Refactored CryptoUtil.setClientCiphers().

The code that converts cipher name into cipher ID and enables the cipher in CryptoUtil.setClientCiphers() has been moved into a separate method.
author: Endi S. Dewata <edewata@redhat.com> 2017-03-19 20:16:53 +0100
committer: Endi S. Dewata <edewata@redhat.com> 2017-03-19 21:03:50 +0100
commit: af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e (patch)
tree: b709c35513371b217b3347ffc8bf63ea7ad73bb4 /base/util
parent: 035f37b6416e9b001ff49e06142751b974835a9b (diff)
download: pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.gz
pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.xz
pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.zip
1 files changed, 11 insertions, 6 deletions
diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
index 729d71d63..d708230e3 100644
--- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
+++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
@@ -48,8 +48,8 @@ import java.util.Vector;
 
 import org.apache.commons.lang.StringUtils;
 import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.CryptoManager.NotInitializedException;
 import org.mozilla.jss.NoSuchTokenException;
+import org.mozilla.jss.CryptoManager.NotInitializedException;
 import org.mozilla.jss.SecretDecoderRing.KeyManager;
 import org.mozilla.jss.asn1.ANY;
 import org.mozilla.jss.asn1.ASN1Util;
@@ -105,6 +105,7 @@ import org.mozilla.jss.ssl.SSLSocket.SSLVersionRange;
 import org.mozilla.jss.util.Base64OutputStream;
 import org.mozilla.jss.util.Password;
 
+import com.netscape.cmsutil.crypto.CryptoUtil.SSLVersion;
 import com.netscape.cmsutil.util.Cert;
 import com.netscape.cmsutil.util.Utils;
 
@@ -942,14 +943,18 @@ public class CryptoUtil {
         unsetSSLCiphers();
 
         for (String cipher : ciphers) {
+            setSSLCipher(cipher, true);
+        }
+    }
 
-            Integer cipherID = cipherMap.get(cipher);
-            if (cipherID == null) {
-                throw new SocketException("Unsupported cipher: " + cipher);
-            }
+    public static void setSSLCipher(String cipher, boolean enabled) throws SocketException {
 
-            SSLSocket.setCipherPreferenceDefault(cipherID, true);
+        Integer cipherID = cipherMap.get(cipher);
+        if (cipherID == null) {
+            throw new SocketException("Unsupported cipher: " + cipher);
         }
+
+        SSLSocket.setCipherPreferenceDefault(cipherID, enabled);
     }
 
     public static void setDefaultSSLCiphers() throws SocketException {
author	Endi S. Dewata <edewata@redhat.com>	2017-03-19 20:16:53 +0100
committer	Endi S. Dewata <edewata@redhat.com>	2017-03-19 21:03:50 +0100
commit	af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e (patch)
tree	b709c35513371b217b3347ffc8bf63ea7ad73bb4 /base/util
parent	035f37b6416e9b001ff49e06142751b974835a9b (diff)
download	pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.gz pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.xz pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.zip