aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Willi <martin@revosec.ch>2010-08-25 18:30:09 +0200
committerMartin Willi <martin@revosec.ch>2010-08-25 18:30:09 +0200
commit2bf0e74c3853537445cd7b308dfdb58cd45e240f (patch)
tree673d61287bf3556db7b97538edc8c31000e9df99
parenta596006e3f5ed37cc9d5fee773d9fd02471c295d (diff)
downloadstrongswan-2bf0e74c3853537445cd7b308dfdb58cd45e240f.tar.bz2
strongswan-2bf0e74c3853537445cd7b308dfdb58cd45e240f.tar.xz
Prefer AES/Camellia suites over 3DES/NULL encryption
Diffstat
-rw-r--r--src/libtls/tls_crypto.c32
1 files changed, 16 insertions, 16 deletions
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index caf8cda95..c25119482 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -339,22 +339,6 @@ typedef struct {
* Mapping suites to a set of algorithms
*/
static suite_algs_t suite_algs[] = {
- { TLS_RSA_WITH_NULL_MD5,
- HASH_MD5, PRF_HMAC_MD5,
- AUTH_HMAC_MD5_128, ENCR_NULL, 0
- },
- { TLS_RSA_WITH_NULL_SHA,
- HASH_SHA1, PRF_HMAC_SHA1,
- AUTH_HMAC_SHA1_160, ENCR_NULL, 0
- },
- { TLS_RSA_WITH_NULL_SHA256,
- HASH_SHA256, PRF_HMAC_SHA2_256,
- AUTH_HMAC_SHA2_256_256, ENCR_NULL, 0
- },
- { TLS_RSA_WITH_3DES_EDE_CBC_SHA,
- HASH_SHA1, PRF_HMAC_SHA1,
- AUTH_HMAC_SHA1_160, ENCR_3DES, 0
- },
{ TLS_RSA_WITH_AES_128_CBC_SHA,
HASH_SHA1, PRF_HMAC_SHA1,
AUTH_HMAC_SHA1_160, ENCR_AES_CBC, 16
@@ -387,6 +371,22 @@ static suite_algs_t suite_algs[] = {
HASH_SHA256, PRF_HMAC_SHA2_256,
AUTH_HMAC_SHA2_256_256, ENCR_CAMELLIA_CBC, 32
},
+ { TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+ HASH_SHA1, PRF_HMAC_SHA1,
+ AUTH_HMAC_SHA1_160, ENCR_3DES, 0
+ },
+ { TLS_RSA_WITH_NULL_SHA,
+ HASH_SHA1, PRF_HMAC_SHA1,
+ AUTH_HMAC_SHA1_160, ENCR_NULL, 0
+ },
+ { TLS_RSA_WITH_NULL_SHA256,
+ HASH_SHA256, PRF_HMAC_SHA2_256,
+ AUTH_HMAC_SHA2_256_256, ENCR_NULL, 0
+ },
+ { TLS_RSA_WITH_NULL_MD5,
+ HASH_MD5, PRF_HMAC_MD5,
+ AUTH_HMAC_MD5_128, ENCR_NULL, 0
+ },
};
/**
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-17 00:37:31 +0000