change: network,调整加密套件的优先级顺序,RSA优先,椭圆算法放后面

1. 加速匹配过程,RSA密钥交互虽然老,但速度比较快
2. 大部分网站都支持RSA密钥交互,椭圆算法相比之下还是少一些

components/mbedtls/library/ssl_ciphersuites.c

@@ -52,6 +52,18 @@ static const int ciphersuite_preference[] =
 #if defined(MBEDTLS_SSL_CIPHERSUITES)
     MBEDTLS_SSL_CIPHERSUITES,
 #else
+    // 把RSA的套件放前面, 优先选择RSA  
+    MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
+    MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
+  
     /* Chacha-Poly ephemeral suites */
     MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
     MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
@@ -156,17 +168,12 @@ static const int ciphersuite_preference[] =
     MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
 
     /* All AES-256 suites */
-    MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
-    MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
-    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
-    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-    MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
 
     /* All CAMELLIA-256 suites */
     MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
@@ -186,17 +193,12 @@ static const int ciphersuite_preference[] =
     MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
 
     /* All AES-128 suites */
-    MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
-    MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
-    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
-    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
     MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
     MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-    MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
 
     /* All CAMELLIA-128 suites */
     MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,