Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(285)

Issue 91913002: net: boost AES-GCM ciphers if the machine has AES-NI. (Closed)

Created:
7 years ago by agl
Modified:
6 years, 11 months ago
Reviewers:
wtc
CC:
chromium-reviews, cbentzel+watch_chromium.org, erikwright+watch_chromium.org
Visibility:
Public.

Description

net: boost AES-GCM ciphers if the machine has AES-NI. We want to use ChaCha20 based cipher suites on machines that don't have AES-NI and AES-GCM on those that do. Note: this was https://codereview.chromium.org/75663004/ and the review took place there. But codereview broke and I had to reupload as a different issue. BUG=310768 R=wtc@chromium.org Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=238113

Patch Set 1 #

Total comments: 9

Patch Set 2 : Address wtc's comments. #

Patch Set 3 : Upload take two. #

Patch Set 4 : Add new symbol to .def #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+300 lines, -1 line) Patch
M base/cpu.h View 1 2 chunks +2 lines, -0 lines 0 comments Download
M base/cpu.cc View 1 2 chunks +2 lines, -0 lines 0 comments Download
net/socket/nss_ssl_util.h View 2 chunks +10 lines, -0 lines 0 comments Download
M net/socket/nss_ssl_util.cc View 1 4 chunks +108 lines, -1 line 2 comments Download
M net/socket/ssl_client_socket_nss.cc View 1 1 chunk +8 lines, -0 lines 0 comments Download
M net/third_party/nss/README.chromium View 1 chunk +3 lines, -0 lines 0 comments Download
M net/third_party/nss/patches/applypatches.sh View 1 chunk +2 lines, -0 lines 0 comments Download
A net/third_party/nss/patches/cipherorder.patch View 1 chunk +104 lines, -0 lines 0 comments Download
M net/third_party/nss/ssl/exports_win.def View 1 2 3 1 chunk +1 line, -0 lines 0 comments Download
M net/third_party/nss/ssl/ssl.h View 1 chunk +7 lines, -0 lines 0 comments Download
M net/third_party/nss/ssl/ssl3con.c View 1 chunk +38 lines, -0 lines 0 comments Download
M net/third_party/nss/ssl/sslimpl.h View 1 chunk +2 lines, -0 lines 0 comments Download
M net/third_party/nss/ssl/sslsock.c View 1 chunk +13 lines, -0 lines 0 comments Download

Messages

Total messages: 6 (0 generated)
wtc
Patch set 1 LGTM. You can ignore the nits if you have submitted the CL ...
7 years ago (2013-11-27 18:01:51 UTC) #1
agl
(I hit more 500s while trying to upload a new version so I've no idea ...
7 years ago (2013-11-27 20:50:57 UTC) #2
wtc
Patch set 4 LGTM.
7 years ago (2013-11-27 22:30:35 UTC) #3
agl
Committed patchset #4 manually as r238113.
7 years ago (2013-12-02 16:15:09 UTC) #4
wtc
https://codereview.chromium.org/91913002/diff/60001/net/socket/nss_ssl_util.cc File net/socket/nss_ssl_util.cc (right): https://codereview.chromium.org/91913002/diff/60001/net/socket/nss_ssl_util.cc#newcode156 net/socket/nss_ssl_util.cc:156: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, While testing a CL of mine today, I ...
6 years, 11 months ago (2014-01-06 19:18:18 UTC) #5
agl
6 years, 11 months ago (2014-01-06 19:26:19 UTC) #6
Message was sent while issue was closed.
https://codereview.chromium.org/91913002/diff/60001/net/socket/nss_ssl_util.cc
File net/socket/nss_ssl_util.cc (right):

https://codereview.chromium.org/91913002/diff/60001/net/socket/nss_ssl_util.c...
net/socket/nss_ssl_util.cc:156: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
On 2014/01/06 19:18:18, wtc wrote:
> 
> While testing a CL of mine today, I noticed that
TLS_RSA_WITH_AES_128_GCM_SHA256
> is not in this array. I just wanted to make sure this is because
> TLS_RSA_WITH_AES_128_GCM_SHA256 is not forward-secret.

That's correct. No desire to bump non-forward-secret ciphersuites up over
forward-secret ones.

Powered by Google App Engine
This is Rietveld 408576698