Add ChaCha20-Poly1305 cipher suites to JSSE. This will include cipher suites specific to TLS 1.2 and TLS 1.3. The CSR is the same as the JDK12 CSR (JDK-8204192), except for the following changes:
The Java Security Standard Algorithm Names specification is not being updated with the new cipher suites. This is acceptable, as implementations are allowed to support algorithms not defined in the Standard Names specification.
The JDK Providers document (and not the JSSE Reference Guide) is updated with the new cipher suite names. Note that this guide is not a specification.
Prior to the introduction of ChaCha20-Poly1305 suites, there were no stream-cipher based suites for TLS that were considered secure given modern computing capabilities. The ChaCha20-Poly1305 cipher suites use efficient, secure stream ciphers and have the added benefit of running in AEAD mode, which makes them suitable not only for TLS 1.2, but meets the security requirements for TLS 1.3 as well.
For TLS 1.2 three new cipher suites will be added to JSSE as defined in RFC 7905. They are:
For TLS 1.3 one additional cipher suite will be added, as called out in RFC 8446:
All four cipher suites will be part of the default-enabled collection of cipher suites. That said, these two collections of cipher suites are exclusive to specific protocol versions (i.e. TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 cannot be used with TLS 1.3, and TLS_CHACHA20_POLY1305_SHA256 may not be used for TLS 1.2). It is permissible to have all four cipher suites asserted in an initial ClientHello TLS handshake message, as the protocol version may not have been determined yet. In cases where the client protocol version is limited exclusively to TLS 1.2 or TLS 1.3, only those suites allowed by those protocol version will be asserted in the ClientHello.
There are no new public classes or methods as part of this feature. The new cipher suite names for TLS 1.2 and TLS 1.3 will be added to the "SunJSSE Cipher Suites" section of the "The SunJSSE Provider" section of the "JDK Providers Documentation". The names themselves are identical to the cipher suite names listed in the Solution section.
The SunJSSE Provider guide: