/**
   * Return an array of merged ciphers.
   *
   * @param enableCiphers ciphers enabled by socket factory
   * @param ssl3TlsCiphers
   * @param ssl2Ciphers
   */
  private String[] mergeCiphers(
      String[] enableCiphers, String[] ssl3TlsCiphers, String[] ssl2Ciphers) {
    if (ssl3TlsCiphers == null && ssl2Ciphers == null) {
      return null;
    }

    int eSize = (enableCiphers != null) ? enableCiphers.length : 0;

    if (_logger.isLoggable(Level.FINE)) {
      StringBuffer buf = new StringBuffer("Default socket ciphers: ");
      for (int i = 0; i < eSize; i++) {
        buf.append(enableCiphers[i] + ", ");
      }
      _logger.log(Level.FINE, buf.toString());
    }

    ArrayList cList = new ArrayList();
    if (ssl3TlsCiphers != null) {
      for (int i = 0; i < ssl3TlsCiphers.length; i++) {
        cList.add(ssl3TlsCiphers[i]);
      }
    } else {
      for (int i = 0; i < eSize; i++) {
        String cipher = enableCiphers[i];
        CipherInfo cInfo = CipherInfo.getCipherInfo(cipher);
        if (cInfo != null && (cInfo.isTLS() || cInfo.isSSL3())) {
          cList.add(cipher);
        }
      }
    }

    if (ssl2Ciphers != null) {
      for (int i = 0; i < ssl2Ciphers.length; i++) {
        cList.add(ssl2Ciphers[i]);
      }
    } else {
      for (int i = 0; i < eSize; i++) {
        String cipher = enableCiphers[i];
        CipherInfo cInfo = CipherInfo.getCipherInfo(cipher);
        if (cInfo != null && cInfo.isSSL2()) {
          cList.add(cipher);
        }
      }
    }

    if (_logger.isLoggable(Level.FINE)) {
      _logger.log(Level.FINE, "Merged socket ciphers: " + cList);
    }

    return (String[]) cList.toArray(new String[cList.size()]);
  }
  /**
   * This API return an array of String listing the enabled cipher suites. Input is the
   * cipherSuiteStr from xml which a space separated list ciphers with a prefix '+' indicating
   * enabled, '-' indicating disabled. If no cipher is enabled, then it returns an empty array. If
   * no cipher is specified, then all are enabled and it returns null.
   *
   * @param cipherSuiteStr cipherSuiteStr from xml
   * @param ssl2Enabled
   * @param ssl3Enabled
   * @param tlsEnabled
   * @return an array of enabled Ciphers
   */
  private String[] getEnabledCipherSuites(
      String cipherSuiteStr, boolean ssl2Enabled, boolean ssl3Enabled, boolean tlsEnabled) {
    String[] cipherArr = null;
    if (cipherSuiteStr != null && cipherSuiteStr.length() > 0) {
      ArrayList cipherList = new ArrayList();
      StringTokenizer tokens = new StringTokenizer(cipherSuiteStr, ",");
      while (tokens.hasMoreTokens()) {
        String cipherAction = tokens.nextToken();
        if (cipherAction.startsWith("+")) {
          String cipher = cipherAction.substring(1);
          CipherInfo cipherInfo = CipherInfo.getCipherInfo(cipher);
          if (cipherInfo != null
              && isValidProtocolCipher(cipherInfo, ssl2Enabled, ssl3Enabled, tlsEnabled)) {
            cipherList.add(cipherInfo.getCipherName());
          } else {
            throw new IllegalStateException(
                getFormatMessage("iiop.unknown_cipher", new Object[] {cipher}));
          }
        } else if (cipherAction.startsWith("-")) {
          String cipher = cipherAction.substring(1);
          CipherInfo cipherInfo = CipherInfo.getCipherInfo(cipher);
          if (cipherInfo == null
              || !isValidProtocolCipher(cipherInfo, ssl2Enabled, ssl3Enabled, tlsEnabled)) {
            throw new IllegalStateException(
                getFormatMessage("iiop.unknown_cipher", new Object[] {cipher}));
          }
        } else if (cipherAction.trim().length() > 0) {
          throw new IllegalStateException(
              getFormatMessage("iiop.invalid_cipheraction", new Object[] {cipherAction}));
        }
      }

      cipherArr = (String[]) cipherList.toArray(new String[cipherList.size()]);
    }
    return cipherArr;
  }
 /**
  * Check whether given cipherInfo belongs to given protocol.
  *
  * @param cipherInfo
  * @param ssl2Enabled
  * @param ssl3Enabled
  * @param tlsEnabled
  */
 private boolean isValidProtocolCipher(
     CipherInfo cipherInfo, boolean ssl2Enabled, boolean ssl3Enabled, boolean tlsEnabled) {
   return (tlsEnabled && cipherInfo.isTLS()
       || ssl3Enabled && cipherInfo.isSSL3()
       || ssl2Enabled && cipherInfo.isSSL2());
 }