All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.undertow.protocols.ssl.MechanismDatabase.properties Maven / Gradle / Ivy

Go to download

This artifact provides a single jar that contains all classes required to use remote Jakarta Enterprise Beans and Jakarta Messaging, including all dependencies. It is intended for use by those not using maven, maven users should just import the Jakarta Enterprise Beans and Jakarta Messaging BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 35.0.0.Final
Show newest version
#
# JBoss, Home of Professional Open Source.
# Copyright 2014 Red Hat, Inc., and individual contributors
# as indicated by the @author tags.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# ┌───────────────────────────────────────────────────────────────────────────────
# │ Elytron SSL/TLS mechanism information database
# │
# │ File information:
# │
# │ • Encoding must be UTF-8
# │ • Ciphers are read in order, and order is preserved unless a re-sort occurs
# │ • Key = stdName
# │ • Value = openSslNames,kex,auth,enc,digest,prot,export,level,fips,strBits,algBits,byte1,byte2
# │    • If cipher has more OpenSSL names, they are delimited by '|'
# │    • Valid kex names: EECDH RSA DHr DHd DHE PSK FZA KRB5 ECDHr ECDHe GOST SRP
# │             RSAPSK DHEPSK ECDHEPSK
# │    • Valid auth names: NULL RSA DSS DH ECDH KRB5 ECDSA PSK GOST94 GOST01 FZA
# │    • Valid enc names: NULL AES256GCM AES256 AES128GCM AES128 CAMELLIA256
# │             CAMELLIA128 3DES DES IDEA GOST2814789CNT SEED FZA RC4 RC2
# │    • Valid digest names: MD5 SHA1 GOST94 GOST89MAC SHA256 SHA384 AEAD
# │    • Valid prot names: SSLv2 SSLv3 TLSv1 TLSv1.2
# │    • Valid export values: true false
# │    • Valid level names: NONE EXP40 EXP56 LOW MEDIUM HIGH FIPS
# │    • Valid fips values: true false
# │    • Valid strBits values: >= 0
# │    • Valid algBits values: >= 0
# │    • The byte1 and byte2 values represent the TLS encoding of that cipher suite; must
# │             be a base16 two-digit byte value
# │ • Note that all EDH ciphers automatically get a DHE OpenSSL-style alias (and vice-versa)
# │ • Note that all TLS_ cipher suites automatically get a SSL_ alias
# └───────────────────────────────────────────────────────────────────────────────

# OpenSSL TLS v1.2

TLS_RSA_WITH_NULL_SHA256                = NULL-SHA256,RSA,RSA,NULL,SHA256,TLSv1.2,false,NONE,true,0,0,00,3B
TLS_RSA_WITH_AES_128_CBC_SHA256         = AES128-SHA256,RSA,RSA,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,3C
TLS_RSA_WITH_AES_256_CBC_SHA256         = AES256-SHA256,RSA,RSA,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,3D
TLS_RSA_WITH_AES_128_GCM_SHA256         = AES128-GCM-SHA256,RSA,RSA,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,9C
TLS_RSA_WITH_AES_256_GCM_SHA384         = AES256-GCM-SHA384,RSA,RSA,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,9D

TLS_DH_RSA_WITH_AES_128_CBC_SHA256      = DH-RSA-AES128-SHA256,DHr,DH,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,3F
TLS_DH_RSA_WITH_AES_256_CBC_SHA256      = DH-RSA-AES256-SHA256,DHr,DH,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,69
TLS_DH_RSA_WITH_AES_128_GCM_SHA256      = DH-RSA-AES128-GCM-SHA256,DHr,DH,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,A0
TLS_DH_RSA_WITH_AES_256_GCM_SHA384      = DH-RSA-AES256-GCM-SHA384,DHr,DH,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,A1

TLS_DH_DSS_WITH_AES_128_CBC_SHA256      = DH-DSS-AES128-SHA256,DHd,DH,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,3E
TLS_DH_DSS_WITH_AES_256_CBC_SHA256      = DH-DSS-AES256-SHA256,DHd,DH,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,68
TLS_DH_DSS_WITH_AES_128_GCM_SHA256      = DH-DSS-AES128-GCM-SHA256,DHd,DH,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,A4
TLS_DH_DSS_WITH_AES_256_GCM_SHA384      = DH-DSS-AES256-GCM-SHA384,DHd,DH,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,A5

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256     = DHE-RSA-AES128-SHA256,DHE,RSA,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,67
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256     = DHE-RSA-AES256-SHA256,DHE,RSA,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,6B
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256     = DHE-RSA-AES128-GCM-SHA256,DHE,RSA,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,9E
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384     = DHE-RSA-AES256-GCM-SHA384,DHE,RSA,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,9F

TLS_DHE_DSS_WITH_AES_128_CBC_SHA256     = DHE-DSS-AES128-SHA256,DHE,DSS,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,40
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256     = DHE-DSS-AES256-SHA256,DHE,DSS,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,6A
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256     = DHE-DSS-AES128-GCM-SHA256,DHE,DSS,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,A2
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384     = DHE-DSS-AES256-GCM-SHA384,DHE,DSS,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,A3

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256    = ECDH-RSA-AES128-SHA256,ECDHr,ECDH,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,C0,29
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384    = ECDH-RSA-AES256-SHA384,ECDHr,ECDH,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,C0,2A
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256    = ECDH-RSA-AES128-GCM-SHA256,ECDHr,ECDH,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,C0,31
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384    = ECDH-RSA-AES256-GCM-SHA384,ECDHr,ECDH,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,C0,32

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256  = ECDH-ECDSA-AES128-SHA256,ECDHe,ECDH,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,C0,25
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384  = ECDH-ECDSA-AES256-SHA384,ECDHe,ECDH,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,C0,26
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256  = ECDH-ECDSA-AES128-GCM-SHA256,ECDHe,ECDH,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,C0,2D
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384  = ECDH-ECDSA-AES256-GCM-SHA384,ECDHe,ECDH,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,C0,2E

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   = ECDHE-RSA-AES128-SHA256,EECDH,RSA,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,C0,27
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384   = ECDHE-RSA-AES256-SHA384,EECDH,RSA,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,C0,28
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   = ECDHE-RSA-AES128-GCM-SHA256,EECDH,RSA,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,C0,2F
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   = ECDHE-RSA-AES256-GCM-SHA384,EECDH,RSA,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,C0,30

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = ECDHE-ECDSA-AES128-SHA256,EECDH,ECDSA,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,C0,23
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = ECDHE-ECDSA-AES256-SHA384,EECDH,ECDSA,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,C0,24
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = ECDHE-ECDSA-AES128-GCM-SHA256,EECDH,ECDSA,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,C0,2B
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = ECDHE-ECDSA-AES256-GCM-SHA384,EECDH,ECDSA,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,C0,2C

TLS_DH_anon_WITH_AES_128_CBC_SHA256     = ADH-AES128-SHA256,DHE,NULL,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,6C
TLS_DH_anon_WITH_AES_256_CBC_SHA256     = ADH-AES256-SHA256,DHE,NULL,AES256,SHA256,TLSv1.2,false,HIGH,true,256,256,00,6D
TLS_DH_anon_WITH_AES_128_GCM_SHA256     = ADH-AES128-GCM-SHA256,DHE,NULL,AES128GCM,AEAD,TLSv1.2,false,HIGH,true,128,128,00,A6
TLS_DH_anon_WITH_AES_256_GCM_SHA384     = ADH-AES256-GCM-SHA384,DHE,NULL,AES256GCM,AEAD,TLSv1.2,false,HIGH,true,256,256,00,A7

# OpenSSL TLS v1.2 Camellia extensions (RFC 6367 - http://tools.ietf.org/html/rfc6367)

TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256    = ECDHE-ECDSA-CAMELLIA128-SHA256,EECDH,ECDSA,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,C0,72
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256     = ECDH-ECDSA-CAMELLIA128-SHA256,ECDHe,ECDH,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,C0,74
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256      = ECDHE-RSA-CAMELLIA128-SHA256,EECDH,RSA,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,C0,76
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256       = ECDH-RSA-CAMELLIA128-SHA256,ECDHr,ECDH,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,C0,78

TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384    = ECDHE-ECDSA-CAMELLIA256-SHA384,EECDH,ECDSA,CAMELLIA256,SHA384,TLSv1.2,false,HIGH,false,256,256,C0,73
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384     = ECDH-ECDSA-CAMELLIA256-SHA384,ECDHe,ECDH,CAMELLIA256,SHA384,TLSv1.2,false,HIGH,false,256,256,C0,75
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384      = ECDHE-RSA-CAMELLIA256-SHA384,EECDH,RSA,CAMELLIA256,SHA384,TLSv1.2,false,HIGH,false,256,256,C0,77
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384       = ECDH-RSA-CAMELLIA256-SHA384,ECDHr,ECDH,CAMELLIA256,SHA384,TLSv1.2,false,HIGH,false,256,256,C0,79

# TLS v1.2 Enhancements to Camellia extensions (RFC 5932 - http://tools.ietf.org/html/rfc5932)

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256        = CAMELLIA128-SHA256,RSA,RSA,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BA
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256     = DH-DSS-CAMELLIA128-SHA256,DHd,DH,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BB
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256     = DH-RSA-CAMELLIA128-SHA256,DHr,DH,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BC
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256    = DHE-DSS-CAMELLIA128-SHA256,DHE,DSS,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BD
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256    = DHE-RSA-CAMELLIA128-SHA256,DHE,RSA,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BE
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256    = ADH-CAMELLIA128-SHA256,DHE,NULL,CAMELLIA128,SHA256,TLSv1.2,false,HIGH,false,128,128,00,BF

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256        = CAMELLIA256-SHA256,RSA,RSA,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C0
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256     = DH-DSS-CAMELLIA256-SHA256,DHd,DH,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C1
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256     = DH-RSA-CAMELLIA256-SHA256,DHr,DH,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C2
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256    = DHE-DSS-CAMELLIA256-SHA256,DHE,DSS,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C3
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256    = DHE-RSA-CAMELLIA256-SHA256,DHE,RSA,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C4
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256    = ADH-CAMELLIA256-SHA256,DHE,NULL,CAMELLIA256,SHA256,TLSv1.2,false,HIGH,false,256,256,00,C5

# TLS v1.2 PSK cipher suites with SHA-256/384 and GCM (RFC 5487 - http://tools.ietf.org/html/rfc5487)

TLS_PSK_WITH_AES_128_GCM_SHA256         = PSK-AES128-GCM-SHA256,PSK,PSK,AES128GCM,SHA256,TLSv1.2,false,HIGH,true,128,128,00,A8
TLS_PSK_WITH_AES_256_GCM_SHA384         = PSK-AES256-GCM-SHA384,PSK,PSK,AES256GCM,SHA384,TLSv1.2,false,HIGH,true,256,256,00,A9
TLS_PSK_WITH_AES_128_CBC_SHA256         = PSK-AES128-CBC-SHA256,PSK,PSK,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,AE
TLS_PSK_WITH_AES_256_CBC_SHA384         = PSK-AES256-CBC-SHA384,PSK,PSK,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,00,AF
TLS_PSK_WITH_NULL_SHA256                = PSK-NULL-SHA256,PSK,PSK,NULL,SHA256,TLSv1.2,false,NONE,true,0,0,00,B0
TLS_PSK_WITH_NULL_SHA384                = PSK-NULL-SHA384,PSK,PSK,NULL,SHA384,TLSv1.2,false,NONE,true,0,0,00,B1

TLS_DHE_PSK_WITH_AES_128_GCM_SHA256     = DHE-PSK-AES128-GCM-SHA256,DHEPSK,PSK,AES128GCM,SHA256,TLSv1.2,false,HIGH,true,128,128,00,AA
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384     = DHE-PSK-AES256-GCM-SHA384,DHEPSK,PSK,AES256GCM,SHA384,TLSv1.2,false,HIGH,true,256,256,00,AB
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256     = DHE-PSK-AES128-CBC-SHA256,DHEPSK,PSK,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,B2
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384     = DHE-PSK-AES256-CBC-SHA384,DHEPSK,PSK,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,00,B3
TLS_DHE_PSK_WITH_NULL_SHA256            = DHE-PSK-NULL-SHA256,DHEPSK,PSK,NULL,SHA256,TLSv1.2,false,NONE,true,0,0,00,B4
TLS_DHE_PSK_WITH_NULL_SHA384            = DHE-PSK-NULL-SHA384,DHEPSK,PSK,NULL,SHA384,TLSv1.2,false,NONE,true,0,0,00,B5

TLS_RSA_PSK_WITH_AES_128_GCM_SHA256     = RSA-PSK-AES128-GCM-SHA256,RSAPSK,PSK,AES128GCM,SHA256,TLSv1.2,false,HIGH,true,128,128,00,AC
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384     = RSA-PSK-AES256-GCM-SHA384,RSAPSK,PSK,AES256GCM,SHA384,TLSv1.2,false,HIGH,true,256,256,00,AD
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256     = RSA-PSK-AES128-CBC-SHA256,RSAPSK,PSK,AES128,SHA256,TLSv1.2,false,HIGH,true,128,128,00,B6
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384     = RSA-PSK-AES256-CBC-SHA384,RSAPSK,PSK,AES256,SHA384,TLSv1.2,false,HIGH,true,256,256,00,B7
TLS_RSA_PSK_WITH_NULL_SHA256            = RSA-PSK-NULL-SHA256,RSAPSK,PSK,NULL,SHA256,TLSv1.2,false,NONE,true,0,0,00,B8
TLS_RSA_PSK_WITH_NULL_SHA384            = RSA-PSK-NULL-SHA384,RSAPSK,PSK,NULL,SHA384,TLSv1.2,false,NONE,true,0,0,00,B9

# TLS v1.2 ECDHE PSK cipher suites - RFC 5489 (http://tools.ietf.org/html/rfc5489)

TLS_ECDHE_PSK_WITH_NULL_SHA             = ECDHE-PSK-NULL-SHA,ECDHEPSK,ECDH,NULL,SHA1,TLSv1.2,false,NONE,true,0,0,C0,39

TLS_ECDHE_PSK_WITH_RC4_128_SHA          = ECDHE-PSK-RC4-SHA,ECDHEPSK,ECDH,RC4,SHA1,TLSv1.2,false,MEDIUM,false,128,128,C0,33
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA     = ECDHE-PSK-3DES-EDE-SHA,ECDHEPSK,ECDH,3DES,SHA1,TLSv1.2,false,HIGH,false,168,168,C0,34
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA      = ECDHE-PSK-AES128-CBC-SHA,ECDHEPSK,ECDH,AES128,SHA1,TLSv1.2,false,HIGH,false,128,128,C0,35
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA      = ECDHE-PSK-AES256-CBC-SHA,ECDHEPSK,ECDH,AES128,SHA1,TLSv1.2,false,HIGH,false,256,256,C0,36

TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256   = ECDHE-PSK-AES128-CBC-SHA256,ECDHEPSK,ECDH,AES128,SHA256,TLSv1.2,false,HIGH,false,128,128,C0,37
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384   = ECDHE-PSK-AES256-CBC-SHA384,ECDHEPSK,ECDH,AES256,SHA384,TLSv1.2,false,HIGH,false,256,256,C0,38

TLS_ECDHE_PSK_WITH_NULL_SHA256          = ECDHE-PSK-NULL-SHA256,ECDHEPSK,ECDH,NULL,SHA256,TLSv1.2,false,NONE,true,0,0,C0,3A
TLS_ECDHE_PSK_WITH_NULL_SHA384          = ECDHE-PSK-NULL-SHA384,ECDHEPSK,ECDH,NULL,SHA384,TLSv1.2,false,NONE,true,0,0,C0,3B

# Potential ECDHE PSK cipher suites using GCM (from a disappeared draft)

TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256   = ECDHE-PSK-AES128-GCM-SHA256,ECDHEPSK,ECDH,AES128GCM,SHA256,TLSv1.2,false,HIGH,false,128,128
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384   = ECDHE-PSK-AES256-GCM-SHA384,ECDHEPSK,ECDH,AES256GCM,SHA384,TLSv1.2,false,HIGH,false,256,256

# OpenSSL TLS v1.0

TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   = EXP-EDH-RSA-DES-CBC-SHA,DHE,RSA,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,14
TLS_DHE_RSA_WITH_DES_CBC_SHA            = EDH-RSA-DES-CBC-SHA,DHE,RSA,DES,SHA1,SSLv3,false,LOW,false,56,56,00,15
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       = EDH-RSA-DES-CBC3-SHA,DHE,RSA,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,16
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      = EXP-ADH-RC4-MD5,DHE,NULL,RC4,MD5,SSLv3,true,EXP40,false,40,128,00,17
TLS_DH_anon_WITH_RC4_128_MD5            = ADH-RC4-MD5,DHE,NULL,RC4,MD5,SSLv3,false,MEDIUM,false,128,128,00,18
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   = EXP-ADH-DES-CBC-SHA,DHE,NULL,DES,SHA1,SSLv3,true,EXP40,false,40,128,00,19
TLS_DH_anon_WITH_DES_CBC_SHA            = ADH-DES-CBC-SHA,DHE,NULL,DES,SHA1,SSLv3,false,LOW,false,56,56,00,1A
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       = ADH-DES-CBC3-SHA,DHE,NULL,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,1B

# OpenSSL TLS v1.0 new TLS Export CipherSuites from expired ID

TLS_RSA_EXPORT1024_WITH_RC4_56_MD5      = EXP1024-RC4-MD5,RSA,RSA,RC4,MD5,TLSv1,true,EXP56,false,56,128
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD   = EXP1024-RC2-CBC-MD5,RSA,RSA,RC2,MD5,TLSv1,true,EXP56,false,56,128
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     = EXP1024-DES-CBC-SHA,RSA,RSA,DES,SHA1,TLSv1,true,EXP56,false,56,56
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = EXP1024-DHE-DSS-DES-CBC-SHA,DHE,DSS,DES,SHA1,TLSv1,true,EXP56,false,56,56
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      = EXP1024-RC4-SHA,RSA,RSA,RC4,SHA1,TLSv1,true,EXP56,false,56,128
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  = EXP1024-DHE-DSS-RC4-SHA,DHE,DSS,RC4,SHA1,TLSv1,true,EXP56,false,56,128
TLS_DHE_DSS_WITH_RC4_128_SHA            = DHE-DSS-RC4-SHA,DHE,DSS,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128

# OpenSSL TLS v1.0 AES extensions (RFC 3268 - http://tools.ietf.org/html/rfc3268)

TLS_RSA_WITH_AES_128_CBC_SHA            = AES128-SHA,RSA,RSA,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,2F
TLS_DH_DSS_WITH_AES_128_CBC_SHA         = DH-DSS-AES128-SHA,DHd,DH,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,30
TLS_DH_RSA_WITH_AES_128_CBC_SHA         = DH-RSA-AES128-SHA,DHr,DH,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,31
TLS_DHE_DSS_WITH_AES_128_CBC_SHA        = DHE-DSS-AES128-SHA,DHE,DSS,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,32
TLS_DHE_RSA_WITH_AES_128_CBC_SHA        = DHE-RSA-AES128-SHA,DHE,RSA,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,33
TLS_DH_anon_WITH_AES_128_CBC_SHA        = ADH-AES128-SHA,DHE,NULL,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,34

TLS_RSA_WITH_AES_256_CBC_SHA            = AES256-SHA,RSA,RSA,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,35
TLS_DH_DSS_WITH_AES_256_CBC_SHA         = DH-DSS-AES256-SHA,DHd,DH,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,36
TLS_DH_RSA_WITH_AES_256_CBC_SHA         = DH-RSA-AES256-SHA,DHr,DH,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,37
TLS_DHE_DSS_WITH_AES_256_CBC_SHA        = DHE-DSS-AES256-SHA,DHE,DSS,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,38
TLS_DHE_RSA_WITH_AES_256_CBC_SHA        = DHE-RSA-AES256-SHA,DHE,RSA,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,39
TLS_DH_anon_WITH_AES_256_CBC_SHA        = ADH-AES256-SHA,DHE,NULL,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,3A

# OpenSSL TLS v1.0 SRP suites (RFC 5054 - http://tools.ietf.org/html/rfc5054)

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA       = SRP-3DES-EDE-CBC-SHA,SRP,NULL,3DES,SHA1,TLSv1,false,HIGH,false,168,168,C0,1A
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA   = SRP-RSA-3DES-EDE-CBC-SHA,SRP,RSA,3DES,SHA1,TLSv1,false,HIGH,false,168,168,C0,1B
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA   = SRP-DSS-3DES-EDE-CBC-SHA,SRP,DSS,3DES,SHA1,TLSv1,false,HIGH,false,168,168,C0,1C

TLS_SRP_SHA_WITH_AES_128_CBC_SHA        = SRP-AES-128-CBC-SHA,SRP,NULL,AES128,SHA1,TLSv1,false,HIGH,false,128,128,C0,1D
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA    = SRP-RSA-AES-128-CBC-SHA,SRP,RSA,AES128,SHA1,TLSv1,false,HIGH,false,128,128,C0,1E
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA    = SRP-DSS-AES-128-CBC-SHA,SRP,DSS,AES128,SHA1,TLSv1,false,HIGH,false,128,128,C0,1F

TLS_SRP_SHA_WITH_AES_256_CBC_SHA        = SRP-AES-256-CBC-SHA,SRP,NULL,AES256,SHA1,TLSv1,false,HIGH,false,256,256,C0,20
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA    = SRP-RSA-AES-256-CBC-SHA,SRP,RSA,AES256,SHA1,TLSv1,false,HIGH,false,256,256,C0,21
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA    = SRP-DSS-AES-256-CBC-SHA,SRP,DSS,AES256,SHA1,TLSv1,false,HIGH,false,256,256,C0,22

# OpenSSL TLS v1.0 Camellia extensions (RFC 4132 - http://tools.ietf.org/html/rfc4132)

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA       = CAMELLIA128-SHA,RSA,RSA,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,41
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA    = DH-DSS-CAMELLIA128-SHA,DHd,DH,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,42
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA    = DH-RSA-CAMELLIA128-SHA,DHr,DH,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,43
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA   = DHE-DSS-CAMELLIA128-SHA,DHE,DSS,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,44
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA   = DHE-RSA-CAMELLIA128-SHA,DHE,RSA,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,45
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA   = ADH-CAMELLIA128-SHA,DHE,NULL,CAMELLIA128,SHA1,TLSv1,false,HIGH,false,128,128,00,46

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA       = CAMELLIA256-SHA,RSA,RSA,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,84
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA    = DH-DSS-CAMELLIA256-SHA,DHd,DH,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,85
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA    = DH-RSA-CAMELLIA256-SHA,DHr,DH,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,86
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA   = DHE-DSS-CAMELLIA256-SHA,DHE,DSS,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,87
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA   = DHE-RSA-CAMELLIA256-SHA,DHE,RSA,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,88
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA   = ADH-CAMELLIA256-SHA,DHE,NULL,CAMELLIA256,SHA1,TLSv1,false,HIGH,false,256,256,00,89

# OpenSSL TLS v1.0 SEED extensions (RFC 4162 - http://tools.ietf.org/html/rfc4162)

TLS_RSA_WITH_SEED_CBC_SHA               = SEED-SHA,RSA,RSA,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,96
TLS_DH_DSS_WITH_SEED_CBC_SHA            = DH-DSS-SEED-SHA,DHd,DH,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,97
TLS_DH_RSA_WITH_SEED_CBC_SHA            = DH-RSA-SEED-SHA,DHr,DH,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,98
TLS_DHE_DSS_WITH_SEED_CBC_SHA           = DHE-DSS-SEED-SHA,DHE,DSS,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,99
TLS_DHE_RSA_WITH_SEED_CBC_SHA           = DHE-RSA-SEED-SHA,DHE,RSA,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,9A
TLS_DH_anon_WITH_SEED_CBC_SHA           = ADH-SEED-SHA,DHE,NULL,SEED,SHA1,TLSv1,false,MEDIUM,false,128,128,00,9B

# OpenSSL TLS v1.0 GOST extensions (http://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04)

TLS_GOSTR341094_WITH_28147_CNT_IMIT     = GOST94-GOST89-GOST89,GOST,GOST94,GOST2814789CNT,GOST89MAC,TLSv1,false,HIGH,false,256,256
TLS_GOSTR341001_WITH_28147_CNT_IMIT     = GOST2001-GOST89-GOST89,GOST,GOST01,GOST2814789CNT,GOST89MAC,TLSv1,false,HIGH,false,256,256
TLS_GOSTR341094_WITH_NULL_GOSTR3411     = GOST94-NULL-GOST94,GOST,GOST94,NULL,GOST94,TLSv1,false,NONE,false,0,0
TLS_GOSTR341001_WITH_NULL_GOSTR3411     = GOST2001-NULL-GOST94,GOST,GOST01,NULL,GOST94,TLSv1,false,NONE,false,0,0

# OpenSSL TLS v1.0 more spooky GOSTs

TLS_GOSTR341094_RSA_WITH_28147_CNT_MD5  = GOST-MD5,RSA,RSA,GOST2814789CNT,MD5,TLSv1,false,HIGH,false,256,256

TLS_RSA_WITH_28147_CNT_GOST94           = GOST-GOST94,RSA,RSA,GOST2814789CNT,GOST94,TLSv1,false,HIGH,false,256,256
TLS_RSA_WITH_28147_CNT_GOST89MAC        = GOST-GOST89MAC,RSA,RSA,GOST2814789CNT,GOST89MAC,TLSv1,false,HIGH,false,256,256
TLS_RSA_WITH_28147_CNT_GOST89STREAM     = GOST-GOST89STREAM,RSA,RSA,GOST2814789CNT,GOST89MAC,TLSv1,false,HIGH,false,256,256

# OpenSSL Elliptic Curve cipher suites (RFC 4492 - http://tools.ietf.org/html/rfc4492)

TLS_ECDH_ECDSA_WITH_NULL_SHA            = ECDH-ECDSA-NULL-SHA,ECDHe,ECDH,NULL,SHA1,TLSv1,false,NONE,true,0,0,C0,01
TLS_ECDH_ECDSA_WITH_RC4_128_SHA         = ECDH-ECDSA-RC4-SHA,ECDHe,ECDH,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,C0,02
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA    = ECDH-ECDSA-DES-CBC3-SHA,ECDHe,ECDH,3DES,SHA1,TLSv1,false,HIGH,true,168,168,C0,03
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA     = ECDH-ECDSA-AES128-SHA,ECDHe,ECDH,AES128,SHA1,TLSv1,false,HIGH,true,128,128,C0,04
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA     = ECDH-ECDSA-AES256-SHA,ECDHe,ECDH,AES256,SHA1,TLSv1,false,HIGH,true,256,256,C0,05

TLS_ECDHE_ECDSA_WITH_NULL_SHA           = ECDHE-ECDSA-NULL-SHA,EECDH,ECDSA,NULL,SHA1,TLSv1,false,NONE,true,0,0,C0,06
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        = ECDHE-ECDSA-RC4-SHA,EECDH,ECDSA,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,C0,07
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA   = ECDHE-ECDSA-DES-CBC3-SHA,EECDH,ECDSA,3DES,SHA1,TLSv1,false,HIGH,true,168,168,C0,08
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    = ECDHE-ECDSA-AES128-SHA,EECDH,ECDSA,AES128,SHA1,TLSv1,false,HIGH,true,128,128,C0,09
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    = ECDHE-ECDSA-AES256-SHA,EECDH,ECDSA,AES256,SHA1,TLSv1,false,HIGH,true,256,256,C0,0A

TLS_ECDH_RSA_WITH_NULL_SHA              = ECDH-RSA-NULL-SHA,ECDHr,ECDH,NULL,SHA1,TLSv1,false,NONE,true,0,0,C0,0B
TLS_ECDH_RSA_WITH_RC4_128_SHA           = ECDH-RSA-RC4-SHA,ECDHr,ECDH,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,C0,0C
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA      = ECDH-RSA-DES-CBC3-SHA,ECDHr,ECDH,3DES,SHA1,TLSv1,false,HIGH,true,168,168,C0,0D
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA       = ECDH-RSA-AES128-SHA,ECDHr,ECDH,AES128,SHA1,TLSv1,false,HIGH,true,128,128,C0,0E
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA       = ECDH-RSA-AES256-SHA,ECDHr,ECDH,AES256,SHA1,TLSv1,false,HIGH,true,256,256,C0,0F

TLS_ECDHE_RSA_WITH_NULL_SHA             = ECDHE-RSA-NULL-SHA,EECDH,RSA,NULL,SHA1,TLSv1,false,NONE,true,0,0,C0,10
TLS_ECDHE_RSA_WITH_RC4_128_SHA          = ECDHE-RSA-RC4-SHA,EECDH,RSA,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,C0,11
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     = ECDHE-RSA-DES-CBC3-SHA,EECDH,RSA,3DES,SHA1,TLSv1,false,HIGH,true,168,168,C0,12
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      = ECDHE-RSA-AES128-SHA,EECDH,RSA,AES128,SHA1,TLSv1,false,HIGH,true,128,128,C0,13
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      = ECDHE-RSA-AES256-SHA,EECDH,RSA,AES256,SHA1,TLSv1,false,HIGH,true,256,256,C0,14

TLS_ECDH_anon_WITH_NULL_SHA             = AECDH-NULL-SHA,EECDH,NULL,NULL,SHA1,TLSv1,false,NONE,true,0,0,C0,15
TLS_ECDH_anon_WITH_RC4_128_SHA          = AECDH-RC4-SHA,EECDH,NULL,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,C0,16
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA     = AECDH-DES-CBC3-SHA,EECDH,NULL,3DES,SHA1,TLSv1,false,HIGH,true,168,168,C0,17
TLS_ECDH_anon_WITH_AES_128_CBC_SHA      = AECDH-AES128-SHA,EECDH,NULL,AES128,SHA1,TLSv1,false,HIGH,true,128,128,C0,18
TLS_ECDH_anon_WITH_AES_256_CBC_SHA      = AECDH-AES256-SHA,EECDH,NULL,AES256,SHA1,TLSv1,false,HIGH,true,256,256,C0,19

# OpenSSL TLS v1.0 PSK (RFC 4279 - http://tools.ietf.org/html/rfc4279)

TLS_PSK_WITH_RC4_128_SHA                = PSK-RC4-SHA,PSK,PSK,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,00,8A
TLS_PSK_WITH_3DES_EDE_CBC_SHA           = PSK-3DES-EDE-CBC-SHA,PSK,PSK,3DES,SHA1,TLSv1,false,HIGH,true,168,168,00,8B
TLS_PSK_WITH_AES_128_CBC_SHA            = PSK-AES128-CBC-SHA,PSK,PSK,AES128,SHA1,TLSv1,false,HIGH,true,128,128,00,8C
TLS_PSK_WITH_AES_256_CBC_SHA            = PSK-AES256-CBC-SHA,PSK,PSK,AES256,SHA1,TLSv1,false,HIGH,true,256,256,00,8D

# Non-OpenSSL TLS v1.0 PSK (RFC 4279 - http://tools.ietf.org/html/rfc4279)

TLS_DHE_PSK_WITH_RC4_128_SHA            = DHE-PSK-RC4-SHA,DHEPSK,PSK,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,00,8E
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA       = DHE-PSK-3DES-EDE-SHA,DHEPSK,PSK,3DES,SHA1,TLSv1,false,HIGH,false,168,168,00,8F
TLS_DHE_PSK_WITH_AES_128_CBC_SHA        = DHE-PSK-AES128-CBC-SHA,DHEPSK,PSK,AES128,SHA1,TLSv1,false,HIGH,false,128,128,00,90
TLS_DHE_PSK_WITH_AES_256_CBC_SHA        = DHE-PSK-AES256-CBC-SHA,DHEPSK,PSK,AES128,SHA1,TLSv1,false,HIGH,false,256,256,00,91

TLS_RSA_PSK_WITH_RC4_128_SHA            = RSA-PSK-RC4-SHA,RSAPSK,PSK,RC4,SHA1,TLSv1,false,MEDIUM,false,128,128,00,92
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA       = RSA-PSK-3DES-EDE-SHA,RSAPSK,PSK,3DES,SHA1,TLSv1,false,HIGH,false,168,168,00,93
TLS_RSA_PSK_WITH_AES_128_CBC_SHA        = RSA-PSK-AES128-CBC-SHA,RSAPSK,PSK,AES128,SHA1,TLSv1,false,HIGH,false,128,128,00,94
TLS_RSA_PSK_WITH_AES_256_CBC_SHA        = RSA-PSK-AES256-CBC-SHA,RSAPSK,PSK,AES128,SHA1,TLSv1,false,HIGH,false,256,256,00,95

# PSK with NULL encryption (RFC 4785 - http://tools.ietf.org/html/rfc4785)

TLS_PSK_WITH_NULL_SHA                   = PSK-NULL-SHA,PSK,PSK,NULL,SHA1,TLSv1,false,NONE,true,0,0,00,2C
TLS_DHE_PSK_WITH_NULL_SHA               = DHE-PSK-NULL-SHA,DHEPSK,PSK,NULL,SHA1,TLSv1,false,NONE,true,0,0,00,2D
TLS_RSA_PSK_WITH_NULL_SHA               = RSA-PSK-NULL-SHA,RSAPSK,PSK,NULL,SHA1,TLSv1,false,NONE,true,0,0,00,2E

# There are no standard GCM variants of the above; use below instead

# OpenSSL SSL v3.0 Kerberos suites

TLS_KRB5_WITH_DES_CBC_SHA               = KRB5-DES-CBC-SHA,KRB5,KRB5,DES,SHA1,SSLv3,false,LOW,false,56,56,00,1E
TLS_KRB5_WITH_3DES_EDE_CBC_SHA          = KRB5-DES-CBC3-SHA,KRB5,KRB5,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,1F
TLS_KRB5_WITH_RC4_128_SHA               = KRB5-RC4-SHA,KRB5,KRB5,RC4,SHA1,SSLv3,false,MEDIUM,false,128,128,00,20
TLS_KRB5_WITH_IDEA_CBC_SHA              = KRB5-IDEA-CBC-SHA,KRB5,KRB5,IDEA,SHA1,SSLv3,false,MEDIUM,false,128,128,00,21
TLS_KRB5_WITH_DES_CBC_MD5               = KRB5-DES-CBC-MD5,KRB5,KRB5,DES,MD5,SSLv3,false,LOW,false,56,56,00,22
TLS_KRB5_WITH_3DES_EDE_CBC_MD5          = KRB5-DES-CBC3-MD5,KRB5,KRB5,3DES,MD5,SSLv3,false,HIGH,false,168,168,00,23
TLS_KRB5_WITH_RC4_128_MD5               = KRB5-RC4-MD5,KRB5,KRB5,RC4,MD5,SSLv3,false,MEDIUM,false,128,128,00,24
TLS_KRB5_WITH_IDEA_CBC_MD5              = KRB5-IDEA-CBC-MD5,KRB5,KRB5,IDEA,MD5,SSLv3,false,MEDIUM,false,128,128,00,25

TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA     = EXP-KRB5-DES-CBC-SHA,KRB5,KRB5,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,26
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA     = EXP-KRB5-RC2-CBC-SHA,KRB5,KRB5,RC2,SHA1,SSLv3,true,EXP40,false,40,128,00,27
TLS_KRB5_EXPORT_WITH_RC4_40_SHA         = EXP-KRB5-RC4-SHA,KRB5,KRB5,RC4,SHA1,SSLv3,true,EXP40,false,40,128,00,28
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5     = EXP-KRB5-DES-CBC-MD5,KRB5,KRB5,DES,MD5,SSLv3,true,EXP40,false,40,56,00,29
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5     = EXP-KRB5-RC2-CBC-MD5,KRB5,KRB5,RC2,MD5,SSLv3,true,EXP40,false,40,128,00,2A
TLS_KRB5_EXPORT_WITH_RC4_40_MD5         = EXP-KRB5-RC4-MD5,KRB5,KRB5,RC4,MD5,SSLv3,true,EXP40,false,40,128,00,2B

# OpenSSL SSL v3.0

TLS_RSA_WITH_NULL_MD5                   = NULL-MD5,RSA,RSA,NULL,MD5,SSLv3,false,NONE,false,0,0,00,01
TLS_RSA_WITH_NULL_SHA                   = NULL-SHA,RSA,RSA,NULL,SHA1,SSLv3,false,NONE,true,0,0,00,02
TLS_RSA_EXPORT_WITH_RC4_40_MD5          = EXP-RC4-MD5,RSA,RSA,RC4,MD5,SSLv3,true,EXP40,false,40,128,00,03
TLS_RSA_WITH_RC4_128_MD5                = RC4-MD5,RSA,RSA,RC4,MD5,SSLv3,false,MEDIUM,false,128,128,00,04
TLS_RSA_WITH_RC4_128_SHA                = RC4-SHA,RSA,RSA,RC4,SHA1,SSLv3,false,MEDIUM,false,128,128,00,05
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      = EXP-RC2-CBC-MD5,RSA,RSA,RC2,MD5,SSLv3,true,EXP40,false,40,128,00,06
TLS_RSA_WITH_IDEA_CBC_SHA               = IDEA-CBC-SHA,RSA,RSA,IDEA,SHA1,SSLv3,false,MEDIUM,false,128,128,00,07
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       = EXP-DES-CBC-SHA,RSA,RSA,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,08
TLS_RSA_WITH_DES_CBC_SHA                = DES-CBC-SHA,RSA,RSA,DES,SHA1,SSLv3,false,LOW,false,56,56,00,09
TLS_RSA_WITH_3DES_EDE_CBC_SHA           = DES-CBC3-SHA,RSA,RSA,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,0A

TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    = EXP-DH-DSS-DES-CBC-SHA,DHd,DH,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,0B
TLS_DH_DSS_WITH_DES_CBC_SHA             = DH-DSS-DES-CBC-SHA,DHd,DH,DES,SHA1,SSLv3,false,LOW,false,56,56,00,0C
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        = DH-DSS-DES-CBC3-SHA,DHd,DH,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,0D

TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    = EXP-DH-RSA-DES-CBC-SHA,DHr,DH,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,0E
TLS_DH_RSA_WITH_DES_CBC_SHA             = DH-RSA-DES-CBC-SHA,DHr,DH,DES,SHA1,SSLv3,false,LOW,false,56,56,00,0F
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        = DH-RSA-DES-CBC3-SHA,DHr,DH,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,10

TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   = EXP-EDH-DSS-DES-CBC-SHA,DHE,DSS,DES,SHA1,SSLv3,true,EXP40,false,40,56,00,11
TLS_DHE_DSS_WITH_DES_CBC_SHA            = EDH-DSS-DES-CBC-SHA|EDH-DSS-CBC-SHA,DHE,DSS,DES,SHA1,SSLv3,false,LOW,false,56,56,00,12
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       = EDH-DSS-DES-CBC3-SHA,DHE,DSS,3DES,SHA1,SSLv3,false,HIGH,true,168,168,00,13

# OpenSSL Fortezza cipher suite from SSL 3.0 spec

# TLS_FORTEZZA_KEA_WITH_NULL_SHA          ⎫
# TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  ⎬ Not implemented - see http://marc.info/?l=openssl-dev&m=102820036228328&w=2
# TLS_FORTEZZA_KEA_WITH_RC4_128_SHA       ⎭ ← this one in particular has an ID conflict with KRB5 and should not be used

TLS_FORTEZZA_DMS_WITH_NULL_SHA          = FZA-NULL-SHA,FZA,FZA,NULL,SHA1,SSLv3,false,NONE,false,0,0
TLS_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA  = FZA-FZA-CBC-SHA,FZA,FZA,FZA,SHA1,SSLv3,false,NONE,false,0,0
TLS_FORTEZZA_DMS_WITH_RC4_128_SHA       = FZA-RC4-SHA,FZA,FZA,RC4,SHA1,SSLv3,false,MEDIUM,false,128,128

# OpenSSL SSL v2 deprecated

# TLS_CK_RC4_128_WITH_MD5                 = RC4-MD5,RSA,RSA,RC4,MD5,SSLv2,false,MEDIUM,false,128,128
# TLS_CK_RC4_128_EXPORT40_WITH_MD5        = EXP-RC4-MD5,RSA,RSA,RC4,MD5,SSLv2,true,EXP40,false,40,128
# TLS_CK_RC2_128_CBC_WITH_MD5             = RC2-MD5,RSA,RSA,RC2,MD5,SSLv2,false,MEDIUM,false,128,128
# TLS_CK_RC2_128_CBC_EXPORT40_WITH_MD5    = EXP-RC2-MD5,RSA,RSA,RC2,MD5,SSLv2,true,EXP40,false,40,128
# TLS_CK_IDEA_128_CBC_WITH_MD5            = IDEA-CBC-MD5,RSA,RSA,IDEA,MD5,SSLv2,false,MEDIUM,false,128,128
# TLS_CK_DES_64_CBC_WITH_MD5              = DES-CBC-MD5,RSA,RSA,DES,MD5,SSLv2,false,LOW,false,56,56
# TLS_CK_DES_192_EDE3_CBC_WITH_MD5        = DES-CBC3-MD5,RSA,RSA,3DES,MD5,SSLv2,false,HIGH,false,168,168

# JDK FIPS modes not in OpenSSL

TLS_RSA_FIPS_WITH_DES_CBC_SHA           = alias:TLS_RSA_WITH_DES_CBC_SHA

TLS_RSA_FIPS_WITH_3DES_EDE_CBC_SHA      = alias:TLS_RSA_WITH_3DES_EDE_CBC_SHA




© 2015 - 2025 Weber Informatics LLC | Privacy Policy