summaryrefslogtreecommitdiffstats
path: root/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java')
-rw-r--r--pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java61
1 files changed, 33 insertions, 28 deletions
diff --git a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java b/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java
index 45dc9d288..501886b54 100644
--- a/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java
+++ b/pki/base/util/src/com/netscape/cmsutil/http/JssSSLSocketFactory.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmsutil.http;
+
import java.io.IOException;
import java.net.Socket;
import java.net.SocketException;
@@ -34,12 +35,12 @@ import com.netscape.cmsutil.net.ISocketFactory;
/**
* Uses NSS ssl socket.
- *
+ *
* @version $Revision$ $Date$
*/
public class JssSSLSocketFactory implements ISocketFactory {
private String mClientAuthCertNickname = null;
- private SSLSocket s = null;
+ private SSLSocket s = null;
public JssSSLSocketFactory() {
}
@@ -61,62 +62,66 @@ public class JssSSLSocketFactory implements ISocketFactory {
SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
- // SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
- // SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
- // SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ //SSLSocket.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ //SSLSocket.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ //SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
- SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 0 };
-
+ SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+ 0
+ };
+
static {
int i;
- for (i = SSLSocket.SSL2_RC4_128_WITH_MD5; i <= SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5; ++i) {
+ for (i = SSLSocket.SSL2_RC4_128_WITH_MD5;
+ i <= SSLSocket.SSL2_RC2_128_CBC_EXPORT40_WITH_MD5; ++i) {
try {
SSLSocket.setCipherPreferenceDefault(i, false);
- } catch (SocketException e) {
+ } catch( SocketException e) {
}
}
- // skip SSL_EN_IDEA_128_EDE3_CBC_WITH_MD5
- for (i = SSLSocket.SSL2_DES_64_CBC_WITH_MD5; i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) {
+ //skip SSL_EN_IDEA_128_EDE3_CBC_WITH_MD5
+ for (i = SSLSocket.SSL2_DES_64_CBC_WITH_MD5;
+ i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) {
try {
SSLSocket.setCipherPreferenceDefault(i, false);
- } catch (SocketException e) {
+ } catch( SocketException e) {
}
}
for (i = 0; cipherSuites[i] != 0; ++i) {
try {
SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true);
- } catch (SocketException e) {
+ } catch( SocketException e) {
}
}
}
- public Socket makeSocket(String host, int port) throws IOException,
- UnknownHostException {
+ public Socket makeSocket(String host, int port)
+ throws IOException, UnknownHostException {
return makeSocket(host, port, null, null);
}
- public Socket makeSocket(String host, int port,
- SSLCertificateApprovalCallback certApprovalCallback,
- SSLClientCertificateSelectionCallback clientCertCallback)
- throws IOException, UnknownHostException {
+ public Socket makeSocket(String host, int port,
+ SSLCertificateApprovalCallback certApprovalCallback,
+ SSLClientCertificateSelectionCallback clientCertCallback)
+ throws IOException, UnknownHostException {
try {
s = new SSLSocket(host, port, null, 0, certApprovalCallback,
- clientCertCallback);
+ clientCertCallback);
for (int i = 0; cipherSuites[i] != 0; ++i) {
try {
SSLSocket.setCipherPreferenceDefault(cipherSuites[i], true);
- } catch (SocketException e) {
+ } catch( SocketException e) {
}
}
s.setUseClientMode(true);
s.enableSSL2(false);
- // TODO Do we rally want to set the default each time?
+ //TODO Do we rally want to set the default each time?
SSLSocket.enableSSL2Default(false);
s.enableV2CompatibleHello(false);
@@ -130,8 +135,7 @@ public class JssSSLSocketFactory implements ISocketFactory {
// report error if the nickName is invalid.
// So we check this ourself using
// findCertByNickname
- X509Certificate cert = CryptoManager.getInstance()
- .findCertByNickname(mClientAuthCertNickname);
+ X509Certificate cert = CryptoManager.getInstance().findCertByNickname(mClientAuthCertNickname);
s.setClientCertNickname(mClientAuthCertNickname);
}
@@ -150,8 +154,8 @@ public class JssSSLSocketFactory implements ISocketFactory {
return s;
}
- public Socket makeSocket(String host, int port, int timeout)
- throws IOException, UnknownHostException {
+ public Socket makeSocket(String host, int port, int timeout)
+ throws IOException, UnknownHostException {
Thread t = new ConnectAsync(this, host, port);
t.start();
@@ -159,7 +163,7 @@ public class JssSSLSocketFactory implements ISocketFactory {
t.join(1000 * timeout);
} catch (InterruptedException e) {
}
-
+
if (t.isAlive()) {
}
@@ -175,8 +179,9 @@ public class JssSSLSocketFactory implements ISocketFactory {
public ClientHandshakeCB(Object sc) {
this.sc = sc;
}
-
+
public void handshakeCompleted(SSLHandshakeCompletedEvent event) {
}
}
}
+
generated by cgit (git 2.34.1) at 2024-07-04 08:09:14 +0000