On StackOverflow, someone was having an issue with a particular CipherSuite. So, I posted a sample Java code that I found a while ago to list the ciphers used by a JVM.
I found the Java code on Atlassian Support’s page here.
The purpose of the code sample is to allow the user to determine if the CipherSuite they are using is actually supported by the JVM.
I updated the code to include the JVM version and vendor name. Here is the updated code:
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.SSLServerSocketFactory;
public class Ciphers
{
public static void main(String[] args)
throws Exception
{
System.out.println("Running under Java " + System.getProperty("java.version")
+ " from " + System.getProperty("java.vendor"));
SSLServerSocketFactory ssf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
String[] defaultCiphers = ssf.getDefaultCipherSuites();
String[] availableCiphers = ssf.getSupportedCipherSuites();
TreeMap<String, Boolean> ciphers = new TreeMap<String, Boolean>();
for(int i=0; i<availableCiphers.length; ++i )
ciphers.put(availableCiphers[i], Boolean.FALSE);
for(int i=0; i<defaultCiphers.length; ++i )
ciphers.put(defaultCiphers[i], Boolean.TRUE);
System.out.println("Default\tCipher");
for(Iterator i = ciphers.entrySet().iterator(); i.hasNext(); ) {
Map.Entry cipher=(Map.Entry)i.next();
if(Boolean.TRUE.equals(cipher.getValue()))
System.out.print('*');
else
System.out.print(' ');
System.out.print('\t');
System.out.println(cipher.getKey());
}
}
}
Here is the output from running it against IBM v1.8 JVM:
Running under Java 1.8.0_341 from IBM Corporation Default Cipher * SSL_DHE_DSS_WITH_AES_128_CBC_SHA * SSL_DHE_DSS_WITH_AES_128_CBC_SHA256 * SSL_DHE_DSS_WITH_AES_128_GCM_SHA256 * SSL_DHE_DSS_WITH_AES_256_CBC_SHA * SSL_DHE_DSS_WITH_AES_256_CBC_SHA256 * SSL_DHE_DSS_WITH_AES_256_GCM_SHA384 * SSL_DHE_RSA_WITH_AES_128_CBC_SHA * SSL_DHE_RSA_WITH_AES_128_CBC_SHA256 * SSL_DHE_RSA_WITH_AES_128_GCM_SHA256 * SSL_DHE_RSA_WITH_AES_256_CBC_SHA * SSL_DHE_RSA_WITH_AES_256_CBC_SHA256 * SSL_DHE_RSA_WITH_AES_256_GCM_SHA384 * SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA * SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 * SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 * SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA * SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 * SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 * SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA * SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA * SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA * SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 * SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 * SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA * SSL_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 * SSL_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 * SSL_ECDH_RSA_WITH_AES_128_CBC_SHA * SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256 * SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256 * SSL_ECDH_RSA_WITH_AES_256_CBC_SHA * SSL_ECDH_RSA_WITH_AES_256_CBC_SHA384 * SSL_ECDH_RSA_WITH_AES_256_GCM_SHA384 * SSL_RSA_WITH_AES_128_CBC_SHA * SSL_RSA_WITH_AES_128_CBC_SHA256 * SSL_RSA_WITH_AES_128_GCM_SHA256 * SSL_RSA_WITH_AES_256_CBC_SHA * SSL_RSA_WITH_AES_256_CBC_SHA256 * SSL_RSA_WITH_AES_256_GCM_SHA384 * TLS_AES_128_GCM_SHA256 * TLS_AES_256_GCM_SHA384 * TLS_CHACHA20_POLY1305_SHA256 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Here is the output from running it against Oracle v17 JVM:
Running under Java 17.0.7 from Oracle Corporation Default Cipher * TLS_AES_128_GCM_SHA256 * TLS_AES_256_GCM_SHA384 * TLS_CHACHA20_POLY1305_SHA256 * TLS_DHE_DSS_WITH_AES_128_CBC_SHA * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 * TLS_DHE_DSS_WITH_AES_256_CBC_SHA * TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 * TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV * TLS_RSA_WITH_AES_128_CBC_SHA * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_128_GCM_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_AES_256_GCM_SHA384
Regards,
Roger Lacroix
Capitalware Inc.
