The Tor Browser / file comparison
comparison: security/nss/lib/ssl/sslenum.c
security/nss/lib/ssl/sslenum.c
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:562f329d0243 |
|---|---|
| 1 /* | |
| 2 * Table enumerating all implemented cipher suites | |
| 3 * Part of public API. | |
| 4 * | |
| 5 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 6 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 8 | |
| 9 #include "ssl.h" | |
| 10 #include "sslproto.h" | |
| 11 | |
| 12 /* | |
| 13 * The ordering of cipher suites in this table must match the ordering in | |
| 14 * the cipherSuites table in ssl3con.c. | |
| 15 * | |
| 16 * If new ECC cipher suites are added, also update the ssl3CipherSuite arrays | |
| 17 * in ssl3ecc.c. | |
| 18 * | |
| 19 * Finally, update the ssl_V3_SUITES_IMPLEMENTED macro in sslimpl.h. | |
| 20 * | |
| 21 * The ordering is as follows: | |
| 22 * * No-encryption cipher suites last | |
| 23 * * Export/weak/obsolete cipher suites before no-encryption cipher suites | |
| 24 * * Order by key exchange algorithm: ECDHE, then DHE, then ECDH, RSA. | |
| 25 * * Within key agreement sections, order by symmetric encryption algorithm: | |
| 26 * AES-128, then Camellia-128, then AES-256, then Camellia-256, then SEED, | |
| 27 * then FIPS-3DES, then 3DES, then RC4. AES is commonly accepted as a | |
| 28 * strong cipher internationally, and is often hardware-accelerated. | |
| 29 * Camellia also has wide international support across standards | |
| 30 * organizations. SEED is only recommended by the Korean government. 3DES | |
| 31 * only provides 112 bits of security. RC4 is now deprecated or forbidden | |
| 32 * by many standards organizations. | |
| 33 * * Within symmetric algorithm sections, order by message authentication | |
| 34 * algorithm: GCM, then HMAC-SHA1, then HMAC-SHA256, then HMAC-MD5. | |
| 35 * * Within message authentication algorithm sections, order by asymmetric | |
| 36 * signature algorithm: ECDSA, then RSA, then DSS. | |
| 37 * | |
| 38 * Exception: Because some servers ignore the high-order byte of the cipher | |
| 39 * suite ID, we must be careful about adding cipher suites with IDs larger | |
| 40 * than 0x00ff; see bug 946147. For these broken servers, the first four cipher | |
| 41 * suites, with the MSB zeroed, look like: | |
| 42 * TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B } | |
| 43 * TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F } | |
| 44 * TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A } | |
| 45 * TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 } | |
| 46 * The broken server only supports the third and fourth ones and will select | |
| 47 * the third one. | |
| 48 */ | |
| 49 const PRUint16 SSL_ImplementedCiphers[] = { | |
| 50 #ifndef NSS_DISABLE_ECC | |
| 51 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
| 52 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
| 53 /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before | |
| 54 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147. | |
| 55 */ | |
| 56 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, | |
| 57 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, | |
| 58 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, | |
| 59 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, | |
| 60 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, | |
| 61 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, | |
| 62 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, | |
| 63 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, | |
| 64 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, | |
| 65 TLS_ECDHE_RSA_WITH_RC4_128_SHA, | |
| 66 #endif /* NSS_DISABLE_ECC */ | |
| 67 | |
| 68 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, | |
| 69 TLS_DHE_RSA_WITH_AES_128_CBC_SHA, | |
| 70 TLS_DHE_DSS_WITH_AES_128_CBC_SHA, | |
| 71 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, | |
| 72 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, | |
| 73 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA, | |
| 74 TLS_DHE_RSA_WITH_AES_256_CBC_SHA, | |
| 75 TLS_DHE_DSS_WITH_AES_256_CBC_SHA, | |
| 76 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, | |
| 77 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, | |
| 78 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, | |
| 79 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, | |
| 80 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, | |
| 81 TLS_DHE_DSS_WITH_RC4_128_SHA, | |
| 82 | |
| 83 #ifndef NSS_DISABLE_ECC | |
| 84 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, | |
| 85 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, | |
| 86 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, | |
| 87 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, | |
| 88 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, | |
| 89 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, | |
| 90 TLS_ECDH_ECDSA_WITH_RC4_128_SHA, | |
| 91 TLS_ECDH_RSA_WITH_RC4_128_SHA, | |
| 92 #endif /* NSS_DISABLE_ECC */ | |
| 93 | |
| 94 TLS_RSA_WITH_AES_128_GCM_SHA256, | |
| 95 TLS_RSA_WITH_AES_128_CBC_SHA, | |
| 96 TLS_RSA_WITH_AES_128_CBC_SHA256, | |
| 97 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, | |
| 98 TLS_RSA_WITH_AES_256_CBC_SHA, | |
| 99 TLS_RSA_WITH_AES_256_CBC_SHA256, | |
| 100 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, | |
| 101 TLS_RSA_WITH_SEED_CBC_SHA, | |
| 102 SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, | |
| 103 TLS_RSA_WITH_3DES_EDE_CBC_SHA, | |
| 104 TLS_RSA_WITH_RC4_128_SHA, | |
| 105 TLS_RSA_WITH_RC4_128_MD5, | |
| 106 | |
| 107 /* 56-bit DES "domestic" cipher suites */ | |
| 108 TLS_DHE_RSA_WITH_DES_CBC_SHA, | |
| 109 TLS_DHE_DSS_WITH_DES_CBC_SHA, | |
| 110 SSL_RSA_FIPS_WITH_DES_CBC_SHA, | |
| 111 TLS_RSA_WITH_DES_CBC_SHA, | |
| 112 | |
| 113 /* export ciphersuites with 1024-bit public key exchange keys */ | |
| 114 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, | |
| 115 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, | |
| 116 | |
| 117 /* export ciphersuites with 512-bit public key exchange keys */ | |
| 118 TLS_RSA_EXPORT_WITH_RC4_40_MD5, | |
| 119 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, | |
| 120 | |
| 121 /* ciphersuites with no encryption */ | |
| 122 #ifndef NSS_DISABLE_ECC | |
| 123 TLS_ECDHE_ECDSA_WITH_NULL_SHA, | |
| 124 TLS_ECDHE_RSA_WITH_NULL_SHA, | |
| 125 TLS_ECDH_RSA_WITH_NULL_SHA, | |
| 126 TLS_ECDH_ECDSA_WITH_NULL_SHA, | |
| 127 #endif /* NSS_DISABLE_ECC */ | |
| 128 TLS_RSA_WITH_NULL_SHA, | |
| 129 TLS_RSA_WITH_NULL_SHA256, | |
| 130 TLS_RSA_WITH_NULL_MD5, | |
| 131 | |
| 132 /* SSL2 cipher suites. */ | |
| 133 SSL_EN_RC4_128_WITH_MD5, | |
| 134 SSL_EN_RC2_128_CBC_WITH_MD5, | |
| 135 SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */ | |
| 136 SSL_EN_DES_64_CBC_WITH_MD5, | |
| 137 SSL_EN_RC4_128_EXPORT40_WITH_MD5, | |
| 138 SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, | |
| 139 | |
| 140 0 | |
| 141 | |
| 142 }; | |
| 143 | |
| 144 const PRUint16 SSL_NumImplementedCiphers = | |
| 145 (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1; | |
| 146 | |
| 147 const PRUint16 * | |
| 148 SSL_GetImplementedCiphers(void) | |
| 149 { | |
| 150 return SSL_ImplementedCiphers; | |
| 151 } | |
| 152 | |
| 153 PRUint16 | |
| 154 SSL_GetNumImplementedCiphers(void) | |
| 155 { | |
| 156 return SSL_NumImplementedCiphers; | |
| 157 } |
