CipherSuite
A CipherSuite object defines a cipher specification supported in SSL and TLS. SSL has been succeeded by TLS for most uses. The set of algorithms that cipher suites usually contain include: a key exchange algorithm, a bulk encryption algorithm, and a message authentication code (MAC) algorithm. The CipherSuite class declares static CipherSuite member variables that you can specify in your application when setting the SSL/TLS context you are using. Each cipher suite has a unique name that is used to identify it and to describe the algorithmic contents of it. Each segment in a cipher suite name stands for a different algorithm or protocol.
An example of a cipher suite name:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256See below for the meaning of this name.
|
Acronym |
Description |
|
TLS |
The protocol that this cipher suite is for (usually TLS) |
|
ECDHE |
The key exchange algorithm |
|
RSA |
The authentication mechanism for handshake |
|
AES |
The session cipher |
|
128 |
The session encryption key size (bits) for cipher. |
|
GCM |
The type of encryption (cipher-block dependency and additional options). |
|
SHA |
The SHA2 hash function. For a digest of 256 and higher. |
|
256 |
The digest size (bits). |
With some restrictions, you can also define your own CipherSuite, using the CipherSuite constructor. Refer to the Javadoc reference for more information.