[JDK 8] Code review request 7188657, There should be a way to reorder the JSSE ciphers
Xuelei Fan
xuelei.fan at oracle.com
Wed Aug 28 09:02:06 UTC 2013
Hi,
Please review this update to support cipher suites reorder:
webrev: http://cr.openjdk.java.net/~xuelei/7188657/webrev.00/
Two new methods are added to SSLParameters:
public final void setUseCipherSuitesOrder(boolean honorOrder);
public final boolean getUseCipherSuitesOrder();
If SSLParameters.getUseCipherSuitesOrder() return true, the local cipher
suites order returned in SSLParameters.getCipherSuites() should be
honored during SSL/TLS handshaking.
Considering the potential compatibility issues of third party's
implementation, I won't define the behaviors if
SSLParameters.getUseCipherSuitesOrder() return false. For Oracle
provider, SunJSSE, if getUseCipherSuitesOrder() returns false, the order
of SSLParameters.getCipherSuites() is honored in client side, and the
order of the requested cipher suites in client handshake message is
honored in server side.
Thanks,
Xuelei
More information about the security-dev
mailing list