diff options
| author | jsing <> | 2014-12-10 15:36:47 +0000 |
|---|---|---|
| committer | jsing <> | 2014-12-10 15:36:47 +0000 |
| commit | 091bf547974906c9be5137a27f2db864521aaa69 (patch) | |
| tree | 8f2441ed940045edc4ad4d11ab3d8395f2830a78 /src/lib/libssl/s3_lib.c | |
| parent | 72ac14b2bd5b2397707e53cef778b9da5af1498f (diff) | |
| download | openbsd-091bf547974906c9be5137a27f2db864521aaa69.tar.gz openbsd-091bf547974906c9be5137a27f2db864521aaa69.tar.bz2 openbsd-091bf547974906c9be5137a27f2db864521aaa69.zip | |
Remove support for GOST R 34.10-94 signature authentication, along with
the two ciphersuites that use it. GOST94 public/private keys have been
long obsoleted and libcrypto does not have support for them anyway.
Discussed with Dmitry Eremin-Solenikov.
Diffstat (limited to 'src/lib/libssl/s3_lib.c')
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 35 |
1 files changed, 1 insertions, 34 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 9897fba6c5..4beee2d53c 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.86 2014/12/10 14:58:56 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.87 2014/12/10 15:36:47 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -747,23 +747,6 @@ SSL_CIPHER ssl3_ciphers[] = { | |||
| 747 | 747 | ||
| 748 | /* GOST Ciphersuites */ | 748 | /* GOST Ciphersuites */ |
| 749 | 749 | ||
| 750 | /* Cipher 80 */ | ||
| 751 | { | ||
| 752 | .valid = 1, | ||
| 753 | .name = "GOST94-GOST89-GOST89", | ||
| 754 | .id = 0x3000080, | ||
| 755 | .algorithm_mkey = SSL_kGOST, | ||
| 756 | .algorithm_auth = SSL_aGOST94, | ||
| 757 | .algorithm_enc = SSL_eGOST2814789CNT, | ||
| 758 | .algorithm_mac = SSL_GOST89MAC, | ||
| 759 | .algorithm_ssl = SSL_TLSV1, | ||
| 760 | .algo_strength = SSL_HIGH, | ||
| 761 | .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94| | ||
| 762 | TLS1_STREAM_MAC, | ||
| 763 | .strength_bits = 256, | ||
| 764 | .alg_bits = 256 | ||
| 765 | }, | ||
| 766 | |||
| 767 | /* Cipher 81 */ | 750 | /* Cipher 81 */ |
| 768 | { | 751 | { |
| 769 | .valid = 1, | 752 | .valid = 1, |
| @@ -781,22 +764,6 @@ SSL_CIPHER ssl3_ciphers[] = { | |||
| 781 | .alg_bits = 256 | 764 | .alg_bits = 256 |
| 782 | }, | 765 | }, |
| 783 | 766 | ||
| 784 | /* Cipher 82 */ | ||
| 785 | { | ||
| 786 | .valid = 1, | ||
| 787 | .name = "GOST94-NULL-GOST94", | ||
| 788 | .id = 0x3000082, | ||
| 789 | .algorithm_mkey = SSL_kGOST, | ||
| 790 | .algorithm_auth = SSL_aGOST94, | ||
| 791 | .algorithm_enc = SSL_eNULL, | ||
| 792 | .algorithm_mac = SSL_GOST94, | ||
| 793 | .algorithm_ssl = SSL_TLSV1, | ||
| 794 | .algo_strength = SSL_STRONG_NONE, | ||
| 795 | .algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94, | ||
| 796 | .strength_bits = 0, | ||
| 797 | .alg_bits = 0 | ||
| 798 | }, | ||
| 799 | |||
| 800 | /* Cipher 83 */ | 767 | /* Cipher 83 */ |
| 801 | { | 768 | { |
| 802 | .valid = 1, | 769 | .valid = 1, |