mirror of https://github.com/openssl/openssl.git
doc: document the change to the security level of CCM8 cipher suites
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16652)
This commit is contained in:
Pauli
parent
1a473d1cc6
commit
56ffcce492
|
|
@ -83,8 +83,9 @@ using MD5 for the MAC is also prohibited.
|
|||
|
||||
Security level set to 112 bits of security. As a result RSA, DSA and DH keys
|
||||
shorter than 2048 bits and ECC keys shorter than 224 bits are prohibited.
|
||||
In addition to the level 1 exclusions any cipher suite using RC4 is also
|
||||
prohibited. SSL version 3 is also not allowed. Compression is disabled.
|
||||
In addition to the level 1 exclusions any cipher suite using RC4 and any
|
||||
cipher suite using CCM with a 64 bit authentication tag are also prohibited.
|
||||
SSL version 3 is also not allowed. Compression is disabled.
|
||||
|
||||
=item B<Level 3>
|
||||
|
||||
|
|
|
|||
22
ssl/s3_lib.c
22
ssl/s3_lib.c
|
|
@ -110,7 +110,7 @@ static SSL_CIPHER tls13_ciphers[] = {
|
|||
0, 0,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
}
|
||||
};
|
||||
|
|
@ -701,7 +701,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
},
|
||||
{
|
||||
|
|
@ -717,7 +717,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
256,
|
||||
},
|
||||
{
|
||||
|
|
@ -733,7 +733,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
},
|
||||
{
|
||||
|
|
@ -749,7 +749,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
256,
|
||||
},
|
||||
{
|
||||
|
|
@ -829,7 +829,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
},
|
||||
{
|
||||
|
|
@ -845,7 +845,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
256,
|
||||
},
|
||||
{
|
||||
|
|
@ -861,7 +861,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
},
|
||||
{
|
||||
|
|
@ -877,7 +877,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
256,
|
||||
},
|
||||
{
|
||||
|
|
@ -925,7 +925,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
128,
|
||||
},
|
||||
{
|
||||
|
|
@ -941,7 +941,7 @@ static SSL_CIPHER ssl3_ciphers[] = {
|
|||
DTLS1_2_VERSION, DTLS1_2_VERSION,
|
||||
SSL_NOT_DEFAULT | SSL_MEDIUM,
|
||||
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
|
||||
64, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
80, /* CCM8 uses a short tag, so we have a low security strength */
|
||||
256,
|
||||
},
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue