mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 18:58:32 +00:00
Rank GCM before CBC in ciphersuite_preference
This commit is contained in:
parent
8d01eea7af
commit
6fb0f745be
1 changed files with 54 additions and 38 deletions
|
@ -40,48 +40,57 @@
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Ordered from most preferred to least preferred in terms of security.
|
* Ordered from most preferred to least preferred in terms of security.
|
||||||
|
*
|
||||||
|
* Current rule (except weak and null which come last):
|
||||||
|
* 1. By key exchange:
|
||||||
|
* Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
|
||||||
|
* 2. By key length and cipher:
|
||||||
|
* AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES > RC4
|
||||||
|
* 3. By cipher mode when relevant GCM > CBC
|
||||||
|
* 4. By hash function used
|
||||||
|
* 5. By key exchange/auth again: EC > non-EC
|
||||||
*/
|
*/
|
||||||
static const int ciphersuite_preference[] =
|
static const int ciphersuite_preference[] =
|
||||||
{
|
{
|
||||||
/* All AES-256 ephemeral suites */
|
/* All AES-256 ephemeral suites */
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
|
||||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
|
||||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||||
|
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
||||||
|
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
|
||||||
/* All CAMELLIA-256 ephemeral suites */
|
/* All CAMELLIA-256 ephemeral suites */
|
||||||
|
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
|
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
|
|
||||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
|
||||||
|
|
||||||
/* All AES-128 ephemeral suites */
|
/* All AES-128 ephemeral suites */
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
|
||||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
||||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
|
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
|
||||||
/* All CAMELLIA-128 ephemeral suites */
|
/* All CAMELLIA-128 ephemeral suites */
|
||||||
|
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
|
|
||||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
|
||||||
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
|
||||||
|
|
||||||
/* All remaining >= 128-bit ephemeral suites */
|
/* All remaining >= 128-bit ephemeral suites */
|
||||||
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||||
|
@ -91,46 +100,48 @@ static const int ciphersuite_preference[] =
|
||||||
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
||||||
|
|
||||||
/* The PSK ephemeral suites */
|
/* The PSK ephemeral suites */
|
||||||
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
||||||
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
|
||||||
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
|
||||||
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
|
||||||
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
|
||||||
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
|
||||||
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
|
||||||
TLS_ECDHE_PSK_WITH_RC4_128_SHA,
|
|
||||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
|
||||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
|
|
||||||
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
|
||||||
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
|
||||||
|
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
|
||||||
|
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
|
||||||
|
TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
|
||||||
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
|
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
|
||||||
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
|
||||||
|
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
|
||||||
|
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
|
||||||
|
TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
|
||||||
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
|
||||||
|
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||||
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||||
|
TLS_ECDHE_PSK_WITH_RC4_128_SHA,
|
||||||
TLS_DHE_PSK_WITH_RC4_128_SHA,
|
TLS_DHE_PSK_WITH_RC4_128_SHA,
|
||||||
|
|
||||||
/* All AES-256 suites */
|
/* All AES-256 suites */
|
||||||
TLS_RSA_WITH_AES_256_CBC_SHA256,
|
|
||||||
TLS_RSA_WITH_AES_256_GCM_SHA384,
|
TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
TLS_RSA_WITH_AES_256_CBC_SHA256,
|
||||||
TLS_RSA_WITH_AES_256_CBC_SHA,
|
TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
|
||||||
/* All CAMELLIA-256 suites */
|
/* All CAMELLIA-256 suites */
|
||||||
|
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||||
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||||
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
|
|
||||||
|
|
||||||
/* All AES-128 suites */
|
/* All AES-128 suites */
|
||||||
TLS_RSA_WITH_AES_128_CBC_SHA256,
|
|
||||||
TLS_RSA_WITH_AES_128_GCM_SHA256,
|
TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
TLS_RSA_WITH_AES_128_CBC_SHA256,
|
||||||
TLS_RSA_WITH_AES_128_CBC_SHA,
|
TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
|
||||||
/* All CAMELLIA-128 suites */
|
/* All CAMELLIA-128 suites */
|
||||||
|
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||||
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
|
|
||||||
|
|
||||||
/* All remaining >= 128-bit suites */
|
/* All remaining >= 128-bit suites */
|
||||||
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
TLS_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||||
|
@ -138,30 +149,34 @@ static const int ciphersuite_preference[] =
|
||||||
TLS_RSA_WITH_RC4_128_MD5,
|
TLS_RSA_WITH_RC4_128_MD5,
|
||||||
|
|
||||||
/* The RSA PSK suites */
|
/* The RSA PSK suites */
|
||||||
|
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
||||||
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
|
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
|
||||||
TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
|
||||||
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
|
|
||||||
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
|
||||||
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
|
||||||
|
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
|
||||||
TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
|
||||||
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
|
|
||||||
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
|
||||||
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
|
||||||
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||||
TLS_RSA_PSK_WITH_RC4_128_SHA,
|
TLS_RSA_PSK_WITH_RC4_128_SHA,
|
||||||
|
|
||||||
/* The PSK suites */
|
/* The PSK suites */
|
||||||
|
TLS_PSK_WITH_AES_256_GCM_SHA384,
|
||||||
TLS_PSK_WITH_AES_256_CBC_SHA384,
|
TLS_PSK_WITH_AES_256_CBC_SHA384,
|
||||||
TLS_PSK_WITH_AES_256_CBC_SHA,
|
TLS_PSK_WITH_AES_256_CBC_SHA,
|
||||||
TLS_PSK_WITH_AES_256_GCM_SHA384,
|
|
||||||
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
|
||||||
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
|
||||||
|
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
|
||||||
|
|
||||||
|
TLS_PSK_WITH_AES_128_GCM_SHA256,
|
||||||
TLS_PSK_WITH_AES_128_CBC_SHA256,
|
TLS_PSK_WITH_AES_128_CBC_SHA256,
|
||||||
TLS_PSK_WITH_AES_128_CBC_SHA,
|
TLS_PSK_WITH_AES_128_CBC_SHA,
|
||||||
TLS_PSK_WITH_AES_128_GCM_SHA256,
|
|
||||||
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
|
||||||
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
|
||||||
|
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
|
||||||
|
|
||||||
TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
TLS_PSK_WITH_3DES_EDE_CBC_SHA,
|
||||||
TLS_PSK_WITH_RC4_128_SHA,
|
TLS_PSK_WITH_RC4_128_SHA,
|
||||||
|
|
||||||
|
@ -178,6 +193,7 @@ static const int ciphersuite_preference[] =
|
||||||
TLS_DHE_PSK_WITH_NULL_SHA384,
|
TLS_DHE_PSK_WITH_NULL_SHA384,
|
||||||
TLS_DHE_PSK_WITH_NULL_SHA256,
|
TLS_DHE_PSK_WITH_NULL_SHA256,
|
||||||
TLS_DHE_PSK_WITH_NULL_SHA,
|
TLS_DHE_PSK_WITH_NULL_SHA,
|
||||||
|
|
||||||
TLS_RSA_WITH_NULL_SHA256,
|
TLS_RSA_WITH_NULL_SHA256,
|
||||||
TLS_RSA_WITH_NULL_SHA,
|
TLS_RSA_WITH_NULL_SHA,
|
||||||
TLS_RSA_WITH_NULL_MD5,
|
TLS_RSA_WITH_NULL_MD5,
|
||||||
|
|
Loading…
Reference in a new issue