Index: net/socket/ssl_client_socket_impl.cc |
diff --git a/net/socket/ssl_client_socket_impl.cc b/net/socket/ssl_client_socket_impl.cc |
index 487a406d1f7124593946c9f640526636e0fac185..87226c6163ff779f4afc34988bc4738f8411b0d5 100644 |
--- a/net/socket/ssl_client_socket_impl.cc |
+++ b/net/socket/ssl_client_socket_impl.cc |
@@ -966,8 +966,27 @@ int SSLClientSocketImpl::Init() { |
// DHE_RSA_WITH_AES_256_GCM_SHA384. Historically, AES_256_GCM was not |
// supported. As DHE is being deprecated, don't add a cipher only to remove it |
// immediately. |
- std::string command( |
- "DEFAULT:!SHA256:!SHA384:!DHE-RSA-AES256-GCM-SHA384:!aPSK:!RC4"); |
+ std::string command; |
+// These are experimental, non-standard ciphersuites. They are part of an |
agl
2016/06/28 22:14:39
begin line with two spaces.
mab
2016/06/28 22:40:58
(moot)
|
+// experiment in post-quantum cryptography. They're not intended to |
+// represent a de-facto standard, and will be removed from BoringSSL in |
+// ~2018. |
+#if !defined(OS_ANDROID) && !defined(OS_IOS) |
+ if (EVP_has_aes_hardware()) { |
+ command.append( |
+ "CECPQ1-RSA-AES256-GCM-SHA384:" |
+ "CECPQ1-ECDSA-AES256-GCM-SHA384:"); |
+ } |
+ command.append( |
+ "CECPQ1-RSA-CHACHA20-POLY1305-SHA256:" |
+ "CECPQ1-ECDSA-CHACHA20-POLY1305-SHA256:"); |
+ if (!EVP_has_aes_hardware()) { |
+ command.append( |
+ "CECPQ1-RSA-AES256-GCM-SHA384:" |
+ "CECPQ1-ECDSA-AES256-GCM-SHA384:"); |
+ } |
+#endif |
+ command.append("ALL:!SHA256:!SHA384:!DHE-RSA-AES256-GCM-SHA384:!aPSK:!RC4"); |
if (ssl_config_.require_ecdhe) |
command.append(":!kRSA:!kDHE"); |