class can still be used for backwards
compatibility to former iSaSiLk versions it is recommended to use
the SupportedGroups
implementation instead of it.
A SupportedEllipticCurves
extension might be sent
by the client within an extended ClientHello
message
to tell the server which curves are supported by the client when
using an ECC based cipher suite. The server uses the information
sent by the client to select an ECC cipher suite in accordance with
the elliptic curves supported by the client. The server itself does
not send a SupportedEllipticCurves
extension.
TLS defines the SupportedEllipticCurves
extension as
list of named elliptic curves (see RFC 4492):
enum {
sect163k1 (1), sect163r1 (2), sect163r2 (3),
sect193r1 (4), sect193r2 (5), sect233k1 (6),
sect233r1 (7), sect239k1 (8), sect283k1 (9),
sect283r1 (10), sect409k1 (11), sect409r1 (12),
sect571k1 (13), sect571r1 (14), secp160k1 (15),
secp160r1 (16), secp160r2 (17), secp192k1 (18),
secp192r1 (19), secp224k1 (20), secp224r1 (21),
secp256k1 (22), secp256r1 (23), secp384r1 (24),
secp521r1 (25),
reserved (0xFE00..0xFEFF),
arbitrary_explicit_prime_curves(0xFF01),
arbitrary_explicit_char2_curves(0xFF02),
(0xFFFF)
} NamedCurve;
struct {
NamedCurve elliptic_curve_list<1..2^16-1>
} EllipticCurveList;
The client shall send the list of supported elliptic curves in its preference order.
RFC 4492 also specified arbitrary explicit prime curves
and aArbitrary explicit char2 curves
, but they are
deprecated by RFC 8422 and therefore shall not be used anymore. RFC 8422 also deprecates
any named curve other than secp256r1 (23), secp384r1 (24), secp521r1 (25) from above and
adds support the x25519 and x448 curves:
enum {
deprecated(1..22),
secp256r1 (23), secp384r1 (24), secp521r1 (25),
x25519(29), x448(30),
reserved (0xFE00..0xFEFF),
deprecated(0xFF01..0xFF02),
(0xFFFF)
} NamedCurve;
In addition to the elliptic curves listed above, iSaSiLk supports the following
Brainpool curves from RFC 7027:
enum {
brainpoolP256r1(26),
brainpoolP384r1(27),
brainpoolP512r1(28)
} NamedCurve;
On the client side, when you create a SupportedEllipticCurves
extension object you may explicitly
specify the named curves to be included in preference order, e.g. (if you want to use
secp192r1
(NIST P-192) and secp256r1
(NIST P-256) and prefer secp192r1):
// the list of supported elliptic curves
NamedCurve[] ecList = { SupportedEllipticCurves.NC_PRIME_SECP192R1,
SupportedEllipticCurves.NC_PRIME_SECP256R1 };
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves(ecList);
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLClientContext configuration:
SSLClientContext clientContext = new SSLClientContext();
...
clientContext.setExtensions(extensions);
...
Or you may use the default
constructor
which creates a SupportedEllipticCurves
extension containing
-- if cryptographically supported -- secp256r1
,
secp384r1
, secp521r1
and x25519
(in that order) as default elliptic
curve list:
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLClientContext configuration:
SSLClientContext clientContext = new SSLClientContext();
...
clientContext.setExtensions(extensions);
...
The critical
flag of a client-side SupportedEllipticCurves
extension does
not have any meaning because the server is not allowed to respond with
a SupportedEllipticCurves
extension.
On the server side this constructor may be used to indicate
support for the SupportedEllipticCurves
extension
only (the server itself never sends a SupportedEllipticCurves
extension):
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLServerContext configuration:
SSLServerContext serverContext = new SSLServerContext();
...
serverContext.setExtensions(extensions);
...
It is also possible to explicitly
specify the named curves to be supported on the server side. In this case the
server side curve list will be merged with the curve list received from the client.
When having specified to ignore
the
preference order of the client list the curves are merged in a way to prefer the
curve list order of the server. If no common curve can be found the client curve list
is taken, except for when having marked this extension as being
critical
. In this case the
handshake will be aborted if client and server cannot agree on another (non-ECC) suite.
When using the default
constructor to create the
a SupportedEllipticCurves extension on the server side the critical
flag
has no meaning.
- Version:
- File Revision 35
- See Also:
Extension
,
ExtensionList
,
SupportedGroups
Methods inherited from class java.lang.Object |
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
TYPE
public static final ExtensionType TYPE
- The type (10) of the elliptic_curves extension.
NC_CHAR2_SECT163K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163K1
- Named binary curve
sect163k1
(NIST K-163
).
- TLS id: 1
- OID: 1.3.132.0.1
- name: sect163k1
NC_CHAR2_SECT163R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163R1
- Named binary curve
sect163r1
.
- TLS id: 2
- OID: 1.3.132.0.2
- name: sect163r1
NC_CHAR2_SECT163R2
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT163R2
- Named binary curve
sect163r2
(NIST B-163
).
- TLS id: 3
- OID: 1.3.132.0.15
- name: sect163r2
NC_CHAR2_SECT193R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT193R1
- Named binary curve
sect193r1
.
- TLS id: 4
- OID: 1.3.132.0.24
- name: sect193r1
NC_CHAR2_SECT193R2
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT193R2
- Named binary curve
sect193r2
.
- TLS id: 5
- OID: 1.3.132.0.25
- name: sect193r2
NC_CHAR2_SECT233K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT233K1
- Named binary curve
sect233k1
(NIST K-233
).
- TLS id: 6
- OID: 1.3.132.0.26
- name: sect233k1
NC_CHAR2_SECT233R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT233R1
- Named binary curve
sect233r1
(NIST B-233
).
- TLS id: 7
- OID: 1.3.132.0.27
- name: sect233r1
NC_CHAR2_SECT239K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT239K1
- Named binary curve
sect239k1
.
- TLS id: 8
- OID: 1.3.132.0.3
- name: sect239k1
NC_CHAR2_SECT283K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT283K1
- Named binary curve
sect283k1
(NIST K-283
).
- TLS id: 9
- OID: 1.3.132.0.16
- name: sect283k1
NC_CHAR2_SECT283R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT283R1
- Named binary curve
sect283r1
(NIST B-283
).
- TLS id: 10
- OID: 1.3.132.0.17
- name: sect283r1
NC_CHAR2_SECT409K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT409K1
- Named binary curve
sect409k1
(NIST K-409
).
- TLS id: 11
- OID: 1.3.132.0.36
- name: sect409k1
NC_CHAR2_SECT409R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT409R1
- Named binary curve
sect409r1
(NIST B-409
).
- TLS id: 12
- OID: 1.3.132.0.37
- name: sect409r1
NC_CHAR2_SECT571K1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT571K1
- Named binary curve
sect571k1
(NIST K-571
).
- TLS id: 13
- OID: 1.3.132.0.38
- name: sect571k1
NC_CHAR2_SECT571R1
public static final SupportedEllipticCurves.NamedCurve NC_CHAR2_SECT571R1
- Named binary curve
sect571r1
(NIST B-571
).
- TLS id: 14
- OID: 1.3.132.0.39
- name: sect571r1
NC_PRIME_SECP160K1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160K1
- Named prime curve
secp160k1
.
- TLS id: 15
- OID: 1.3.132.0.9
- name: secp160k1
NC_PRIME_SECP160R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160R1
- Named prime curve
secp160r1
.
- TLS id: 16
- OID: 1.3.132.0.8
- name: secp160r1
NC_PRIME_SECP160R2
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP160R2
- Named prime curve
secp160r2
.
- TLS id: 17
- OID: 1.3.132.0.30
- name: secp160r2
NC_PRIME_SECP192K1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP192K1
- Named prime curve
secp192k1
.
- TLS id: 18
- OID: 1.3.132.0.31
- name: secp192k1
NC_PRIME_SECP192R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP192R1
- Named prime curve
secp192r1
(NIST P-192
, ANSI X9.62 prime192v1
).
- TLS id: 19
- OID: 1.2.840.10045.3.1.1
- name: secp192r1
NC_PRIME_SECP224K1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP224K1
- Named prime curve
secp224k1
.
- TLS id: 20
- OID: 1.3.132.0.32
- name: secp224k1
NC_PRIME_SECP224R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP224R1
- Named prime curve
secp224r1
(NIST P-224
).
- TLS id: 21
- OID: 1.3.132.0.33
- name: secp224r1
NC_PRIME_SECP256K1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP256K1
- Named prime curve
secp256k1
.
- TLS id: 22
- OID: 1.3.132.0.10
- name: secp256k1
NC_PRIME_SECP256R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP256R1
- Named prime curve
secp256r1
(NIST P-256
, ANSI X9.62 prime256v1
).
- TLS id: 23
- OID: 1.2.840.10045.3.1.7
- name: secp256r1
NC_PRIME_SECP384R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP384R1
- Named prime curve
secp384r1
(NIST P-384
).
- TLS id: 24
- OID: 1.3.132.0.34
- name: secp384r1
NC_PRIME_SECP521R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_SECP521R1
- Named prime curve
secp521r1
(NIST P-521
).
- TLS id: 25
- OID: 1.3.132.0.35
- name: secp521r1
NC_X25519
public static final SupportedEllipticCurves.NamedCurve NC_X25519
- Named prime curve
x25519
(RFC 7748
).
- TLS id: 29
- OID: 1.3.101.110
- name: x25519
NC_X448
public static final SupportedEllipticCurves.NamedCurve NC_X448
- Named prime curve
x448
(RFC 7748
).
- TLS id: 30
- OID: 1.3.101.111
- name: x448
NC_ARBITRARY_EXPLICIT_PRIME
public static final SupportedEllipticCurves.NamedCurve NC_ARBITRARY_EXPLICIT_PRIME
- Deprecated. shall not be used anymore according to RFC 8422
- Named prime curve place holder
arbitrary_explicit_prime_curves
.
Indicates support for arbitrary prime curves (the curve parameters must be encoded
explicitly in ECParameters).
- TLS id: 65281 (0xFF01)
- OID: -
- name: arbitrary_explicit_prime_curves
NC_ARBITRARY_EXPLICIT_CHAR2
public static final SupportedEllipticCurves.NamedCurve NC_ARBITRARY_EXPLICIT_CHAR2
- Deprecated. shall not be used anymore according to RFC 8422
- Named binary curve place holder
arbitrary_explicit_char2_curves
.
Indicates support for arbitrary characteristic-2 curves (the curve parameters
must be encoded explicitly in ECParameters).
- TLS id: 65282 (0xFF02)
- OID: -
- name: arbitrary_explicit_char2_curves
NC_PRIME_BRAINPOOLP256R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP256R1
- Named prime Brainpool curve
brainpoolP256r1
(RFC 7027).
- TLS id: 26
- OID: 1.3.36.3.3.2.8.1.1.7
- name: brainpoolP256r1
NC_PRIME_BRAINPOOLP384R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP384R1
- Named prime Brainpool curve
brainpoolP384r1
(RFC 7027).
- TLS id: 26
- OID: 1.3.36.3.3.2.8.1.1.11
- name: brainpoolP384r1
NC_PRIME_BRAINPOOLP512R1
public static final SupportedEllipticCurves.NamedCurve NC_PRIME_BRAINPOOLP512R1
- Named prime Brainpool curve
brainpoolP521r1
(RFC 7027).
- TLS id: 28
- OID: 1.3.36.3.3.2.8.1.1.13
- name: brainpoolP512r1
SupportedEllipticCurves
public SupportedEllipticCurves()
- Default Constructor. Creates a new
SupportedEllipticCurves
extension containing -- if cryptographically supported -- secp256r1
,
secp384r1
, secp521r1
and
x25519
(in that order) as default elliptic curve list.
This constructor may be used on the client side if the client wants to use ECC based cipher suites with
any of the four elliptic curves secp256r1, secp384r1, secp521r1 or x25519:
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLClientContext configuration:
SSLClientContext clientContext = new SSLClientContext();
...
clientContext.setExtensions(extensions);
...
On the server side this constructor may be used to indicate
support for the SupportedEllipticCurves
extension
only (the server itself never sends a SupportedEllipticCurves
extension):
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves();
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLServerContext configuration:
SSLServerContext serverContext = new SSLServerContext();
...
serverContext.setExtensions(extensions);
...
SupportedEllipticCurves
public SupportedEllipticCurves(SupportedEllipticCurves.NamedCurve[] ellipticCurveList)
- Creates a SupportedEllipticCurves extension from the given elliptic
curve list.
This constructor may be used on the client side to specify which
elliptic curves the client wants to use with ECC based cipher suites.
The elliptic curves shall be listed in preference order. For instance,
a client that wants to use secp192r1
(NIST P-192)
and secp256r1
(NIST P-256) and prefers secp192r1
will configure the SSLClientContext with the following SupportedEllipticCurves
extension:
// the list of supported elliptic curves
NamedCurve[] ecList = { SupportedEllipticCurves.NC_PRIME_SECP192R1,
SupportedEllipticCurves.NC_PRIME_SECP256R1 };
// create SupportedEllipticCurves extension
SupportedEllipticCurves supportedEllipticCurves = new SupportedEllipticCurves(ecList);
// add to ExtensionList
ExtensionList extensions = new ExtensionList();
...
extensions.addExtension(supportedEllipticCurves);
...
// set extensions for the SSLClientContext configuration:
SSLClientContext clientContext = new SSLClientContext();
...
clientContext.setExtensions(extensions);
...
- Parameters:
ellipticCurveList
- the list of supported elliptic curves in preference order
(the ellipticCurveList
array is not cloned or copied by this method)
- Throws:
java.lang.IllegalArgumentException
- if the curve list is empty or any of the given curves
is not supported by the installed cryptographic
providers
getRegisteredCurveByName
public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByName(java.lang.String name)
- Gets the registered NamedCurve with the given name.
- Parameters:
name
- the name of the curve
- Returns:
- the registered NamedCurve, or
null
if no
curve with the given name is registered
getRegisteredCurveByOID
public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByOID(java.lang.String oid)
- Gets the registered NamedCurve with the given oid.
- Parameters:
oid
- the oid of the curve
- Returns:
- the registered NamedCurve, or
null
if no
curve with the given oid is registered
getRegisteredCurveByID
public static final SupportedEllipticCurves.NamedCurve getRegisteredCurveByID(int id)
- Gets the registered NamedCurve with the given id.
- Parameters:
id
- the id of the curve
- Returns:
- the registered NamedCurve, or
null
if no
curve with the given id is registered
getAllRegisteredNamedCurves
public static final SupportedEllipticCurves.NamedCurve[] getAllRegisteredNamedCurves()
- Gets all registered named curves.
- Returns:
- an array of all registered named curves.
getEllipticCurveList
public SupportedEllipticCurves.NamedCurve[] getEllipticCurveList()
- Gets the list of supported curves included in this SupportedEllipticCurves extension.
- Returns:
- the list of supported curves (in preference order) as array of NamedCurve objects;
the array maybe
null
or empty if no curves are included in the list
(the returned array is not cloned or copied by this method)
getCurve
public SupportedEllipticCurves.NamedCurve getCurve(int id)
- Checks whether the elliptic curve with the given id is included in this
SupportedEllipticCurves extension.
- Parameters:
id
- the TLS id of the curve to be checked
- Returns:
- the NamedCurve with the given id if it is included, or
null
if the curve with the given id is not included
setIgnorePeerPreferenceOrder
public void setIgnorePeerPreferenceOrder(boolean ignore)
- Whether to ignore the preference order of the curve list
sent by the peer (client) when selecting a curve for the current
session. By default the curve is selected according
to the preference order sent by the client.
This method is only meaningful on the server side since an
elliptic_curve extension can only be sent by the client.
- Parameters:
ignore
- whether to ignore the peer (client) curve list preference
order when selecting the curve for the current
session
clone
public java.lang.Object clone()
- Returns a clone of this SupportedEllipticCurves extension object.
- Overrides:
clone
in class Extension
- Returns:
- a clone of this SupportedEllipticCurves extension object
toString
public java.lang.String toString()
- Gets a String representation of this SupportedEllipticCurves object.
- Specified by:
toString
in class Extension
- Returns:
- a String representation of the SupportedEllipticCurves object
iSaSiLk 6.0, (c) 2002 IAIK, (c) 2003 - 2015 SIC