From a4be71cee108bfed76ddb37552b7e48945d91b49 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 15 Jun 2015 13:51:03 -0700 Subject: Drop ECDHE-PSK-AES-128-GCM. This is the best PSK cipher suite, but it's non-standard and nobody is using it. Trivial to bring back in the future if we have need of it. (Note that this is a no-op in Android because Android had already disabled this cipher suite.) (This is a cherry-pick of BoringSSL's 1feb42a2.) Bug: 21522548 Change-Id: I2a051724500341053595f59e755349544da63ce5 --- src/include/openssl/tls1.h | 7 ------- 1 file changed, 7 deletions(-) (limited to 'src/include/openssl/tls1.h') diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h index e085e15..999a5ca 100644 --- a/src/include/openssl/tls1.h +++ b/src/include/openssl/tls1.h @@ -512,9 +512,6 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14 #define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15 -/* Non-standard ECDHE PSK ciphersuites */ -#define TLS1_CK_ECDHE_PSK_WITH_AES_128_GCM_SHA256 0x0300CAFE - /* XXX * Inconsistency alert: * The OpenSSL names of ciphers with ephemeral DH here include the string @@ -676,10 +673,6 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( "ECDHE-ECDSA-CHACHA20-POLY1305" #define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" -/* Non-standard ECDHE PSK ciphersuites */ -#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_GCM_SHA256 \ - "ECDHE-PSK-AES128-GCM-SHA256" - #define TLS_CT_RSA_SIGN 1 #define TLS_CT_DSS_SIGN 2 #define TLS_CT_RSA_FIXED_DH 3 -- cgit v1.1