Package software.amazon.awssdk.crt.io
Enum TlsCipherPreference
- java.lang.Object
-
- java.lang.Enum<TlsCipherPreference>
-
- software.amazon.awssdk.crt.io.TlsCipherPreference
-
- All Implemented Interfaces:
java.io.Serializable,java.lang.Comparable<TlsCipherPreference>
public enum TlsCipherPreference extends java.lang.Enum<TlsCipherPreference>
A TlsCipherPreference represents a hardcoded ordered list of TLS Ciphers to use when negotiating a TLS Connection. At present, the ability to configure arbitrary orderings of TLS Ciphers is not allowed, and only a curated list of vetted TlsCipherPreference's are exposed.
-
-
Enum Constant Summary
Enum Constants Enum Constant Description TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06Deprecated.This TlsCipherPreference is no longer supported.TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11Deprecated.This TlsCipherPreference is no longer supported.TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02Deprecated.This TlsCipherPreference is no longer supported.TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02Deprecated.This TlsCipherPreference is no longer supported.TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07Deprecated.This TlsCipherPreference is no longer supported.TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05This TlsCipherPreference supports TLS 1.0 through TLS 1.3, and contains Kyber Round 3 as its highest priority PQ algorithm.TLS_CIPHER_SYSTEM_DEFAULTUse whatever the System Default Preference is.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanisSupported()Not all Cipher Preferences are supported on all Platforms due to differences in the underlying TLS Libraries.static TlsCipherPreferencevalueOf(java.lang.String name)Returns the enum constant of this type with the specified name.static TlsCipherPreference[]values()Returns an array containing the constants of this enum type, in the order they are declared.
-
-
-
Enum Constant Detail
-
TLS_CIPHER_SYSTEM_DEFAULT
public static final TlsCipherPreference TLS_CIPHER_SYSTEM_DEFAULT
Use whatever the System Default Preference is. This is usually the best option, as it will be automatically updated as the underlying OS or platform changes, and will always be supported on all Platforms.
-
TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06
@Deprecated public static final TlsCipherPreference TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06
Deprecated.This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead.
-
TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11
@Deprecated public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11
Deprecated.This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead.
-
TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02
@Deprecated public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02
Deprecated.This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead.
-
TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02
@Deprecated public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02
Deprecated.This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead.
-
TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07
@Deprecated public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07
Deprecated.This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05 instead.
-
TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05
public static final TlsCipherPreference TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05
This TlsCipherPreference supports TLS 1.0 through TLS 1.3, and contains Kyber Round 3 as its highest priority PQ algorithm. PQ algorithms in this preference list will be used in hybrid mode, and will be combined with a classical ECDHE key exchange. NIST has announced that Kyber will be first post-quantum key-agreement algorithm that it will standardize. However, the NIST standardization process might introduce minor changes that may cause the final Kyber standard to differ from the Kyber Round 3 implementation available in this preference list. Since this TlsCipherPreference contains algorithms that have not yet been officially standardized by NIST, this preference list, and any of the PQ algorithms in it, may stop being supported at any time. For more info see: - https://tools.ietf.org/html/draft-campagna-tls-bike-sike-hybrid - https://datatracker.ietf.org/doc/html/draft-ietf-tls-hybrid-design - https://aws.amazon.com/blogs/security/how-to-tune-tls-for-hybrid-post-quantum-cryptography-with-kyber/ - https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8413.pdf
-
-
Method Detail
-
values
public static TlsCipherPreference[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:for (TlsCipherPreference c : TlsCipherPreference.values()) System.out.println(c);
- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
public static TlsCipherPreference valueOf(java.lang.String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
java.lang.IllegalArgumentException- if this enum type has no constant with the specified namejava.lang.NullPointerException- if the argument is null
-
isSupported
public boolean isSupported()
Not all Cipher Preferences are supported on all Platforms due to differences in the underlying TLS Libraries.- Returns:
- True if this TlsCipherPreference is currently supported on the current platform.
-
-