Package software.amazon.awssdk.crt.io

Enum TlsCipherPreference

java.lang.Object

java.lang.Enum<TlsCipherPreference>

software.amazon.awssdk.crt.io.TlsCipherPreference

All Implemented Interfaces:

Serializable, Comparable<TlsCipherPreference>

public enum TlsCipherPreference
extends Enum<TlsCipherPreference>

A TlsCipherPreference represents a hardcoded ordered list of TLS Ciphers to use when negotiating a TLS Connection. At present, the ability to configure arbitrary orderings of TLS Ciphers is not allowed, and only a curated list of vetted TlsCipherPreference's are exposed.

Enum Constant Summary

Enum Constants

Enum Constant	Description
TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PQ_DEFAULT	The latest recommended Post-quantum enabled TLS Policy.
TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05	Deprecated. This TlsCipherPreference is no longer supported.
TLS_CIPHER_PREF_PQ_TLSv1_2_2023	This TlsCipherPreference is a clone of the "AWS-CRT-SDK-TLSv1.2-2023" s2n TLS Policy, but with the following PQ SupportedGroups added: - X25519MLKEM768, P256MLKEM768, SecP256r1Kyber768Draft00, X25519Kyber768Draft00, secp384r1_kyber-768-r3, secp521r1_kyber-1024-r3, secp256r1_kyber-512-r3, x25519_kyber-512-r3 Both X25519MLKEM768 and P256MLKEM768 will be standardized by the IETF soon.
TLS_CIPHER_SYSTEM_DEFAULT	Use whatever the System Default Preference is.

Method Summary

Modifier and Type	Method	Description
boolean	isSupported()	Not all Cipher Preferences are supported on all Platforms due to differences in the underlying TLS Libraries.
static TlsCipherPreference	valueOf(String name)	Returns the enum constant of this type with the specified name.
static TlsCipherPreference[]	values()	Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

compareTo, equals, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Details

TLS_CIPHER_SYSTEM_DEFAULT

public static final TlsCipherPreference TLS_CIPHER_SYSTEM_DEFAULT

Use whatever the System Default Preference is. This is usually the best option, as it will be automatically updated as the underlying OS or platform changes, and will always be supported on all Platforms.

TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2019_11

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_02

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_SIKE_TLSv1_0_2020_02

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_PREF_KMS_PQ_TLSv1_0_2020_07

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05

@Deprecated
public static final TlsCipherPreference TLS_CIPHER_PREF_PQ_TLSv1_0_2021_05

Deprecated.

This TlsCipherPreference is no longer supported. Use TLS_CIPHER_PREF_PQ_TLSv1_2_2023 instead.

TLS_CIPHER_PREF_PQ_TLSv1_2_2023

public static final TlsCipherPreference TLS_CIPHER_PREF_PQ_TLSv1_2_2023

This TlsCipherPreference is a clone of the "AWS-CRT-SDK-TLSv1.2-2023" s2n TLS Policy, but with the following PQ SupportedGroups added: - X25519MLKEM768, P256MLKEM768, SecP256r1Kyber768Draft00, X25519Kyber768Draft00, secp384r1_kyber-768-r3, secp521r1_kyber-1024-r3, secp256r1_kyber-512-r3, x25519_kyber-512-r3 Both X25519MLKEM768 and P256MLKEM768 will be standardized by the IETF soon. Hybrid Groups that contain Kyber may be removed in the future.

TLS_CIPHER_PQ_DEFAULT

public static final TlsCipherPreference TLS_CIPHER_PQ_DEFAULT

The latest recommended Post-quantum enabled TLS Policy. This policy may change over time.

Method Details

values

public static TlsCipherPreference[] values()

Returns an array containing the constants of this enum type, in the order they are declared.

Returns:

an array containing the constants of this enum type, in the order they are declared

valueOf

public static TlsCipherPreference valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum type has no constant with the specified name

NullPointerException - if the argument is null

isSupported

public boolean isSupported()

Not all Cipher Preferences are supported on all Platforms due to differences in the underlying TLS Libraries.

Returns:

True if this TlsCipherPreference is currently supported on the current platform.