From 3b70762534d82b9dc0bc59934327e981f032e69f Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Thu, 20 Jul 2017 14:11:42 +0200
Subject: Add Camellia to the active cipher suites.

Issue #4 point 1.

Camellia is a strong, modern, safe cipher with no known weaknesses or reduced strength attacks.
The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project.
---
 netwerk/base/security-prefs.js          | 4 ++++
 security/manager/ssl/nsNSSComponent.cpp | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js
index 9f42745f7..be3c6f33d 100644
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -28,7 +28,11 @@ pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", true);
 pref("security.ssl3.ecdhe_rsa_aes_256_sha", true);
 pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true);
 pref("security.ssl3.dhe_rsa_aes_128_sha", true);
+pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
 pref("security.ssl3.dhe_rsa_aes_256_sha", true);
+pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
+pref("security.ssl3.rsa_camellia_128_sha", true);
+pref("security.ssl3.rsa_camellia_256_sha", true);
 pref("security.ssl3.rsa_aes_128_sha", true);
 pref("security.ssl3.rsa_aes_256_sha", true);
 pref("security.ssl3.rsa_des_ede3_sha", true);
diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
index d53f846ed..b46e69cbc 100644
--- a/security/manager/ssl/nsNSSComponent.cpp
+++ b/security/manager/ssl/nsNSSComponent.cpp
@@ -1347,9 +1347,13 @@ static const CipherPref sCipherPrefs[] = {
  { "security.ssl3.dhe_rsa_aes_128_sha",
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA, true },
 
+ { "security.ssl3.dhe_rsa_camellia_256_sha", 
+   TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, true},
  { "security.ssl3.dhe_rsa_aes_256_sha",
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA, true },
 
+ { "security.ssl3.dhe_rsa_camellia_128_sha", 
+   TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, true },
  { "security.tls13.aes_128_gcm_sha256",
    TLS_AES_128_GCM_SHA256, true },
  { "security.tls13.chacha20_poly1305_sha256",
@@ -1357,6 +1361,10 @@ static const CipherPref sCipherPrefs[] = {
  { "security.tls13.aes_256_gcm_sha384",
    TLS_AES_256_GCM_SHA384, true },
 
+ {"security.ssl3.rsa_camellia_128_sha",
+   TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, true },
+ {"security.ssl3.rsa_camellia_256_sha",
+   TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, true },
  { "security.ssl3.rsa_aes_128_sha",
    TLS_RSA_WITH_AES_128_CBC_SHA, true }, // deprecated (RSA key exchange)
  { "security.ssl3.rsa_aes_256_sha",
-- 
cgit v1.2.3