< prev index next >
src/java.base/share/classes/sun/security/ssl/CipherSuite.java
Print this page
rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan
@@ -33,12 +33,12 @@
import java.util.List;
import static sun.security.ssl.CipherSuite.HashAlg.*;
import static sun.security.ssl.CipherSuite.KeyExchange.*;
import static sun.security.ssl.CipherSuite.MacAlg.*;
import static sun.security.ssl.SSLCipher.*;
-import sun.security.ssl.NamedGroup.NamedGroupType;
-import static sun.security.ssl.NamedGroup.NamedGroupType.*;
+import sun.security.ssl.NamedGroup.NamedGroupSpec;
+import static sun.security.ssl.NamedGroup.NamedGroupSpec.*;
/**
* Enum for SSL/(D)TLS cipher suites.
*
* Please refer to the "TLS Cipher Suite Registry" section for more details
@@ -1053,16 +1053,16 @@
K_SCSV ("SCSV", true, true, NAMED_GROUP_NONE);
// name of the key exchange algorithm, e.g. DHE_DSS
final String name;
final boolean allowed;
- final NamedGroupType[] groupTypes;
+ final NamedGroupSpec[] groupTypes;
private final boolean alwaysAvailable;
private final boolean isAnonymous;
KeyExchange(String name, boolean allowed,
- boolean isAnonymous, NamedGroupType... groupTypes) {
+ boolean isAnonymous, NamedGroupSpec... groupTypes) {
this.name = name;
this.groupTypes = groupTypes;
this.allowed = allowed;
this.alwaysAvailable = allowed && (!name.startsWith("EC"));
@@ -1072,12 +1072,12 @@
boolean isAvailable() {
if (alwaysAvailable) {
return true;
}
- if (NamedGroupType.arrayContains(
- groupTypes, NamedGroupType.NAMED_GROUP_ECDHE)) {
+ if (NamedGroupSpec.arrayContains(groupTypes,
+ NamedGroupSpec.NAMED_GROUP_ECDHE)) {
return (allowed && JsseJce.isEcAvailable());
} else {
return allowed;
}
}
< prev index next >