Set SSL_FIPS flag in ECC ciphersuites.

author Dr. Stephen Henson <steve@openssl.org>

Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c

index 028e996f5aa4c431d2fe396518ad8f8dd48273a2..83277560177cfe17a5b118a050b5995c12a422b9 100644 (file)
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -1834,7 +1834,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_eNULL,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_STRONG_NONE,
+       SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         0,
         0,
@@ -1866,7 +1866,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_3DES,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         168,
         168,
@@ -1882,7 +1882,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES128,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         128,
         128,
@@ -1898,7 +1898,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES256,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         256,
         256,
@@ -1914,7 +1914,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_eNULL,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_STRONG_NONE,
+       SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         0,
         0,
@@ -1946,7 +1946,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_3DES,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         168,
         168,
@@ -1962,7 +1962,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES128,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         128,
         128,
@@ -1978,7 +1978,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES256,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         256,
         256,
@@ -1994,7 +1994,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_eNULL,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_STRONG_NONE,
+       SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         0,
         0,
@@ -2026,7 +2026,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_3DES,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         168,
         168,
@@ -2042,7 +2042,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES128,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         128,
         128,
@@ -2058,7 +2058,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES256,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         256,
         256,
@@ -2074,7 +2074,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_eNULL,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_STRONG_NONE,
+       SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         0,
         0,
@@ -2106,7 +2106,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_3DES,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         168,
         168,
@@ -2122,7 +2122,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES128,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         128,
         128,
@@ -2138,7 +2138,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES256,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         256,
         256,
@@ -2154,7 +2154,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_eNULL,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_STRONG_NONE,
+       SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         0,
         0,
@@ -2186,7 +2186,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_3DES,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         168,
         168,
@@ -2202,7 +2202,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES128,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         128,
         128,
@@ -2218,7 +2218,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={
         SSL_AES256,
         SSL_SHA1,
         SSL_TLSV1,
-       SSL_NOT_EXP|SSL_HIGH,
+       SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
         SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
         256,
         256,
author	Dr. Stephen Henson <steve@openssl.org>
	Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Mon, 6 Jun 2011 14:14:41 +0000 (14:14 +0000)