summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTobias Kellner <tobias.kellner@iaik.tugraz.at>2014-08-26 16:12:12 +0200
committerTobias Kellner <tobias.kellner@iaik.tugraz.at>2014-08-26 16:12:12 +0200
commit3129372e53fb976e8bfdcc6739418685322c18c1 (patch)
tree937fe43caa51c7cefbdb9ccdc6b526cbcfca5bf1
parent5689bf5fe23c890091afbf037a42ff5b4c174b70 (diff)
downloadmocca-3129372e53fb976e8bfdcc6739418685322c18c1.tar.gz
mocca-3129372e53fb976e8bfdcc6739418685322c18c1.tar.bz2
mocca-3129372e53fb976e8bfdcc6739418685322c18c1.zip
Block some more SSL cipher suites for Java 8
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java4
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/spring/SSLSocketFactoryBean.java5
2 files changed, 9 insertions, 0 deletions
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
index 1e553c21..5285382c 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
@@ -123,6 +123,7 @@ public class Container {
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_NULL_SHA",
@@ -130,6 +131,7 @@ public class Container {
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,"+
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_NULL_SHA",
@@ -137,12 +139,14 @@ public class Container {
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_NULL_SHA",
"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/spring/SSLSocketFactoryBean.java b/bkucommon/src/main/java/at/gv/egiz/bku/spring/SSLSocketFactoryBean.java
index c3758a47..f49c1c17 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/spring/SSLSocketFactoryBean.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/spring/SSLSocketFactoryBean.java
@@ -56,6 +56,7 @@ public class SSLSocketFactoryBean implements FactoryBean {
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA," +
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," +
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA," +
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,"+
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256," +
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384," +
"TLS_ECDHE_ECDSA_WITH_NULL_SHA," +
@@ -63,6 +64,7 @@ public class SSLSocketFactoryBean implements FactoryBean {
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA," +
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," +
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA," +
+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,"+
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," +
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384," +
"TLS_ECDH_RSA_WITH_NULL_SHA," +
@@ -70,13 +72,16 @@ public class SSLSocketFactoryBean implements FactoryBean {
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA," +
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA," +
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA," +
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,"+
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256," +
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384," +
"TLS_ECDHE_RSA_WITH_NULL_SHA," +
"TLS_ECDHE_RSA_WITH_RC4_128_SHA," +
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," +
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," +
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256," +
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA," +
+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,"+
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256," +
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384," +
"TLS_ECDH_anon_WITH_NULL_SHA," +