< prev index next >

src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java

Print this page
rev 52899 : 8232424: More constrained algorithms
Reviewed-by: jnimeh, rhalade, ahgross

@@ -69,71 +69,73 @@
         this.enabledX509DisabledAlgConstraints = true;
     }
 
     SSLAlgorithmConstraints(SSLSocket socket,
             boolean withDefaultCertPathConstraints) {
-        this.userSpecifiedConstraints = getConstraints(socket);
+        this.userSpecifiedConstraints = getUserSpecifiedConstraints(socket);
         this.peerSpecifiedConstraints = null;
         this.enabledX509DisabledAlgConstraints = withDefaultCertPathConstraints;
     }
 
     SSLAlgorithmConstraints(SSLEngine engine,
             boolean withDefaultCertPathConstraints) {
-        this.userSpecifiedConstraints = getConstraints(engine);
+        this.userSpecifiedConstraints = getUserSpecifiedConstraints(engine);
         this.peerSpecifiedConstraints = null;
         this.enabledX509DisabledAlgConstraints = withDefaultCertPathConstraints;
     }
 
     SSLAlgorithmConstraints(SSLSocket socket, String[] supportedAlgorithms,
             boolean withDefaultCertPathConstraints) {
-        this.userSpecifiedConstraints = getConstraints(socket);
+        this.userSpecifiedConstraints = getUserSpecifiedConstraints(socket);
         this.peerSpecifiedConstraints =
                 new SupportedSignatureAlgorithmConstraints(supportedAlgorithms);
         this.enabledX509DisabledAlgConstraints = withDefaultCertPathConstraints;
     }
 
     SSLAlgorithmConstraints(SSLEngine engine, String[] supportedAlgorithms,
             boolean withDefaultCertPathConstraints) {
-        this.userSpecifiedConstraints = getConstraints(engine);
+        this.userSpecifiedConstraints = getUserSpecifiedConstraints(engine);
         this.peerSpecifiedConstraints =
                 new SupportedSignatureAlgorithmConstraints(supportedAlgorithms);
         this.enabledX509DisabledAlgConstraints = withDefaultCertPathConstraints;
     }
 
-    private static AlgorithmConstraints getConstraints(SSLEngine engine) {
+    private static AlgorithmConstraints getUserSpecifiedConstraints(
+            SSLEngine engine) {
         if (engine != null) {
             // Note that the KeyManager or TrustManager implementation may be
             // not implemented in the same provider as SSLSocket/SSLEngine.
             // Please check the instance before casting to use SSLEngineImpl.
             if (engine instanceof SSLEngineImpl) {
                 HandshakeContext hc =
                         ((SSLEngineImpl)engine).conContext.handshakeContext;
                 if (hc != null) {
-                    return hc.sslConfig.algorithmConstraints;
+                    return hc.sslConfig.userSpecifiedAlgorithmConstraints;
                 }
-            } else {
-                return engine.getSSLParameters().getAlgorithmConstraints();
             }
+
+            return engine.getSSLParameters().getAlgorithmConstraints();
         }
 
         return null;
     }
 
-    private static AlgorithmConstraints getConstraints(SSLSocket socket) {
+    private static AlgorithmConstraints getUserSpecifiedConstraints(
+            SSLSocket socket) {
         if (socket != null) {
             // Note that the KeyManager or TrustManager implementation may be
             // not implemented in the same provider as SSLSocket/SSLEngine.
             // Please check the instance before casting to use SSLSocketImpl.
             if (socket instanceof SSLSocketImpl) {
                 HandshakeContext hc =
                         ((SSLSocketImpl)socket).conContext.handshakeContext;
                 if (hc != null) {
-                    return hc.sslConfig.algorithmConstraints;
+                    return hc.sslConfig.userSpecifiedAlgorithmConstraints;
                 }
-            } else {
-                return socket.getSSLParameters().getAlgorithmConstraints();
             }
+
+            return socket.getSSLParameters().getAlgorithmConstraints();
         }
 
         return null;
     }
 
< prev index next >