| OLD | NEW |
|---|
| 1 /* ssl/ssl_ciph.c */ | 1 /* ssl/ssl_ciph.c */ |
| 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 * All rights reserved. | 3 * All rights reserved. |
| 4 * | 4 * |
| 5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
| 6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
| 7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
| 8 * | 8 * |
| 9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
| 10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
| (...skipping 1424 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1435 disabled_mkey, disabled_auth, disabled_enc, d
isabled_mac, disabled_ssl, | 1435 disabled_mkey, disabled_auth, disabled_enc, d
isabled_mac, disabled_ssl, |
| 1436 co_list, &head, &tail); | 1436 co_list, &head, &tail); |
| 1437 | 1437 |
| 1438 | 1438 |
| 1439 /* Now arrange all ciphers by preference: */ | 1439 /* Now arrange all ciphers by preference: */ |
| 1440 | 1440 |
| 1441 /* Everything else being equal, prefer ephemeral ECDH over other key exc
hange mechanisms */ | 1441 /* Everything else being equal, prefer ephemeral ECDH over other key exc
hange mechanisms */ |
| 1442 ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &hea
d, &tail); | 1442 ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &hea
d, &tail); |
| 1443 ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &hea
d, &tail); | 1443 ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &hea
d, &tail); |
| 1444 | 1444 |
| 1445 » /* AES is our preferred symmetric cipher */ | 1445 » /* CHACHA20 is fast and safe on all hardware and is thus our preferred |
| 1446 » * symmetric cipher, with AES second. */ |
| 1447 » ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD
, -1, &head, &tail); |
| 1446 ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
&tail); | 1448 ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
&tail); |
| 1447 | 1449 |
| 1448 /* Temporarily enable everything else for sorting */ | 1450 /* Temporarily enable everything else for sorting */ |
| 1449 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail)
; | 1451 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail)
; |
| 1450 | 1452 |
| 1451 /* Low priority for MD5 */ | 1453 /* Low priority for MD5 */ |
| 1452 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
&tail); | 1454 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
&tail); |
| 1453 | 1455 |
| 1454 /* Move anonymous ciphers to the end. Usually, these will remain disabl
ed. | 1456 /* Move anonymous ciphers to the end. Usually, these will remain disabl
ed. |
| 1455 * (For applications that allow them, they aren't too bad, but we prefer | 1457 * (For applications that allow them, they aren't too bad, but we prefer |
| (...skipping 478 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1934 } | 1936 } |
| 1935 | 1937 |
| 1936 const char *SSL_COMP_get_name(const COMP_METHOD *comp) | 1938 const char *SSL_COMP_get_name(const COMP_METHOD *comp) |
| 1937 { | 1939 { |
| 1938 if (comp) | 1940 if (comp) |
| 1939 return comp->name; | 1941 return comp->name; |
| 1940 return NULL; | 1942 return NULL; |
| 1941 } | 1943 } |
| 1942 | 1944 |
| 1943 #endif | 1945 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 76823002:
OpenSSL: prefer ChaCha20 ciphersuites.
Base URL: https://chromium.googlesource.com/chromium/deps/openssl.git@master