net: boost AES-GCM ciphers if the machine has AES-NI.

net/third_party/nss/ssl/ssl3con.c

Index: net/third_party/nss/ssl/ssl3con.c
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
index 882e35690ed6a1dee19b0eec1d2e158fa4bb3a5e..ab2289152f1a31890f059c8c4ae40ea4781e52ff 100644
--- a/net/third_party/nss/ssl/ssl3con.c
+++ b/net/third_party/nss/ssl/ssl3con.c
@@ -12365,6 +12365,45 @@ ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *enabled)
     return rv;
 }
 
+SECStatus
+ssl3_CipherOrderSet(sslSocket *ss, const PRUint16 *ciphers, size_t len)
+{
+    size_t i, done;

[wtc, 2013/11/19 23:00:44]

Nit: use unsigned int.

[agl, 2013/11/20 18:21:07]

Done.

+
+    for (i = done = 0; i < len; i++) {

[wtc, 2013/11/19 23:00:44]

It seems that |done| is always equal to |i|, so we can replace |done| by |i|.

[agl, 2013/11/20 18:21:07]

Done.

+	PRUint16 id = ciphers[i];
+	size_t existingIndex, j;
+	char found = 0;

[wtc, 2013/11/19 23:00:44]

Nit: Use PRBool and PR_FALSE, PR_TRUE instead of char, 0, 1.

[agl, 2013/11/20 18:21:07]

Done.

+
+	for (j = done; j < ssl_V3_SUITES_IMPLEMENTED; j++) {

[wtc, 2013/11/19 23:00:44]

This valid cipher suite check is quadratic. We should look into using a "model
socket" in Chromium. The model socket is the first argument to SSL_ImportFD.
Properties of the model socket are copied to the new SSL socket.

Update: I looked into this. Since the |ciphers| array depends on SSL config
settings such as TLS/SSL version range and disabled cipher suite list, the model
socket doesn't seem easy to do. We would need to update the model socket
whenever SSL config settings change.

[agl, 2013/11/20 18:21:07]

It might be possible to use a model socket because this ordering does not change
which ciphers are enabled etc, it just reorders them. Let me know if I've missed
something, otherwise it seems to be that the NSS singleton could configure a
model socket with this information.

[wtc, 2013/11/22 01:14:16]

I think you're right, although if the |ciphers| input array doesn't include all
ciphers, the missing ciphers will be disabled by the for loop at the end of this
function.
Yes, I agree. We just need to make sure to include all the ciphers.

+	    if (ss->cipherSuites[j].cipher_suite == id) {
+		existingIndex = j;
+		found = 1;
+		break;
+	    }
+	}
+
+	if (!found) {
+	    PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
+	    return SECFailure;
+	}
+
+	if (existingIndex != done) {
+	    const ssl3CipherSuiteCfg temp = ss->cipherSuites[done];
+	    ss->cipherSuites[done] = ss->cipherSuites[existingIndex];
+	    ss->cipherSuites[existingIndex] = temp;
+	}
+	done++;
+    }
+
+    /* Disable all cipher suites that weren't included. */
+    for (; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
+	ss->cipherSuites[i].enabled = 0;
+    }
+
+    return SECSuccess;
+}
+
 /* copy global default policy into socket. */
 void
 ssl3_InitSocketPolicy(sslSocket *ss)