From 557e2e7053680b6611f312fff132b6eb94c4a8c6 Mon Sep 17 00:00:00 2001
From: kstranacher_eGovL
 <kstranacher_eGovL@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Thu, 11 Oct 2012 13:02:47 +0000
Subject: Update https.cipherSuites

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1299 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../.settings/org.eclipse.wst.common.component     |  8 ++++--
 .../moa/id/auth/MOAIDAuthInitializer.java          | 30 ++++++++++++++++++++--
 2 files changed, 34 insertions(+), 4 deletions(-)

(limited to 'id/server')
diff --git a/id/server/idserverlib/.settings/org.eclipse.wst.common.component b/id/server/idserverlib/.settings/org.eclipse.wst.common.component
index a5eb3d4d8..7ea6221a5 100644
--- a/id/server/idserverlib/.settings/org.eclipse.wst.common.component
+++ b/id/server/idserverlib/.settings/org.eclipse.wst.common.component
@@ -1,7 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project-modules id="moduleCoreId" project-version="2.0">
+<project-modules id="moduleCoreId" project-version="1.5.0">
   <wb-module deploy-name="moa-id-lib">
     <wb-resource deploy-path="/" source-path="src/main/java"/>
     <wb-resource deploy-path="/" source-path="src/main/resources"/>
+        <wb-resource deploy-path="/" source-path="/"/>
+        <wb-resource deploy-path="/" source-path="/src/test/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/resources"/>
   </wb-module>
-</project-modules>
\ No newline at end of file
+</project-modules>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 924e9d643..cf5615a13 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -85,9 +85,35 @@ public class MOAIDAuthInitializer {
         Session session = Session.getDefaultInstance(props, null);
 
         // Restricts TLS cipher suites
+//        System.setProperty(
+//                        "https.cipherSuites",
+//                        "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+//      
+        // actual HIGH cipher suites from OpenSSL
+//	 	  Mapping OpenSSL - Java
+//        OpenSSL							Java
+//        http://www.openssl.org/docs/apps/ciphers.html		http://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html
+//        via �openssl ciphers -tls1 HIGH �v�
+//
+//        ADH-AES256-SHA			TLS_DH_anon_WITH_AES_256_CBC_SHA
+//        DHE-RSA-AES256-SHA		TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+//        DHE-DSS-AES256-SHA		TLS_DHE_DSS_WITH_AES_256_CBC_SHA
+//        AES256-SHA				TLS_RSA_WITH_AES_256_CBC_SHA
+//        ADH-AES128-SHA			TLS_DH_anon_WITH_AES_128_CBC_SHA
+//        DHE-RSA-AES128-SHA		TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+//        DHE-DSS-AES128-SHA		TLS_DHE_DSS_WITH_AES_128_CBC_SHA
+//        AES128-SHA				TLS_RSA_WITH_AES_128_CBC_SHA
+//        ADH-DES-CBC3-SHA			SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
+//        EDH-RSA-DES-CBC3-SHA		-
+//        EDH-DSS-DES-CBC3-SHA		- 
+//        DES-CBC3-SHA				SSL_RSA_WITH_3DES_EDE_CBC_SHA
+
         System.setProperty(
-                        "https.cipherSuites",
-                        "SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+              "https.cipherSuites",
+        	  "TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DH_anon_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA");
+    
+
+        
         // load some jsse classes so that the integrity of the jars can be
         // verified
         // before the iaik jce is installed as the security provider
-- 
cgit v1.2.3

