| Index: openssl/patches/chacha20poly1305.patch
|
| diff --git a/openssl/patches/chacha20poly1305.patch b/openssl/patches/chacha20poly1305.patch
|
| index 4f7845edafbd0469512d9bf069d77f66ca8d1b47..c922e0e6ef493c3b8f4eb7bc4e467c727b17d95a 100644
|
| --- a/openssl/patches/chacha20poly1305.patch
|
| +++ b/openssl/patches/chacha20poly1305.patch
|
| @@ -48,6 +48,21 @@ Add support for Chacha20 + Poly1305.
|
| create mode 100644 crypto/poly1305/poly1305_vec.c
|
| create mode 100644 crypto/poly1305/poly1305test.c
|
|
|
| +diff --git a/openssl/ssl/ssl_ciph.c b/openssl/ssl/ssl_ciph.c
|
| +index db85b29..cebb18a 100644
|
| +--- a/ssl/ssl_ciph.c
|
| ++++ b/ssl/ssl_ciph.c
|
| +@@ -1442,7 +1442,9 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
|
| + ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
|
| + ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
|
| +
|
| +- /* AES is our preferred symmetric cipher */
|
| ++ /* CHACHA20 is fast and safe on all hardware and is thus our preferred
|
| ++ * symmetric cipher, with AES second. */
|
| ++ ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
|
| + ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
|
| +
|
| + /* Temporarily enable everything else for sorting */
|
| diff --git a/Configure b/Configure
|
| index 9c803dc..1b95384 100755
|
| --- a/Configure
|
|
|
Chromium Code Reviews
Issue 76823002:
OpenSSL: prefer ChaCha20 ciphersuites.
Base URL: https://chromium.googlesource.com/chromium/deps/openssl.git@master