Here's a simple patch that adds the FIPS Cipher Suite identifiers to
packet-ssl.c. Netscape sends these, but I only recently found a
reference describing their use.
cheers,
--Scott
--
Scott Renfro <scott@xxxxxxxxxx> +1 408 375 1870
Index: packet-ssl.c
===================================================================
RCS file: /cvsroot/ethereal/packet-ssl.c,v
retrieving revision 1.7
diff -u -u -r1.7 packet-ssl.c
--- packet-ssl.c 2001/09/14 07:10:06 1.7
+++ packet-ssl.c 2001/10/16 04:39:13
@@ -250,6 +250,12 @@
{ 0x000064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" },
{ 0x000065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" },
{ 0x000066, "TLS_DHE_DSS_WITH_RC4_128_SHA" },
+ /* these from http://www.mozilla.org/projects/
+ security/pki/nss/ssl/fips-ssl-ciphersuites.html */
+ { 0x00fefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
+ { 0x00feff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
+ { 0x00ffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
+ { 0x00ffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
/* note that ciphersuites of {0x00????} are TLS cipher suites in
* a sslv2 client hello message; the ???? above is the two-byte
* tls cipher suite id
@@ -399,6 +405,12 @@
{ 0x0064, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" },
{ 0x0065, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" },
{ 0x0066, "TLS_DHE_DSS_WITH_RC4_128_SHA" },
+ /* these from http://www.mozilla.org/projects/
+ security/pki/nss/ssl/fips-ssl-ciphersuites.html */
+ { 0xfefe, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
+ { 0xfeff, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
+ { 0xffe0, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" },
+ { 0xffe1, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
/* note that ciphersuites 0xff00 - 0xffff are private */
{ 0x00, NULL }
};
