flylinkdc-r6xx icon indicating copy to clipboard operation
flylinkdc-r6xx copied to clipboard

Published 20 hours ago verified publisher icon pavel-pimenov

Update TLS 1.2 ciphers and TLS 1.3 ciphers order

Open Tantrix opened this issue 3 years ago • 2 comments

https://sourceforge.net/p/dcplusplus/code/ci/dc0f387ed4958d0f15da7e89f15a17e31ef9997e/ https://dcpp.wordpress.com/2020/03/07/dc-0-8681-will-require-tls-1-2-or-tls-1-3/

Tantrix avatar Oct 18 '21 12:10 Tantrix

DC++ code: F:\hg\dcplusplus-code\dcpp\CryptoManager.cpp

	const char ciphersuites12[] = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256";

	// Arranged in order of performance, depending on presence of AES-NI and CLMUL
	const char ciphersuites13_aesgcm[] = "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256";
	const char ciphersuites13_chacha[] = "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384";

pavel-pimenov avatar Oct 30 '21 07:10 pavel-pimenov

Ну так ты ж учти, что для TLS 1.3 внутри DC++ есть механизм определения поддержки ускорителей на уровне железа. Для TLS 1.2 я шифронаборы такие же и прописал.

depending on presence of AES-NI and CLMUL

https://sourceforge.net/p/dcplusplus/code/ci/454a53433a701bea163cef51bd79696b1fdb2af2/

Tantrix avatar Oct 31 '21 13:10 Tantrix