Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(592)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webrtc/base/opensslstreamadapter.cc

Issue 1550773002: Update with new default boringssl no-aes cipher suites. Re-enable tests. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master
Patch Set: Revert to patchset #1 Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « talk/app/webrtc/peerconnection_unittest.cc ('k') | webrtc/base/sslstreamadapter_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 * 3 *
4 * Use of this source code is governed by a BSD-style license 4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source 5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found 6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may 7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree. 8 * be found in the AUTHORS file in the root of the source tree.
9 */ 9 */
10 10
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
153 static int kDefaultSslCipher10 = 153 static int kDefaultSslCipher10 =
154 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); 154 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
155 static int kDefaultSslEcCipher10 = 155 static int kDefaultSslEcCipher10 =
156 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); 156 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
157 #ifdef OPENSSL_IS_BORINGSSL 157 #ifdef OPENSSL_IS_BORINGSSL
158 static int kDefaultSslCipher12 = 158 static int kDefaultSslCipher12 =
159 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256); 159 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
160 static int kDefaultSslEcCipher12 = 160 static int kDefaultSslEcCipher12 =
161 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256); 161 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
162 // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable. 162 // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable.
163 // TODO(davidben): Switch to the standardized CHACHA20_POLY1305 variant when
164 // available.
165 static int kDefaultSslCipher12NoAesGcm = 163 static int kDefaultSslCipher12NoAesGcm =
166 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD); 164 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
167 static int kDefaultSslEcCipher12NoAesGcm = 165 static int kDefaultSslEcCipher12NoAesGcm =
168 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD); 166 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
169 #else // !OPENSSL_IS_BORINGSSL 167 #else // !OPENSSL_IS_BORINGSSL
170 // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't 168 // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't
171 // change between TLS 1.0 and TLS 1.2 with the current setup. 169 // change between TLS 1.0 and TLS 1.2 with the current setup.
172 static int kDefaultSslCipher12 = 170 static int kDefaultSslCipher12 =
173 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA); 171 static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
174 static int kDefaultSslEcCipher12 = 172 static int kDefaultSslEcCipher12 =
175 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA); 173 static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
176 #endif 174 #endif // OPENSSL_IS_BORINGSSL
177 175
178 #if defined(_MSC_VER) 176 #if defined(_MSC_VER)
179 #pragma warning(pop) 177 #pragma warning(pop)
180 #endif // defined(_MSC_VER) 178 #endif // defined(_MSC_VER)
181 179
182 ////////////////////////////////////////////////////////////////////// 180 //////////////////////////////////////////////////////////////////////
183 // StreamBIO 181 // StreamBIO
184 ////////////////////////////////////////////////////////////////////// 182 //////////////////////////////////////////////////////////////////////
185 183
186 static int stream_write(BIO* h, const char* buf, int num); 184 static int stream_write(BIO* h, const char* buf, int num);
(...skipping 976 matching lines...) Expand 10 before | Expand all | Expand 10 after
1163 } 1161 }
1164 } else { 1162 } else {
1165 RTC_NOTREACHED(); 1163 RTC_NOTREACHED();
1166 return kDefaultSslEcCipher12; 1164 return kDefaultSslEcCipher12;
1167 } 1165 }
1168 } 1166 }
1169 1167
1170 } // namespace rtc 1168 } // namespace rtc
1171 1169
1172 #endif // HAVE_OPENSSL_SSL_H 1170 #endif // HAVE_OPENSSL_SSL_H
OLDNEW
« no previous file with comments | « talk/app/webrtc/peerconnection_unittest.cc ('k') | webrtc/base/sslstreamadapter_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698