iaik.security.ssl

Class SupportedGroups

java.lang.Object

iaik.security.ssl.Extension

iaik.security.ssl.SupportedEllipticCurves

iaik.security.ssl.SupportedGroups

All Implemented Interfaces:

java.lang.Cloneable

public class SupportedGroups
extends SupportedEllipticCurves
implements java.lang.Cloneable

This class implements the SupportedGroups (supported_groups) TLS extension as specified by RFC 7919, RFC 8446.

The SupportedGroups (supported_groups) extension replaces the SupportedEllipticCurves (elliptic_curves) extension to extend it about support for finite field based Diffie-Hellman (DH) key exchange and hybrid ECC/KEM key exchange. Although the [@link SupportedEllipticCurves SupportedEllipticCurves} class can still be used for backwards compatibility to former iSaSiLk versions it is recommended to use this SupportedGroups implementation instead of it.

In TLS 1.2 a SupportedGroups extension might be sent by the client within an extended ClientHello message to tell the server which groups are supported by the client when using an ECDHE or DHE based cipher suite. The server uses the information sent by the client to select an ECC/DHE cipher suite in accordance with the ECDHE/FFDHE groups supported by the client. The server itself generally does not send a SupportedGroups extension. When TLS 1.3 is used the SupportGroups extension is also sent by the client to be used by the server for selecting a proper group to calculate the key_exchange value for the KeyShare extension.
TLS defines the SupportedGroups extension as list of named groups (see RFC 7919):

 enum {

      Elliptic Curve Groups (ECDHE) 
      secp256r1(0x0017), secp384r1(0x0018), secp521r1(0x0019),
      x25519(0x001D), x448(0x001E),

      // Finite Field Groups (DHE) 
      ffdhe2048(0x0100), ffdhe3072(0x0101), ffdhe4096(0x0102),
      ffdhe6144(0x0103), ffdhe8192(0x0104),

      // Reserved Code Points 
      ffdhe_private_use(0x01FC..0x01FF),
      ecdhe_private_use(0xFE00..0xFEFF),
      (0xFFFF)
 } NamedGroup;

 struct {
     NamedGroup named_group_list<2..2^16-1>;
 } NamedGroupList;
 

The client shall send the list of supported groups in its preference order.

In addition to the elliptic groups listed above, iSaSiLk supports the following Brainpool groups from RFC 7027:

      enum {
           brainpoolP256r1(26),
           brainpoolP384r1(27),
           brainpoolP512r1(28)
      } NamedGroup;
 

iSaSiLk also supports the following hybrid groups combining a classical (ECC) and a PQ (ML-KEM) key exchange algorithm to protect key establishment in transition to post quantum cryptography (see Post-quantum hybrid ECDHE-MLKEM Key Agreement for TLSv1.3 and Hybrid key exchange in TLS 1.3:

      enum {
           SecP256r1MLKEM768(0x11EB),
           X25519MLKEM768(0x11EC)
      } NamedGroup;
 

On the client side, when you create a SupportedGroups extension object you may explicitly specify the named groups to be included in preference order, e.g. (if you want to use secp192r1 (NIST P-192) and secp256r1 (NIST P-256) and prefer secp192r1):

 // the list of supported elliptic groups
 NamedGroup[] ecList = { SupportedGroups.NC_PRIME_SECP192R1,
                         SupportedGroups.NC_PRIME_SECP256R1 };
 // create SupportedGroups extension                                 
 SupportedGroups supportedGroups = new SupportedGroups(ecList);
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

Or you may use the default constructor which creates a SupportedGroups extension containing -- if cryptographically supported -- secp256r1, secp384r1, secp521r1 and x25519 as default elliptic group list and ffdhe2048 and ffdhe3072 as default FFDHE group list (in that order):

 // create SupportedGroups extension
 SupportedGroups supportedGroups = new SupportedGroups();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

If the critical flag of a client-side SupportedGroups extension is set to true the handshake will be aborted with an insufficient_security alert if the server DHE key exchange message contains parameters (p, g) that do not comply with any of the FFDHE parameters offered in the ClientHello SupportedGroups extension.

On the server side the default constructor may be used to indicate support for the SupportedGroups extension (the server itself generally does not send a SupportedGroups extension):

 // create SupportedGroups extension
 SupportedGroups supportedGroups = new SupportedGroups();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLServerContext configuration:
 SSLServerContext serverContext = new SSLServerContext();
 ...
 serverContext.setExtensions(extensions);
 ...
 

It is also possible to explicitly specify the named groups to be supported on the server side. In this case the server side group list will be merged with the group list received from the client. When having specified to ignore the preference order of the client list the groups are merged in a way to prefer the group list order of the server. If no common group can be found the client group list is taken, except for when having marked this extension as being critical. In this case the handshake will be aborted if client and server cannot agree on another (non-ECC/DHE) suite. When using the default constructor to create the a SupportedGroups extension on the server side the critical flag has no meaning.

Version:

File Revision 49

See Also:

Extension, ExtensionList

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SupportedGroups.HybridKemGroup Hybrid KEM Group.
static class	SupportedGroups.KemGroup KEM Group.
static class	SupportedGroups.NamedFFDHEGroup TLS NamedFFDHEGroup.

Nested classes/interfaces inherited from class iaik.security.ssl.SupportedEllipticCurves

SupportedEllipticCurves.NamedCurve

Field Summary

Fields

Modifier and Type	Field and Description
static SupportedGroups.NamedFFDHEGroup	FFDHE_2048 Named FFDHE group ffdhe2048 (RFC 7919).
static SupportedGroups.NamedFFDHEGroup	FFDHE_3072 Named FFDHE group ffdhe3072 (RFC 7919).
static SupportedGroups.NamedFFDHEGroup	FFDHE_4096 Named FFDHE group ffdhe4096 (RFC 7919).
static SupportedGroups.NamedFFDHEGroup	FFDHE_6144 Named FFDHE group ffdhe6144 (RFC 7919).
static SupportedGroups.NamedFFDHEGroup	FFDHE_8192 Named FFDHE group ffdhe8192 (RFC 7919).
static SupportedGroups.HybridKemGroup	HYBRID_SecP256r1MLKEM768 Hybrid Kem group SecP256r1MLKEM768 (https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/).
static SupportedGroups.HybridKemGroup	HYBRID_X25519MLKEM768 Hybrid Kem group X25519MLKEM768 (https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/).
static SupportedGroups.KemGroup	mlkem1024 Kem group MLKEM768 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).
static SupportedGroups.KemGroup	mlkem512 Kem group MLKEM512 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).
static SupportedGroups.KemGroup	mlkem768 Kem group MLKEM768 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).

Fields inherited from class iaik.security.ssl.SupportedEllipticCurves

NC_ARBITRARY_EXPLICIT_CHAR2, NC_ARBITRARY_EXPLICIT_PRIME, NC_CHAR2_SECT163K1, NC_CHAR2_SECT163R1, NC_CHAR2_SECT163R2, NC_CHAR2_SECT193R1, NC_CHAR2_SECT193R2, NC_CHAR2_SECT233K1, NC_CHAR2_SECT233R1, NC_CHAR2_SECT239K1, NC_CHAR2_SECT283K1, NC_CHAR2_SECT283R1, NC_CHAR2_SECT409K1, NC_CHAR2_SECT409R1, NC_CHAR2_SECT571K1, NC_CHAR2_SECT571R1, NC_PRIME_BRAINPOOLP256R1, NC_PRIME_BRAINPOOLP384R1, NC_PRIME_BRAINPOOLP512R1, NC_PRIME_SECP160K1, NC_PRIME_SECP160R1, NC_PRIME_SECP160R2, NC_PRIME_SECP192K1, NC_PRIME_SECP192R1, NC_PRIME_SECP224K1, NC_PRIME_SECP224R1, NC_PRIME_SECP256K1, NC_PRIME_SECP256R1, NC_PRIME_SECP384R1, NC_PRIME_SECP521R1, NC_X25519, NC_X448, TYPE

Constructor Summary

Constructors

Constructor and Description
SupportedGroups() Default Constructor.
SupportedGroups(NamedGroup[] namedGroupList) Creates a SupportedGroups extension from the given group list.
SupportedGroups(NamedGroup[] namedGroupList, boolean autoRemoveNotSupportedGroups) Creates a SupportedGroups extension from the given group list.

Method Summary

Modifier and Type	Method and Description
java.lang.Object	clone() Returns a clone of this SupportedGroups extension object.
SupportedEllipticCurves.NamedCurve	getCurve(int id) Checks whether the elliptic curve with the given id is included in this SupportedEllipticCurves extension.
NamedGroup	getGroup(int id) Checks whether the group with the given id is included in this SupportedGroups extension.
SupportedGroups.HybridKemGroup[]	getHybridKemGroupList() Gets the list of hybrid KEM groups included in this SupportedGroups extension.
SupportedGroups.KemGroup[]	getKemGroupList() Gets the list of KEM groups included in this SupportedGroups extension.
SupportedEllipticCurves.NamedCurve[]	getNamedCurveList() Gets the list of ECDHE groups included in this SupportedGroups extension.
SupportedGroups.NamedFFDHEGroup[]	getNamedFFDHEGroupList() Gets the list of FFDHE groups included in this SupportedGroups extension.
NamedGroup[]	getNamedGroupList() Gets the list of supported groups included in this SupportedGroups extension.
static NamedGroup	getRegisteredGroupByName(java.lang.String name) Gets the registered named group with the given name.
java.lang.String	toString() Gets a String representation of this SupportedGroups object.

Methods inherited from class iaik.security.ssl.SupportedEllipticCurves

getAllRegisteredNamedCurves, getEllipticCurveList, getRegisteredCurveByID, getRegisteredCurveByName, getRegisteredCurveByOID, setIgnorePeerPreferenceOrder

Methods inherited from class iaik.security.ssl.Extension

getAllowedProtocolVersions, getExtensionType, getName, getType, setCritical

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

FFDHE_2048

public static final SupportedGroups.NamedFFDHEGroup FFDHE_2048

Named FFDHE group ffdhe2048 (RFC 7919).

• TLS id: 256
• p: FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA 886B4238 61285C97 FFFFFFFF FFFFFFFF
• g: 2
• name: ffdhe2048

FFDHE_3072

public static final SupportedGroups.NamedFFDHEGroup FFDHE_3072

Named FFDHE group ffdhe3072 (RFC 7919).

• TLS id: 257
• p: FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF 3C1B20EE 3FD59D7C 25E41D2B 66C62E37 FFFFFFFF FFFFFFFF
• g: 2
• name: ffdhe3072

FFDHE_4096

public static final SupportedGroups.NamedFFDHEGroup FFDHE_4096

Named FFDHE group ffdhe4096 (RFC 7919).

• TLS id: 258
• p: FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E655F6A FFFFFFFF FFFFFFFF
• g: 2
• name: ffdhe4096

FFDHE_6144

public static final SupportedGroups.NamedFFDHEGroup FFDHE_6144

Named FFDHE group ffdhe6144 (RFC 7919).

• TLS id: 259
• p: FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 A41D570D 7938DAD4 A40E329C D0E40E65 FFFFFFFF FFFFFFFF
• g: 2
• name: ffdhe6144

FFDHE_8192

public static final SupportedGroups.NamedFFDHEGroup FFDHE_8192

Named FFDHE group ffdhe8192 (RFC 7919).

• TLS id: 260
• p: FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1 D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9 7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561 2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935 984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735 30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19 0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61 9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73 3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA 886B4238 611FCFDC DE355B3B 6519035B BC34F4DE F99C0238 61B46FC9 D6E6C907 7AD91D26 91F7F7EE 598CB0FA C186D91C AEFE1309 85139270 B4130C93 BC437944 F4FD4452 E2D74DD3 64F2E21E 71F54BFF 5CAE82AB 9C9DF69E E86D2BC5 22363A0D ABC52197 9B0DEADA 1DBF9A42 D5C4484E 0ABCD06B FA53DDEF 3C1B20EE 3FD59D7C 25E41D2B 669E1EF1 6E6F52C3 164DF4FB 7930E9E4 E58857B6 AC7D5F42 D69F6D18 7763CF1D 55034004 87F55BA5 7E31CC7A 7135C886 EFB4318A ED6A1E01 2D9E6832 A907600A 918130C4 6DC778F9 71AD0038 092999A3 33CB8B7A 1A1DB93D 7140003C 2A4ECEA9 F98D0ACC 0A8291CD CEC97DCF 8EC9B55A 7F88A46B 4DB5A851 F44182E1 C68A007E 5E0DD902 0BFD64B6 45036C7A 4E677D2C 38532A3A 23BA4442 CAF53EA6 3BB45432 9B7624C8 917BDD64 B1C0FD4C B38E8C33 4C701C3A CDAD0657 FCCFEC71 9B1F5C3E 4E46041F 388147FB 4CFDB477 A52471F7 A9A96910 B855322E DB6340D8 A00EF092 350511E3 0ABEC1FF F9E3A26E 7FB29F8C 183023C3 587E38DA 0077D9B4 763E4E4B 94B2BBC1 94C6651E 77CAF992 EEAAC023 2A281BF6 B3A739C1 22611682 0AE8DB58 47A67CBE F9C9091B 462D538C D72B0374 6AE77F5E 62292C31 1562A846 505DC82D B854338A E49F5235 C95B9117 8CCF2DD5 CACEF403 EC9D1810 C6272B04 5B3B71F9 DC6B80D6 3FDD4A8E 9ADB1E69 62A69526 D43161C1 A41D570D 7938DAD4 A40E329C CFF46AAA 36AD004C F600C838 1E425A31 D951AE64 FDB23FCE C9509D43 687FEB69 EDD1CC5E 0B8CC3BD F64B10EF 86B63142 A3AB8829 555B2F74 7C932665 CB2C0F1C C01BD702 29388839 D2AF05E4 54504AC7 8B758282 2846C0BA 35C35F5C 59160CC0 46FD8251 541FC68C 9C86B022 BB709987 6A460E74 51A8A931 09703FEE 1C217E6C 3826E52C 51AA691E 0E423CFC 99E9E316 50C1217B 624816CD AD9A95F9 D5B80194 88D9C0A0 A1FE3075 A577E231 83F81D4A 3F2FA457 1EFC8CE0 BA8A4FE8 B6855DFE 72B0A66E DED2FBAB FBE58A30 FAFABE1C 5D71A87E 2F741EF8 C1FE86FE A6BBFDE5 30677F0D 97D11D49 F7A8443D 0822E506 A9F4614E 011E2A94 838FF88C D68C8BB7 C5C6424C FFFFFFFF FFFFFFFF
• g: 2
• name: ffdhe8192

mlkem512

public static final SupportedGroups.KemGroup mlkem512

Kem group MLKEM512 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).

• TLS id: 512 (0x0200)
• KEM: ML-KEM-512
• name: ML-KEM-512

mlkem768

public static final SupportedGroups.KemGroup mlkem768

Kem group MLKEM768 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).

• TLS id: 513 (0x0201)
• KEM: ML-KEM-768
• name: ML-KEM-768

mlkem1024

public static final SupportedGroups.KemGroup mlkem1024

Kem group MLKEM768 (https://datatracker.ietf.org/doc/draft-connolly-tls-mlkem-key-agreement/).

• TLS id: 514 (0x0202)
• KEM: ML-KEM-1024
• name: ML-KEM-1024

HYBRID_X25519MLKEM768

public static final SupportedGroups.HybridKemGroup HYBRID_X25519MLKEM768

Hybrid Kem group X25519MLKEM768 (https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/).

• TLS id: 4588 (0x11EC)
• ECC group: X25519
• KEM: MLKEM768
• name: X25519MLKEM768

HYBRID_SecP256r1MLKEM768

public static final SupportedGroups.HybridKemGroup HYBRID_SecP256r1MLKEM768

Hybrid Kem group SecP256r1MLKEM768 (https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe-mlkem/).

• TLS id: 4587 (0x11EB)
• ECC group: SecP256r1
• KEM: ML-KEM-768
• name: SecP256r1

Constructor Detail

SupportedGroups

public SupportedGroups()

Default Constructor. Creates a new SupportedGroups extension containing -- if cryptographically supported -- secp256r1, secp384r1, secp521r1 and x25519as default elliptic group list and ffdhe2048 and ffdhe3072 as default FFDHE group list (in that order).
This constructor may be used on the client side if the client wants to use ECC or DHE cipher suites with any of the four elliptic groups secp256r1, secp384r1, secp521r1 or x25519 or finite field DHE groups ffdhe2048 or ffdhe3072:

 // create SupportedGroups extension
 SupportedGroups supportedGroups = new SupportedGroups();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

On the server side this constructor may be used to indicate support for the SupportedGroups extension only (the server itself does not send a SupportedGroups extension):

 // create SupportedGroups extension
 SupportedGroups supportedGroups = new SupportedGroups();
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLServerContext configuration:
 SSLServerContext serverContext = new SSLServerContext();
 ...
 serverContext.setExtensions(extensions);
 ...
 

SupportedGroups

public SupportedGroups(NamedGroup[] namedGroupList)

Creates a SupportedGroups extension from the given group list.
This constructor may be used on the client side to specify which groups the client wants to use with ECC/DHE based cipher suites. The groups shall be listed in preference order. For instance, a client that wants to use the secp192r1 (NIST P-192) and secp256r1 (NIST P-256) ECC groups and prefers secp192r1 will configure the SSLClientContext with the following SupportedGroups extension:

 // the list of supported elliptic groups
 NamedGroup[] ecList = { SupportedGroups.NC_PRIME_SECP192R1,
                         SupportedGroups.NC_PRIME_SECP256R1 };
 // create SupportedGroups extension                                 
 SupportedGroups supportedGroups = new SupportedGroups(ecList);
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

Parameters:

namedGroupList - the list of supported groups in preference order (the namedGroupList array is not cloned or copied by this method)

Throws:

java.lang.IllegalArgumentException - if the group list is empty or any of the given groups is not supported by the installed cryptographic providers

SupportedGroups

public SupportedGroups(NamedGroup[] namedGroupList,
                       boolean autoRemoveNotSupportedGroups)

Creates a SupportedGroups extension from the given group list.
This constructor may be used on the client side to specify which groups the client wants to use with ECC/DHE based cipher suites. The groups shall be listed in preference order. For instance, a client that wants to use the secp192r1 (NIST P-192) and secp256r1 (NIST P-256) ECC groups and prefers secp192r1 will configure the SSLClientContext with the following SupportedGroups extension:

 // the list of supported elliptic groups
 NamedGroup[] ecList = { SupportedGroups.NC_PRIME_SECP192R1,
                         SupportedGroups.NC_PRIME_SECP256R1 };
 // create SupportedGroups extension                                 
 SupportedGroups supportedGroups = new SupportedGroups(ecList);
 // add to ExtensionList
 ExtensionList extensions = new ExtensionList();
 ...
 extensions.addExtension(supportedGroups);
 ...
 // set extensions for the SSLClientContext configuration:
 SSLClientContext clientContext = new SSLClientContext();
 ...
 clientContext.setExtensions(extensions);
 ...
 

Parameters:

namedGroupList - the list of supported groups in preference order (the namedGroupList array is not cloned or copied by this method)

autoRemoveNotSupportedGroups - whether to automatically remove any not supported group (default: false, if any of the provided groups is not supported an IllegalArgumentException is thrown)

Throws:

java.lang.IllegalArgumentException - if the group list is empty or
autoRemoveNotSupportedGroups is set to false (default) and any of the given groups is not supported by the installed cryptographic providers or none of the provided groups is supported

Method Detail

getRegisteredGroupByName

public static final NamedGroup getRegisteredGroupByName(java.lang.String name)

Gets the registered named group with the given name.

Parameters:

name - the group name

Returns:

the named group with the given name, if a named group with the given name is registered, null otherwise

getNamedGroupList

public NamedGroup[] getNamedGroupList()

Gets the list of supported groups included in this SupportedGroups extension.

Returns:

the list of supported groups (in preference order) as array of NamedGroup objects; the array maybe null or empty if no groups are included in the list (the returned array is not cloned or copied by this method)

getNamedCurveList

public SupportedEllipticCurves.NamedCurve[] getNamedCurveList()

Gets the list of ECDHE groups included in this SupportedGroups extension.

Returns:

the list of ECDHE groups (in preference order) as array of NamedCurve objects; the array maybe null or empty if no ECDHE groups are included in the list (the returned array is not cloned or copied by this method)

getNamedFFDHEGroupList

public SupportedGroups.NamedFFDHEGroup[] getNamedFFDHEGroupList()

Gets the list of FFDHE groups included in this SupportedGroups extension.

Returns:

the list of FFDHE groups (in preference order) as array of NamedFFDHEGroup objects; the array maybe null or empty if no FFDHE groups are included in the list (the returned array is not cloned or copied by this method)

getKemGroupList

public SupportedGroups.KemGroup[] getKemGroupList()

Gets the list of KEM groups included in this SupportedGroups extension.

Returns:

the list of KEM groups (in preference order) as array of KemGroup objects; the array maybe null or empty if no hybrid KEM groups are included in the list (the returned array is not cloned or copied by this method)

getHybridKemGroupList

public SupportedGroups.HybridKemGroup[] getHybridKemGroupList()

Gets the list of hybrid KEM groups included in this SupportedGroups extension.

Returns:

the list of hybrid KEM groups (in preference order) as array of HybridKemGroup objects; the array maybe null or empty if no hybrid KEM groups are included in the list (the returned array is not cloned or copied by this method)

getGroup

public NamedGroup getGroup(int id)

Checks whether the group with the given id is included in this SupportedGroups extension.

Parameters:

id - the TLS id of the group to be checked

Returns:

the NamedGroup with the given id if it is included, or null if the group with the given id is not included

clone

public java.lang.Object clone()

Returns a clone of this SupportedGroups extension object.

Overrides:

clone in class SupportedEllipticCurves

Returns:

a clone of this SupportedGroups extension object

toString

public java.lang.String toString()

Gets a String representation of this SupportedGroups object.

Overrides:

toString in class SupportedEllipticCurves

Returns:

a String representation of the SupportedGroups object

getCurve

public SupportedEllipticCurves.NamedCurve getCurve(int id)

Checks whether the elliptic curve with the given id is included in this SupportedEllipticCurves extension.

Overrides:

getCurve in class SupportedEllipticCurves

Parameters:

id - the TLS id of the curve to be checked

Returns:

the NamedCurve with the given id if it is included, or null if the curve with the given id is not included