Published date: 30.03.2010
Last Update: 23.02.2011
Author: Adrian F. Dimcev, contact@carbonwind.net
   With support for server side fingerprinting from SSL Labs
https://www.ssllabs.com/

ANNEX A1
Common browsers/libraries/servers and the associated cipher suites implemented
(work in progress)

Provided “as is”, without any warranty.
Work in progress, content incomplete and not reviewed yet.

Contents

1. GnuTLS. 3

1.1. GnuTLS 2.8.6 Cipher Suites. 4

1.2. mod_gnutls 0.5.5(GnuTLS 2.8.6 + Apache 2.2.15) Cipher Suites. 12

2. Mac OS X. 19

2.1. Safari 5.0.x on Mac OS X 10.5.8 Cipher Suites. 20

2.2. Safari 5.0.x on Mac OS X 10.6.6 Cipher Suites. 21

3. NSS(Network Security Services). 22

3.1. NSS 3.12.5 Cipher Suites. 22

3.2. Firefox 3.6.x Cipher Suites. 24

3.3. Google Chrome 5 Beta on Linux Cipher Suites. 27

3.4. Google Chrome 9.0.x Cipher Suites. 29

3.5. mod_nss 1.0.8 Cipher Suites. 31

3.6 Firefox 3.6.x on Fedora 14. 35

4. OpenSSL. 39

4.1. OpenSSL 0.9.8m Cipher Suites. 42

4.2. OpenSSL 1.0.0 Cipher Suites. 47

4.3. mod_ssl (Apache 2.2.15 + OpenSSL 0.9.8m) Cipher Suites. 54

4.4. mod_ssl (Apache 2.3.5 Alpha + OpenSSL 1.0.0) Cipher Suites. 61

5. Opera. 69

5.1 Opera 11.0x. 70

6. Schannel 72

6.1. Schannel(NT 5.1.2600) Cipher Suites. 73

6.1.1. IE6 (Windows XP SP3 / Windows XP x64 SP2) Cipher Suites. 74

6.1.2. IE7 (Windows XP SP3 / Windows XP x64 SP2) Cipher Suites. 75

6.1.3. IE8 (Windows XP SP3 / Windows XP x64 SP2) Cipher Suites. 76

6.1.4. IIS 6.0 (Windows Server 2003 R2 SP2). 77

6.1.5. Safari 5.0.x (Windows XP SP3 / Windows XP x64 SP2) Cipher Suites. 78

6.2. Schannel(NT 6.0.6002) Cipher Suites. 79

6.2.1. IE7 (Windows Vista SP2) Cipher Suites. 82

6.2.2. IE8 (Windows Vista SP2) Cipher Suites. 83

6.2.3. IIS 7.0 (Windows Server 2008 SP2) Cipher Suites. 84

6.2.4. Safari 5.0.x (Windows Vista SP2) Cipher Suites. 85

6.3. Schannel (NT 6.1.7600) Cipher Suites. 86

6.3.1. IE8 (Windows 7) Cipher Suites. 92

6.3.2. IIS 7.5 (Windows Server 2008 R2) Cipher Suites. 94

6.3.3. Safari 5.0.x (Windows 7) Cipher Suites. 96

7. SSL Labs. 97

8. Wireshark. 98

 


1. GnuTLS

According to its web site, GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer.

It supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2.
It does not support SSL 2.0.
The 2.10 version supports TLS 1.2 and some cipher suites added in the TLS 1.2 RFC.

It does not support ECC.

mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0 and TLS 1.1 (+ TLS 1.2 according to its web site, note tested) encryption for Apache HTTPD.


1.1. GnuTLS 2.8.6 Cipher Suites

GnuTLS 2.8.6 was analyzed, source build(Ubuntu Server 9.1 x64 was used).

It supports SSL 3.0, TLS 1.0 and TLS 1.1.
It does not support SSL 2.0.

It does not support ECC.

Supports X.509(RSA, DSA) and OpenPGP certificates, SRP authentication(plain SRP, SRP-RSA and SRP-DSS) and PSK authentication(plain PSK and DHE-PSK).

SRP authentication cipher suites work over TLS 1.0 and TLS 1.1.

PSK authentication cipher suites work over TLS 1.0 and TLS 1.1.

To use OpenPGP certificates for a TLS session, the client adds to its Client Hello message the needed certificate type extension in order to inform the server it supports this - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0.

! TLS_RSA_EXPORT_WITH_RC4_40_MD5(0x0003) is usable over TLS 1.1(fixed in the branch version).

You can list for example the supported cipher suites, etc., for your GnuTLS build with:
gnutls-cli -l

Table 1.1.1 lists the cipher suites supported by GnuTLS 2.8.6, as well as the GnuTLS cipher suite name(the way is listed with the gnutls-cli -l the command). If the GnuTLS Cipher Suite Name column is yellow, then the cipher suite is listed under the NORMAL category.

You can use with the gnutls-cli or gnutls-serv commands the --priority directive.

--priority directive is a complex one used to specify the cipher suites and the SSL/TLS versions allowed(and more, like compression, etc.). There are some common keywords you can use to enable certain cipher suites, listed in Table 1.1.2. Note that the sorting imposed by some keywords is somehow relative on the server side, what cipher suite will be used also relates to the way the client lists the supported cipher suites.
To the common keywords you can add or remove various values, listed in Table 1.1.3, which can add or disable some cipher suites or SSL/TLS protocol versions.

Example 1: Remove 3DES based cipher suites from the NORMAL category:
--priority: NORMAL:-3DES-CBC

Example 2: Add Anonymous DH based cipher suites to the NORMAL category:
--priority: NORMAL:+ANON-DH

Example 3: Remove SSL 3.0 from the SECURE category:
--priority: SECURE:-VERS-SSL3.0

Example 4: Enable only a specific cipher suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA, under TLS 1.0 and TLS 1.1 with no compression(assuming you use a RSA certificate):
--priority: NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL

Example 5: Add compression(Deflate, zlib) to the NORMAL category:
--priority: NORMAL:+COMP-DEFLATE

Example 6: Enable only the cipher suites listed in the below table(not necessarily in the order listed below) assuming you use a RSA certificate:
--priority: NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+AES-256-CBC:+DHE-RSA:+RSA:+SHA1:+COMP-NULL

No.

Cipher Suite

Hex Value

SSL/TLS Protocol Version

1

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

TLS 1.0|TLS 1.1

2

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

TLS 1.0|TLS 1.1

3

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

TLS 1.0|TLS 1.1

4

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

TLS 1.0|TLS 1.1

 

There is another way to use certain cipher suites or SSL/TLS versions with the help of the --ciphers and --protocols directives instead of the --priority ones, but is no longer recommended to do so, thus we will not discuss this.

Table 1.1.4 lists the cipher suites supported by GnuTLS along with the common keywords categories under the respective cipher suite can be found. For OpenPGP there aren’t specific cipher suites(for example TLS_DHE_DSS_WITH_AES_128_CBC_SHA works with an OpenPGP certificate, as long as the client adds to its Client Hello message the needed certificate type extension - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0 -), to add this extension to the gnutls-cli Client Hello add the CTYPE-OPENPGP to the --priority directive on the client. Note that compression needs to be manually added to a category as is not enabled by default.

Table 1.1.5 lists the cipher suites supported by GnuTLS as well as a specific combination of values to enable just the respective cipher suite(for all the supported SSL/TLS versions, plus the supported compression methods). The Deflate compression is red shaded as in order to use it zlib is needed, similar is true for the LZO compression, lzo is needed in order to use it. For OpenPGP there aren’t specific cipher suites(for example TLS_DHE_DSS_WITH_AES_128_CBC_SHA works with an OpenPGP certificate, as long as the client adds to its Client Hello message the needed certificate type extension - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0 -), just make sure that the OpenPGP server certificate and private key are specified on the server(sometimes the CTYPE-OPENPGP might be needed to add on the server to the --priority directive).


Table 1.1.1 GnuTLS 2.8.6 Cipher Suites

No.

Cipher Suite

Hex Value

SSL/TLS Version

GnuTLS Cipher Suite Name

1

TLS_RSA_WITH_NULL_MD5

0x0001

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_NULL_MD5

2

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_EXPORT_ARCFOUR_40_MD5

3

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_ARCFOUR_MD5

4

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_ARCFOUR_SHA1

5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_3DES_EDE_CBC_SHA1

6

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_3DES_EDE_CBC_SHA1

7

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_RSA_3DES_EDE_CBC_SHA1

8

TLS_DH_anon_WITH_RC4_128_MD5

0x0018

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_ARCFOUR_MD5

9

TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

0x001B

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_3DES_EDE_CBC_SHA1

10

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_AES_128_CBC_SHA1

11

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_AES_128_CBC_SHA1

12

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_RSA_AES_128_CBC_SHA1

13

TLS_DH_anon_WITH_AES_128_CBC_SHA

0x0034

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_AES_128_CBC_SHA1

14

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_AES_256_CBC_SHA1

15

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_AES_256_CBC_SHA1

16

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_RSA_AES_256_CBC_SHA1

17

TLS_DH_anon_WITH_AES_256_CBC_SHA

0x003A

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_AES_256_CBC_SHA1

18

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_CAMELLIA_128_CBC_SHA1

19

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1

20

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1

21

TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA

0x0046

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_CAMELLIA_128_CBC_SHA1

22

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_ARCFOUR_SHA1

23

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0|TLS 1.1

TLS_RSA_CAMELLIA_256_CBC_SHA1

24

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA

0x0087

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1

25

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0088

SSL 3.0|TLS 1.0|TLS 1.1

TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1

26

TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA

0x0089

SSL 3.0|TLS 1.0|TLS 1.1

TLS_ANON_DH_CAMELLIA_256_CBC_SHA1

27

TLS_PSK_WITH_RC4_128_SHA

0x008A

TLS 1.0|TLS 1.1

TLS_PSK_SHA_ARCFOUR_SHA1

28

TLS_PSK_WITH_3DES_EDE_CBC_SHA

0x008B

TLS 1.0|TLS 1.1

TLS_PSK_SHA_3DES_EDE_CBC_SHA1

29

TLS_PSK_WITH_AES_128_CBC_SHA

0x008C

TLS 1.0|TLS 1.1

TLS_PSK_SHA_AES_128_CBC_SHA1

30

TLS_PSK_WITH_AES_256_CBC_SHA

0x008D

TLS 1.0|TLS 1.1

TLS_PSK_SHA_AES_256_CBC_SHA1

31

TLS_DHE_PSK_WITH_RC4_128_SHA

0x008E

TLS 1.0|TLS 1.1

TLS_DHE_PSK_SHA_ARCFOUR_SHA1

32

TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA

0x008F

TLS 1.0|TLS 1.1

TLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1

33

TLS_DHE_PSK_WITH_AES_128_CBC_SHA

0x0090

TLS 1.0|TLS 1.1

TLS_DHE_PSK_SHA_AES_128_CBC_SHA1

34

TLS_DHE_PSK_WITH_AES_256_CBC_SHA

0x0091

TLS 1.0|TLS 1.1

TLS_DHE_PSK_SHA_AES_256_CBC_SHA1

35

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA

0xC01A

TLS 1.0|TLS 1.1

TLS_SRP_SHA_3DES_EDE_CBC_SHA1

36

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

0xC01B

TLS 1.0|TLS 1.1

TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1

37

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

0xC01C

TLS 1.0|TLS 1.1

TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1

38

TLS_SRP_SHA_WITH_AES_128_CBC_SHA

0xC01D

TLS 1.0|TLS 1.1

TLS_SRP_SHA_AES_128_CBC_SHA1

39

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

0xC01E

TLS 1.0|TLS 1.1

TLS_SRP_SHA_RSA_AES_128_CBC_SHA1

40

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

0xC01F

TLS 1.0|TLS 1.1

TLS_SRP_SHA_DSS_AES_128_CBC_SHA1

41

TLS_SRP_SHA_WITH_AES_256_CBC_SHA

0xC020

TLS 1.0|TLS 1.1

TLS_SRP_SHA_AES_256_CBC_SHA1

42

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

0xC021

TLS 1.0|TLS 1.1

TLS_SRP_SHA_RSA_AES_256_CBC_SHA1

43

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA

0xC022

TLS 1.0|TLS 1.1

TLS_SRP_SHA_DSS_AES_256_CBC_SHA1


Table 1.1.2 common GnuTLS 2.8.6 priority common keywords

No.

Keyword

Quick Info

1

EXPORT

All the supported cipher suites including the export one, excepting the anonymous DH and NULL encryption ones

2

NORMAL

All the supported cipher suites excepting the export, NULL encryption and the anonymous DH ones

3

PERFORMANCE

All the supported cipher suites excepting the export, NULL encryption and the anonymous DH ones sorted in terms of performance

4

SECURE

All the supported cipher suites excepting the export, NULL encryption and the anonymous DH ones sorted in terms of strength

5

SECURE128

All the supported cipher suites excepting the export, NULL encryption and the anonymous DH ones up to 128-bit key length

6

SECURE256

All the supported cipher suites excepting the export, NULL encryption and the anonymous DH ones sorted in terms of strength

7

NONE

Nothing is enabled(this also disables protocols and compression methods)

 

Table 1.1.3 GnuTLS 2.8.6 priority values that can be added or removed to the common keywords

No.

Keyword

Quick Info

1

3DES-CBC

3DES cipher

2

AES-128-CBC

AES 128-bit cipher

3

AES-256-CBC

AES 256-bit cipher

4

ARCFOUR-40

RC4 export 40-bit cipher

5

ARCFOUR-128

RC4 128-bit

6

CAMELLIA-128-CBC

Camellia 128-bit cipher

7

CAMELLIA-256-CBC

Camellia 256-bit cipher

8

ANON-DH

Anonymous DH

9

DHE-DSS

DSS authenticated DHE key exchange

10

DHE-RSA

RSA authenticated DHE key exchange

11

RSA

RSA authentication and key exchange

12

RSA-EXPORT

RSA-EXPORT authentication and key exchange

13

SRP

SRP authentication

14

SRP-DSS

SRP-DSS authentication

15

SRP-RSA

SRP-RSA authentication

16

MD5

MD5 MAC

17

SHA1

SHA1 MAC

18

COMP-DEFLATE

Deflate compression

19

COMP-NULL

NULL compression

20

COMP-LZO

LZO compression(experimental)

21

VERS-SSL3.0

SSL 3.0

22

VERS-TLS1.0

TLS 1.0

23

VERS-TLS1.1

TLS 1.1

24

%COMPAT

Disable MAC padding to assure compatibility with some broken clients

25

%SSL3_RECORD_VERSION

use SSL3.0 record version in Client Hello

26

CTYPE-OPENPGP

Certificate type OpenPGP(can be used to add the OpenPGP certificate type extension to a Client Hello)

27

CTYPE-X.509

Certificate type X.509


Table 1.1.4 GnuTLS 2.8.6 cipher suites(and the priority categories under the respective cipher suite can be found)

No.

Cipher Suite

Hex Value

SSL/TLS Version

GnuTLS priority

1

TLS_RSA_WITH_NULL_MD5

0x0001

SSL 3.0|TLS 1.0|TLS 1.1

?

2

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT

3

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

4

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

6

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

7

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

8

TLS_DH_anon_WITH_RC4_128_MD5

0x0018

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

9

TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

0x001B

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

10

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

11

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

12

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

13

TLS_DH_anon_WITH_AES_128_CBC_SHA

0x0034

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

14

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

15

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

16

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

17

TLS_DH_anon_WITH_AES_256_CBC_SHA

0x003A

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE256:+ANON-DH

18

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

19

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

20

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

21

TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA

0x0046

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

22

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

23

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

24

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA

0x0087

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

25

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0088

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

26

TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA

0x0089

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE256:+ANON-DH

27

TLS_PSK_WITH_RC4_128_SHA

0x008A

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

28

TLS_PSK_WITH_3DES_EDE_CBC_SHA

0x008B

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

29

TLS_PSK_WITH_AES_128_CBC_SHA

0x008C

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

30

TLS_PSK_WITH_AES_256_CBC_SHA

0x008D

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

31

TLS_DHE_PSK_WITH_RC4_128_SHA

0x008E

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

32

TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA

0x008F

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

33

TLS_DHE_PSK_WITH_AES_128_CBC_SHA

0x0090

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

34

TLS_DHE_PSK_WITH_AES_256_CBC_SHA

0x0091

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

35

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA

0xC01A

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

36

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

0xC01B

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

37

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

0xC01C

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

38

TLS_SRP_SHA_WITH_AES_128_CBC_SHA

0xC01D

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

39

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

0xC01E

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

40

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

0xC01F

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

41

TLS_SRP_SHA_WITH_AES_256_CBC_SHA

0xC020

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

42

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

0xC021

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

43

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA

0xC022

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256


Table 1.1.5 GnuTLS 2.8.6 cipher suites(and a combination of values to enable the respective cipher suite under priority)

No.

Cipher Suite

Hex Value

SSL/TLS Version

GnuTLS priority

1

TLS_RSA_WITH_NULL_MD5

0x0001

SSL 3.0|TLS 1.0|TLS 1.1

?

2

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-40:+RSA-EXPORT:+MD5:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

3

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+MD5:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

4

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

6

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

7

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

8

TLS_DH_anon_WITH_RC4_128_MD5

0x0018

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+ANON-DH:+MD5:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

9

TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

0x001B

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

10

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

11

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

12

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

13

TLS_DH_anon_WITH_AES_128_CBC_SHA

0x0034

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

14

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

15

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

16

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

17

TLS_DH_anon_WITH_AES_256_CBC_SHA

0x003A

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

18

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

19

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

20

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

21

TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA

0x0046

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

22

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

23

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

24

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA

0x0087

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

25

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0088

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

26

TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA

0x0089

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

27

TLS_PSK_WITH_RC4_128_SHA

0x008A

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+ARCFOUR-128:+PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

28

TLS_PSK_WITH_3DES_EDE_CBC_SHA

0x008B

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

29

TLS_PSK_WITH_AES_128_CBC_SHA

0x008C

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

30

TLS_PSK_WITH_AES_256_CBC_SHA

0x008D

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

31

TLS_DHE_PSK_WITH_RC4_128_SHA

0x008E

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+ARCFOUR-128:+DHE-PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

32

TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA

0x008F

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+DHE-PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

33

TLS_DHE_PSK_WITH_AES_128_CBC_SHA

0x0090

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+DHE-PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

34

TLS_DHE_PSK_WITH_AES_256_CBC_SHA

0x0091

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+DHE-PSK:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

35

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA

0xC01A

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

36

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

0xC01B

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

37

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

0xC01C

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

38

TLS_SRP_SHA_WITH_AES_128_CBC_SHA

0xC01D

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

39

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

0xC01E

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

40

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

0xC01F

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

41

TLS_SRP_SHA_WITH_AES_256_CBC_SHA

0xC020

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

42

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

0xC021

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO

43

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA

0xC022

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE:+COMP-LZO


1.2. mod_gnutls 0.5.5(GnuTLS 2.8.6 + Apache 2.2.15) Cipher Suites

According to its web site mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0 and TLS 1.1 encryption for Apache HTTPD.

mod_gnutls 0.5.5 was analyzed with GnuTLS 2.8.6 and Apache 2.2.15, all source builds(Ubuntu Server 9.1 x64 was used).

It does not support SSL 2.0, as SSL 2.0 is not supported by GnuTLS.

It can use a RSA or DSA certificate(X.509).
Additionally OpenPGP certificates and SRP authentication(plain SRP, SRP-RSA, SRP-DSS) are supported.

SRP authentication cipher suites work over TLS 1.0 and TLS 1.1.

To use OpenPGP certificates for a TLS session, the client adds to its Client Hello message the needed certificate type extension in order to inform the server it supports this - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0 -.

GnuTLS can use in the same time a RSA and a DSA certificates. mod_gnutls does not support this.

It can use in the same time a RSA/DSA and an OpenPGP certificate while also supporting SRP authentication.

For the DHE exchanges, by default a 2048-bit modulus is used. You can overwrite this with the GnuTLSDHFile directive which specifies the path to a PKCS #3 encoded DH parameters file.

GnuTLSCertificateFile directive specifies the path to the server certificate(RSA/DSA PEM encoded certificate).
GnuTLSKeyFile directive specifies the path to the server private key(RSA/DSA private key).

GnuTLSPGPCertificateFile directive specifies the path to the OpenPGP server certificate(base 64 encoded).
GnuTLSPGPKeyFile directive specifies the path to the OpenPGP server private key.

GnuTLSSRPPasswdFile directive specifies the path to a SRP password file which holds the username, a password verifier and the dependency to the SRP parameters.
GnuTLSSRPPasswdConfFile directive specifies the path to a SRP password.conf file which holds the SRP parameters and is associated with the password file.

As said, a virtual host can use all these in the same time(if the GnuTLSPriorities directive permits too). Example:
GnuTLSPGPCertificateFile /usr/local/apache2/conf/openpgp-server.txt
GnuTLSPGPKeyFile /usr/local/apache2/conf/openpgp-server-key.key
GnuTLSCertificateFile /usr/local/apache2/conf/rsa_server.pem
GnuTLSKeyFile /usr/local/apache2/conf/rsa_server.key
GnuTLSSRPPasswdFile /usr/local/apache2/conf/srp-passwd.txt
GnuTLSSRPPasswdConfFile /usr/local/apache2/conf/srp-tpasswd.conf

GnuTLSRSAFile directive specifies the path to a PKCS #1 encoded RSA parameters which are used when the RSA-EXPORT key exchange method is enabled.

GnuTLSPriorities directive is a complex one used to specify the cipher suites and the SSL/TLS versions allowed(and more). There are some common keywords(similar with the ones from GnuTLS) you can use to enable certain cipher suites, listed in Table 1.2.1. Note that the sorting imposed on the server by some keywords is somehow relative, what cipher suite will be used also relates to the way the client lists the supported cipher suites.

To the common keywords you can add or remove various values(similar with the ones from GnuTLS), listed in Table 1.2.2, which will add or disable some cipher suites or SSL/TLS protocol versions.

Example 1: remove 3DES based cipher suites from the NORMAL category:
GnuTLSPriorities: NORMAL:!3DES-CBC

Example 2: Add Anonymous DH based cipher suites to the NORMAL category:
GnuTLSPriorities: NORMAL:+ANON-DH

Example 3: Remove SSL 3.0 from the SECURE category:
GnuTLSPriorities: SECURE:!VERS-SSL3.0

Example 4: Enable only a specific cipher suite TLS_DHE_RSA_WITH_AES_128_CBC_SHA, under TLS 1.0 and TLS 1.1 with no compression(assuming you use a RSA certificate):
GnuTLSPriorities: NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL

Example 5: Add compression(Deflate, zlib) to the NORMAL category:
GnuTLSPriorities:NORMAL:+COMP-DEFLATE

Example 6: Enable only the cipher suites listed in the below table(not necessarily in the order listed below) assuming you use a RSA certificate:
GnuTLSPriorities: NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+AES-256-CBC:+DHE-RSA:+RSA:+SHA1:+COMP-NULL

No.

Cipher Suite

Hex Value

SSL/TLS Protocol Version

1

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

TLS 1.0|TLS 1.1

2

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

TLS 1.0|TLS 1.1

3

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

TLS 1.0|TLS 1.1

4

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

TLS 1.0|TLS 1.1

 

Table 1.2.3 lists the cipher suites supported by mod_gnutls along with the common keywords categories under the respective cipher suite can be found. Note that since mod_gnutls does not come with its own default configuration sample, a specific cipher suite is not necessarily disabled. As an exception, we can consider the TLS_RSA_EXPORT_WITH_RC4_40_MD5 cipher suite(red shaded), for which we need a separate directive in order to use it(GnuTLSRSAFile). For OpenPGP there aren’t specific cipher suites(for example TLS_DHE_DSS_WITH_AES_128_CBC_SHA works with an OpenPGP certificate, as long as the client adds to its Client Hello message the needed certificate type extension - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0 -).

Table 1.2.4 lists the cipher suites supported by mod_gnutls as well as a specific combination of values to enable just the respective cipher suite(for all the supported SSL/TLS versions, plus the supported compression methods). The Deflate compression is red shaded as in order to use it zlib is needed. For OpenPGP there aren’t specific cipher suites(for example TLS_DHE_DSS_WITH_AES_128_CBC_SHA works with an OpenPGP certificate, as long as the client adds to its Client Hello message the needed certificate type extension - usually this extension is used with TLS 1.0 and TLS 1.1 but not with SSL 3.0 -), just make sure that the OpenPGP server certificate and private key are specified on the server(sometimes a CTYPE-OPENPGP might be needed to add on the server to the GnuTLSPriorities directive).


Table 1.2.1 common mod_gnutls 0.5.5 GnuTLSPriorities keywords

No.

Keyword

Quick Info

1

EXPORT

All the supported cipher suites including the export one, excepting the anonymous DH ones

2

NORMAL

All the supported cipher suites excepting the export and the anonymous DH ones

3

PERFORMANCE

All the supported cipher suites excepting the export and the anonymous DH ones sorted in terms of performance

4

SECURE

All the supported cipher suites excepting the export and the anonymous DH ones sorted in terms of strength

5

SECURE128

All the supported cipher suites excepting the export and the anonymous DH ones up to 128-bit key length

6

SECURE256

All the supported cipher suites excepting the export and the anonymous DH ones sorted in terms of strength

7

NONE

Nothing is enabled(this also disables protocols and compression methods)

 

Table 1.2.2 mod_gnutls 0.5.5 GnuTLSPriorities values that can be added or removed to the common keywords

No.

Keyword

Quick Info

1

3DES-CBC

3DES cipher

2

AES-128-CBC

AES 128-bit cipher

3

AES-256-CBC

AES 256-bit cipher

4

ARCFOUR-40

RC4 export 40-bit cipher

5

ARCFOUR-128

RC4 128-bit

6

CAMELLIA-128-CBC

Camellia 128-bit cipher

7

CAMELLIA-256-CBC

Camellia 256-bit cipher

8

ANON-DH

Anonymous DH

9

DHE-DSS

DSS authenticated DHE key exchange

10

DHE-RSA

RSA authenticated DHE key exchange

11

RSA

RSA authentication and key exchange

12

RSA-EXPORT

RSA-EXPORT authentication and key exchange

13

SRP

SRP authentication

14

SRP-DSS

SRP-DSS authentication

15

SRP-RSA

SRP-RSA authentication

16

MD5

MD5 MAC

17

SHA1

SHA1 MAC

18

COMP-DEFLATE

Deflate compression

19

COMP-NULL

NULL compression

20

VERS-SSL3.0

SSL 3.0

21

VERS-TLS1.0

TLS 1.0

22

VERS-TLS1.1

TLS 1.1

23

%COMPAT

Disable MAC padding to assure compatibility with some broken clients

25

CTYPE-OPENPGP

Certificate type OpenPGP(sometimes you may need to add this to the GnuTLSPriorities directive)

26

CTYPE-X.509

Certificate type X.509


Table 1.2.3 mod_gnutls 0.5.5 (GnuTLS 2.8.6 + Apache 2.2.15) cipher suites(and the categories under the respective cipher suite can be found)

No.

Cipher Suite

Hex Value

SSL/TLS Version

mod_gnutls GnuTLSPriorities

1

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT

2

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

3

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

4

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

5

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

6

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

7

TLS_DH_anon_WITH_RC4_128_MD5

0x0018

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

8

TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

0x001B

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

9

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

10

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

11

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

12

TLS_DH_anon_WITH_AES_128_CBC_SHA

0x0034

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

13

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

14

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

15

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

16

TLS_DH_anon_WITH_AES_256_CBC_SHA

0x003A

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE256:+ANON-DH

17

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

18

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

19

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

20

TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA

0x0046

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE128:+ANON-DH

21

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

22

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

23

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA

0x0087

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

24

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0088

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

25

TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA

0x0089

SSL 3.0|TLS 1.0|TLS 1.1

EXPORT:+ANON-DH|NORMAL:+ANON-DH|PERFORMANCE:+ANON-DH|SECURE:+ANON-DH|SECURE256:+ANON-DH

26

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA

0xC01A

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

27

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

0xC01B

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

28

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

0xC01C

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

29

TLS_SRP_SHA_WITH_AES_128_CBC_SHA

0xC01D

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

30

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

0xC01E

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

31

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

0xC01F

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE128

32

TLS_SRP_SHA_WITH_AES_256_CBC_SHA

0xC020

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

33

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

0xC021

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256

34

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA

0xC022

TLS 1.0|TLS 1.1

EXPORT|NORMAL|PERFORMANCE|SECURE|SECURE256


Table 1.2.4 mod_gnutls 0.5.5 (GnuTLS 2.8.6 + Apache 2.2.15) cipher suites(and a combination of values to enable the respective cipher suite)

No.

Cipher Suite

Hex Value

SSL/TLS Version

mod_gnutls GnuTLSPriorities

1

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-40:+RSA-EXPORT:+MD5:+COMP-NULL:+COMP-DEFLATE

2

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+MD5:+COMP-NULL:+COMP-DEFLATE

3

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

4

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

5

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

6

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

7

TLS_DH_anon_WITH_RC4_128_MD5

0x0018

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+ANON-DH:+MD5:+COMP-NULL:+COMP-DEFLATE

8

TLS_DH_anon_WITH_3DES_EDE_CBC_SHA

0x001B

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+3DES-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE

9

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

10

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

11

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

12

TLS_DH_anon_WITH_AES_128_CBC_SHA

0x0034

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE

13

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

14

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

15

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

16

TLS_DH_anon_WITH_AES_256_CBC_SHA

0x003A

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+AES-256-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE

17

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

18

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

19

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

20

TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA

0x0046

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-128-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE

21

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+ARCFOUR-128:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

22

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

23

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA

0x0087

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+DHE-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

24

TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0088

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+DHE-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

25

TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA

0x0089

SSL 3.0|TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:+CAMELLIA-256-CBC:+ANON-DH:+SHA1:+COMP-NULL:+COMP-DEFLATE

26

TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA

0xC01A

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE

27

TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA

0xC01B

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

28

TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA

0xC01C

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+3DES-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

29

TLS_SRP_SHA_WITH_AES_128_CBC_SHA

0xC01D

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE

30

TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA

0xC01E

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

31

TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA

0xC01F

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-128-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE

32

TLS_SRP_SHA_WITH_AES_256_CBC_SHA

0xC020

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP:+SHA1:+COMP-NULL:+COMP-DEFLATE

33

TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

0xC021

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP-RSA:+SHA1:+COMP-NULL:+COMP-DEFLATE

34

TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA

0xC022

TLS 1.0|TLS 1.1

NONE:+VERS-TLS1.1:+VERS-TLS1.0:+AES-256-CBC:+SRP-DSS:+SHA1:+COMP-NULL:+COMP-DEFLATE


2. Mac OS X

Test


2.1. Safari 5.0.x on Mac OS X 10.5.8 Cipher Suites

Safari 5.0.3 tested, cipher suites listed within Table 2.1.

SSL 2.0 appears to not be supported.

SSL 3.0 and TLS 1.0 are supported and enabled by default.

Table 2.1

No.

Cipher Suite

Hex Value

SSL/TLS Version

1

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0

2

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0

3

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0

4

TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

0x0006

SSL 3.0|TLS 1.0

5

TLS_RSA_EXPORT_WITH_DES40_CBC_SHA

0x0008

SSL 3.0|TLS 1.0

6

TLS_RSA_WITH_DES_CBC_SHA

0x0009

SSL 3.0|TLS 1.0

7

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0

8

TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA

0x0011

SSL 3.0|TLS 1.0

9

TLS_DHE_DSS_WITH_DES_CBC_SHA

0x0012

SSL 3.0|TLS 1.0

10

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0

11

TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA

0x0014

SSL 3.0|TLS 1.0

12

TLS_DHE_RSA_WITH_DES_CBC_SHA

0x0015

SSL 3.0|TLS 1.0

13

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0

14

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0

15

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0

16

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0

17

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0

18

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0

19

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0


2.2. Safari 5.0.x on Mac OS X 10.6.6 Cipher Suites

Safari 5.0.3 tested, cipher suites listed within Table 2.2.

SSL 2.0 appears to not be supported.

SSL 3.0 and TLS 1.0 are supported and enabled by default.

Compared with Mac OS X 10.5.8, Mac OS X 10.6.6 supports some ECC based cipher suites.

Table 2.2

No.

Cipher Suite

Hex Value

SSL/TLS Version

1

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0

2

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0

3

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0

4

TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

0x0006

SSL 3.0|TLS 1.0

5

TLS_RSA_EXPORT_WITH_DES40_CBC_SHA

0x0008

SSL 3.0|TLS 1.0

6

TLS_RSA_WITH_DES_CBC_SHA

0x0009

SSL 3.0|TLS 1.0

7

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0

8

TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA

0x0011

SSL 3.0|TLS 1.0

9

TLS_DHE_DSS_WITH_DES_CBC_SHA

0x0012

SSL 3.0|TLS 1.0

10

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0

11

TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA

0x0014

SSL 3.0|TLS 1.0

12

TLS_DHE_RSA_WITH_DES_CBC_SHA

0x0015

SSL 3.0|TLS 1.0

13

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0

14

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0

15

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0

16

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0

17

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0

18

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0

19

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0

20

TLS_ECDH_ECDSA_WITH_RC4_128_SHA

0xC002

SSL 3.0|TLS 1.0

21

TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA

0xC003

SSL 3.0|TLS 1.0

22

TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA

0xC004

SSL 3.0|TLS 1.0

23

TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA

0xC005

SSL 3.0|TLS 1.0

24

TLS_ECDHE_ECDSA_WITH_RC4_128_SHA

0xC007

SSL 3.0|TLS 1.0

25

TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

0xC008

SSL 3.0|TLS 1.0

26

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

0xC009

SSL 3.0|TLS 1.0

27

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

0xC00A

SSL 3.0|TLS 1.0

28

TLS_ECDH_RSA_WITH_RC4_128_SHA

0xC00C

SSL 3.0|TLS 1.0

29

TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA

0xC00D

SSL 3.0|TLS 1.0

30

TLS_ECDH_RSA_WITH_AES_128_CBC_SHA

0xC00E

SSL 3.0|TLS 1.0

31

TLS_ECDH_RSA_WITH_AES_256_CBC_SHA

0xC00F

SSL 3.0|TLS 1.0

32

TLS_ECDHE_RSA_WITH_RC4_128_SHA

0xC011

SSL 3.0|TLS 1.0

33

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

0xC012

SSL 3.0|TLS 1.0

34

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

0xC013

SSL 3.0|TLS 1.0

35

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

0xC014

SSL 3.0|TLS 1.0


3. NSS(Network Security Services)
NSS 3.12.4 and NSS 3.12.5 were currently analyzed.

NSS is used by browsers(Firefox, Google Chrome), web servers(Apache with mod_nss), etc.

Usually NSS is built with support for ECC(Elliptic Curve Cryptography). However some Linux distros, like Fedora(version 12 as writing), come with support for ECC disabled by default. As a result applications that use NSS, for example the Firefox version that ships with Fedora, will not be able to use ECC cipher suites.

NSS supports the three “popular” elliptic curves(which should assure interoperability):
 - secp256r1(aka NIST P-256)
 - secp384r1(aka NIST P-384)
 - secp521r1(aka NIST P-521)

NSS currently supports: SSL 2.0, SSL 3.0, TLS 1.0.

The current cipher suites implemented by NSS are listed within the security/source/security/nss/lib/ssl/sslenum.c file(if you have downloaded the source code).  Or online at:
http://mxr.mozilla.org/security/source/security/nss/lib/ssl/sslenum.c

DHE cipher suites are not supported on the server side.

As of NSS 3.11, Fortezza based cipher suites have been deprecated.

DH 2236-bit modulus is the NSS upper limitation.
RSA 8192-bit modulus is the NSS upper limitation.

 3.1. NSS 3.12.5 Cipher Suites

Table 3.1 lists the cipher suites currently supported by NSS 3.12.5. For more details about each cipher suite refer to the main tables.
Since the FORTEZZA based cipher suites were deprecated, they are not listed below.

Table 3.1 NSS 3.12.5 Cipher Suites

No.

Cipher Suite

Hex Value

SSL/TLS Version

1

SSL_CK_RC4_128_WITH_MD5

0x010080

SSL 2.0

2

SSL_CK_RC4_128_EXPORT40_WITH_MD5

0x020080

SSL 2.0

3

SSL_CK_RC2_128_CBC_WITH_MD5

0x030080

SSL 2.0

4

SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5

0x040080

SSL 2.0

5

SSL_CK_DES_64_CBC_WITH_MD5

0x060040

SSL 2.0

6

SSL_CK_DES_192_EDE3_CBC_WITH_MD5

0x0700C0

SSL 2.0

7

TLS_RSA_WITH_NULL_MD5

0x0001

SSL 3.0|TLS 1.0

8

TLS_RSA_WITH_NULL_SHA

0x0002

SSL 3.0|TLS 1.0

9

TLS_RSA_EXPORT_WITH_RC4_40_MD5

0x0003

SSL 3.0|TLS 1.0

10

TLS_RSA_WITH_RC4_128_MD5

0x0004

SSL 3.0|TLS 1.0

11

TLS_RSA_WITH_RC4_128_SHA

0x0005

SSL 3.0|TLS 1.0

12

TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5

0x0006

SSL 3.0|TLS 1.0

13

TLS_RSA_WITH_DES_CBC_SHA

0x0009

SSL 3.0|TLS 1.0

14

TLS_RSA_WITH_3DES_EDE_CBC_SHA

0x000A

SSL 3.0|TLS 1.0

15

TLS_DHE_DSS_WITH_DES_CBC_SHA

0x0012

SSL 3.0|TLS 1.0

16

TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

0x0013

SSL 3.0|TLS 1.0

17

TLS_DHE_RSA_WITH_DES_CBC_SHA

0x0015

SSL 3.0|TLS 1.0

18

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

0x0016

SSL 3.0|TLS 1.0

19

TLS_RSA_WITH_AES_128_CBC_SHA

0x002F

SSL 3.0|TLS 1.0

20

TLS_DHE_DSS_WITH_AES_128_CBC_SHA

0x0032

SSL 3.0|TLS 1.0

21

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

0x0033

SSL 3.0|TLS 1.0

22

TLS_RSA_WITH_AES_256_CBC_SHA

0x0035

SSL 3.0|TLS 1.0

23

TLS_DHE_DSS_WITH_AES_256_CBC_SHA

0x0038

SSL 3.0|TLS 1.0

24

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

0x0039

SSL 3.0|TLS 1.0

25

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0041

SSL 3.0|TLS 1.0

26

TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA

0x0044

SSL 3.0|TLS 1.0

27

TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA

0x0045

SSL 3.0|TLS 1.0

28

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA

0x0062

SSL 3.0|TLS 1.0

29

TLS_RSA_EXPORT1024_WITH_RC4_56_SHA

0x0064

SSL 3.0|TLS 1.0

30

TLS_DHE_DSS_WITH_RC4_128_SHA

0x0066

SSL 3.0|TLS 1.0

31

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

0x0084

SSL 3.0|TLS 1.0

32

TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA