Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 02:14:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1281084 - Enable TLS 1.3 PSK-resumption for AES-256-GCM and ChaCha20/Poly1305. r=keeler

Browse Source
This commit is contained in:
Masatoshi Kimura 2016-06-22 21:55:13 +09:00
parent e3b9d57c76
commit bdcdded91f
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/manager/ssl/nsNSSCallbacks.cpp
View File

@ -1067,6 +1067,8 @@ AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo)
case TLS_RSA_WITH_RC4_128_MD5: value = 69; break;
// TLS 1.3 PSK resumption
case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: value = 70; break;
case TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: value = 71; break;
case TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: value = 72; break;
// unknown
default:
value = 0;

4
security/manager/ssl/nsNSSComponent.cpp
View File

@ -1321,6 +1321,10 @@ static const CipherPref sCipherPrefs[] = {
{ "security.ssl3.ecdhe_psk_aes_128_gcm_sha256",
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, true },
{ "security.ssl3.ecdhe_psk_chacha20_poly1305_sha256",
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, true },
{ "security.ssl3.ecdhe_psk_aes_256_gcm_sha384",
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, true },
{ "security.ssl3.rsa_aes_128_sha",
TLS_RSA_WITH_AES_128_CBC_SHA, true }, // deprecated (RSA key exchange)