diff options
author | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:48:59 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2007-04-23 23:48:59 +0000 |
commit | 96afc1cfd53a0ffcca8544fa751eb9bf17749133 (patch) | |
tree | a21b008f179047a3a4c244c379ec33599bfd77e9 /doc | |
parent | 24a8c25ab5a91b4cf467aef1af3dcc474b1c7df2 (diff) | |
download | openssl-96afc1cfd53a0ffcca8544fa751eb9bf17749133.tar.gz |
Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/ciphers.pod | 39 | ||||
-rw-r--r-- | doc/standards.txt | 9 |
2 files changed, 37 insertions, 11 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index e119d5e62f..22c219bbfb 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -109,8 +109,8 @@ The following is a list of all permitted cipher strings and their meanings. =item B<DEFAULT> -the default cipher list. This is determined at compile time and is normally -B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string +the default cipher list. This is determined at compile time and, as of OpenSSL +0.9.9, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string specified. =item B<COMPLEMENTOFDEFAULT> @@ -121,7 +121,8 @@ not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary). =item B<ALL> -all ciphers suites except the B<eNULL> ciphers which must be explicitly enabled. +all cipher suites except the B<eNULL> ciphers which must be explicitly enabled; +as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default =item B<COMPLEMENTOFALL> @@ -214,6 +215,10 @@ anonymous DH cipher suites. cipher suites using AES. +=item B<CAMELLIA> + +cipher suites using Camellia. + =item B<3DES> cipher suites using triple DES. @@ -234,6 +239,10 @@ cipher suites using RC2. cipher suites using IDEA. +=item B<SEED> + +cipher suites using SEED. + =item B<MD5> cipher suites using MD5. @@ -242,10 +251,6 @@ cipher suites using MD5. cipher suites using SHA1. -=item B<Camellia> - -cipher suites using Camellia. - =back =head1 CIPHER SUITE NAMES @@ -328,10 +333,10 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA - TLS_DH_DSS_WITH_AES_128_CBC_SHA DH-DSS-AES128-SHA - TLS_DH_DSS_WITH_AES_256_CBC_SHA DH-DSS-AES256-SHA - TLS_DH_RSA_WITH_AES_128_CBC_SHA DH-RSA-AES128-SHA - TLS_DH_RSA_WITH_AES_256_CBC_SHA DH-RSA-AES256-SHA + TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented. + TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented. TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA @@ -359,6 +364,18 @@ e.g. DES-CBC3-SHA. In these cases, RSA authentication is used. TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA +=head2 SEED ciphersuites from RFC4162, extending TLS v1.0 + + TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA + + TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented. + TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented. + + TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA + TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA + + TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA + =head2 Additional Export 1024 and other cipher suites Note: these ciphers can also be used in SSL v3. diff --git a/doc/standards.txt b/doc/standards.txt index beb4dbc8c9..7bada8d35f 100644 --- a/doc/standards.txt +++ b/doc/standards.txt @@ -104,6 +104,15 @@ PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. (TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590 bytes) (Status: PROPOSED STANDARD) +4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS). + H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes) + (Status: PROPOSED STANDARD) + +4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon, + D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes) + (Obsoletes RFC4009) (Status: INFORMATIONAL) + + Related: -------- |