Supported ciphers
cipher_dcmtk.txt is the intersection of the OpenSSL library supported
cipher list, cmd: openssl ciphers -v "ALL:eNULL"
and DCMTK library cipher
suite list, cipher name and keySize
separated with white space.
Supported ciphers:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 256
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256
- TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 128
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 128
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 128
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 128
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA 256
- TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256
- TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 128
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA 128
- TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128
- TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 128
- TLS_RSA_WITH_AES_256_GCM_SHA384 256
- TLS_RSA_WITH_AES_128_GCM_SHA256 128
- TLS_RSA_WITH_AES_256_CBC_SHA256 256
- TLS_RSA_WITH_AES_128_CBC_SHA256 128
- TLS_RSA_WITH_AES_256_CBC_SHA 256
- TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256
- TLS_RSA_WITH_AES_128_CBC_SHA 128
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128
- TLS_RSA_WITH_NULL_SHA 0
Unsupported cipher suites
Some security profiles do not specify cipher suites. For example:
- Extended BCP 195 TLS: Additional cipher suites not permitted.
- BCP 195 TLS:
- Non-downgrading BCP 195 TLS.
- Basic TLS Secure Transport Connection.
- AES TLS Secure Transport Connection: Unencrypted cipher suite (
keySize=0, NULL-SHA
).