Bug 1691650 - prefer AES on ARM devices with hardware support for AES r=bbeurdouche

Bug 1583610 modified the cipher suite ordering on ARM devices to prefer ChaCha20/Poly1305 with the assumption that hardware support for AES wouldn't be available. However, because there are ARM devices with hardware support for AES, this patch makes this only happen when that support isn't available. Differential Revision: https://phabricator.services.mozilla.com/D104897
2021-02-12 19:38:17 +00:00 · 2021-02-12 19:38:17 +00:00 · 1d51c89cb5
--- a/security/manager/ssl/nsNSSIOLayer.cpp
+++ b/security/manager/ssl/nsNSSIOLayer.cpp
@ -2720,7 +2720,7 @@ static nsresult nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
    return NS_ERROR_FAILURE;
  }

-#ifdef __arm__
+#if defined(__arm__) && not defined(__ARM_FEATURE_CRYPTO)
  unsigned int enabledCiphers = 0;
  std::vector<uint16_t> ciphers(SSL_GetNumImplementedCiphers());

@ -2732,10 +2732,11 @@ static nsresult nsSSLIOLayerSetOptions(PRFileDesc* fd, bool forSTARTTLS,
    return NS_ERROR_FAILURE;
  }

-  // On ARM, prefer (TLS_CHACHA20_POLY1305_SHA256) over AES. However,
-  // it may be disabled. If enabled, it will either be element [0] or [1]*.
-  // If [0], we're done. If [1], swap it with [0] (TLS_AES_128_GCM_SHA256).
-  // * (assuming the compile-time order remains unchanged)
+  // On ARM, prefer (TLS_CHACHA20_POLY1305_SHA256) over AES when hardware
+  // support for AES isn't available. However, it may be disabled. If enabled,
+  // it will either be element [0] or [1]*. If [0], we're done. If [1], swap it
+  // with [0] (TLS_AES_128_GCM_SHA256).
+  // *(assuming the compile-time order remains unchanged)
  if (enabledCiphers > 1) {
    if (ciphers[0] != TLS_CHACHA20_POLY1305_SHA256 &&
        ciphers[1] == TLS_CHACHA20_POLY1305_SHA256) {