diff options
| author | jdennis <jdennis@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-03 15:58:40 +0000 |
|---|---|---|
| committer | jdennis <jdennis@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-01-03 15:58:40 +0000 |
| commit | 795ffea2a35bb64e9a740d189ea7fcda7310d2cf (patch) | |
| tree | 3c13b89f0f74b342fd9e5896b7e26f83991fa14c | |
| parent | 38654edebf003f0fd105109720127ecbcdc7a440 (diff) | |
| download | pki-795ffea2a35bb64e9a740d189ea7fcda7310d2cf.tar.gz pki-795ffea2a35bb64e9a740d189ea7fcda7310d2cf.tar.xz pki-795ffea2a35bb64e9a740d189ea7fcda7310d2cf.zip | |
additional fix for bug 588323, ECC cipher enabling in pkisilent
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1681 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
| -rw-r--r-- | pki/base/silent/src/ca/ConfigureCA.java | 6 | ||||
| -rw-r--r-- | pki/base/silent/src/http/HTTPClient.java | 17 |
2 files changed, 14 insertions, 9 deletions
diff --git a/pki/base/silent/src/ca/ConfigureCA.java b/pki/base/silent/src/ca/ConfigureCA.java index 713b5a40f..65b2fafff 100644 --- a/pki/base/silent/src/ca/ConfigureCA.java +++ b/pki/base/silent/src/ca/ConfigureCA.java @@ -1154,11 +1154,9 @@ public class ConfigureCA { // enable ecc if need be if (key_type.equalsIgnoreCase("ecc")) { - boolean st = true; - - hc = new HTTPClient(st); + hc = new HTTPClient(true); } else { - hc = new HTTPClient(); + hc = new HTTPClient(false); } // 1. Login panel diff --git a/pki/base/silent/src/http/HTTPClient.java b/pki/base/silent/src/http/HTTPClient.java index 049b1440a..840999080 100644 --- a/pki/base/silent/src/http/HTTPClient.java +++ b/pki/base/silent/src/http/HTTPClient.java @@ -88,10 +88,17 @@ public class HTTPClient implements SSLCertificateApprovalCallback if(ecc_support) { int ecc_Ciphers[] = { - // ECC Ciphers - See JSSSocketFactory.java for more info - 0xC001, 0xC002, 0xC003, 0xC004, 0xC005, 0xC006, 0xC007, - 0xC008, 0xC009, 0xC00A, 0xC00B, 0xC00C, 0xC00E, 0xC00F, - 0xC010, 0xC011, 0xC012, 0xC013, 0xC014, 0 }; + SSLSocket.TLS_ECDH_ECDSA_WITH_NULL_SHA, SSLSocket.TLS_ECDH_ECDSA_WITH_RC4_128_SHA, + SSLSocket.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSLSocket.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, + SSLSocket.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, SSLSocket.TLS_ECDHE_ECDSA_WITH_NULL_SHA, + SSLSocket.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, SSLSocket.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, + SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, + SSLSocket.TLS_ECDH_RSA_WITH_NULL_SHA, SSLSocket.TLS_ECDH_RSA_WITH_RC4_128_SHA, + SSLSocket.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, SSLSocket.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, + SSLSocket.TLS_ECDHE_RSA_WITH_NULL_SHA, SSLSocket.TLS_ECDHE_RSA_WITH_RC4_128_SHA, + SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + 0 }; try { @@ -104,7 +111,7 @@ public class HTTPClient implements SSLCertificateApprovalCallback } catch(Exception e) { - System.out.println("ERROR: unable to set Cipher List"); + System.out.println("ERROR: unable to set ECC Cipher List"); System.out.println("ERROR: Exception = " + e.getMessage()); } |