Lines Matching defs:suites
110 /* This list of SSL3 cipher suites is sorted in descending order of
111 * precedence (desirability). It only includes cipher suites we implement.
112 * This table is modified by SSL3_SetPolicy(). The ordering of cipher suites
116 * suites to this list.
181 /* 56-bit DES "domestic" cipher suites */
215 * because it SSL_ImplementedCiphers includes SSL 2.0 cipher suites.
394 /* New TLS cipher suites */
656 /* See RFC 4346 A.5. Export cipher suites must not be used in TLS 1.1 or
657 * later. This set of cipher suites is similar to, but different from, the
658 * set of cipher suites considered exportable by SSL_IsExportCipherSuite.
711 ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, ssl3CipherSuiteCfg *suites)
716 if (suites[i].cipher_suite == suite)
717 return &suites[i];
783 * cipher suites. Correcting the computation for svrAuth,
785 * negotiate cipher suites they do not implement. So, until
807 /* Mark the suites that are backed by real tokens, certs and keys */
850 /* return number of cipher suites that match policy, enabled state and are
1917 /* On this socket, disable the GCM cipher suites */
5199 /* how many suites does our PKCS11 support (regardless of policy)? */
5244 ssl3_DisableECCSuites(ss, NULL); /* disable all ECC suites */
5256 /* how many suites are permitted by policy and user preference? */
8006 SECItem suites = {siBuffer, NULL, 0};
8110 /* grab the list of cipher suites. */
8111 rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
8119 for (i = 0; i + 1 < suites.len; i += 2) {
8120 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
8165 for (i = 0; i + 1 < suites.len; i += 2) {
8166 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
8268 /* Disable any ECC cipher suites for which we have no cert. */
8333 for (i = 0; i + 1 < suites.len; i += 2) {
8334 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
8364 ** offered TLS 1.1 but offered only export cipher suites by choosing TLS
8365 ** 1.0 and selecting one of those export cipher suites. However, a secure
8366 ** TLS 1.1 client should not have export cipher suites enabled at all,
8368 ** cipher suites. Therefore, we refuse to negotiate export cipher suites
8378 for (i = 0; i + 1 < suites.len; i += 2) {
8379 PRUint16 suite_i = (suites.data[i] << 8) | suites.data[i + 1];
8409 suites.data = NULL;
8804 unsigned char * suites;
8872 suites = buffer + SSL_HL_CLIENT_HELLO_HBYTES;
8873 random = suites + suite_length + sid_length;
8890 /* Disable any ECC cipher suites for which we have no cert. */
8904 ** See the comments about export cipher suites in ssl3_HandleClientHello().
8913 PRUint32 suite_i = (suites[i] << 16)|(suites[i+1] << 8)|suites[i+2];
8931 PRUint32 suite_i = (suites[i] << 16) | (suites[i+1] << 8) | suites[i+2];
9974 * with (EC)DHE-* cipher suites. This hack ensures
12617 /* Disable all cipher suites that weren't included. */