diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2010-10-06 22:19:21 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2010-10-06 22:19:21 +0000 |
| commit | 17b1c63ba51e1c8f58ef89ffe4953e3a7a8144ed (patch) | |
| tree | 3875af8f630ab070970dc9e8309534f215fe4b06 /lib | |
| parent | 11582097cde9bb4bf4acb463d2661d972fc67353 (diff) | |
Retire Skipjack
There's not much use for the declassified cipher from the 80's
with a questionable license these days. According to the FIPS
drafts, Skipjack reaches its EOL in December 2010.
The libc portion will be removed after the ports hackathon.
djm and thib agree, no objections from deraadt
Thanks to jsg for digging up FIPS drafts.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/gen/sysctl.3 | 6 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/engine/eng_cryptodev.c | 1 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/engine/hw_cryptodev.c | 1 |
3 files changed, 3 insertions, 5 deletions
diff --git a/lib/libc/gen/sysctl.3 b/lib/libc/gen/sysctl.3 index 446ea9d11e1..0b026e9674d 100644 --- a/lib/libc/gen/sysctl.3 +++ b/lib/libc/gen/sysctl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.3,v 1.198 2010/08/19 18:14:14 kettenis Exp $ +.\" $OpenBSD: sysctl.3,v 1.199 2010/10/06 22:19:20 mikeb Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: August 19 2010 $ +.Dd $Mdocdate: October 6 2010 $ .Dt SYSCTL 3 .Os .Sh NAME @@ -1400,7 +1400,7 @@ Such security associations can occur as a result of a process having requested some security level through .Xr setsockopt 2 , or as a result of dynamic VPN entries. -Supported values are aes, des, 3des, blowfish, cast128, and skipjack. +Supported values are aes, des, 3des, blowfish and cast128. If set to any other value, it is left to the key management daemons to select an encryption algorithm for the security association. The default value is aes. diff --git a/lib/libssl/src/crypto/engine/eng_cryptodev.c b/lib/libssl/src/crypto/engine/eng_cryptodev.c index f04c79151b2..10b3856b4e1 100644 --- a/lib/libssl/src/crypto/engine/eng_cryptodev.c +++ b/lib/libssl/src/crypto/engine/eng_cryptodev.c @@ -151,7 +151,6 @@ static struct { { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, { 0, NID_undef, 0, 0, }, }; diff --git a/lib/libssl/src/crypto/engine/hw_cryptodev.c b/lib/libssl/src/crypto/engine/hw_cryptodev.c index b90f24576c9..03022f2fd39 100644 --- a/lib/libssl/src/crypto/engine/hw_cryptodev.c +++ b/lib/libssl/src/crypto/engine/hw_cryptodev.c @@ -147,7 +147,6 @@ static struct dev_crypto_cipher ciphers[] = { { CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32, }, { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, }, { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, }, - { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, }, { 0, NID_undef, 0, 0, }, }; |