diff options
| author | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:48:59 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:48:59 +0000 |
| commit | 96afc1cfd53a0ffcca8544fa751eb9bf17749133 (patch) | |
| tree | a21b008f179047a3a4c244c379ec33599bfd77e9 /doc/apps | |
| parent | 24a8c25ab5a91b4cf467aef1af3dcc474b1c7df2 (diff) | |
Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
Diffstat (limited to 'doc/apps')
| -rw-r--r-- | doc/apps/ciphers.pod | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index e119d5e62f..22c219bbfb 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -109,8 +109,8 @@ The following is a list of all permitted cipher strings and their meanings. =item B<DEFAULT> -the default cipher list. This is determined at compile time and is normally -B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string +the default cipher list. This is determined at compile time and, as of OpenSSL +0.9.9, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string specified. =item B<COMPLEMENTOFDEFAULT> @@ -121,7 +121,8 @@ not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary). =item B<ALL> -all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled. +all cipher suites except the B<eNULL> ciphers which must be explicitly enabled; +as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default =item B<COMPLEMENTOFALL> @@ -214,6 +215,10 @@ anonymous DH cipher suites. cipher suites using AES. +=item B<CAMELLIA> + +cipher suites using Camellia. + =item B<3DES> cipher suites using triple DES. @@ -234,6 +239,10 @@ cipher suites using RC2. cipher suites using IDEA. +=item B<SEED> + +cipher suites using SEED. + =item B<MD5> cipher suites using MD5. @@ -242,10 +251,6 @@ cipher suites using MD5. cipher suites using SHA1. -=item B<Camellia> - -cipher suites using Camellia. - =back =head1 CIPHER SUITE NAMES @@ -328,10 +333,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA - TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA - TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA - TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA - TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA + TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented. + TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented. TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA @@ -359,6 +364,18 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA +=head2 SEED ciphersuites from RFC4162, extending TLS v1.0 + + TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA + + TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented. + + TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA + TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA + + TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA + =head2 Additional Export 1024 and other cipher suites Note: these ciphers can also be used in SSL v3. |