pike.git / lib / modules / SSL.pmod / Context.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Context.pike:437:   protected int cipher_suite_sort_key(int suite)   {    array(int) info = [array(int)] (CIPHER_SUITES[suite] || ({ 0, 0, 0 }));       int keylength = CIPHER_effective_keylengths[info[1]];       // NB: Currently the hash algorithms are allocated in a suitable order.    int hash = info[2];       if (sizeof(info) > 3) { -  hash |= info[3]<<6; +  hash |= info[3]<<5;    }       // NB: As are the cipher ids if you disregard the keylengths.    int cipher = info[1];       // FIXME: I'm not quite sure about the priorities here.    int ke_prio = ([    KE_null: 0,    KE_dh_anon: 1,    KE_ecdh_anon: 2,
pike.git/lib/modules/SSL.pmod/Context.pike:486:    KE_ecdh_ecdsa: 8,    KE_ecdhe_ecdsa: 8,    ])[info[0]];       // int not_anonymous = ke_prio >= 3;       // Klugde to test GCM.    // if (sizeof(info) > 3) keylength += 0x100;       // NB: 8 bits for cipher. -  // 8 bits for hash. +  // 8 bits for hash + mode.    // 8 bits for key exchange.    // 12 bits for keylength.    // 4 bits for auth.    return cipher | hash << 8 | ke_prio << 16 | keylength << 24 | auth_prio << 36;   }      //! Sort a set of cipher suites according to our preferences.   //!   //! @returns   //! Returns the array sorted with the most preferrable (aka "best")