Rework the default cipherlist.

- Always prefer forward-secure handshakes. - Consistently order ECDSA above RSA. - Next, always prefer AEADs to non-AEADs, irrespective of strength. - Within AEADs, prefer GCM > CHACHA > CCM for a given strength. - Prefer TLS v1.2 ciphers to legacy ciphers. - Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default list to reduce ClientHello bloat. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Emilia Kasper <emilia@openssl.org> 2016-03-03 19:50:03 +0100
committer: Emilia Kasper <emilia@openssl.org> 2016-03-07 16:53:42 +0100
commit: a556f342201473b4bf8dbf879b03890a74e412b6 (patch)
tree: 76527cf039cfd054c6a2c9f4a0008f4feaa7c403 /ssl/ssl_locl.h
parent: 3ed1839dc3ad285ca83609007a18911d3c7bfdbe (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index ca928e7d5d..4ea036dbf2 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -358,7 +358,9 @@
 # define SSL_eGOST2814789CNT12   0x00040000U
 # define SSL_CHACHA20POLY1305    0x00080000U
 
-# define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM|SSL_AES128CCM|SSL_AES256CCM|SSL_AES128CCM8|SSL_AES256CCM8)
+# define SSL_AESGCM              (SSL_AES128GCM | SSL_AES256GCM)
+# define SSL_AESCCM              (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8)
+# define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AESGCM|SSL_AESCCM)
 # define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
 # define SSL_CHACHA20            (SSL_CHACHA20POLY1305)
author	Emilia Kasper <emilia@openssl.org>	2016-03-03 19:50:03 +0100
committer	Emilia Kasper <emilia@openssl.org>	2016-03-07 16:53:42 +0100
commit	a556f342201473b4bf8dbf879b03890a74e412b6 (patch)
tree	76527cf039cfd054c6a2c9f4a0008f4feaa7c403 /ssl/ssl_locl.h
parent	3ed1839dc3ad285ca83609007a18911d3c7bfdbe (diff)