<div dir="ltr">Hi All,<div><br></div><div>My question was not specific to those two cipher suites that I had pasted in my query. I had just pasted them as examples. Rather my question was generic. </div><div><br></div><div>I want to know which library or packages in JDK implement the Algorithms/Ciphers that are used for SSL communication?</div><div><br></div><div>If java provides the implementation of those cryptographic Algos through the <b>java.security , java.net.ssl & javax.crypto</b> packages then what is the role of the <b>jsse.jar</b> library that ships in as part of the <b>JAVA_HOME/ jre/lib</b> directory?</div><div><br></div><div>I could clearly see the <b>jsse.jar </b>has classes like <b>Handshaker.class, SSLContextImpl.class, HandShakeMessage.class</b> inside the sun.security.ssl package which do the actual SSL Handshake. There are many more classes inside this package.</div><div><br></div><div>So wanted clarification on this.</div><div><br></div><div>Thanks</div><div>Ayas</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jun 1, 2016 at 1:22 PM, Seán Coffey <span dir="ltr"><<a href="mailto:sean.coffey@oracle.com" target="_blank">sean.coffey@oracle.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<br>
<div>On 01/06/2016 03:42, Jim Manico wrote:<br>
</div>
<blockquote type="cite">
<p>I think this is the right answer.</p>
<p>From
<a href="https://stackoverflow.com/questions/27323858/java-6-ecdhe-cipher-suite-support" target="_blank">https://stackoverflow.com/questions/27323858/java-6-ecdhe-cipher-suite-support</a><br>
</p>
<p>
<span style="color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)">The
SSL/TLS implementation "JSSE" in Java 1.6 and later supports
ECDHE suites<span> </span></span><strong style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">IF there is an
available (JCE) provider</strong><span style="color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>for
needed ECC primitives.<span> </span></span><strong style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">Java 1.6 OOTB does NOT</strong><span style="color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>include such an ECC
provider, but you can add one.<span> </span></span><strong style="margin:0px;padding:0px;border:0px;font-size:15px;font-weight:bold;color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255)">Java 7 and 8 do</strong><span style="color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:19.5px;text-align:left;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;display:inline!important;float:none;background-color:rgb(255,255,255)"><span> </span>include SunECC
provider.</span></p>
</blockquote></span>
I don't believe Ayaskant's query was specific to ECC. In any case,
the above answer isn't accurate. ECC support is available OOTB in
JDK <br>
6 for Solaris. It's provided via the SunPKCS11 provider. SunEC
provider was added in JDK 7:<br>
<a href="http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunEC" target="_blank">http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunEC</a><br>
<br>
regards,<br>
Sean.<span class=""><br>
<blockquote type="cite">
<p>- Jim<br>
</p>
<br>
<div>On 5/29/16 8:02 PM, Ayaskant Swain
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>Can anyone please help me know about this - Does JSSE
library implement the Ciphers or Algorithms of a SSL
protocol ? I see the jsse.jar library shipped with the JDK.
I read the the Oracle document about JSSE - <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction" target="_blank"></a><a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction" target="_blank">http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#Introduction</a></div>
<div><br>
</div>
<div>So my question is - does the JSSE implement the Ciphers
or Algorithms that are used for a successful SSL handshake ,
server authentication, data integrity & data
confidentiality (Application data encryption).</div>
<div><br>
</div>
<div>Example of cipher suites - <b>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
or </b><b>TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</b></div>
<div><b><br>
</b></div>
<div>So is the coding of the above ciphers have been done in
the JSSE library?</div>
<div><br>
</div>
<div>Thanks</div>
<div>Ayaskant</div>
<div>Bangalore</div>
</div>
</blockquote>
<br>
</blockquote>
<br>
</span></div>
</blockquote></div><br></div>