mirror of
https://github.com/moparisthebest/curl
synced 2024-11-14 21:45:13 -05:00
9aefbff30d
Given the contstraints of SChannel, I'm exposing these as the algorithms themselves instead; while replicating the ciphersuite as specified by OpenSSL would have been preferable, I found no way in the SChannel API to do so. To use this from the commandline, you need to pass the names of contants defining the desired algorithms. For example, curl --ciphers "CALG_SHA1:CALG_RSA_SIGN:CALG_RSA_KEYX:CALG_AES_128:CALG_DH_EPHEM" https://github.com The specific names come from wincrypt.h Closes #2630
488 lines
9.6 KiB
Markdown
488 lines
9.6 KiB
Markdown
# Ciphers
|
|
|
|
With curl's options `CURLOPT_SSL_CIPHER_LIST` and `--ciphers` users can
|
|
control which ciphers to consider when negotiating TLS connections.
|
|
|
|
The names of the known ciphers differ depending on which TLS backend that
|
|
libcurl was built to use. This is an attempt to list known cipher names.
|
|
|
|
## OpenSSL
|
|
|
|
(based on [OpenSSL docs](https://www.openssl.org/docs/man1.1.0/apps/ciphers.html))
|
|
|
|
### SSL3 cipher suites
|
|
|
|
`NULL-MD5`
|
|
`NULL-SHA`
|
|
`RC4-MD5`
|
|
`RC4-SHA`
|
|
`IDEA-CBC-SHA`
|
|
`DES-CBC3-SHA`
|
|
`DH-DSS-DES-CBC3-SHA`
|
|
`DH-RSA-DES-CBC3-SHA`
|
|
`DHE-DSS-DES-CBC3-SHA`
|
|
`DHE-RSA-DES-CBC3-SHA`
|
|
`ADH-RC4-MD5`
|
|
`ADH-DES-CBC3-SHA`
|
|
|
|
### TLS v1.0 cipher suites
|
|
|
|
`NULL-MD5`
|
|
`NULL-SHA`
|
|
`RC4-MD5`
|
|
`RC4-SHA`
|
|
`IDEA-CBC-SHA`
|
|
`DES-CBC3-SHA`
|
|
`DHE-DSS-DES-CBC3-SHA`
|
|
`DHE-RSA-DES-CBC3-SHA`
|
|
`ADH-RC4-MD5`
|
|
`ADH-DES-CBC3-SHA`
|
|
|
|
### AES ciphersuites from RFC3268, extending TLS v1.0
|
|
|
|
`AES128-SHA`
|
|
`AES256-SHA`
|
|
`DH-DSS-AES128-SHA`
|
|
`DH-DSS-AES256-SHA`
|
|
`DH-RSA-AES128-SHA`
|
|
`DH-RSA-AES256-SHA`
|
|
`DHE-DSS-AES128-SHA`
|
|
`DHE-DSS-AES256-SHA`
|
|
`DHE-RSA-AES128-SHA`
|
|
`DHE-RSA-AES256-SHA`
|
|
`ADH-AES128-SHA`
|
|
`ADH-AES256-SHA`
|
|
|
|
### SEED ciphersuites from RFC4162, extending TLS v1.0
|
|
|
|
`SEED-SHA`
|
|
`DH-DSS-SEED-SHA`
|
|
`DH-RSA-SEED-SHA`
|
|
`DHE-DSS-SEED-SHA`
|
|
`DHE-RSA-SEED-SHA`
|
|
`ADH-SEED-SHA`
|
|
|
|
### GOST ciphersuites, extending TLS v1.0
|
|
|
|
`GOST94-GOST89-GOST89`
|
|
`GOST2001-GOST89-GOST89`
|
|
`GOST94-NULL-GOST94`
|
|
`GOST2001-NULL-GOST94`
|
|
|
|
### Elliptic curve cipher suites
|
|
|
|
`ECDHE-RSA-NULL-SHA`
|
|
`ECDHE-RSA-RC4-SHA`
|
|
`ECDHE-RSA-DES-CBC3-SHA`
|
|
`ECDHE-RSA-AES128-SHA`
|
|
`ECDHE-RSA-AES256-SHA`
|
|
`ECDHE-ECDSA-NULL-SHA`
|
|
`ECDHE-ECDSA-RC4-SHA`
|
|
`ECDHE-ECDSA-DES-CBC3-SHA`
|
|
`ECDHE-ECDSA-AES128-SHA`
|
|
`ECDHE-ECDSA-AES256-SHA`
|
|
`AECDH-NULL-SHA`
|
|
`AECDH-RC4-SHA`
|
|
`AECDH-DES-CBC3-SHA`
|
|
`AECDH-AES128-SHA`
|
|
`AECDH-AES256-SHA`
|
|
|
|
### TLS v1.2 cipher suites
|
|
|
|
`NULL-SHA256`
|
|
`AES128-SHA256`
|
|
`AES256-SHA256`
|
|
`AES128-GCM-SHA256`
|
|
`AES256-GCM-SHA384`
|
|
`DH-RSA-AES128-SHA256`
|
|
`DH-RSA-AES256-SHA256`
|
|
`DH-RSA-AES128-GCM-SHA256`
|
|
`DH-RSA-AES256-GCM-SHA384`
|
|
`DH-DSS-AES128-SHA256`
|
|
`DH-DSS-AES256-SHA256`
|
|
`DH-DSS-AES128-GCM-SHA256`
|
|
`DH-DSS-AES256-GCM-SHA384`
|
|
`DHE-RSA-AES128-SHA256`
|
|
`DHE-RSA-AES256-SHA256`
|
|
`DHE-RSA-AES128-GCM-SHA256`
|
|
`DHE-RSA-AES256-GCM-SHA384`
|
|
`DHE-DSS-AES128-SHA256`
|
|
`DHE-DSS-AES256-SHA256`
|
|
`DHE-DSS-AES128-GCM-SHA256`
|
|
`DHE-DSS-AES256-GCM-SHA384`
|
|
`ECDHE-RSA-AES128-SHA256`
|
|
`ECDHE-RSA-AES256-SHA384`
|
|
`ECDHE-RSA-AES128-GCM-SHA256`
|
|
`ECDHE-RSA-AES256-GCM-SHA384`
|
|
`ECDHE-ECDSA-AES128-SHA256`
|
|
`ECDHE-ECDSA-AES256-SHA384`
|
|
`ECDHE-ECDSA-AES128-GCM-SHA256`
|
|
`ECDHE-ECDSA-AES256-GCM-SHA384`
|
|
`ADH-AES128-SHA256`
|
|
`ADH-AES256-SHA256`
|
|
`ADH-AES128-GCM-SHA256`
|
|
`ADH-AES256-GCM-SHA384`
|
|
`AES128-CCM`
|
|
`AES256-CCM`
|
|
`DHE-RSA-AES128-CCM`
|
|
`DHE-RSA-AES256-CCM`
|
|
`AES128-CCM8`
|
|
`AES256-CCM8`
|
|
`DHE-RSA-AES128-CCM8`
|
|
`DHE-RSA-AES256-CCM8`
|
|
`ECDHE-ECDSA-AES128-CCM`
|
|
`ECDHE-ECDSA-AES256-CCM`
|
|
`ECDHE-ECDSA-AES128-CCM8`
|
|
`ECDHE-ECDSA-AES256-CCM8`
|
|
|
|
### Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2
|
|
|
|
`ECDHE-ECDSA-CAMELLIA128-SHA256`
|
|
`ECDHE-ECDSA-CAMELLIA256-SHA384`
|
|
`ECDHE-RSA-CAMELLIA128-SHA256`
|
|
`ECDHE-RSA-CAMELLIA256-SHA384`
|
|
|
|
### TLS 1.3 cipher suites
|
|
|
|
(Note: the TLS 1.3 cipher suites are set with a separate option.)
|
|
|
|
`TLS13-AES-256-GCM-SHA384`
|
|
`TLS13-CHACHA20-POLY1305-SHA256`
|
|
`TLS13-AES-128-GCM-SHA256`
|
|
`TLS13-AES-128-CCM-8-SHA256`
|
|
`TLS13-AES-128-CCM-SHA256`
|
|
|
|
## NSS
|
|
|
|
### Totally insecure
|
|
|
|
`rc4`
|
|
`rc4-md5`
|
|
`rc4export`
|
|
`rc2`
|
|
`rc2export`
|
|
`des`
|
|
`desede3`
|
|
|
|
### SSL3/TLS cipher suites
|
|
|
|
`rsa_rc4_128_md5`
|
|
`rsa_rc4_128_sha`
|
|
`rsa_3des_sha`
|
|
`rsa_des_sha`
|
|
`rsa_rc4_40_md5`
|
|
`rsa_rc2_40_md5`
|
|
`rsa_null_md5`
|
|
`rsa_null_sha`
|
|
`fips_3des_sha`
|
|
`fips_des_sha`
|
|
`fortezza`
|
|
`fortezza_rc4_128_sha`
|
|
`fortezza_null`
|
|
|
|
### TLS 1.0 Exportable 56-bit Cipher Suites
|
|
|
|
`rsa_des_56_sha`
|
|
`rsa_rc4_56_sha`
|
|
|
|
### AES ciphers
|
|
|
|
`dhe_dss_aes_128_cbc_sha`
|
|
`dhe_dss_aes_256_cbc_sha`
|
|
`dhe_rsa_aes_128_cbc_sha`
|
|
`dhe_rsa_aes_256_cbc_sha`
|
|
`rsa_aes_128_sha`
|
|
`rsa_aes_256_sha`
|
|
|
|
### ECC ciphers
|
|
|
|
`ecdh_ecdsa_null_sha`
|
|
`ecdh_ecdsa_rc4_128_sha`
|
|
`ecdh_ecdsa_3des_sha`
|
|
`ecdh_ecdsa_aes_128_sha`
|
|
`ecdh_ecdsa_aes_256_sha`
|
|
`ecdhe_ecdsa_null_sha`
|
|
`ecdhe_ecdsa_rc4_128_sha`
|
|
`ecdhe_ecdsa_3des_sha`
|
|
`ecdhe_ecdsa_aes_128_sha`
|
|
`ecdhe_ecdsa_aes_256_sha`
|
|
`ecdh_rsa_null_sha`
|
|
`ecdh_rsa_128_sha`
|
|
`ecdh_rsa_3des_sha`
|
|
`ecdh_rsa_aes_128_sha`
|
|
`ecdh_rsa_aes_256_sha`
|
|
`ecdhe_rsa_null`
|
|
`ecdhe_rsa_rc4_128_sha`
|
|
`ecdhe_rsa_3des_sha`
|
|
`ecdhe_rsa_aes_128_sha`
|
|
`ecdhe_rsa_aes_256_sha`
|
|
`ecdh_anon_null_sha`
|
|
`ecdh_anon_rc4_128sha`
|
|
`ecdh_anon_3des_sha`
|
|
`ecdh_anon_aes_128_sha`
|
|
`ecdh_anon_aes_256_sha`
|
|
|
|
### HMAC-SHA256 cipher suites
|
|
|
|
`rsa_null_sha_256`
|
|
`rsa_aes_128_cbc_sha_256`
|
|
`rsa_aes_256_cbc_sha_256`
|
|
`dhe_rsa_aes_128_cbc_sha_256`
|
|
`dhe_rsa_aes_256_cbc_sha_256`
|
|
`ecdhe_ecdsa_aes_128_cbc_sha_256`
|
|
`ecdhe_rsa_aes_128_cbc_sha_256`
|
|
|
|
### AES GCM cipher suites in RFC 5288 and RFC 5289
|
|
|
|
`rsa_aes_128_gcm_sha_256`
|
|
`dhe_rsa_aes_128_gcm_sha_256`
|
|
`dhe_dss_aes_128_gcm_sha_256`
|
|
`ecdhe_ecdsa_aes_128_gcm_sha_256`
|
|
`ecdh_ecdsa_aes_128_gcm_sha_256`
|
|
`ecdhe_rsa_aes_128_gcm_sha_256`
|
|
`ecdh_rsa_aes_128_gcm_sha_256`
|
|
|
|
### cipher suites using SHA384
|
|
|
|
`rsa_aes_256_gcm_sha_384`
|
|
`dhe_rsa_aes_256_gcm_sha_384`
|
|
`dhe_dss_aes_256_gcm_sha_384`
|
|
`ecdhe_ecdsa_aes_256_sha_384`
|
|
`ecdhe_rsa_aes_256_sha_384`
|
|
`ecdhe_ecdsa_aes_256_gcm_sha_384`
|
|
`ecdhe_rsa_aes_256_gcm_sha_384`
|
|
|
|
### chacha20-poly1305 cipher suites
|
|
|
|
`ecdhe_rsa_chacha20_poly1305_sha_256`
|
|
`ecdhe_ecdsa_chacha20_poly1305_sha_256`
|
|
`dhe_rsa_chacha20_poly1305_sha_256`
|
|
|
|
## GSKit
|
|
|
|
Ciphers are internally defined as numeric codes (https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_73/apis/gsk_attribute_set_buffer.htm),
|
|
but libcurl maps them to the following case-insensitive names.
|
|
|
|
### SSL2 cipher suites (insecure: disabled by default)
|
|
|
|
`rc2-md5`
|
|
`rc4-md5`
|
|
`exp-rc2-md5`
|
|
`exp-rc4-md5`
|
|
`des-cbc-md5`
|
|
`des-cbc3-md5`
|
|
|
|
### SSL3 cipher suites
|
|
|
|
`null-md5`
|
|
`null-sha`
|
|
`rc4-md5`
|
|
`rc4-sha`
|
|
`exp-rc2-cbc-md5`
|
|
`exp-rc4-md5`
|
|
`exp-des-cbc-sha`
|
|
`des-cbc3-sha`
|
|
|
|
### TLS v1.0 cipher suites
|
|
|
|
`null-md5`
|
|
`null-sha`
|
|
`rc4-md5`
|
|
`rc4-sha`
|
|
`exp-rc2-cbc-md5`
|
|
`exp-rc4-md5`
|
|
`exp-des-cbc-sha`
|
|
`des-cbc3-sha`
|
|
`aes128-sha`
|
|
`aes256-sha`
|
|
|
|
### TLS v1.1 cipher suites
|
|
|
|
`null-md5`
|
|
`null-sha`
|
|
`rc4-md5`
|
|
`rc4-sha`
|
|
`exp-des-cbc-sha`
|
|
`des-cbc3-sha`
|
|
`aes128-sha`
|
|
`aes256-sha`
|
|
|
|
### TLS v1.2 cipher suites
|
|
|
|
`null-md5`
|
|
`null-sha`
|
|
`null-sha256`
|
|
`rc4-md5`
|
|
`rc4-sha`
|
|
`des-cbc3-sha`
|
|
`aes128-sha`
|
|
`aes256-sha`
|
|
`aes128-sha256`
|
|
`aes256-sha256`
|
|
`aes128-gcm-sha256`
|
|
`aes256-gcm-sha384`
|
|
|
|
## WolfSSL
|
|
|
|
`RC4-SHA`,
|
|
`RC4-MD5`,
|
|
`DES-CBC3-SHA`,
|
|
`AES128-SHA`,
|
|
`AES256-SHA`,
|
|
`NULL-SHA`,
|
|
`NULL-SHA256`,
|
|
`DHE-RSA-AES128-SHA`,
|
|
`DHE-RSA-AES256-SHA`,
|
|
`DHE-PSK-AES256-GCM-SHA384`,
|
|
`DHE-PSK-AES128-GCM-SHA256`,
|
|
`PSK-AES256-GCM-SHA384`,
|
|
`PSK-AES128-GCM-SHA256`,
|
|
`DHE-PSK-AES256-CBC-SHA384`,
|
|
`DHE-PSK-AES128-CBC-SHA256`,
|
|
`PSK-AES256-CBC-SHA384`,
|
|
`PSK-AES128-CBC-SHA256`,
|
|
`PSK-AES128-CBC-SHA`,
|
|
`PSK-AES256-CBC-SHA`,
|
|
`DHE-PSK-AES128-CCM`,
|
|
`DHE-PSK-AES256-CCM`,
|
|
`PSK-AES128-CCM`,
|
|
`PSK-AES256-CCM`,
|
|
`PSK-AES128-CCM-8`,
|
|
`PSK-AES256-CCM-8`,
|
|
`DHE-PSK-NULL-SHA384`,
|
|
`DHE-PSK-NULL-SHA256`,
|
|
`PSK-NULL-SHA384`,
|
|
`PSK-NULL-SHA256`,
|
|
`PSK-NULL-SHA`,
|
|
`HC128-MD5`,
|
|
`HC128-SHA`,
|
|
`HC128-B2B256`,
|
|
`AES128-B2B256`,
|
|
`AES256-B2B256`,
|
|
`RABBIT-SHA`,
|
|
`NTRU-RC4-SHA`,
|
|
`NTRU-DES-CBC3-SHA`,
|
|
`NTRU-AES128-SHA`,
|
|
`NTRU-AES256-SHA`,
|
|
`AES128-CCM-8`,
|
|
`AES256-CCM-8`,
|
|
`ECDHE-ECDSA-AES128-CCM`,
|
|
`ECDHE-ECDSA-AES128-CCM-8`,
|
|
`ECDHE-ECDSA-AES256-CCM-8`,
|
|
`ECDHE-RSA-AES128-SHA`,
|
|
`ECDHE-RSA-AES256-SHA`,
|
|
`ECDHE-ECDSA-AES128-SHA`,
|
|
`ECDHE-ECDSA-AES256-SHA`,
|
|
`ECDHE-RSA-RC4-SHA`,
|
|
`ECDHE-RSA-DES-CBC3-SHA`,
|
|
`ECDHE-ECDSA-RC4-SHA`,
|
|
`ECDHE-ECDSA-DES-CBC3-SHA`,
|
|
`AES128-SHA256`,
|
|
`AES256-SHA256`,
|
|
`DHE-RSA-AES128-SHA256`,
|
|
`DHE-RSA-AES256-SHA256`,
|
|
`ECDH-RSA-AES128-SHA`,
|
|
`ECDH-RSA-AES256-SHA`,
|
|
`ECDH-ECDSA-AES128-SHA`,
|
|
`ECDH-ECDSA-AES256-SHA`,
|
|
`ECDH-RSA-RC4-SHA`,
|
|
`ECDH-RSA-DES-CBC3-SHA`,
|
|
`ECDH-ECDSA-RC4-SHA`,
|
|
`ECDH-ECDSA-DES-CBC3-SHA`,
|
|
`AES128-GCM-SHA256`,
|
|
`AES256-GCM-SHA384`,
|
|
`DHE-RSA-AES128-GCM-SHA256`,
|
|
`DHE-RSA-AES256-GCM-SHA384`,
|
|
`ECDHE-RSA-AES128-GCM-SHA256`,
|
|
`ECDHE-RSA-AES256-GCM-SHA384`,
|
|
`ECDHE-ECDSA-AES128-GCM-SHA256`,
|
|
`ECDHE-ECDSA-AES256-GCM-SHA384`,
|
|
`ECDH-RSA-AES128-GCM-SHA256`,
|
|
`ECDH-RSA-AES256-GCM-SHA384`,
|
|
`ECDH-ECDSA-AES128-GCM-SHA256`,
|
|
`ECDH-ECDSA-AES256-GCM-SHA384`,
|
|
`CAMELLIA128-SHA`,
|
|
`DHE-RSA-CAMELLIA128-SHA`,
|
|
`CAMELLIA256-SHA`,
|
|
`DHE-RSA-CAMELLIA256-SHA`,
|
|
`CAMELLIA128-SHA256`,
|
|
`DHE-RSA-CAMELLIA128-SHA256`,
|
|
`CAMELLIA256-SHA256`,
|
|
`DHE-RSA-CAMELLIA256-SHA256`,
|
|
`ECDHE-RSA-AES128-SHA256`,
|
|
`ECDHE-ECDSA-AES128-SHA256`,
|
|
`ECDH-RSA-AES128-SHA256`,
|
|
`ECDH-ECDSA-AES128-SHA256`,
|
|
`ECDHE-RSA-AES256-SHA384`,
|
|
`ECDHE-ECDSA-AES256-SHA384`,
|
|
`ECDH-RSA-AES256-SHA384`,
|
|
`ECDH-ECDSA-AES256-SHA384`,
|
|
`ECDHE-RSA-CHACHA20-POLY1305`,
|
|
`ECDHE-ECDSA-CHACHA20-POLY1305`,
|
|
`DHE-RSA-CHACHA20-POLY1305`,
|
|
`ECDHE-RSA-CHACHA20-POLY1305-OLD`,
|
|
`ECDHE-ECDSA-CHACHA20-POLY1305-OLD`,
|
|
`DHE-RSA-CHACHA20-POLY1305-OLD`,
|
|
`ADH-AES128-SHA`,
|
|
`QSH`,
|
|
`RENEGOTIATION-INFO`,
|
|
`IDEA-CBC-SHA`,
|
|
`ECDHE-ECDSA-NULL-SHA`,
|
|
`ECDHE-PSK-NULL-SHA256`,
|
|
`ECDHE-PSK-AES128-CBC-SHA256`,
|
|
`PSK-CHACHA20-POLY1305`,
|
|
`ECDHE-PSK-CHACHA20-POLY1305`,
|
|
`DHE-PSK-CHACHA20-POLY1305`,
|
|
`EDH-RSA-DES-CBC3-SHA`,
|
|
|
|
## WinSSL
|
|
|
|
WinSSL allows the enabling and disabling of encryption algorithms, but not specific ciphersuites. They are defined by Microsoft (https://msdn.microsoft.com/en-us/library/windows/desktop/aa375549(v=vs.85).aspx)
|
|
|
|
`CALG_MD2`,
|
|
`CALG_MD4`,
|
|
`CALG_MD5`,
|
|
`CALG_SHA`,
|
|
`CALG_SHA1`,
|
|
`CALG_MAC`,
|
|
`CALG_RSA_SIGN`,
|
|
`CALG_DSS_SIGN`,
|
|
`CALG_NO_SIGN`,
|
|
`CALG_RSA_KEYX`,
|
|
`CALG_DES`,
|
|
`CALG_3DES_112`,
|
|
`CALG_3DES`,
|
|
`CALG_DESX`,
|
|
`CALG_RC2`,
|
|
`CALG_RC4`,
|
|
`CALG_SEAL`,
|
|
`CALG_DH_SF`,
|
|
`CALG_DH_EPHEM`,
|
|
`CALG_AGREEDKEY_ANY`,
|
|
`CALG_HUGHES_MD5`,
|
|
`CALG_SKIPJACK`,
|
|
`CALG_TEK`,
|
|
`CALG_CYLINK_MEK`,
|
|
`CALG_SSL3_SHAMD5`,
|
|
`CALG_SSL3_MASTER`,
|
|
`CALG_SCHANNEL_MASTER_HASH`,
|
|
`CALG_SCHANNEL_MAC_KEY`,
|
|
`CALG_SCHANNEL_ENC_KEY`,
|
|
`CALG_PCT1_MASTER`,
|
|
`CALG_SSL2_MASTER`,
|
|
`CALG_TLS1_MASTER`,
|
|
`CALG_RC5`,
|
|
`CALG_HMAC`,
|
|
`CALG_TLS1PRF`,
|
|
`CALG_HASH_REPLACE_OWF`,
|
|
`CALG_AES_128`,
|
|
`CALG_AES_192`,
|
|
`CALG_AES_256`,
|
|
`CALG_AES`,
|
|
`CALG_SHA_256`,
|
|
`CALG_SHA_384`,
|
|
`CALG_SHA_512`,
|
|
`CALG_ECDH`,
|
|
`CALG_ECMQV`,
|
|
`CALG_ECDSA`,
|