commit 42b5374523b3c17b2fbfb7c6504d5c6dd42bd097
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Jun 19 16:18:26 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Jun 25 11:26:13 2014 +0200
tree db2eeab4172de24875a34302e6e6edd68491c347
parent d249b7ab9a1fbb982b4d08e8bc8431f92bf9e44d

Switch CCM and GCM in default suite order

The upcoming BCP document recommends GCM as the default.

library/ssl_ciphersuites.c

diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 82f0a38..2db5314 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -51,18 +51,18 @@
  *    Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
  * 2. By key length and cipher:
  *    AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
- * 3. By cipher mode when relevant CCM > GCM > CBC > CCM_8
+ * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
  * 4. By hash function used when relevant
  * 5. By key exchange/auth again: EC > non-EC
  */
 static const int ciphersuite_preference[] =
 {
     /* All AES-256 ephemeral suites */
-    TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
-    TLS_DHE_RSA_WITH_AES_256_CCM,
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
     TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
+    TLS_DHE_RSA_WITH_AES_256_CCM,
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
     TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
     TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
@@ -82,11 +82,11 @@
     TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
 
     /* All AES-128 ephemeral suites */
-    TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
-    TLS_DHE_RSA_WITH_AES_128_CCM,
     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
+    TLS_DHE_RSA_WITH_AES_128_CCM,
     TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
     TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
     TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
@@ -111,8 +111,8 @@
     TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
 
     /* The PSK ephemeral suites */
-    TLS_DHE_PSK_WITH_AES_256_CCM,
     TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+    TLS_DHE_PSK_WITH_AES_256_CCM,
     TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
     TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
     TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
@@ -122,8 +122,8 @@
     TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     TLS_DHE_PSK_WITH_AES_256_CCM_8,
 
-    TLS_DHE_PSK_WITH_AES_128_CCM,
     TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
+    TLS_DHE_PSK_WITH_AES_128_CCM,
     TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
     TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
     TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
@@ -137,8 +137,8 @@
     TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
 
     /* All AES-256 suites */
-    TLS_RSA_WITH_AES_256_CCM,
     TLS_RSA_WITH_AES_256_GCM_SHA384,
+    TLS_RSA_WITH_AES_256_CCM,
     TLS_RSA_WITH_AES_256_CBC_SHA256,
     TLS_RSA_WITH_AES_256_CBC_SHA,
     TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
@@ -159,8 +159,8 @@
     TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
 
     /* All AES-128 suites */
-    TLS_RSA_WITH_AES_128_CCM,
     TLS_RSA_WITH_AES_128_GCM_SHA256,
+    TLS_RSA_WITH_AES_128_CCM,
     TLS_RSA_WITH_AES_128_CBC_SHA256,
     TLS_RSA_WITH_AES_128_CBC_SHA,
     TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
@@ -201,16 +201,16 @@
     TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
 
     /* The PSK suites */
-    TLS_PSK_WITH_AES_256_CCM,
     TLS_PSK_WITH_AES_256_GCM_SHA384,
+    TLS_PSK_WITH_AES_256_CCM,
     TLS_PSK_WITH_AES_256_CBC_SHA384,
     TLS_PSK_WITH_AES_256_CBC_SHA,
     TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
     TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
     TLS_PSK_WITH_AES_256_CCM_8,
 
-    TLS_PSK_WITH_AES_128_CCM,
     TLS_PSK_WITH_AES_128_GCM_SHA256,
+    TLS_PSK_WITH_AES_128_CCM,
     TLS_PSK_WITH_AES_128_CBC_SHA256,
     TLS_PSK_WITH_AES_128_CBC_SHA,
     TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,