[Pki-devel] [PATCH] 982 Refactored CryptoUtil.setClientCiphers().

Sun, 19 Mar 2017 13:10:46 -0700 

The code that converts cipher name into cipher ID and enables
the cipher in CryptoUtil.setClientCiphers() has been moved into
a separate method.

Pushed to master under trivial rule.

--
Endi S. Dewata

>From af7be30e164b1aebbb0e6eaf1fbfc6b9fb46360e Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Sun, 19 Mar 2017 20:16:53 +0100
Subject: [PATCH] Refactored CryptoUtil.setClientCiphers().

The code that converts cipher name into cipher ID and enables
the cipher in CryptoUtil.setClientCiphers() has been moved into
a separate method.
---
 .../src/com/netscape/cmsutil/crypto/CryptoUtil.java     | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
index 729d71d63edc84d6681ddd3e5299e877d8ea8250..d708230e3597f0834d0d2e184bd5df2b8efd53f5 100644
--- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
+++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
@@ -48,8 +48,8 @@ import java.util.Vector;
 
 import org.apache.commons.lang.StringUtils;
 import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.CryptoManager.NotInitializedException;
 import org.mozilla.jss.NoSuchTokenException;
+import org.mozilla.jss.CryptoManager.NotInitializedException;
 import org.mozilla.jss.SecretDecoderRing.KeyManager;
 import org.mozilla.jss.asn1.ANY;
 import org.mozilla.jss.asn1.ASN1Util;
@@ -105,6 +105,7 @@ import org.mozilla.jss.ssl.SSLSocket.SSLVersionRange;
 import org.mozilla.jss.util.Base64OutputStream;
 import org.mozilla.jss.util.Password;
 
+import com.netscape.cmsutil.crypto.CryptoUtil.SSLVersion;
 import com.netscape.cmsutil.util.Cert;
 import com.netscape.cmsutil.util.Utils;
 
@@ -942,14 +943,18 @@ public class CryptoUtil {
         unsetSSLCiphers();
 
         for (String cipher : ciphers) {
+            setSSLCipher(cipher, true);
+        }
+    }
 
-            Integer cipherID = cipherMap.get(cipher);
-            if (cipherID == null) {
-                throw new SocketException("Unsupported cipher: " + cipher);
-            }
+    public static void setSSLCipher(String cipher, boolean enabled) throws SocketException {
 
-            SSLSocket.setCipherPreferenceDefault(cipherID, true);
+        Integer cipherID = cipherMap.get(cipher);
+        if (cipherID == null) {
+            throw new SocketException("Unsupported cipher: " + cipher);
         }
+
+        SSLSocket.setCipherPreferenceDefault(cipherID, enabled);
     }
 
     public static void setDefaultSSLCiphers() throws SocketException {
-- 
2.9.3


_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to