diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-07-02 15:14:27 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-07-03 15:14:05 +0200 |
commit | 76f07e1fdafcda1bcf1c178b2fc8d32b30d9b681 (patch) | |
tree | e5f8e9cc6a3269cd9c4120fc637b1428524f30d5 /security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java | |
parent | 68d6d2452a134ae73b579a8726899240bd22d7c6 (diff) |
Remove ciphers from DefaultTlsContext public constructors
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java index 9a1d2be537a..b2edf2f1ebc 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java @@ -33,14 +33,16 @@ public class DefaultTlsContext implements TlsContext { PrivateKey privateKey, List<X509Certificate> caCertificates, AuthorizedPeers authorizedPeers, - AuthorizationMode mode, - Set<String> acceptedCiphers) { - this(createSslContext(certificates, privateKey, caCertificates, authorizedPeers, mode), - acceptedCiphers); + AuthorizationMode mode) { + this(createSslContext(certificates, privateKey, caCertificates, authorizedPeers, mode)); } - public DefaultTlsContext(SSLContext sslContext, Set<String> acceptedCiphers) { + public DefaultTlsContext(SSLContext sslContext) { + this(sslContext, TlsContext.ALLOWED_CIPHER_SUITES); + } + + DefaultTlsContext(SSLContext sslContext, Set<String> acceptedCiphers) { this.sslContext = sslContext; this.validCiphers = getAllowedCiphers(sslContext, acceptedCiphers); this.validProtocols = getAllowedProtocols(sslContext); @@ -50,7 +52,7 @@ public class DefaultTlsContext implements TlsContext { private static String[] getAllowedCiphers(SSLContext sslContext, Set<String> acceptedCiphers) { String[] supportedCipherSuites = sslContext.getSupportedSSLParameters().getCipherSuites(); String[] validCipherSuites = Arrays.stream(supportedCipherSuites) - .filter(suite -> ALLOWED_CIPHER_SUITES.contains(suite) && (acceptedCiphers.isEmpty() || acceptedCiphers.contains(suite))) + .filter(suite -> ALLOWED_CIPHER_SUITES.contains(suite) && acceptedCiphers.contains(suite)) .toArray(String[]::new); if (validCipherSuites.length == 0) { throw new IllegalStateException( |