[jboss-jira] [JBoss JIRA] (ELY-793) Using @STRENGTH keyword in CipherSuiteSelector.fromString should cause descending sorting
Ondrej Kotek (JIRA)
issues at jboss.org
Thu Nov 24 11:04:00 EST 2016
Ondrej Kotek created ELY-793:
--------------------------------
Summary: Using @STRENGTH keyword in CipherSuiteSelector.fromString should cause descending sorting
Key: ELY-793
URL: https://issues.jboss.org/browse/ELY-793
Project: WildFly Elytron
Issue Type: Bug
Components: SSL
Affects Versions: 1.1.0.Beta14
Reporter: Ondrej Kotek
Assignee: Darran Lofthouse
Using {{@STRENGTH}} keyword in {{CipherSuiteSelector.fromString}} should cause descending sorting of cipher suites, like OpenSSL does, e.g. {{openssl ciphers -v 'ALL:!ADH:@STRENGTH'}}. There is comparator in {{SortByAlgorithmKeyLengthCipherSuiteSelector}} [1].
Or, am I wrong? Are cipher suites in {{javax.net.ssl.SSLParameters}} expected in ascending order? (Does it matter?) Will the OpenSSL provider expect ascending order? (Or will it parse cipher string itself?)
The JavaDoc [2] should mention whether the sorting is ascending or descending.
[1] https://github.com/wildfly-security/wildfly-elytron/blob/7666231fa76b95c3c97eed0d16968a5f77a7de22/src/main/java/org/wildfly/security/ssl/CipherSuiteSelector.java#L730
[2] https://github.com/wildfly-security/wildfly-elytron/blob/7666231fa76b95c3c97eed0d16968a5f77a7de22/src/main/java/org/wildfly/security/ssl/CipherSuiteSelector.java#L356
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list