diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-03-19 20:16:53 +0100 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-03-19 21:03:50 +0100 |
commit | af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e (patch) | |
tree | b709c35513371b217b3347ffc8bf63ea7ad73bb4 /base/util | |
parent | 035f37b6416e9b001ff49e06142751b974835a9b (diff) | |
download | pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.gz pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.tar.xz pki-af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e.zip |
Refactored CryptoUtil.setClientCiphers().
The code that converts cipher name into cipher ID and enables
the cipher in CryptoUtil.setClientCiphers() has been moved into
a separate method.
Diffstat (limited to 'base/util')
-rw-r--r-- | base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java index 729d71d63..d708230e3 100644 --- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java +++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java @@ -48,8 +48,8 @@ import java.util.Vector; import org.apache.commons.lang.StringUtils; import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.CryptoManager.NotInitializedException; import org.mozilla.jss.NoSuchTokenException; +import org.mozilla.jss.CryptoManager.NotInitializedException; import org.mozilla.jss.SecretDecoderRing.KeyManager; import org.mozilla.jss.asn1.ANY; import org.mozilla.jss.asn1.ASN1Util; @@ -105,6 +105,7 @@ import org.mozilla.jss.ssl.SSLSocket.SSLVersionRange; import org.mozilla.jss.util.Base64OutputStream; import org.mozilla.jss.util.Password; +import com.netscape.cmsutil.crypto.CryptoUtil.SSLVersion; import com.netscape.cmsutil.util.Cert; import com.netscape.cmsutil.util.Utils; @@ -942,14 +943,18 @@ public class CryptoUtil { unsetSSLCiphers(); for (String cipher : ciphers) { + setSSLCipher(cipher, true); + } + } - Integer cipherID = cipherMap.get(cipher); - if (cipherID == null) { - throw new SocketException("Unsupported cipher: " + cipher); - } + public static void setSSLCipher(String cipher, boolean enabled) throws SocketException { - SSLSocket.setCipherPreferenceDefault(cipherID, true); + Integer cipherID = cipherMap.get(cipher); + if (cipherID == null) { + throw new SocketException("Unsupported cipher: " + cipher); } + + SSLSocket.setCipherPreferenceDefault(cipherID, enabled); } public static void setDefaultSSLCiphers() throws SocketException { |