2016-12-17 19:08:55 -05:00
# Ciphers
2018-10-23 00:49:12 -04:00
With curl's options
[`CURLOPT_SSL_CIPHER_LIST` ](https://curl.haxx.se/libcurl/c/CURLOPT_SSL_CIPHER_LIST.html )
and
[`--ciphers` ](https://curl.haxx.se/docs/manpage.html#--ciphers )
users can control which ciphers to consider when negotiating TLS connections.
TLS 1.3 ciphers are supported since curl 7.61 with options
[`CURLOPT_TLS13_CIPHERS` ](https://curl.haxx.se/libcurl/c/CURLOPT_TLS13_CIPHERS.html )
and
[`--tls13-ciphers` ](https://curl.haxx.se/docs/manpage.html#--tls13-ciphers )
.
2016-12-17 19:08:55 -05:00
The names of the known ciphers differ depending on which TLS backend that
libcurl was built to use. This is an attempt to list known cipher names.
## OpenSSL
(based on [OpenSSL docs ](https://www.openssl.org/docs/man1.1.0/apps/ciphers.html ))
2018-10-02 07:55:36 -04:00
When specifying multiple cipher names, separate them with colon (`:`).
2016-12-17 19:08:55 -05:00
### SSL3 cipher suites
2016-12-18 10:44:45 -05:00
`NULL-MD5`
`NULL-SHA`
`RC4-MD5`
`RC4-SHA`
`IDEA-CBC-SHA`
`DES-CBC3-SHA`
`DH-DSS-DES-CBC3-SHA`
`DH-RSA-DES-CBC3-SHA`
`DHE-DSS-DES-CBC3-SHA`
`DHE-RSA-DES-CBC3-SHA`
`ADH-RC4-MD5`
`ADH-DES-CBC3-SHA`
2016-12-17 19:08:55 -05:00
### TLS v1.0 cipher suites
2016-12-18 10:44:45 -05:00
`NULL-MD5`
`NULL-SHA`
`RC4-MD5`
`RC4-SHA`
`IDEA-CBC-SHA`
`DES-CBC3-SHA`
`DHE-DSS-DES-CBC3-SHA`
`DHE-RSA-DES-CBC3-SHA`
`ADH-RC4-MD5`
`ADH-DES-CBC3-SHA`
2016-12-17 19:08:55 -05:00
### AES ciphersuites from RFC3268, extending TLS v1.0
2016-12-18 10:44:45 -05:00
`AES128-SHA`
`AES256-SHA`
`DH-DSS-AES128-SHA`
`DH-DSS-AES256-SHA`
`DH-RSA-AES128-SHA`
`DH-RSA-AES256-SHA`
`DHE-DSS-AES128-SHA`
`DHE-DSS-AES256-SHA`
`DHE-RSA-AES128-SHA`
`DHE-RSA-AES256-SHA`
`ADH-AES128-SHA`
`ADH-AES256-SHA`
2016-12-17 19:08:55 -05:00
### SEED ciphersuites from RFC4162, extending TLS v1.0
2016-12-18 10:44:45 -05:00
`SEED-SHA`
`DH-DSS-SEED-SHA`
`DH-RSA-SEED-SHA`
`DHE-DSS-SEED-SHA`
`DHE-RSA-SEED-SHA`
`ADH-SEED-SHA`
2016-12-17 19:08:55 -05:00
### GOST ciphersuites, extending TLS v1.0
2016-12-18 10:44:45 -05:00
`GOST94-GOST89-GOST89`
`GOST2001-GOST89-GOST89`
`GOST94-NULL-GOST94`
`GOST2001-NULL-GOST94`
2016-12-17 19:08:55 -05:00
### Elliptic curve cipher suites
2016-12-18 10:44:45 -05:00
`ECDHE-RSA-NULL-SHA`
`ECDHE-RSA-RC4-SHA`
`ECDHE-RSA-DES-CBC3-SHA`
`ECDHE-RSA-AES128-SHA`
`ECDHE-RSA-AES256-SHA`
`ECDHE-ECDSA-NULL-SHA`
`ECDHE-ECDSA-RC4-SHA`
`ECDHE-ECDSA-DES-CBC3-SHA`
`ECDHE-ECDSA-AES128-SHA`
`ECDHE-ECDSA-AES256-SHA`
`AECDH-NULL-SHA`
`AECDH-RC4-SHA`
`AECDH-DES-CBC3-SHA`
`AECDH-AES128-SHA`
`AECDH-AES256-SHA`
2016-12-17 19:08:55 -05:00
### TLS v1.2 cipher suites
2016-12-18 10:44:45 -05:00
`NULL-SHA256`
`AES128-SHA256`
`AES256-SHA256`
`AES128-GCM-SHA256`
`AES256-GCM-SHA384`
`DH-RSA-AES128-SHA256`
`DH-RSA-AES256-SHA256`
`DH-RSA-AES128-GCM-SHA256`
`DH-RSA-AES256-GCM-SHA384`
`DH-DSS-AES128-SHA256`
`DH-DSS-AES256-SHA256`
`DH-DSS-AES128-GCM-SHA256`
`DH-DSS-AES256-GCM-SHA384`
`DHE-RSA-AES128-SHA256`
`DHE-RSA-AES256-SHA256`
`DHE-RSA-AES128-GCM-SHA256`
`DHE-RSA-AES256-GCM-SHA384`
`DHE-DSS-AES128-SHA256`
`DHE-DSS-AES256-SHA256`
`DHE-DSS-AES128-GCM-SHA256`
`DHE-DSS-AES256-GCM-SHA384`
`ECDHE-RSA-AES128-SHA256`
`ECDHE-RSA-AES256-SHA384`
`ECDHE-RSA-AES128-GCM-SHA256`
`ECDHE-RSA-AES256-GCM-SHA384`
`ECDHE-ECDSA-AES128-SHA256`
`ECDHE-ECDSA-AES256-SHA384`
`ECDHE-ECDSA-AES128-GCM-SHA256`
`ECDHE-ECDSA-AES256-GCM-SHA384`
`ADH-AES128-SHA256`
`ADH-AES256-SHA256`
`ADH-AES128-GCM-SHA256`
`ADH-AES256-GCM-SHA384`
`AES128-CCM`
`AES256-CCM`
`DHE-RSA-AES128-CCM`
`DHE-RSA-AES256-CCM`
`AES128-CCM8`
`AES256-CCM8`
`DHE-RSA-AES128-CCM8`
`DHE-RSA-AES256-CCM8`
`ECDHE-ECDSA-AES128-CCM`
`ECDHE-ECDSA-AES256-CCM`
`ECDHE-ECDSA-AES128-CCM8`
`ECDHE-ECDSA-AES256-CCM8`
2016-12-17 19:08:55 -05:00
### Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2
2016-12-18 10:44:45 -05:00
`ECDHE-ECDSA-CAMELLIA128-SHA256`
`ECDHE-ECDSA-CAMELLIA256-SHA384`
`ECDHE-RSA-CAMELLIA128-SHA256`
`ECDHE-RSA-CAMELLIA256-SHA384`
2016-12-17 19:08:55 -05:00
2018-05-29 10:12:52 -04:00
### TLS 1.3 cipher suites
2018-10-23 00:49:12 -04:00
(Note these ciphers are set with `CURLOPT_TLS13_CIPHERS` and `--tls13-ciphers` )
2018-05-29 10:12:52 -04:00
`TLS13-AES-256-GCM-SHA384`
`TLS13-CHACHA20-POLY1305-SHA256`
`TLS13-AES-128-GCM-SHA256`
`TLS13-AES-128-CCM-8-SHA256`
`TLS13-AES-128-CCM-SHA256`
2016-12-17 19:08:55 -05:00
## NSS
### Totally insecure
2016-12-18 10:44:45 -05:00
`rc4`
`rc4-md5`
`rc4export`
`rc2`
`rc2export`
`des`
`desede3`
2016-12-17 19:08:55 -05:00
### SSL3/TLS cipher suites
2016-12-18 10:44:45 -05:00
`rsa_rc4_128_md5`
`rsa_rc4_128_sha`
`rsa_3des_sha`
`rsa_des_sha`
`rsa_rc4_40_md5`
`rsa_rc2_40_md5`
`rsa_null_md5`
`rsa_null_sha`
`fips_3des_sha`
`fips_des_sha`
`fortezza`
`fortezza_rc4_128_sha`
`fortezza_null`
2016-12-17 19:08:55 -05:00
### TLS 1.0 Exportable 56-bit Cipher Suites
2016-12-18 10:44:45 -05:00
`rsa_des_56_sha`
`rsa_rc4_56_sha`
2016-12-17 19:08:55 -05:00
### AES ciphers
2016-12-18 10:44:45 -05:00
`dhe_dss_aes_128_cbc_sha`
`dhe_dss_aes_256_cbc_sha`
`dhe_rsa_aes_128_cbc_sha`
`dhe_rsa_aes_256_cbc_sha`
`rsa_aes_128_sha`
`rsa_aes_256_sha`
2016-12-17 19:08:55 -05:00
### ECC ciphers
2016-12-18 10:44:45 -05:00
`ecdh_ecdsa_null_sha`
`ecdh_ecdsa_rc4_128_sha`
`ecdh_ecdsa_3des_sha`
`ecdh_ecdsa_aes_128_sha`
`ecdh_ecdsa_aes_256_sha`
`ecdhe_ecdsa_null_sha`
`ecdhe_ecdsa_rc4_128_sha`
`ecdhe_ecdsa_3des_sha`
`ecdhe_ecdsa_aes_128_sha`
`ecdhe_ecdsa_aes_256_sha`
`ecdh_rsa_null_sha`
`ecdh_rsa_128_sha`
`ecdh_rsa_3des_sha`
`ecdh_rsa_aes_128_sha`
`ecdh_rsa_aes_256_sha`
`ecdhe_rsa_null`
`ecdhe_rsa_rc4_128_sha`
`ecdhe_rsa_3des_sha`
`ecdhe_rsa_aes_128_sha`
`ecdhe_rsa_aes_256_sha`
`ecdh_anon_null_sha`
`ecdh_anon_rc4_128sha`
`ecdh_anon_3des_sha`
`ecdh_anon_aes_128_sha`
`ecdh_anon_aes_256_sha`
2016-12-17 19:08:55 -05:00
### HMAC-SHA256 cipher suites
2016-12-18 10:44:45 -05:00
`rsa_null_sha_256`
`rsa_aes_128_cbc_sha_256`
`rsa_aes_256_cbc_sha_256`
`dhe_rsa_aes_128_cbc_sha_256`
`dhe_rsa_aes_256_cbc_sha_256`
`ecdhe_ecdsa_aes_128_cbc_sha_256`
`ecdhe_rsa_aes_128_cbc_sha_256`
2016-12-17 19:08:55 -05:00
### AES GCM cipher suites in RFC 5288 and RFC 5289
2016-12-18 10:44:45 -05:00
`rsa_aes_128_gcm_sha_256`
`dhe_rsa_aes_128_gcm_sha_256`
`dhe_dss_aes_128_gcm_sha_256`
`ecdhe_ecdsa_aes_128_gcm_sha_256`
`ecdh_ecdsa_aes_128_gcm_sha_256`
`ecdhe_rsa_aes_128_gcm_sha_256`
`ecdh_rsa_aes_128_gcm_sha_256`
2016-12-17 19:08:55 -05:00
### cipher suites using SHA384
2016-12-18 10:44:45 -05:00
`rsa_aes_256_gcm_sha_384`
`dhe_rsa_aes_256_gcm_sha_384`
`dhe_dss_aes_256_gcm_sha_384`
`ecdhe_ecdsa_aes_256_sha_384`
`ecdhe_rsa_aes_256_sha_384`
`ecdhe_ecdsa_aes_256_gcm_sha_384`
`ecdhe_rsa_aes_256_gcm_sha_384`
2016-12-17 19:08:55 -05:00
### chacha20-poly1305 cipher suites
2016-12-18 10:44:45 -05:00
`ecdhe_rsa_chacha20_poly1305_sha_256`
`ecdhe_ecdsa_chacha20_poly1305_sha_256`
`dhe_rsa_chacha20_poly1305_sha_256`
2017-01-06 11:43:57 -05:00
## GSKit
2017-08-08 15:22:34 -04:00
Ciphers are internally defined as numeric codes (https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/apis/gsk_attribute_set_buffer.htm),
2017-01-06 11:43:57 -05:00
but libcurl maps them to the following case-insensitive names.
### SSL2 cipher suites (insecure: disabled by default)
`rc2-md5`
`rc4-md5`
`exp-rc2-md5`
`exp-rc4-md5`
`des-cbc-md5`
`des-cbc3-md5`
### SSL3 cipher suites
`null-md5`
`null-sha`
`rc4-md5`
`rc4-sha`
`exp-rc2-cbc-md5`
`exp-rc4-md5`
`exp-des-cbc-sha`
`des-cbc3-sha`
### TLS v1.0 cipher suites
`null-md5`
`null-sha`
`rc4-md5`
`rc4-sha`
`exp-rc2-cbc-md5`
`exp-rc4-md5`
`exp-des-cbc-sha`
`des-cbc3-sha`
`aes128-sha`
`aes256-sha`
### TLS v1.1 cipher suites
`null-md5`
`null-sha`
`rc4-md5`
`rc4-sha`
`exp-des-cbc-sha`
`des-cbc3-sha`
`aes128-sha`
`aes256-sha`
### TLS v1.2 cipher suites
`null-md5`
`null-sha`
`null-sha256`
`rc4-md5`
`rc4-sha`
`des-cbc3-sha`
`aes128-sha`
`aes256-sha`
`aes128-sha256`
`aes256-sha256`
`aes128-gcm-sha256`
`aes256-gcm-sha384`
2017-01-06 17:00:45 -05:00
## WolfSSL
`RC4-SHA` ,
`RC4-MD5` ,
`DES-CBC3-SHA` ,
`AES128-SHA` ,
`AES256-SHA` ,
`NULL-SHA` ,
`NULL-SHA256` ,
`DHE-RSA-AES128-SHA` ,
`DHE-RSA-AES256-SHA` ,
`DHE-PSK-AES256-GCM-SHA384` ,
`DHE-PSK-AES128-GCM-SHA256` ,
`PSK-AES256-GCM-SHA384` ,
`PSK-AES128-GCM-SHA256` ,
`DHE-PSK-AES256-CBC-SHA384` ,
`DHE-PSK-AES128-CBC-SHA256` ,
`PSK-AES256-CBC-SHA384` ,
`PSK-AES128-CBC-SHA256` ,
`PSK-AES128-CBC-SHA` ,
`PSK-AES256-CBC-SHA` ,
`DHE-PSK-AES128-CCM` ,
`DHE-PSK-AES256-CCM` ,
`PSK-AES128-CCM` ,
`PSK-AES256-CCM` ,
`PSK-AES128-CCM-8` ,
`PSK-AES256-CCM-8` ,
`DHE-PSK-NULL-SHA384` ,
`DHE-PSK-NULL-SHA256` ,
`PSK-NULL-SHA384` ,
`PSK-NULL-SHA256` ,
`PSK-NULL-SHA` ,
`HC128-MD5` ,
`HC128-SHA` ,
`HC128-B2B256` ,
`AES128-B2B256` ,
`AES256-B2B256` ,
`RABBIT-SHA` ,
`NTRU-RC4-SHA` ,
`NTRU-DES-CBC3-SHA` ,
`NTRU-AES128-SHA` ,
`NTRU-AES256-SHA` ,
`AES128-CCM-8` ,
`AES256-CCM-8` ,
`ECDHE-ECDSA-AES128-CCM` ,
`ECDHE-ECDSA-AES128-CCM-8` ,
`ECDHE-ECDSA-AES256-CCM-8` ,
`ECDHE-RSA-AES128-SHA` ,
`ECDHE-RSA-AES256-SHA` ,
`ECDHE-ECDSA-AES128-SHA` ,
`ECDHE-ECDSA-AES256-SHA` ,
`ECDHE-RSA-RC4-SHA` ,
`ECDHE-RSA-DES-CBC3-SHA` ,
`ECDHE-ECDSA-RC4-SHA` ,
`ECDHE-ECDSA-DES-CBC3-SHA` ,
`AES128-SHA256` ,
`AES256-SHA256` ,
`DHE-RSA-AES128-SHA256` ,
`DHE-RSA-AES256-SHA256` ,
`ECDH-RSA-AES128-SHA` ,
`ECDH-RSA-AES256-SHA` ,
`ECDH-ECDSA-AES128-SHA` ,
`ECDH-ECDSA-AES256-SHA` ,
`ECDH-RSA-RC4-SHA` ,
`ECDH-RSA-DES-CBC3-SHA` ,
`ECDH-ECDSA-RC4-SHA` ,
`ECDH-ECDSA-DES-CBC3-SHA` ,
`AES128-GCM-SHA256` ,
`AES256-GCM-SHA384` ,
`DHE-RSA-AES128-GCM-SHA256` ,
`DHE-RSA-AES256-GCM-SHA384` ,
`ECDHE-RSA-AES128-GCM-SHA256` ,
`ECDHE-RSA-AES256-GCM-SHA384` ,
`ECDHE-ECDSA-AES128-GCM-SHA256` ,
`ECDHE-ECDSA-AES256-GCM-SHA384` ,
`ECDH-RSA-AES128-GCM-SHA256` ,
`ECDH-RSA-AES256-GCM-SHA384` ,
`ECDH-ECDSA-AES128-GCM-SHA256` ,
`ECDH-ECDSA-AES256-GCM-SHA384` ,
`CAMELLIA128-SHA` ,
`DHE-RSA-CAMELLIA128-SHA` ,
`CAMELLIA256-SHA` ,
`DHE-RSA-CAMELLIA256-SHA` ,
`CAMELLIA128-SHA256` ,
`DHE-RSA-CAMELLIA128-SHA256` ,
`CAMELLIA256-SHA256` ,
`DHE-RSA-CAMELLIA256-SHA256` ,
`ECDHE-RSA-AES128-SHA256` ,
`ECDHE-ECDSA-AES128-SHA256` ,
`ECDH-RSA-AES128-SHA256` ,
`ECDH-ECDSA-AES128-SHA256` ,
`ECDHE-RSA-AES256-SHA384` ,
`ECDHE-ECDSA-AES256-SHA384` ,
`ECDH-RSA-AES256-SHA384` ,
`ECDH-ECDSA-AES256-SHA384` ,
`ECDHE-RSA-CHACHA20-POLY1305` ,
`ECDHE-ECDSA-CHACHA20-POLY1305` ,
`DHE-RSA-CHACHA20-POLY1305` ,
`ECDHE-RSA-CHACHA20-POLY1305-OLD` ,
`ECDHE-ECDSA-CHACHA20-POLY1305-OLD` ,
`DHE-RSA-CHACHA20-POLY1305-OLD` ,
`ADH-AES128-SHA` ,
`QSH` ,
`RENEGOTIATION-INFO` ,
`IDEA-CBC-SHA` ,
`ECDHE-ECDSA-NULL-SHA` ,
`ECDHE-PSK-NULL-SHA256` ,
`ECDHE-PSK-AES128-CBC-SHA256` ,
`PSK-CHACHA20-POLY1305` ,
`ECDHE-PSK-CHACHA20-POLY1305` ,
`DHE-PSK-CHACHA20-POLY1305` ,
`EDH-RSA-DES-CBC3-SHA` ,
2018-06-01 20:17:40 -04:00
## WinSSL
WinSSL allows the enabling and disabling of encryption algorithms, but not specific ciphersuites. They are defined by Microsoft (https://msdn.microsoft.com/en-us/library/windows/desktop/aa375549(v=vs.85).aspx)
`CALG_MD2` ,
`CALG_MD4` ,
`CALG_MD5` ,
`CALG_SHA` ,
`CALG_SHA1` ,
`CALG_MAC` ,
`CALG_RSA_SIGN` ,
`CALG_DSS_SIGN` ,
`CALG_NO_SIGN` ,
`CALG_RSA_KEYX` ,
`CALG_DES` ,
`CALG_3DES_112` ,
`CALG_3DES` ,
`CALG_DESX` ,
`CALG_RC2` ,
`CALG_RC4` ,
`CALG_SEAL` ,
`CALG_DH_SF` ,
`CALG_DH_EPHEM` ,
`CALG_AGREEDKEY_ANY` ,
`CALG_HUGHES_MD5` ,
`CALG_SKIPJACK` ,
`CALG_TEK` ,
`CALG_CYLINK_MEK` ,
`CALG_SSL3_SHAMD5` ,
`CALG_SSL3_MASTER` ,
`CALG_SCHANNEL_MASTER_HASH` ,
`CALG_SCHANNEL_MAC_KEY` ,
`CALG_SCHANNEL_ENC_KEY` ,
`CALG_PCT1_MASTER` ,
`CALG_SSL2_MASTER` ,
`CALG_TLS1_MASTER` ,
`CALG_RC5` ,
`CALG_HMAC` ,
`CALG_TLS1PRF` ,
`CALG_HASH_REPLACE_OWF` ,
`CALG_AES_128` ,
`CALG_AES_192` ,
`CALG_AES_256` ,
`CALG_AES` ,
`CALG_SHA_256` ,
`CALG_SHA_384` ,
`CALG_SHA_512` ,
`CALG_ECDH` ,
`CALG_ECMQV` ,
`CALG_ECDSA` ,