Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(772)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/sslenum.c

Issue 1844813002: Uprev NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: One more GN fix Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/third_party/nss/ssl/ssldef.c ('k') | net/third_party/nss/ssl/sslerr.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Table enumerating all implemented cipher suites 2 * Table enumerating all implemented cipher suites
3 * Part of public API. 3 * Part of public API.
4 * 4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public 5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 8
9 #include "ssl.h" 9 #include "ssl.h"
10 #include "sslproto.h" 10 #include "sslproto.h"
(...skipping 19 matching lines...) Expand all
30 * organizations. SEED is only recommended by the Korean government. 3DES 30 * organizations. SEED is only recommended by the Korean government. 3DES
31 * only provides 112 bits of security. RC4 is now deprecated or forbidden 31 * only provides 112 bits of security. RC4 is now deprecated or forbidden
32 * by many standards organizations. 32 * by many standards organizations.
33 * * Within symmetric algorithm sections, order by message authentication 33 * * Within symmetric algorithm sections, order by message authentication
34 * algorithm: GCM, then HMAC-SHA1, then HMAC-SHA256, then HMAC-MD5. 34 * algorithm: GCM, then HMAC-SHA1, then HMAC-SHA256, then HMAC-MD5.
35 * * Within message authentication algorithm sections, order by asymmetric 35 * * Within message authentication algorithm sections, order by asymmetric
36 * signature algorithm: ECDSA, then RSA, then DSS. 36 * signature algorithm: ECDSA, then RSA, then DSS.
37 * 37 *
38 * Exception: Because some servers ignore the high-order byte of the cipher 38 * Exception: Because some servers ignore the high-order byte of the cipher
39 * suite ID, we must be careful about adding cipher suites with IDs larger 39 * suite ID, we must be careful about adding cipher suites with IDs larger
40 * than 0x00ff; see bug 946147. For these broken servers, the first six cipher 40 * than 0x00ff; see bug 946147. For these broken servers, the first four cipher
41 * suites, with the MSB zeroed, look like: 41 * suites, with the MSB zeroed, look like:
42 * TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x14 }
43 * TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA { 0x00,0x13 }
44 * TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B } 42 * TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B }
45 * TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F } 43 * TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F }
46 * TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A } 44 * TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
47 * TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 } 45 * TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }
48 * The broken server only supports the fifth and sixth ones and will select 46 * The broken server only supports the third and fourth ones and will select
49 * the fifth one. 47 * the third one.
50 */ 48 */
51 const PRUint16 SSL_ImplementedCiphers[] = { 49 const PRUint16 SSL_ImplementedCiphers[] = {
52 #ifndef NSS_DISABLE_ECC 50 #ifndef NSS_DISABLE_ECC
53 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
54 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
55 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 51 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
56 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 52 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
53 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
54 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
57 /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before 55 /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before
58 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147. 56 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.
59 */ 57 */
60 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 58 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
61 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 59 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
62 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 60 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
63 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 61 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
64 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 62 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
65 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 63 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
66 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 64 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
67 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 65 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
68 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 66 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
69 TLS_ECDHE_RSA_WITH_RC4_128_SHA, 67 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
70 #endif /* NSS_DISABLE_ECC */ 68 #endif /* NSS_DISABLE_ECC */
71 69
72 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 70 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
71 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
73 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, 72 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
74 TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 73 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
75 TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 74 TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
76 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 75 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
77 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, 76 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
78 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 77 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
79 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, 78 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
80 TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 79 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
81 TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 80 TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
82 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 81 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
118 TLS_RSA_WITH_DES_CBC_SHA, 117 TLS_RSA_WITH_DES_CBC_SHA,
119 118
120 /* export ciphersuites with 1024-bit public key exchange keys */ 119 /* export ciphersuites with 1024-bit public key exchange keys */
121 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, 120 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
122 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, 121 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
123 122
124 /* export ciphersuites with 512-bit public key exchange keys */ 123 /* export ciphersuites with 512-bit public key exchange keys */
125 TLS_RSA_EXPORT_WITH_RC4_40_MD5, 124 TLS_RSA_EXPORT_WITH_RC4_40_MD5,
126 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, 125 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
127 126
128 /* ciphersuites with no encryption */ 127 /* ciphersuites with no encryption */
129 #ifndef NSS_DISABLE_ECC 128 #ifndef NSS_DISABLE_ECC
130 TLS_ECDHE_ECDSA_WITH_NULL_SHA, 129 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
131 TLS_ECDHE_RSA_WITH_NULL_SHA, 130 TLS_ECDHE_RSA_WITH_NULL_SHA,
132 TLS_ECDH_RSA_WITH_NULL_SHA, 131 TLS_ECDH_RSA_WITH_NULL_SHA,
133 TLS_ECDH_ECDSA_WITH_NULL_SHA, 132 TLS_ECDH_ECDSA_WITH_NULL_SHA,
134 #endif /* NSS_DISABLE_ECC */ 133 #endif /* NSS_DISABLE_ECC */
135 TLS_RSA_WITH_NULL_SHA, 134 TLS_RSA_WITH_NULL_SHA,
136 TLS_RSA_WITH_NULL_SHA256, 135 TLS_RSA_WITH_NULL_SHA256,
137 TLS_RSA_WITH_NULL_MD5, 136 TLS_RSA_WITH_NULL_MD5,
138 137
139 /* SSL2 cipher suites. */ 138 /* SSL2 cipher suites. */
140 SSL_EN_RC4_128_WITH_MD5, 139 SSL_EN_RC4_128_WITH_MD5,
141 SSL_EN_RC2_128_CBC_WITH_MD5, 140 SSL_EN_RC2_128_CBC_WITH_MD5,
142 SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */ 141 SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
143 SSL_EN_DES_64_CBC_WITH_MD5, 142 SSL_EN_DES_64_CBC_WITH_MD5,
144 SSL_EN_RC4_128_EXPORT40_WITH_MD5, 143 SSL_EN_RC4_128_EXPORT40_WITH_MD5,
145 SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, 144 SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
146 145
147 0 146 0
148 147
149 }; 148 };
150 149
151 const PRUint16 SSL_NumImplementedCiphers = 150 const PRUint16 SSL_NumImplementedCiphers =
152 (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1; 151 (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
153 152
154 const PRUint16 * 153 const PRUint16*
155 SSL_GetImplementedCiphers(void) 154 SSL_GetImplementedCiphers(void)
156 { 155 {
157 return SSL_ImplementedCiphers; 156 return SSL_ImplementedCiphers;
158 } 157 }
159 158
160 PRUint16 159 PRUint16
161 SSL_GetNumImplementedCiphers(void) 160 SSL_GetNumImplementedCiphers(void)
162 { 161 {
163 return SSL_NumImplementedCiphers; 162 return SSL_NumImplementedCiphers;
164 } 163 }
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/ssldef.c ('k') | net/third_party/nss/ssl/sslerr.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698