Warn about 3DES when network-security-level is medium

* lisp/net/nsm.el (network-security-protocol-checks): Bump deprecated and insecure '3des-cipher' to 'medium'. * doc/emacs/misc.texi (Network Security): Document the above change. Ref: https://nvd.nist.gov/vuln/detail/CVE-2016-2183
2026-02-16 17:24:23 +00:00 · 2023-10-24 16:20:42 +02:00 · 2023-10-24 16:20:42 +02:00 · dbcaaf375f
commit dbcaaf375f
parent a59d1da0dd
3 changed files with 16 additions and 9 deletions
--- a/doc/emacs/misc.texi
+++ b/doc/emacs/misc.texi
@ -399,18 +399,18 @@ vulnerable to a variety of attacks, and you may want to avoid using
 these if what you're doing requires higher security.  (This is the
@code{ssl} check in @code{network-security-protocol-checks}).

+@item Triple DES (or @acronym{3DES}) cipher
+The @acronym{3DES} stream cipher provides at most 112 bits of
+effective security, and a major security vulnerability in it was
+disclosed in 2016 (CVE-2016-2183).  It has been deprecated by NIST in
+all applications from late 2023 onwards.  (This is the
+@code{3des-cipher} check in @code{network-security-protocol-checks}).
@end table

 If @code{network-security-level} is @code{high}, the following checks
 will be made, in addition to the above:

@table @asis
-@item @acronym{3DES} cipher
-The @acronym{3DES} stream cipher provides at most 112 bits of
-effective security, which is considered to be towards the low end.
-(This is the @code{3des} check in
-@code{network-security-protocol-checks}).
-
@item a validated certificate changes the public key
 Servers change their keys occasionally, and that is normally nothing
 to be concerned about.  However, if you are worried that your network
--- a/etc/NEWS
+++ b/etc/NEWS
@ -62,6 +62,12 @@ more details.

 ** Emacs now supports Unicode Standard version 15.1.

+** The Network Security Manager now warns about 3DES by default.
+This cypher is no longer recommended owing to a major vulnerability
+disclosed in 2016, and its small 112 bit key size.  Emacs now warns
+about its use also when 'network-security-level' is set to 'medium'
+(the default).  See 'network-security-protocol-checks'.
+
 ** Help

 *** 'describe-function' shows function inferred type when available.
--- a/lisp/net/nsm.el
+++ b/lisp/net/nsm.el
@ -149,10 +149,11 @@ unencrypted."
    (dhe-prime-kx           medium)
    (sha1-sig               medium)
    (ecdsa-cbc-cipher       medium)
+    ;; Deprecated by NIST from 2016/2023 (see also CVE-2016-2183).
+    (3des-cipher            medium)
    ;; Towards TLS 1.3
    (dhe-kx                 high)
    (rsa-kx                 high)
-    (3des-cipher            high)
    (cbc-cipher             high))
  "This variable specifies what TLS connection checks to perform.
 It's an alist where the key is the name of the check, and the
@ -169,13 +170,13 @@ otherwise.

 See also: `nsm-check-tls-connection', `nsm-save-host-names',
 `nsm-settings-file'"
-  :version "27.1"
  :type '(repeat (list (symbol :tag "Check function")
                       (choice :tag "Level"
                               :value medium
                               (const :tag "Low" low)
                               (const :tag "Medium" medium)
-                               (const :tag "High" high)))))
+                               (const :tag "High" high))))
+  :version "30.1")

 (defun nsm-save-fingerprint-maybe (host port status &rest _)
  "Save the certificate's fingerprint.