diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2017-07-20 14:11:42 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-02-02 19:04:33 +0100 |
| commit | 3b70762534d82b9dc0bc59934327e981f032e69f (patch) | |
| tree | a0319c4fd7a54b74c74dab7cf257fdf18ee8f2ff | |
| parent | 8a1dc97a5aaf1f245b8bbf72de0e9458d15eeb81 (diff) | |
| download | UXP-3b70762534d82b9dc0bc59934327e981f032e69f.tar UXP-3b70762534d82b9dc0bc59934327e981f032e69f.tar.gz UXP-3b70762534d82b9dc0bc59934327e981f032e69f.tar.lz UXP-3b70762534d82b9dc0bc59934327e981f032e69f.tar.xz UXP-3b70762534d82b9dc0bc59934327e981f032e69f.zip | |
Add Camellia to the active cipher suites.
Issue #4 point 1.
Camellia is a strong, modern, safe cipher with no known weaknesses or reduced strength attacks.
The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project.
| -rw-r--r-- | netwerk/base/security-prefs.js | 4 | ||||
| -rw-r--r-- | security/manager/ssl/nsNSSComponent.cpp | 8 |
2 files changed, 12 insertions, 0 deletions
diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index 9f42745f7..be3c6f33d 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -28,7 +28,11 @@ pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true); pref("security.ssl3.ecdhe_rsa_aes_256_sha", true); pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true); pref("security.ssl3.dhe_rsa_aes_128_sha", true); +pref("security.ssl3.dhe_rsa_camellia_256_sha", true); pref("security.ssl3.dhe_rsa_aes_256_sha", true); +pref("security.ssl3.dhe_rsa_camellia_128_sha", true); +pref("security.ssl3.rsa_camellia_128_sha", true); +pref("security.ssl3.rsa_camellia_256_sha", true); pref("security.ssl3.rsa_aes_128_sha", true); pref("security.ssl3.rsa_aes_256_sha", true); pref("security.ssl3.rsa_des_ede3_sha", true); diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp index d53f846ed..b46e69cbc 100644 --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -1347,9 +1347,13 @@ static const CipherPref sCipherPrefs[] = { { "security.ssl3.dhe_rsa_aes_128_sha", TLS_DHE_RSA_WITH_AES_128_CBC_SHA, true }, + { "security.ssl3.dhe_rsa_camellia_256_sha", + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, true}, { "security.ssl3.dhe_rsa_aes_256_sha", TLS_DHE_RSA_WITH_AES_256_CBC_SHA, true }, + { "security.ssl3.dhe_rsa_camellia_128_sha", + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, true }, { "security.tls13.aes_128_gcm_sha256", TLS_AES_128_GCM_SHA256, true }, { "security.tls13.chacha20_poly1305_sha256", @@ -1357,6 +1361,10 @@ static const CipherPref sCipherPrefs[] = { { "security.tls13.aes_256_gcm_sha384", TLS_AES_256_GCM_SHA384, true }, + {"security.ssl3.rsa_camellia_128_sha", + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, true }, + {"security.ssl3.rsa_camellia_256_sha", + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, true }, { "security.ssl3.rsa_aes_128_sha", TLS_RSA_WITH_AES_128_CBC_SHA, true }, // deprecated (RSA key exchange) { "security.ssl3.rsa_aes_256_sha", |