://www.w3.org/2006/12/xml-c14n11#WithComments (CanonicalizationMethod.INCLUSIVE_11_WITH_COMMENTS)TheCanonical XML 1.1 with comments canonicalization algorithm.
http://www.w3.org/2000/09/xmldsig#base64 (Transform.BASE64)TheBase64 transform algorithm.
http://www.w3.org/2000/09/xmldsig#enveloped-signature (Transform.ENVELOPED)TheEnveloped Signature transform algorithm.
http://www.w3.org/TR/1999/REC-xpath-19991116 (Transform.XPATH)TheXPath transform algorithm.
http://www.w3.org/2002/06/xmldsig-filter2 (Transform.XPATH2)TheXPath Filter 2 transform algorithm.
http://www.w3.org/TR/1999/REC-xslt-19991116 (Transform.XSLT)TheXSLT transform algorithm.

JSSE Cipher Suite Names

The following table contains the standard JSSE cipher suite names. Over time, various groups have added additional cipher suites to theSSL/TLS/DTLS namespace.

Some JSSE cipher suite names were defined before TLSv1.0 was finalized, and were therefore given theSSL_ prefix. The names mentioned in the TLS RFCs prefixed withTLS_ are functionally equivalent to the JSSE cipher suites prefixed withSSL_.

Cipher Suite CodeStandard Name (IANA name if different)Valid for Datagram Transport Layer ProtocolsDeprecated (Protocol)Introduced in (Protocol)References
0x00,0x00SSL_NULL_WITH_NULL_NULL IANA:TLS_NULL_WITH_NULL_NULLYesTLSv1.3N/ARFC 5246
0x00,0x01SSL_RSA_WITH_NULL_MD5 IANA:TLS_RSA_WITH_NULL_MD5YesTLSv1.3N/ARFC 5246
0x00,0x02SSL_RSA_WITH_NULL_SHA IANA:TLS_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 5246
0x00,0x03SSL_RSA_EXPORT_WITH_RC4_40_MD5 IANA:TLS_RSA_EXPORT_WITH_RC4_MD5NoTLSv1.1N/ARFC 4346RFC 6347
0x00,0x04SSL_RSA_WITH_RC4_128_MD5 IANA:TLS_RSA_WITH_RC4_128_MD5NoTLSv1.3N/ARFC 5246RFC 6347
0x00,0x05SSL_RSA_WITH_RC4_128_SHA IANA:TLS_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 5246RFC 6347
0x00,0x06SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 IANA:TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5YesTLSv1.1N/ARFC 4346
0x00,0x07SSL_RSA_WITH_IDEA_CBC_SHA IANA:TLS_RSA_WITH_IDEA_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x08SSL_RSA_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x09SSL_RSA_WITH_DES_CBC_SHA IANA:TLS_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x0ASSL_RSA_WITH_3DES_EDE_CBC_SHA IANA:TLS_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x0BSSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x0CSSL_DH_DSS_WITH_DES_CBC_SHA IANA:TLS_DH_DSS_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5246
0x00,0x0DSSL_DH_DSS_WITH_3DES_EDE_CBC_SHA IANA:TLS_DH_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x0ESSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x0FSSL_DH_RSA_WITH_DES_CBC_SHA IANA:TLS_DH_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x10SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA IANA:TLS_DH_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x11SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x12SSL_DHE_DSS_WITH_DES_CBC_SHA IANA:TLS_DHE_DSS_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x13SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA IANA:TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x14SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x15SSL_DHE_RSA_WITH_DES_CBC_SHA IANA:TLS_DHE_RSA_WITH_DES_CBC_SHAYesTLSv1.2N/ARFC 5469
0x00,0x16SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA IANA:TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x17SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 IANA:TLS_DH_anon_EXPORT_WITH_RC4_40_MD5NoTLSv1.1N/ARFC 4346RFC 6347
0x00,0x18SSL_DH_anon_WITH_RC4_128_MD5 IANA:TLS_DH_anon_WITH_RC4_128_MD5NoTLSv1.1N/ARFC 5246RFC 6347
0x00,0x19SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA IANA:TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x1ASSL_DH_anon_WITH_DES_CBC_SHA IANA:TLS_DH_anon_WITH_DES_CBC_SHAYesTLSv1.1N/ARFC 4346
0x00,0x1BSSL_DH_anon_WITH_3DES_EDE_CBC_SHA IANA:TLS_DH_anon_WITH_3DES_EDE_CBC_SHAYesTLSv1.1N/ARFC 5246
0x00,0x1ETLS_KRB5_WITH_DES_CBC_SHAYesTLSv1.2TLSv1.0RFC 2712
0x00,0x1FTLS_KRB5_WITH_3DES_EDE_CBC_SHAYesTLSv1.3TLSv1.0RFC 2712
0x00,0x20TLS_KRB5_WITH_RC4_128_SHANoTLSv1.3TLSv1.0RFC 2712RFC 6347
0x00,0x21TLS_KRB5_WITH_IDEA_CBC_SHAYesTLSv1.2N/ARFC 2712
0x00,0x22TLS_KRB5_WITH_DES_CBC_MD5YesTLSv1.2N/ARFC 2712
0x00,0x23TLS_KRB5_WITH_3DES_EDE_CBC_MD5YesTLSv1.3N/ARFC 2712
0x00,0x24TLS_KRB5_WITH_RC4_128_MD5NoTLSv1.3N/ARFC 2712RFC 6347
0x00,0x25TLS_KRB5_WITH_IDEA_CBC_MD5YesTLSv1.2N/ARFC 2712
0x00,0x26TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHAYesTLSv1.1N/ARFC 2712
0x00,0x27TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHAYesTLSv1.1N/ARFC 2712
0x00,0x28TLS_KRB5_EXPORT_WITH_RC4_40_SHANoTLSv1.1N/ARFC 2712RFC 6347
0x00,0x29TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5YesTLSv1.1N/ARFC 2712
0x00,0x2ATLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5YesTLSv1.1N/ARFC 2712
0x00,0x2BTLS_KRB5_EXPORT_WITH_RC4_40_MD5NoTLSv1.1N/ARFC 2712RFC 6347
0x00,0x2CTLS_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2DTLS_DHE_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2ETLS_RSA_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 4785
0x00,0x2FTLS_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x30TLS_DH_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x31TLS_DH_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x32TLS_DHE_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x33TLS_DHE_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x34TLS_DH_anon_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x35TLS_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x36TLS_DH_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x37TLS_DH_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x38TLS_DHE_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x39TLS_DHE_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x3ATLS_DH_anon_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5246
0x00,0x3BTLS_RSA_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3CTLS_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3DTLS_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3ETLS_DH_DSS_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x3FTLS_DH_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x40TLS_DHE_DSS_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x41TLS_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x42TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x43TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x44TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x45TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x46TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x67TLS_DHE_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x68TLS_DH_DSS_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x69TLS_DH_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6ATLS_DHE_DSS_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6BTLS_DHE_RSA_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6CTLS_DH_anon_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x6DTLS_DH_anon_WITH_AES_256_CBC_SHA256YesTLSv1.3N/ARFC 5246
0x00,0x84TLS_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x85TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x86TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x87TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x88TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x89TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHAYesTLSv1.3N/ARFC 5932
0x00,0x8ATLS_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x8BTLS_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8CTLS_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8DTLS_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x8ETLS_DHE_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x8FTLS_DHE_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x90TLS_DHE_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x91TLS_DHE_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x92TLS_RSA_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4279RFC 6347
0x00,0x93TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x94TLS_RSA_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x95TLS_RSA_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4279
0x00,0x96TLS_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x97TLS_DH_DSS_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x98TLS_DH_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x99TLS_DHE_DSS_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9ATLS_DHE_RSA_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9BTLS_DH_anon_WITH_SEED_CBC_SHAYesTLSv1.3N/ARFC 4162
0x00,0x9CTLS_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9DTLS_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9ETLS_DHE_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0x9FTLS_DHE_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA0TLS_DH_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA1TLS_DH_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA2TLS_DHE_DSS_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA3TLS_DHE_DSS_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA4TLS_DH_DSS_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA5TLS_DH_DSS_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA6TLS_DH_anon_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA7TLS_DH_anon_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5288
0x00,0xA8TLS_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xA9TLS_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xAATLS_DHE_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xABTLS_DHE_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xACTLS_RSA_PSK_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5487
0x00,0xADTLS_RSA_PSK_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5487
0x00,0xAETLS_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xAFTLS_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB0TLS_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB1TLS_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB2TLS_DHE_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB3TLS_DHE_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB4TLS_DHE_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB5TLS_DHE_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB6TLS_RSA_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB7TLS_RSA_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xB8TLS_RSA_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5487
0x00,0xB9TLS_RSA_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5487
0x00,0xBATLS_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBBTLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBCTLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBDTLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBETLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xBFTLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC0TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC1TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC2TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC3TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC4TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xC5TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256YesTLSv1.3N/ARFC 5932
0x00,0xFFTLS_EMPTY_RENEGOTIATION_INFO_SCSVYesTLSv1.3N/ARFC 5746
0x13,0x01TLS_AES_128_GCM_SHA256YesN/ATLSv1.3RFC 8446
0x13,0x02TLS_AES_256_GCM_SHA384YesN/ATLSv1.3RFC 8446
0x13,0x03TLS_CHACHA20_POLY1305_SHA256NoN/ATLSv1.3RFC 7905
0x13,0x04TLS_AES_128_CCM_SHA256YesN/ATLSv1.3RFC 8446
0x13,0x05TLS_AES_128_CCM_8_SHA256YesN/ATLSv1.3RFC 8446
0x56,0x00TLS_FALLBACK_SCSVYesTLSv1.3N/ARFC 7507
0xC0,0x01TLS_ECDH_ECDSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x02TLS_ECDH_ECDSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x03TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x04TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x05TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x06TLS_ECDHE_ECDSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x07TLS_ECDHE_ECDSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x08TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x09TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0ATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0BTLS_ECDH_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0CTLS_ECDH_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x0DTLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0ETLS_ECDH_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x0FTLS_ECDH_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x10TLS_ECDHE_RSA_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x11TLS_ECDHE_RSA_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x12TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x13TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x14TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x15TLS_ECDH_anon_WITH_NULL_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x16TLS_ECDH_anon_WITH_RC4_128_SHANoTLSv1.3N/ARFC 4492RFC 6347
0xC0,0x17TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x18TLS_ECDH_anon_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x19TLS_ECDH_anon_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 4492
0xC0,0x1ATLS_SRP_SHA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1BTLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1CTLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1DTLS_SRP_SHA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1ETLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x1FTLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x20TLS_SRP_SHA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x21TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x22TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5054
0xC0,0x23TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x24TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x25TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x26TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x27TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x28TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x29TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5289
0xC0,0x2ATLS_ECDH_RSA_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5289
0xC0,0x2BTLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2CTLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2DTLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2ETLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x2FTLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x30TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x31TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x32TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 5289
0xC0,0x33TLS_ECDHE_PSK_WITH_RC4_128_SHANoTLSv1.3N/ARFC 5489RFC 6347
0xC0,0x34TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x35TLS_ECDHE_PSK_WITH_AES_128_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x36TLS_ECDHE_PSK_WITH_AES_256_CBC_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x37TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256YesTLSv1.3N/ARFC 5489
0xC0,0x38TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384YesTLSv1.3N/ARFC 5489
0xC0,0x39TLS_ECDHE_PSK_WITH_NULL_SHAYesTLSv1.3N/ARFC 5489
0xC0,0x3ATLS_ECDHE_PSK_WITH_NULL_SHA256YesTLSv1.3N/ARFC 5489
0xC0,0x3BTLS_ECDHE_PSK_WITH_NULL_SHA384YesTLSv1.3N/ARFC 5489
0xC0,0x3CTLS_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x3DTLS_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x3ETLS_DH_DSS_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x3FTLS_DH_DSS_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x40TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x41TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x42TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x43TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x44TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x45TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x46TLS_DH_anon_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x47TLS_DH_anon_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x48TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x49TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4ATLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4BTLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4CTLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4DTLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x4ETLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x4FTLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x50TLS_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x51TLS_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x52TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x53TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x54TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x55TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x56TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x57TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x58TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x59TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5ATLS_DH_anon_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5BTLS_DH_anon_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5CTLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5DTLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5ETLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x5FTLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x60TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x61TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x62TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x63TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x64TLS_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x65TLS_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x66TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x67TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x68TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x69TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x6ATLS_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6BTLS_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6CTLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6DTLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6ETLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x6FTLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6209
0xC0,0x70TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6209
0xC0,0x71TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6209
0xC0,0x72TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x73TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x74TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x75TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x76TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x77TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x78TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x79TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x7ATLS_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7BTLS_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7CTLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7DTLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7ETLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x7FTLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x80TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x81TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x82TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x83TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x84TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x85TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x86TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x87TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x88TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x89TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8ATLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8BTLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8CTLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8DTLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8ETLS_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x8FTLS_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x90TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x91TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x92TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x93TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384YesTLSv1.3TLSv1.2RFC 6367
0xC0,0x94TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x95TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x96TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x97TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x98TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x99TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x9ATLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256YesTLSv1.3N/ARFC 6367
0xC0,0x9BTLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384YesTLSv1.3N/ARFC 6367
0xC0,0x9CTLS_RSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9DTLS_RSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9ETLS_DHE_RSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0x9FTLS_DHE_RSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA0TLS_RSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA1TLS_RSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA2TLS_DHE_RSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA3TLS_DHE_RSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA4TLS_PSK_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA5TLS_PSK_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA6TLS_DHE_PSK_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA7TLS_DHE_PSK_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA8TLS_PSK_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xA9TLS_PSK_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xAATLS_DHE_PSK_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xABTLS_DHE_PSK_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 6655
0xC0,0xACTLS_ECDHE_ECDSA_WITH_AES_128_CCMYesTLSv1.3TLSv1.2RFC 7251
0xC0,0xADTLS_ECDHE_ECDSA_WITH_AES_256_CCMYesTLSv1.3TLSv1.2RFC 7251
0xC0,0xAETLS_ECDHE_ECDSA_WITH_AES_128_CCM_8YesTLSv1.3TLSv1.2RFC 7251
0xC0,0xAFTLS_ECDHE_ECDSA_WITH_AES_256_CCM_8YesTLSv1.3TLSv1.2RFC 7251
0xCC,0xA8TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xA9TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xAATLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xABTLS_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xACTLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xADTLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905
0xCC,0xAETLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256YesTLSv1.3TLSv1.2RFC 7905

Additional JSSE Standard Names

Key Types

ThekeyType parameter passed to thechooseClientAlias,chooseServerAlias,getClientAliases, andgetServerAliases methods ofX509KeyManager specifies the public key types.

Each row of the table that follows lists the standard name that should be used forkeyType, given the specified certificate type.

Standard Names for a Key Type
NameCertificate Type
RSARSA
DSADSA
DH_RSADiffie-Hellman with RSA signature
DH_DSADiffie-Hellman with DSA signature
ECElliptic Curve
EC_ECElliptic Curve with ECDSA signature
EC_RSAElliptic Curve with RSA signature
RSASSA-PSSRSASSA-PSS
EdDSAEdDSA (Ed25519 and Ed448)

Protocols

Theprotocols parameter passed to thesetEnabledProtocols method ofSSLSocket andSSLEngine specifies the protocol versions to be enabled for use on the connection. The table that follows lists the standard names that can be passed to thesetEnabledProtocols method or that may be returned by thegetSupportedProtocols andgetEnabledProtocols methods ofSSLSocket andSSLEngine.

These names also apply to theprotocol parameter returned from thegetProtocol method ofSSLSession, and theprotocols parameter passed to thesetProtocols method or that may be returned by thegetProtocols method ofSSLParameters.

Standard Names for a Protocol
NameProtocol
SSLv2SSL version 2 protocol
SSLv3SSL version 3 protocol
TLSv1TLS version 1.0 protocol (defined inRFC 2246)
TLSv1.1TLS version 1.1 protocol (defined inRFC 4346)
TLSv1.2TLS version 1.2 protocol (defined inRFC 5246)
TLSv1.3TLS version 1.3 protocol (defined inRFC 8446)
DTLSv1.0DTLS version 1.0 protocol (defined inRFC 4347)
DTLSv1.2DTLS version 1.2 protocol (defined inRFC 6347)
SSLv2HelloCurrently, the SSLv3, TLSv1, and TLSv1.1 protocols allow you to send SSLv3, TLSv1, and TLSv1.1 hellos encapsulated in an SSLv2 format hello. For more details on the reasons for allowing this compatibility in these protocols, see Appendix E in the appropriate RFCs (previously listed).

Note: Some SSL/TLS servers do not support the v2 hello format and require that client hellos conform to the SSLv3 or TLSv1 client hello formats.

The SSLv2Hello option controls the SSLv2 encapsulation. If SSLv2Hello is disabled on the client, then all outgoing messages will conform to the SSLv3/TLSv1 client hello format. If SSLv2Hello is disabled on the server, then all incoming messages must conform to the SSLv3/TLSv1 client hello format.

Authentication Types

TheauthType parameter passed to thecheckClientTrusted andcheckServerTrusted methods ofX509TrustManager indicates the authentication type. The table that follows specifies what standard names should be used for the client or server certificate chains.

Standard Names for Client or Server Certificate Chain
Client or Server Certificate ChainAuthentication Type Standard Name
ClientDetermined by the actual certificate used. For instance, if RSAPublicKey is used, theauthType should be "RSA".
ServerThe key exchange algorithm portion of the cipher suites represented as a String, such as "RSA" or "DHE_DSS".

Note: For some exportable cipher suites, the key exchange algorithm is determined at runtime during the handshake.

For instance, for TLS_RSA_EXPORT_WITH_RC4_40_MD5, theauthType should be "RSA_EXPORT" when an ephemeral RSA key is used for the key exchange, and "RSA" when the key from the server certificate is used. Or it can take the value "UNKNOWN".

Endpoint Identification Algorithms

The endpoint identification algorithm indicates the endpoint identification or verification procedures during SSL/TLS/DTLS handshaking. The algorithm name can be passed to thesetEndpointIdentificationAlgorithm method ofjavax.net.ssl.SSLParameters.

The following table shows the standard endpoint identification names.

Endpoint Identification Algorithm Name
Endpoint Identification Algorithm NameSpecification
HTTPSRFC 2818
LDAPSRFC 2830

Signature Schemes

The following table contains the standard signature scheme names, which are the algorithms used in the digital signatures of TLS connections and are also defined in theSignatureScheme section of the IANA TLS Registry.

Signature SchemeSpecification
ecdsa_secp256r1_sha256RFC 8446
ecdsa_secp384r1_sha384RFC 8446
ecdsa_secp521r1_sha512RFC 8446
ecdsa_sha1RFC 8446
ed25519RFC 8446
ed448RFC 8446
rsa_pkcs1_sha1RFC 8446
rsa_pkcs1_sha256RFC 8446
rsa_pkcs1_sha384RFC 8446
rsa_pkcs1_sha512RFC 8446
rsa_pss_pss_sha256RFC 8446
rsa_pss_pss_sha384RFC 8446
rsa_pss_pss_sha512RFC 8446
rsa_pss_rsae_sha256RFC 8446
rsa_pss_rsae_sha384RFC 8446
rsa_pss_rsae_sha512RFC 8446

Named Groups

The following table contains the standard group names, which are the named groups used in key exchange algorithms of TLS connections and are also defined in theSupported Groups section of the IANA TLS Registry.

Name
secp256r1
secp384r1
secp521r1		The NIST elliptic curves as specified inRFC 8422.
x25519
x448
The elliptic curves as specified inRFC 8446 andRFC 8442.
ffdhe2048
ffdhe3072
ffdhe4096
ffdhe6144
ffdhe8192		The Finite Field Diffie-Hellman Ephemeral (FFDHE) groups as specified inRFC 7919.

Security Algorithm Specification

This section specifies details concerning some of the algorithms defined in this document. Any provider supplying an implementation of the listed algorithms must comply with the specifications in this section.

Specification Template

The following table shows the fields of the algorithm specifications.

FieldDescription
NameThe name by which the algorithm is known. This is the name passed to thegetInstance method (when requesting the algorithm), and returned by thegetAlgorithm method to determine the name of an existing algorithm object. These methods are in the relevant engine classes:Signature,MessageDigest,KeyPairGenerator, andAlgorithmParameterGenerator .
TypeThe type of algorithm:Signature,MessageDigest,KeyPairGenerator, orAlgorithmParameterGenerator.
DescriptionGeneral notes about the algorithm, including any standards implemented by the algorithm, applicable patents, and so on.
KeyPair Algorithm (optional)TheKeyPair algorithm for this algorithm.
Keysize (optional)For a keyed algorithm or key generation algorithm: the valid keysizes.
Size (optional)For an algorithm parameter generation algorithm: the valid "sizes" for algorithm parameter generation.
Parameter Defaults (optional)For a key generation algorithm: the default parameter values.
Signature Format (optional)For aSignature algorithm, the format of the signature, that is, the input and output of the verify and sign methods, respectively.

Algorithm Specifications

SHA-1 Message Digest Algorithm
FieldDescription
NameSHA-1
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 160-bit digest.
SHA-224 Message Digest Algorithm
FieldDescription
NameSHA-224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 224-bit digest.
SHA-256 Message Digest Algorithm
FieldDescription
NameSHA-256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 256-bit digest.
SHA-384 Message Digest Algorithm
FieldDescription
NameSHA-384
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 384-bit digest.
SHA-512 Message Digest Algorithm
FieldDescription
NameSHA-512
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 512-bit digest.
SHA-512/224 Message Digest Algorithm
FieldDescription
NameSHA-512/224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 224-bit digest.
SHA-512/256 Message Digest Algorithm
FieldDescription
NameSHA-512/256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS 180-4. The output of this algorithm is a 256-bit digest.
SHA3-224 Message Digest Algorithms
FieldDescription
NameSHA3-224
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS PUB 202. The output of this algorithm is a 224-bit digest.
SHA3-256 Message Digest Algorithms
FieldDescription
NameSHA3-256
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS PUB 202. The output of this algorithm is a 256-bit digest.
SHA3-384 Message Digest Algorithms
FieldDescription
NameSHA3-384
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS PUB 202. The output of this algorithm is a 384-bit digest.
SHA3-512 Message Digest Algorithms
FieldDescription
NameSHA3-512
TypeMessageDigest
DescriptionThe message digest algorithm as defined inFIPS PUB 202. The output of this algorithm is a 512-bit digest.
MD2 Message Digest Algorithm
FieldDescription
NameMD2
TypeMessageDigest
DescriptionThe message digest algorithm as defined inRFC 1319. The output of this algorithm is a 128-bit digest.
MD5 Message Digest Algorithm
FieldDescription
NameMD5
TypeMessageDigest
DescriptionThe message digest algorithm as defined inRFC 1321. The output of this algorithm is a 128-bit digest.
The Digital Signature Algorithms, with SHA-1 or SHA-2
FieldDescription
NameSHA1withDSA, SHA224withDSA, SHA256withDSA, SHA384withDSA, and SHA512withDSA
TypeSignature
DescriptionThe signature algorithm described inNIST FIPS 186-3, using DSA with the SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message digest algorithms.
KeyPair AlgorithmDSA
Signature FormatASN.1 sequence of two INTEGER values:r ands, in that order:

SEQUENCE { r INTEGER, s INTEGER }
RSA-based Signature Algorithms, with MD2, MD5, SHA-1, or SHA-2
FieldDescription
NamesMD2withRSA, MD5withRSA, SHA1withRSA, SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA512/224withRSA, SHA512/256withRSA
TypeSignature
DescriptionThese are the signature algorithms that use the MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 message digest algorithms (respectively) with RSA encryption.
KeyPair AlgorithmRSA
Signature FormatDER-encoded PKCS #1 block as defined inRSA Laboratories, PKCS #1 v2.2. The data encrypted is the digest of the data signed.
RSASSA-PSS-based Signature Algorithms
FieldDescription
NamesRSASSA-PSS
TypeSignature
DescriptionThis signature algorithm requires PSS parameters to be explicitly supplied before data can be processed.
KeyPair AlgorithmRSA or RSASSA-PSS
Signature FormatDER-encoded PKCS1 block as defined inRSA Laboratories, PKCS #1 v2.2. The data encrypted is the digest of the data signed.
DSA KeyPair Generation Algorithm
FieldDescription
NameDSA
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generation algorithm described inNIST FIPS 186 for DSA.
KeysizeThe length, in bits, of the modulusp. This must be a multiple of 64, ranging from 512 to 1024 (inclusive), 2048, or 3072.
Parameter DefaultsSee below for the parameter values.

The following are the parameter values for keysizes of 512, 768, and 1024 bits:

512-bit Key Parameters

 SEED =     b869c82b 35d70e1b 1ff91b28 e37a62ec dc34409b counter = 123 p =     fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3     ae1617ae 01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151     bdc43ee7 37592e17 q =     962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5 g =     678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d     14271b9e 35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a     6c416e50 be794ca4

768-bit key parameters

 SEED =     77d0f8c4 dad15eb8 c4f2f8d6 726cefd9 6d5bb399 counter = 263 p =     e9e64259 9d355f37 c97ffd35 67120b8e 25c9cd43 e927b3a9 670fbec5     d8901419 22d2c3b3 ad248009 3799869d 1e846aab 49fab0ad 26d2ce6a     22219d47 0bce7d77 7d4a21fb e9c270b5 7f607002 f3cef839 3694cf45     ee3688c1 1a8c56ab 127a3daf q =     9cdbd84c 9f1ac2f3 8d0f80f4 2ab952e7 338bf511 g =     30470ad5 a005fb14 ce2d9dcd 87e38bc7 d1b1c5fa cbaecbe9 5f190aa7     a31d23c4 dbbcbe06 17454440 1a5b2c02 0965d8c2 bd2171d3 66844577     1f74ba08 4d2029d8 3c1c1585 47f3a9f1 a2715be2 3d51ae4d 3e5a1f6a     7064f316 933a346d 3f529252

1024-bit key parameters

 SEED =     8d515589 4229d5e6 89ee01e6 018a237e 2cae64cd counter = 92 p =     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80     b6512669 455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b     801d346f f26660b7 6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6     1bf83b57 e7c6a8a6 150f04fb 83f6d3c5 1ec30235 54135a16 9132f675     f3ae2b61 d72aeff2 2203199d d14801c7 q =     9760508f 15230bcc b292b982 a2eb840b f0581cf5 g =     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b     3d078267 5159578e bad4594f e6710710 8180b449 167123e8 4c281613     b7cf0932 8cc8a6e1 3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f     0bfa2135 62f1fb62 7a01243b cca4f1be a8519089 a883dfe1 5ae59f06     928b665e 807b5525 64014c3b fecf492a

The following are the default values for larger DSA key sizes identified by (L,N) pairs:

(L,N) = (2048, 256)

 SEED =     b0b44176 01b59cbc 9d8ac8f9 35cadaec 4f5fbb2f 23785609 ae466748     d9b5a536 counter = 497 p =     95475cf5 d93e596c 3fcd1d90 2add02f4 27f5f3c7 210313bb 45fb4d5b     b2e5fe1c bd678cd4 bbdd84c9 836be1f3 1c077772 5aeb6c2f c38b85f4     8076fa76 bcd8146c c89a6fb2 f706dd71 9898c208 3dc8d896 f84062e2     c9c94d13 7b054a8d 8096adb8 d5195239 8eeca852 a0af12df 83e475aa     65d4ec0c 38a9560d 5661186f f98b9fc9 eb60eee8 b030376b 236bc73b     e3acdbd7 4fd61c1d 2475fa30 77b8f080 467881ff 7e1ca56f ee066d79     506ade51 edbb5443 a563927d bc4ba520 08674617 5c888592 5ebc64c6     14790677 3496990c b714ec66 7304e261 faee33b3 cbdf008e 0c3fa906     50d97d39 09c9275b f4ac86ff cb3d03e6 dfc8ada5 934242dd 6d3bcca2     a406cb0b q =     f8183668 ba5fc5bb 06b5981e 6d8b795d 30b8978d 43ca0ec5 72e37e09     939a9773 g =     42debb9d a5b3d88c c956e087 87ec3f3a 09bba5f4 8b889a74 aaf53174     aa0fbe7e 3c5b8fcd 7a53bef5 63b0e985 60328960 a9517f40 14d3325f     c7962bf1 e049370d 76d1314a 76137e79 2f3f0db8 59d095e4 a5b93202     4f079ecf 2ef09c79 7452b077 0e135078 2ed57ddf 794979dc ef23cb96     f1830619 65c4ebc9 3c9c71c5 6b925955 a75f94cc cf1449ac 43d586d0     beee4325 1b0b2287 349d68de 0d144403 f13e802f 4146d882 e057af19     b6f6275c 6676c8fa 0e3ca271 3a3257fd 1b27d063 9f695e34 7d8d1cf9     ac819a26 ca9b04cb 0eb9b7b0 35988d15 bbac6521 2a55239c fc7e58fa     e38d7250 ab9991ff bc971340 25fe8ce0 4c4399ad 96569be9 1a546f49     78693c7a

(L,N) = (2048, 224)

 SEED =     58423608 0cfa43c0 9b023541 35f4cc51 98a19efa da08bd86 6d601ba4 counter = 2666 p =     8f7935d9 b9aae9bf abed887a cf4951b6 f32ec59e 3baf3718 e8eac496     1f3efd36 06e74351 a9c41833 39b809e7 c2ae1c53 9ba7475b 85d011ad     b8b47987 75498469 5cac0e8f 14b33608 28a22ffa 27110a3d 62a99345     3409a0fe 696c4658 f84bdd20 819c3709 a01057b1 95adcd00 233dba54     84b6291f 9d648ef8 83448677 979cec04 b434a6ac 2e75e998 5de23db0     292fc111 8c9ffa9d 8181e733 8db792b7 30d7b9e3 49592f68 09987215     3915ea3d 6b8b4653 c633458f 803b32a4 c2e0f272 90256e4e 3f8a3b08     38a1c450 e4e18c1a 29a37ddf 5ea143de 4b66ff04 903ed5cf 1623e158     d487c608 e97f211c d81dca23 cb6e3807 65f822e3 42be484c 05763939     601cd667 q =     baf696a6 8578f7df dee7fa67 c977c785 ef32b233 bae580c0 bcd5695d g =     16a65c58 20485070 4e7502a3 9757040d 34da3a34 78c154d4 e4a5c02d     242ee04f 96e61e4b d0904abd ac8f37ee b1e09f31 82d23c90 43cb642f     88004160 edf9ca09 b32076a7 9c32a627 f2473e91 879ba2c4 e744bd20     81544cb5 5b802c36 8d1fa83e d489e94e 0fa0688e 32428a5c 78c478c6     8d0527b7 1c9a3abb 0b0be12c 44689639 e7d3ce74 db101a65 aa2b87f6     4c6826db 3ec72f4b 5599834b b4edb02f 7c90e9a4 96d3a55d 535bebfc     45d4f619 f63f3ded bb873925 c2f224e0 7731296d a887ec1e 4748f87e     fb5fdeb7 5484316b 2232dee5 53ddaf02 112b0d1f 02da3097 3224fe27     aeda8b9d 4b2922d9 ba8be39e d9e103a6 3c52810b c688b7e2 ed4316e1     ef17dbde
RSA KeyPair Generation Algorithm
FieldDescription
NamesRSA
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generation algorithm described inPKCS #1 v2.2.
StrengthThe length, in bits, of the modulusn. This must be a multiple of 8 that is greater than or equal to 512
RSASSA-PSS KeyPair Generation Algorithm
FieldDescription
NamesRSASSA-PSS
TypeKeyPairGenerator
DescriptionThis algorithm is the key pair generation algorithm described inPKCS #1 v2.2.
StrengthThe length, in bits, of the modulusn. This must be a multiple of 8 that is greater than or equal to 512
DSA Parameter Generation Algorithm
FieldDescription
NamesDSA
TypeAlgorithmParameterGenerator
DescriptionThis algorithm is the parameter generation algorithm described inNIST FIPS 186 for DSA.
StrengthThe length, in bits, of the modulusp. This must be a multiple of 64, ranging from from 512 to 1024 (inclusive), 2048, or 3072.
Alternatively, generate DSA parameters with theDSAGenParameterSpec class. Note that this class supports the latest version of DSA standard,FIPS PUB 186-3, and only allows certain length of prime P and Q to be used. Valid sizes for length of prime P and sub-prime Q in bits are as follows:

(1024, 160)
(2048, 224)
(2048, 256)
(3072, 256)

Security Algorithm Implementation Requirements

This section defines the security algorithm requirements for Java SE implementations. The security algorithm requirements are intended to improve the interoperability of Java SE implementations and applications that use these algorithms.

Note: The requirements in this section arenot a measure of the strength or security of the algorithm. For example, recent advances in cryptanalysis have found weaknesses in the strength of the DESede (Triple DES) cipher algorithm. It is your responsibility to determine whether the algorithm meets the security requirements of your application.

Every implementation of this version of the Java SE platform must support the specified algorithms in the table that follows. These requirements do not apply to 3rd party providers. Consult the release documentation for your implementation to see if any other algorithms are supported.

ClassAlgorithm Name(s)
AlgorithmParameterGenerator
Implementations must support the key sizes
in parentheses.		DiffieHellman (1024, 2048)
DSA (1024, 2048)
AlgorithmParametersAES
DESede
DiffieHellman
DSA
CertificateFactoryX.509
CertPath EncodingPKCS7
PkiPath
CertPathBuilderPKIX
CertPathValidatorPKIX
CertStoreCollection
Cipher
Implementations must support the key sizes in parentheses.		AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
AES/GCM/NoPadding (128)
DESede/CBC/NoPadding (168)
DESede/CBC/PKCS5Padding (168)
DESede/ECB/NoPadding (168)
DESede/ECB/PKCS5Padding (168)
RSA/ECB/PKCS1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)
Configuration[1]
KeyAgreementDiffieHellman
KeyFactoryDiffieHellman
DSA
RSA
KeyGenerator
Implementations must support the key sizes in parentheses.		AES (128)
DESede (168)
HmacSHA1
HmacSHA256
KeyPairGenerator
Implementations must support the key sizes in parentheses.		DiffieHellman (1024, 2048, 4096)
DSA (1024, 2048)
RSA (1024, 2048, 4096)
KeyStorePKCS12
MacHmacSHA1
HmacSHA256
MessageDigestSHA-1
SHA-256
SecretKeyFactoryDESede
SecureRandom[1]
SignatureSHA1withDSA
SHA1withRSA
SHA256withDSA
SHA256withRSA
SSLContextTLSv1.2
TrustManagerFactoryPKIX

[1] No specificConfigurationtype,Policytype orSecureRandom algorithm is required; however, an implementation-specific default must be provided.

XML Signature Algorithms

Every implementation of this version of the Java SE platform must support the specified XML Signature algorithms in the table that follows. These requirements do not apply to 3rd party providers. Consult the release documentation for your implementation to see if any other algorithms are supported.

ClassAlgorithm Name(s)
TransformServicehttp://www.w3.org/2001/10/xml-exc-c14n# (CanonicalizationMethod.EXCLUSIVE)
http://www.w3.org/TR/2001/REC-xml-c14n-20010315 (CanonicalizationMethod.INCLUSIVE)
http://www.w3.org/2000/09/xmldsig#base64 (Transform.BASE64)
http://www.w3.org/2000/09/xmldsig#enveloped-signature (Transform.ENVELOPED)
XMLSignatureFactoryDOM

[8]ページ先頭
©2009-2025 Movatter.jp