From 337d0847463b997559d099b02020c93d644b146b Mon Sep 17 00:00:00 2001 From: Richard Newman Date: Thu, 4 Jun 2015 11:07:32 -0700 Subject: [PATCH] Bug 1061273 - Part 2: use per-version DEFAULT_PROTOCOLS and DEFAULT_CIPHER_SUITES. r=nalexander --- .../background/common/GlobalConstants.java | 75 ++++++++++++++++--- 1 file changed, 64 insertions(+), 11 deletions(-) diff --git a/mobile/android/base/background/common/GlobalConstants.java b/mobile/android/base/background/common/GlobalConstants.java index 6d8b98d9235..e0204452d5c 100644 --- a/mobile/android/base/background/common/GlobalConstants.java +++ b/mobile/android/base/background/common/GlobalConstants.java @@ -38,23 +38,76 @@ public class GlobalConstants { // Acceptable cipher suites. /** + * We support only a very limited range of strong cipher suites and protocols: + * no SSLv3 or TLSv1.0 (if we can), no DHE ciphers that might be vulnerable to Logjam + * (https://weakdh.org/), no RC4. + * + * Backstory: Bug 717691 (we no longer support Android 2.2, so the name + * workaround is unnecessary), Bug 1081953, Bug 1061273, Bug 1166839. + * * See for * supported Android versions for each set of protocols and cipher suites. + * + * Note that currently we need to support connections to Sync 1.1 on Mozilla-hosted infra, + * as well as connections to FxA and Sync 1.5 on AWS. + * + * ELB cipher suites: + * */ public static final String[] DEFAULT_CIPHER_SUITES; public static final String[] DEFAULT_PROTOCOLS; static { - DEFAULT_CIPHER_SUITES = new String[] - { - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", - "SSL_RSA_WITH_RC4_128_SHA", // "RC4_SHA" - }; - DEFAULT_PROTOCOLS = new String[] - { - "SSLv3", - "TLSv1", - }; + // Prioritize 128 over 256 as a tradeoff between device CPU/battery and the minor + // increase in strength. + if (Versions.feature20Plus) { + DEFAULT_CIPHER_SUITES = new String[] + { + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", // 20+ + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", // 20+ + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", // 20+ + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", // 11+ + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", // 20+ + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", // 20+ + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", // 11+ + }; + } else if (Versions.feature11Plus) { + DEFAULT_CIPHER_SUITES = new String[] + { + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", // 11+ + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", // 11+ + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", // 11+ + "TLS_RSA_WITH_AES_256_CBC_SHA", // 9+ + }; + } else { // 9+ + // Fall back to the only half-decent cipher suites supported on Gingerbread. + // N.B., there appears to be *no overlap* between the ELB 2015-05 default + // suites and Gingerbread. A custom configuration is needed if moving beyond + // the 2015-03 defaults. + DEFAULT_CIPHER_SUITES = new String[] + { + // This is for Sync 1.5 on ELB 2015-03. + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", + + // This is for Sync 1.1. + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", // 9+ + "TLS_RSA_WITH_AES_256_CBC_SHA", // 9+ + }; + } + + if (Versions.feature16Plus) { + DEFAULT_PROTOCOLS = new String[] + { + "TLSv1.2", + "TLSv1.1", + }; + } else { + // Fall back to TLSv1 if there's nothing better. + DEFAULT_PROTOCOLS = new String[] + { + "TLSv1", + }; + } } }