The Tor Browser / file revision

security/nss/lib/ssl/sslenum.c@b8a032363ba2

security/nss/lib/ssl/sslenum.c

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /*

     2  * Table enumerating all implemented cipher suites

     3  * Part of public API.

     4  *

     5  * This Source Code Form is subject to the terms of the Mozilla Public

     6  * License, v. 2.0. If a copy of the MPL was not distributed with this

     7  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     8 

     9 #include "ssl.h"

    10 #include "sslproto.h"

    11 

    12 /*

    13  * The ordering of cipher suites in this table must match the ordering in

    14  * the cipherSuites table in ssl3con.c.

    15  *

    16  * If new ECC cipher suites are added, also update the ssl3CipherSuite arrays

    17  * in ssl3ecc.c.

    18  *

    19  * Finally, update the ssl_V3_SUITES_IMPLEMENTED macro in sslimpl.h.

    20  *

    21  * The ordering is as follows:

    22  *    * No-encryption cipher suites last

    23  *    * Export/weak/obsolete cipher suites before no-encryption cipher suites

    24  *    * Order by key exchange algorithm: ECDHE, then DHE, then ECDH, RSA.

    25  *    * Within key agreement sections, order by symmetric encryption algorithm:

    26  *      AES-128, then Camellia-128, then AES-256, then Camellia-256, then SEED,

    27  *      then FIPS-3DES, then 3DES, then RC4. AES is commonly accepted as a

    28  *      strong cipher internationally, and is often hardware-accelerated.

    29  *      Camellia also has wide international support across standards

    30  *      organizations. SEED is only recommended by the Korean government. 3DES

    31  *      only provides 112 bits of security. RC4 is now deprecated or forbidden

    32  *      by many standards organizations.

    33  *    * Within symmetric algorithm sections, order by message authentication

    34  *      algorithm: GCM, then HMAC-SHA1, then HMAC-SHA256, then HMAC-MD5.

    35  *    * Within message authentication algorithm sections, order by asymmetric

    36  *      signature algorithm: ECDSA, then RSA, then DSS.

    37  *

    38  * Exception: Because some servers ignore the high-order byte of the cipher

    39  * suite ID, we must be careful about adding cipher suites with IDs larger

    40  * than 0x00ff; see bug 946147. For these broken servers, the first four cipher

    41  * suites, with the MSB zeroed, look like:

    42  *      TLS_KRB5_EXPORT_WITH_RC4_40_MD5 { 0x00,0x2B }

    43  *      TLS_RSA_WITH_AES_128_CBC_SHA { 0x00,0x2F }

    44  *      TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }

    45  *      TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }

    46  * The broken server only supports the third and fourth ones and will select

    47  * the third one.

    48  */

    49 const PRUint16 SSL_ImplementedCiphers[] = {

    50 #ifndef NSS_DISABLE_ECC

    51     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,

    52     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,

    53     /* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA must appear before

    54      * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA to work around bug 946147.

    55      */

    56     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,

    57     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,

    58     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,

    59     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,

    60     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,

    61     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,

    62     TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,

    63     TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,

    64     TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,

    65     TLS_ECDHE_RSA_WITH_RC4_128_SHA,

    66 #endif /* NSS_DISABLE_ECC */

    67 

    68     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,

    69     TLS_DHE_RSA_WITH_AES_128_CBC_SHA,

    70     TLS_DHE_DSS_WITH_AES_128_CBC_SHA,

    71     TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,

    72     TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,

    73     TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,

    74     TLS_DHE_RSA_WITH_AES_256_CBC_SHA,

    75     TLS_DHE_DSS_WITH_AES_256_CBC_SHA,

    76     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,

    77     TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,

    78     TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,

    79     TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,

    80     TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,

    81     TLS_DHE_DSS_WITH_RC4_128_SHA,

    82 

    83 #ifndef NSS_DISABLE_ECC

    84     TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,

    85     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,

    86     TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,

    87     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,

    88     TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,

    89     TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,

    90     TLS_ECDH_ECDSA_WITH_RC4_128_SHA,

    91     TLS_ECDH_RSA_WITH_RC4_128_SHA,

    92 #endif /* NSS_DISABLE_ECC */

    93 

    94     TLS_RSA_WITH_AES_128_GCM_SHA256,

    95     TLS_RSA_WITH_AES_128_CBC_SHA,

    96     TLS_RSA_WITH_AES_128_CBC_SHA256,

    97     TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,

    98     TLS_RSA_WITH_AES_256_CBC_SHA,

    99     TLS_RSA_WITH_AES_256_CBC_SHA256,

   100     TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,

   101     TLS_RSA_WITH_SEED_CBC_SHA,

   102     SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,

   103     TLS_RSA_WITH_3DES_EDE_CBC_SHA,

   104     TLS_RSA_WITH_RC4_128_SHA,

   105     TLS_RSA_WITH_RC4_128_MD5,

   106 

   107     /* 56-bit DES "domestic" cipher suites */

   108     TLS_DHE_RSA_WITH_DES_CBC_SHA,

   109     TLS_DHE_DSS_WITH_DES_CBC_SHA,

   110     SSL_RSA_FIPS_WITH_DES_CBC_SHA,

   111     TLS_RSA_WITH_DES_CBC_SHA,

   112 

   113     /* export ciphersuites with 1024-bit public key exchange keys */

   114     TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,

   115     TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,

   116 

   117     /* export ciphersuites with 512-bit public key exchange keys */

   118     TLS_RSA_EXPORT_WITH_RC4_40_MD5,

   119     TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,

   120 

   121     /* ciphersuites with no encryption */

   122 #ifndef NSS_DISABLE_ECC

   123     TLS_ECDHE_ECDSA_WITH_NULL_SHA,

   124     TLS_ECDHE_RSA_WITH_NULL_SHA,

   125     TLS_ECDH_RSA_WITH_NULL_SHA,

   126     TLS_ECDH_ECDSA_WITH_NULL_SHA,

   127 #endif /* NSS_DISABLE_ECC */

   128     TLS_RSA_WITH_NULL_SHA,

   129     TLS_RSA_WITH_NULL_SHA256,

   130     TLS_RSA_WITH_NULL_MD5,

   131 

   132     /* SSL2 cipher suites. */

   133     SSL_EN_RC4_128_WITH_MD5,

   134     SSL_EN_RC2_128_CBC_WITH_MD5,

   135     SSL_EN_DES_192_EDE3_CBC_WITH_MD5,  /* actually 112, not 192 */

   136     SSL_EN_DES_64_CBC_WITH_MD5,

   137     SSL_EN_RC4_128_EXPORT40_WITH_MD5,

   138     SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,

   139 

   140     0

   141 

   142 };

   143 

   144 const PRUint16 SSL_NumImplementedCiphers = 

   145     (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;

   146 

   147 const PRUint16 *

   148 SSL_GetImplementedCiphers(void)

   149 {

   150     return SSL_ImplementedCiphers;

   151 }

   152 

   153 PRUint16

   154 SSL_GetNumImplementedCiphers(void)

   155 {

   156     return SSL_NumImplementedCiphers;

   157 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial