diff options
author | Adam Langley <agl@google.com> | 2015-06-15 13:51:03 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2015-06-15 22:46:55 +0000 |
commit | a4be71cee108bfed76ddb37552b7e48945d91b49 (patch) | |
tree | 4269df94919637220a2cf4bcb612c5266ac5f95b /src/ssl/ssl_cipher.c | |
parent | cfb958c9a3369d555e4515a6277be43185af4445 (diff) | |
download | external_boringssl-a4be71cee108bfed76ddb37552b7e48945d91b49.zip external_boringssl-a4be71cee108bfed76ddb37552b7e48945d91b49.tar.gz external_boringssl-a4be71cee108bfed76ddb37552b7e48945d91b49.tar.bz2 |
Drop ECDHE-PSK-AES-128-GCM.
This is the best PSK cipher suite, but it's non-standard and nobody is
using it. Trivial to bring back in the future if we have need of it.
(Note that this is a no-op in Android because Android had already
disabled this cipher suite.)
(This is a cherry-pick of BoringSSL's 1feb42a2.)
Bug: 21522548
Change-Id: I2a051724500341053595f59e755349544da63ce5
Diffstat (limited to 'src/ssl/ssl_cipher.c')
-rw-r--r-- | src/ssl/ssl_cipher.c | 13 |
1 files changed, 0 insertions, 13 deletions
diff --git a/src/ssl/ssl_cipher.c b/src/ssl/ssl_cipher.c index 5e617b1..2f1548a 100644 --- a/src/ssl/ssl_cipher.c +++ b/src/ssl/ssl_cipher.c @@ -429,20 +429,7 @@ const SSL_CIPHER kCiphers[] = { 256, 256, }, - #if !defined(ANDROID) - /* ECDH PSK ciphersuites */ - - /* Cipher CAFE */ - { - TLS1_TXT_ECDHE_PSK_WITH_AES_128_GCM_SHA256, - TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256, SSL_kECDHE, SSL_aPSK, - SSL_AES128GCM, SSL_AEAD, SSL_TLSV1_2, SSL_HIGH, - SSL_HANDSHAKE_MAC_SHA256 | - SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_INCLUDED_IN_RECORD, - 128, 128, - }, - { TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, SSL_kECDHE, SSL_aRSA, |