generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Disable DES in FIPS mode.

Browse Source
This commit is contained in:
Dr. Stephen Henson
2007-05-21 12:45:10 +00:00
parent 53c381105a
commit 27f50994ff
2 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/evp/e_des.c
View File

@@ -129,20 +129,20 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
} }
BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS, EVP_CIPH_RAND_KEY,
des_init_key, NULL, des_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv, EVP_CIPHER_get_asn1_iv,
des_ctrl) des_ctrl)
BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,
EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS, EVP_CIPH_RAND_KEY,
des_init_key, NULL, des_init_key, NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,des_ctrl) EVP_CIPHER_get_asn1_iv,des_ctrl)
BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,
EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS, EVP_CIPH_RAND_KEY,
des_init_key,NULL, des_init_key,NULL,
EVP_CIPHER_set_asn1_iv, EVP_CIPHER_set_asn1_iv,
EVP_CIPHER_get_asn1_iv,des_ctrl) EVP_CIPHER_get_asn1_iv,des_ctrl)

32
ssl/s3_lib.c
View File

@@ -238,7 +238,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_RSA_DES_40_CBC_SHA, SSL3_TXT_RSA_DES_40_CBC_SHA,
SSL3_CK_RSA_DES_40_CBC_SHA, SSL3_CK_RSA_DES_40_CBC_SHA,
SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -251,7 +251,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_RSA_DES_64_CBC_SHA, SSL3_TXT_RSA_DES_64_CBC_SHA,
SSL3_CK_RSA_DES_64_CBC_SHA, SSL3_CK_RSA_DES_64_CBC_SHA,
SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -278,7 +278,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_DH_DSS_DES_40_CBC_SHA, SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
SSL3_CK_DH_DSS_DES_40_CBC_SHA, SSL3_CK_DH_DSS_DES_40_CBC_SHA,
SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -291,7 +291,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_DH_DSS_DES_64_CBC_SHA, SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
SSL3_CK_DH_DSS_DES_64_CBC_SHA, SSL3_CK_DH_DSS_DES_64_CBC_SHA,
SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -317,7 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_DH_RSA_DES_40_CBC_SHA, SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
SSL3_CK_DH_RSA_DES_40_CBC_SHA, SSL3_CK_DH_RSA_DES_40_CBC_SHA,
SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -330,7 +330,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_DH_RSA_DES_64_CBC_SHA, SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
SSL3_CK_DH_RSA_DES_64_CBC_SHA, SSL3_CK_DH_RSA_DES_64_CBC_SHA,
SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -358,7 +358,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
SSL3_CK_EDH_DSS_DES_40_CBC_SHA, SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -371,7 +371,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
SSL3_CK_EDH_DSS_DES_64_CBC_SHA, SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -397,7 +397,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
SSL3_CK_EDH_RSA_DES_40_CBC_SHA, SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -410,7 +410,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
SSL3_CK_EDH_RSA_DES_64_CBC_SHA, SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -462,7 +462,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_ADH_DES_40_CBC_SHA, SSL3_TXT_ADH_DES_40_CBC_SHA,
SSL3_CK_ADH_DES_40_CBC_SHA, SSL3_CK_ADH_DES_40_CBC_SHA,
SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3, SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
128, 128,
@@ -475,7 +475,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_ADH_DES_64_CBC_SHA, SSL3_TXT_ADH_DES_64_CBC_SHA,
SSL3_CK_ADH_DES_64_CBC_SHA, SSL3_CK_ADH_DES_64_CBC_SHA,
SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3, SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -549,7 +549,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_KRB5_DES_64_CBC_SHA, SSL3_TXT_KRB5_DES_64_CBC_SHA,
SSL3_CK_KRB5_DES_64_CBC_SHA, SSL3_CK_KRB5_DES_64_CBC_SHA,
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
SSL_NOT_EXP|SSL_LOW|SSL_FIPS, SSL_NOT_EXP|SSL_LOW,
0, 0,
56, 56,
56, 56,
@@ -661,7 +661,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
SSL3_TXT_KRB5_DES_40_CBC_SHA, SSL3_TXT_KRB5_DES_40_CBC_SHA,
SSL3_CK_KRB5_DES_40_CBC_SHA, SSL3_CK_KRB5_DES_40_CBC_SHA,
SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3, SSL_kKRB5|SSL_aKRB5| SSL_DES|SSL_SHA1 |SSL_SSLV3,
SSL_EXPORT|SSL_EXP40|SSL_FIPS, SSL_EXPORT|SSL_EXP40,
0, 0,
40, 40,
56, 56,
@@ -1018,7 +1018,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1, SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1,
SSL_EXPORT|SSL_EXP56|SSL_FIPS, SSL_EXPORT|SSL_EXP56,
0, 0,
56, 56,
56, 56,
@@ -1031,7 +1031,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1, SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1,
SSL_EXPORT|SSL_EXP56|SSL_FIPS, SSL_EXPORT|SSL_EXP56,
0, 0,
56, 56,
56, 56,