Add set of ARIA cipher suites.

Ignore API difference in enum-order for CipherSuite. Add interoperability tests. Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
eclipse-californium · Mar 27, 2023 · 5762e53 · 5762e53
1 parent 8c103bd
commit 5762e53
Show file tree

Hide file tree

Showing 6 changed files with 123 additions and 14 deletions.
diff --git a/...ests/src/test/java/org/eclipse/californium/interoperability/test/mbedtls/MbedTlsUtil.java b/...ests/src/test/java/org/eclipse/californium/interoperability/test/mbedtls/MbedTlsUtil.java
@@ -71,6 +71,26 @@ public class MbedTlsUtil {
 		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
 				"TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384");
 
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256,
+				"TLS-PSK-WITH-ARIA-128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384,
+				"TLS-PSK-WITH-ARIA-256-GCM-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256,
+				"TLS-PSK-WITH-ARIA-128-CBC-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384,
+				"TLS-PSK-WITH-ARIA-256-CBC-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
+				"TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
+				"TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
+				"TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
+				"TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
+				"TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
+				"TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384");
 	}
 
 	/**

diff --git a/...ests/src/test/java/org/eclipse/californium/interoperability/test/openssl/OpenSslUtil.java b/...ests/src/test/java/org/eclipse/californium/interoperability/test/openssl/OpenSslUtil.java
@@ -59,6 +59,13 @@ public class OpenSslUtil {
 		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "ECDHE-RSA-AES256-SHA");
 		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "ECDHE-RSA-AES256-SHA384");
 
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256, "PSK-ARIA128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384, "PSK-ARIA256-GCM-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, "ECDHE-ECDSA-ARIA128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "ECDHE-ECDSA-ARIA256-GCM-SHA384");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, "ECDHE-ARIA128-GCM-SHA256");
+		CIPHERSUITES_MAP.put(CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "ECDHE-ARIA256-GCM-SHA384");
+
 	}
 
 	/**

diff --git a/element-connector/src/main/java/org/eclipse/californium/elements/util/JceNames.java b/element-connector/src/main/java/org/eclipse/californium/elements/util/JceNames.java
@@ -109,6 +109,22 @@ public interface JceNames {
 
 	/**
 	 * Name of environment variable to specify the JCE.
+	 * 
+	 * Usage via environment variable:
+	 * <pre>
+	 * unix:
+	 * export CALIFORNIUM_JCE_PROVIDER=BC
+	 * ...
+	 * java ... 
+	 * </pre>
+	 * 
+	 * or via system property:
+	 * 
+	 * <pre>
+	 * java -DCALIFORNIUM_JCE_PROVIDER=BC ...
+	 * </pre>
+	 * 
+	 * Requires to add the required jars to the classpath!
 	 */
 	public String CALIFORNIUM_JCE_PROVIDER = "CALIFORNIUM_JCE_PROVIDER";
 	/**

diff --git a/pom.xml b/pom.xml
@@ -369,7 +369,7 @@
 						<dependency>
 							<groupId>org.revapi</groupId>
 							<artifactId>revapi-java</artifactId>
-							<version>0.28.0</version>
+							<version>0.28.1</version>
 						</dependency>
 					</dependencies>
 				</plugin>
@@ -557,13 +557,20 @@
 									</justification>
 								</item>
 								<item>
-									<regex>true</regex>
 									<code>java.class.externalClassExposedInAPI</code>
-									<package>org\.slf4j</package>
+									<package>org.slf4j</package>
 									<justification>
 										Californium uses classes of slf4j in some case with scope protected.
 									</justification>
 								</item>
+								<item>
+									<code>java.field.enumConstantOrderChanged</code>
+									<class>org.eclipse.californium.scandium.dtls.cipher.CipherSuite</class>
+									<justification>
+										Order in CipherSuite reflects the preference by intention.
+										ordinal() must not be used.
+									</justification>
+								</item>
 							</differences>
 						</revapi.differences>
 						<revapi.filter>

diff --git a/scandium-core/README.md b/scandium-core/README.md
@@ -210,6 +210,19 @@ Also Starting with 3.0.0-RC1, a server may use a `X509KeyManager` in order to pr
 - *TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384*
 - *TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA*
 
+ARIA cipher suites since 3.9.0, requires support by JCE, e.g. BouncyCastle 1.72:
+- TLS_PSK_WITH_ARIA_128_GCM_SHA256
+- TLS_PSK_WITH_ARIA_256_GCM_SHA384
+- *TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256*
+- *TLS_PSK_WITH_ARIA_128_CBC_SHA256*
+- *TLS_PSK_WITH_ARIA_256_CBC_SHA384*
+- TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+- TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+- *TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256*
+- *TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384*
+- TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
+- TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
+
 Note: the *CBC* cipher suites are not longer recommended for new deployments!
 
 Note: *SHA378* in the cipher suite names are typos. It must be *SHA384*. The straight forward fix would break the API, therefore the fix is postponed to 4.0 (no schedule for now)!
@@ -246,6 +259,7 @@ Supported extensions:
 - [RFC 6066 - TLS Extensions](https://tools.ietf.org/html/rfc6066)
      - [RFC 6066 - Server Name Indication](https://tools.ietf.org/html/rfc6066#section-3)
      - [RFC 6066 - Maximum Fragment Length Negotiation](https://tools.ietf.org/html/rfc6066#section-4)
+- [RFC 6209 - ARIA Cipher Suites](https://tools.ietf.org/html/rfc6209) (since 3.9.0)
 - [RFC 7250 - Raw Public Keys](https://tools.ietf.org/html/rfc7250)
 - [RFC 7627 - Extended Master Secret Extension](https://tools.ietf.org/html/rfc7627)
 - [RFC 7748 - Elliptic Curves for Security](https://tools.ietf.org/html/rfc7748)
@@ -310,6 +324,19 @@ Starting with 3.0.0-RC1 an experimental support for using [Bouncy Castle](https:
 
 And setup a environment variable `CALIFORNIUM_JCE_PROVIDER` using the value `BC` (see [JceProviderUtil](../element-connector/src/main/java/org/eclipse/californium/elements/util/JceProviderUtil.java) for more details) or use the java `System.property` `CALIFORNIUM_JCE_PROVIDER` to do so.
 
+environment variable on unix:
+
+```
+export CALIFORNIUM_JCE_PROVIDER=BC
+...
+java ...
+```
+java `System.property`:
+
+```
+java -DCALIFORNIUM_JCE_PROVIDER=BC
+```
+
 Supporting Bouncy Castle for the unit test uncovers a couple of differences, which required to adapt the implementation. It is assumed, that more will be found and more adaption will be required. If you find some, don't hesitate to report issues, perhaps research and analysis, and fixes. On the other hand, the project Californium will for now not be able to provide support for Bouncy Castle questions with or without relation to Californium. You may create issues, but it may be not possible for us to answer them.
 
 On issue seems to be the `SecureRandom` generator of BC. Dependent on the runtime environment, that is based on `SecureRandom.getInstanceStrong()`, which has blocking behaviour by default. If the platform your application runs on, has not enough entropy to start the `SecureRandom`, BC waits until that gets available. In common cases, that starts quite fast, but in some cases, that takes up to 60s (and more).

diff --git a/scandium-core/src/main/java/org/eclipse/californium/scandium/dtls/cipher/CipherSuite.java b/scandium-core/src/main/java/org/eclipse/californium/scandium/dtls/cipher/CipherSuite.java
@@ -56,12 +56,18 @@
 /**
  * A cipher suite defines a key exchange algorithm, a bulk cipher algorithm, a
  * MAC algorithm, a pseudo random number (PRF) algorithm and a cipher type.
- * 
+ * <p>
+ * <b>Note:</b> {@code ordinal()} must not be used!
+ * The order of the cipher-suites reflects the intended default precedence.
+ * Extensions may therefore change the related {@code ordinal()} value.
+ * </p>
+ * <p>
  * See <a href="https://tools.ietf.org/html/rfc5246#appendix-A.6" target="_blank">RFC 5246</a>
  * for details.
  * See <a href="https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml" target="_blank">
  * Transport Layer Security Parameters</a> for the official codes for the cipher
  * suites.
+ * </p>
  */
 public enum CipherSuite {
 
@@ -115,28 +121,50 @@ public enum CipherSuite {
 	TLS_PSK_WITH_AES_128_CCM(0xC0A4, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.AES_128_CCM, true),
 	TLS_PSK_WITH_AES_256_CCM(0xC0A5, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.AES_256_CCM, true),
 
+	/**See <a href="https://www.rfc-editor.org/rfc/rfc6209#section-2.3" target="_blank">RFC 6209 - PSK</a> for details*/
+	TLS_PSK_WITH_ARIA_128_GCM_SHA256(0xC06A, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.ARIA_128_GCM, true),
+	TLS_PSK_WITH_ARIA_256_GCM_SHA384(0xC06B, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.ARIA_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
+
 	/**See <a href="https://tools.ietf.org/html/rfc5489#section-3.2" target="_blank">RFC 5489</a> for details*/
 	TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256(0xC037, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.ECDHE_PSK, CipherSpec.AES_128_CBC, MACAlgorithm.HMAC_SHA256, false),
 	TLS_PSK_WITH_AES_128_CBC_SHA256(0x00AE, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.AES_128_CBC, MACAlgorithm.HMAC_SHA256, false),
 
+	/**See <a href="https://www.rfc-editor.org/rfc/rfc6209#section-2.3" target="_blank">RFC 6209 - PSK</a> for details*/
+	TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256(0xC06C, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.ECDHE_PSK, CipherSpec.ARIA_128_CBC, MACAlgorithm.HMAC_SHA256, false),
+	TLS_PSK_WITH_ARIA_128_CBC_SHA256(0xC064, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.ARIA_128_CBC, MACAlgorithm.HMAC_SHA256, false),
+	TLS_PSK_WITH_ARIA_256_CBC_SHA384(0xC065, CertificateKeyAlgorithm.NONE, KeyExchangeAlgorithm.PSK, CipherSpec.ARIA_256_CBC, MACAlgorithm.HMAC_SHA384, false, PRFAlgorithm.TLS_PRF_SHA384),
+
 	// Certificate cipher suites, ordered by default preference, see getCertificateCipherSuites or getEcdsaCipherSuites
-	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xc02b, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_GCM, true),
-	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xc02c, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
+	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_GCM, true),
+	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
 	TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8(0xC0AE, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_CCM_8, true),
 	TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8(0xC0AF, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CCM_8, true),
 	TLS_ECDHE_ECDSA_WITH_AES_128_CCM(0xC0AC, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_CCM, true),
 	TLS_ECDHE_ECDSA_WITH_AES_256_CCM(0xC0AD, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CCM, true),
+
+	/**See <a href="https://www.rfc-editor.org/rfc/rfc6209#section-2.2" target="_blank">RFC 6209 - GCM</a> for details*/
+	TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256(0xC05C, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_128_GCM, true),
+	TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384(0xC05D, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
+
 	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_CBC, MACAlgorithm.HMAC_SHA256, false),
 	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CBC, MACAlgorithm.HMAC_SHA384, false, PRFAlgorithm.TLS_PRF_SHA384),
 	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CBC, MACAlgorithm.HMAC_SHA1, false),
 
+	/**See <a href="https://www.rfc-editor.org/rfc/rfc6209#section-2.1" target="_blank">RFC 6209 - CBC</a> for details*/
+	TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256(0xC048, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_128_CBC, MACAlgorithm.HMAC_SHA256, false),
+	TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384(0xC049, CertificateKeyAlgorithm.EC, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_256_CBC, MACAlgorithm.HMAC_SHA384, false, PRFAlgorithm.TLS_PRF_SHA384),
+
 	// RSA Certificates
-	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xc02f, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_GCM, true),
-	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xc030, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
+	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_GCM, true),
+	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
 	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_128_CBC, MACAlgorithm.HMAC_SHA256, false),
 	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CBC, MACAlgorithm.HMAC_SHA384, false, PRFAlgorithm.TLS_PRF_SHA384),
 	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.AES_256_CBC, MACAlgorithm.HMAC_SHA1, false),
 
+	/**See <a href="https://www.rfc-editor.org/rfc/rfc6209#section-2.2" target="_blank">RFC 6209</a> for details*/
+	TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256(0xC060, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_128_GCM, true),
+	TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384(0xC061, CertificateKeyAlgorithm.RSA, KeyExchangeAlgorithm.EC_DIFFIE_HELLMAN, CipherSpec.ARIA_256_GCM, true, PRFAlgorithm.TLS_PRF_SHA384),
+
 	// Null cipher suite
 	TLS_NULL_WITH_NULL_NULL(0x0000),
 	/**
@@ -151,9 +179,12 @@ public enum CipherSuite {
 	 * @see DtlsSecureRenegotiation
 	 * @since 3.8 (before that only used for logging since 3.5)
 	 */
-	TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00ff)
+	TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF),
 	;
 
+	// Logging ////////////////////////////////////////////////////////
+	private static final Logger LOGGER = LoggerFactory.getLogger(CipherSuite.class);
+
 	// DTLS-specific constants ////////////////////////////////////////
 	public static final int CIPHER_SUITE_BITS = 16;
 
@@ -177,9 +208,6 @@ public enum CipherSuite {
 		STRONG_ENCRYPTION_PREFERENCE = Collections.unmodifiableList(secureSuites);
 	}
 
-	// Logging ////////////////////////////////////////////////////////
-	private static final Logger LOGGER = LoggerFactory.getLogger(CipherSuite.class);
-
 	// Members ////////////////////////////////////////////////////////
 	private static int overallMaxCipherTextExpansion = 0;
 
@@ -1155,8 +1183,12 @@ private enum CipherSpec {
 		AES_256_CCM_8(AeadBlockCipher.AES_CCM_NO_PADDING, CipherType.AEAD, 32, 4, 8, 8), // explicit nonce (record IV) length = 8
 		AES_128_CCM(AeadBlockCipher.AES_CCM_NO_PADDING, CipherType.AEAD, 16, 4, 8, 16), // explicit nonce (record IV) length = 8
 		AES_256_CCM(AeadBlockCipher.AES_CCM_NO_PADDING, CipherType.AEAD, 32, 4, 8, 16), // explicit nonce (record IV) length = 8
-		AES_128_GCM("AES/GCM/NoPadding", CipherType.AEAD, 16, 4, 8, 16), // requires jvm implementation of AES/GCM
-		AES_256_GCM("AES/GCM/NoPadding", CipherType.AEAD, 32, 4, 8, 16); // requires jvm implementation of AES/GCM
+		AES_128_GCM("AES/GCM/NoPadding", CipherType.AEAD, 16, 4, 8, 16), // requires jce implementation of AES/GCM
+		AES_256_GCM("AES/GCM/NoPadding", CipherType.AEAD, 32, 4, 8, 16), // requires jce implementation of AES/GCM
+		ARIA_128_CBC("ARIA/CBC/NoPadding", CipherType.BLOCK, 16, 0, 16), // requires jce implementation of ARIA/CBC
+		ARIA_256_CBC("ARIA/CBC/NoPadding", CipherType.BLOCK, 32, 0, 16), // requires jce implementation of ARIA/CBC
+		ARIA_128_GCM("ARIA/GCM/NoPadding", CipherType.AEAD, 16, 4, 8, 16), // requires jce implementation of ARIA/GCM
+		ARIA_256_GCM("ARIA/GCM/NoPadding", CipherType.AEAD, 32, 4, 8, 16); // requires jce implementation of ARIA/GCM
 
 		/**
 		 * The <em>transformation</em> string of the corresponding Java Cryptography Architecture