From 42b5374523b3c17b2fbfb7c6504d5c6dd42bd097 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 19 Jun 2014 16:18:26 +0200 Subject: [PATCH] Switch CCM and GCM in default suite order The upcoming BCP document recommends GCM as the default. --- library/ssl_ciphersuites.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 82f0a38580..2db5314861 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -51,18 +51,18 @@ * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK * 2. By key length and cipher: * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES - * 3. By cipher mode when relevant CCM > GCM > CBC > CCM_8 + * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 * 4. By hash function used when relevant * 5. By key exchange/auth again: EC > non-EC */ static const int ciphersuite_preference[] = { /* All AES-256 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_AES_256_CCM, - TLS_DHE_RSA_WITH_AES_256_CCM, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + TLS_ECDHE_ECDSA_WITH_AES_256_CCM, + TLS_DHE_RSA_WITH_AES_256_CCM, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, @@ -82,11 +82,11 @@ static const int ciphersuite_preference[] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, /* All AES-128 ephemeral suites */ - TLS_ECDHE_ECDSA_WITH_AES_128_CCM, - TLS_DHE_RSA_WITH_AES_128_CCM, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + TLS_ECDHE_ECDSA_WITH_AES_128_CCM, + TLS_DHE_RSA_WITH_AES_128_CCM, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, @@ -111,8 +111,8 @@ static const int ciphersuite_preference[] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* The PSK ephemeral suites */ - TLS_DHE_PSK_WITH_AES_256_CCM, TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, + TLS_DHE_PSK_WITH_AES_256_CCM, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, @@ -122,8 +122,8 @@ static const int ciphersuite_preference[] = TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_DHE_PSK_WITH_AES_256_CCM_8, - TLS_DHE_PSK_WITH_AES_128_CCM, TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, + TLS_DHE_PSK_WITH_AES_128_CCM, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, @@ -137,8 +137,8 @@ static const int ciphersuite_preference[] = TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, /* All AES-256 suites */ - TLS_RSA_WITH_AES_256_CCM, TLS_RSA_WITH_AES_256_GCM_SHA384, + TLS_RSA_WITH_AES_256_CCM, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, @@ -159,8 +159,8 @@ static const int ciphersuite_preference[] = TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, /* All AES-128 suites */ - TLS_RSA_WITH_AES_128_CCM, TLS_RSA_WITH_AES_128_GCM_SHA256, + TLS_RSA_WITH_AES_128_CCM, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, @@ -201,16 +201,16 @@ static const int ciphersuite_preference[] = TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, /* The PSK suites */ - TLS_PSK_WITH_AES_256_CCM, TLS_PSK_WITH_AES_256_GCM_SHA384, + TLS_PSK_WITH_AES_256_CCM, TLS_PSK_WITH_AES_256_CBC_SHA384, TLS_PSK_WITH_AES_256_CBC_SHA, TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, TLS_PSK_WITH_AES_256_CCM_8, - TLS_PSK_WITH_AES_128_CCM, TLS_PSK_WITH_AES_128_GCM_SHA256, + TLS_PSK_WITH_AES_128_CCM, TLS_PSK_WITH_AES_128_CBC_SHA256, TLS_PSK_WITH_AES_128_CBC_SHA, TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,