diff options
Diffstat (limited to '')
-rw-r--r-- | src/main/java/eu/siacs/conversations/utils/CryptoHelper.java | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index fc21acbc..eb7e2c3c 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -4,7 +4,9 @@ import java.security.SecureRandom; import java.text.Normalizer; import java.util.Arrays; import java.util.Collection; +import java.util.Iterator; import java.util.LinkedHashSet; +import java.util.List; import eu.siacs.conversations.Config; @@ -97,10 +99,26 @@ public final class CryptoHelper { return builder.toString(); } - public static String[] getSupportedCipherSuites(final String[] platformSupportedCipherSuites) { - //final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS)); - //cipherSuites.retainAll(Arrays.asList(platformSupportedCipherSuites)); - //return cipherSuites.toArray(new String[cipherSuites.size()]); - return platformSupportedCipherSuites; + public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) { + final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS)); + final List<String> platformCiphers = Arrays.asList(platformSupportedCipherSuites); + cipherSuites.retainAll(platformCiphers); + cipherSuites.addAll(platformCiphers); + filterWeakCipherSuites(cipherSuites); + return cipherSuites.toArray(new String[cipherSuites.size()]); + } + + private static void filterWeakCipherSuites(final Collection<String> cipherSuites) { + final Iterator<String> it = cipherSuites.iterator(); + while (it.hasNext()) { + String cipherName = it.next(); + // remove all ciphers with no or very weak encryption or no authentication + for (String weakCipherPattern : Config.WEAK_CIPHER_PATTERNS) { + if (cipherName.contains(weakCipherPattern)) { + it.remove(); + break; + } + } + } } } |