Adjust the list of supported ECDHE-PSK cipher suites.

The SHA-2 based cipher suites cannot be used with SSLv3 but there is no way to express that in OpenSSL's configuration. This CL thus adjusts the list of supported cipher suites accordingly. Bug: 15073623 Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2

Adjust the list of supported ECDHE-PSK cipher suites.
The SHA-2 based cipher suites cannot be used with SSLv3 but there is no way to express that in OpenSSL's configuration. This CL thus adjusts the list of supported cipher suites accordingly. Bug: 15073623 Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2
b79411aa · Alex Klyubin · 69c36470 · b79411aa
Commit b79411aa authored 11 years ago by Alex Klyubin
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

src/main/java/org/conscrypt/NativeCrypto.java src/main/java/org/conscrypt/NativeCrypto.java +2 -2

No files found.
--- a/src/main/java/org/conscrypt/NativeCrypto.java
+++ b/src/main/java/org/conscrypt/NativeCrypto.java
@@ -752,8 +752,8 @@ public final class NativeCrypto {
        add("TLS_PSK_WITH_AES_128_CBC_SHA", "PSK-AES128-CBC-SHA");
        add("TLS_PSK_WITH_AES_256_CBC_SHA", "PSK-AES256-CBC-SHA");
        add("TLS_PSK_WITH_RC4_128_SHA", "PSK-RC4-SHA");
-        add("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", "ECDHE-PSK-WITH-AES-128-CBC-SHA256");
-        add("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", "ECDHE-PSK-WITH-AES-256-CBC-SHA384");
+        add("TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", "ECDHE-PSK-AES128-CBC-SHA");
+        add("TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", "ECDHE-PSK-AES256-CBC-SHA");

        // Signaling Cipher Suite Value for secure renegotiation handled as special case.
        // add("TLS_EMPTY_RENEGOTIATION_INFO_SCSV", null);