Cipher number | Description | FIPS 140-2 | Base security level FMID HCPT420 | Security level 3 FMID JCPT421 |
---|---|---|---|---|
1 | 128-bit RC4 encryption with MD5 message authentication (128-bit secret key) | X | ||
2 | 128-bit RC4 export encryption with MD5 message authentication (40-bit secret key) | X | X | |
3 | 128-bit RC2 encryption with MD5 message authentication (128-bit secret key) | X | ||
4 | 128-bit RC2 export encryption with MD5 message authentication (40-bit secret key) | X | X | |
6 | 56-bit DES encryption with MD5 message authentication (56-bit secret key) | X | X | |
7 | 168-bit Triple DES encryption with MD5 message authentication (168-bit secret key) | X |
2- character cipher number | 4-character cipher number | Short name | Description 1 | FIPS 140-2 | Base security level FMID HCPT420 | Security level 3 FMID JCPT421 |
---|---|---|---|---|---|---|
00 | 0000 | TLS_NULL_WITH_NULL_NULL | No encryption or message authentication and RSA key exchange | X | X | |
01 | 0001 | TLS_RSA_WITH_NULL_MD5 | No encryption with MD5 message authentication and RSA key exchange | X | X | |
02 | 0002 | TLS_RSA_WITH_NULL_SHA | No encryption with SHA-1 message authentication and RSA key exchange | X | X | |
03 | 0003 | TLS_RSA_EXPORT_WITH_RC4_40_MD5 | 40-bit RC4 encryption with MD5 message authentication and RSA (export) key exchange | X | X | |
04 | 0004 | TLS_RSA_WITH_RC4_128_MD5 | 128-bit RC4 encryption with MD5 message authentication and RSA key exchange | X | ||
05 | 0005 | TLS_RSA_WITH_RC4_128_SHA | 128-bit RC4 encryption with SHA-1 message authentication and RSA key exchange | X | ||
06 | 0006 | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 | 40-bit RC2 encryption with MD5 message authentication and RSA (export) key exchange | X | X | |
09 | 0009 | TLS_RSA_WITH_DES_CBC_SHA | 56-bit DES encryption with SHA-1 message authentication and RSA key exchange | X | X | |
0A | 000A | TLS_RSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and RSA key exchange | X | X | |
0C | 000C | TLS_DH_DSS_WITH_DES_CBC_SHA | 56-bit DES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
0D | 000D | TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
0F | 000F | TLS_DH_RSA_WITH_DES_CBC_SHA | 56-bit DES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
10 | 0010 | TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
12 | 0012 | TLS_DHE_DSS_WITH_DES_CBC_SHA | 56-bit DES encryption with SHA-1message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
13 | 0013 | TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
15 | 0015 | TLS_DHE_RSA_WITH_DES_CBC_SHA | 56-bit DES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
16 | 0016 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
2F | 002F | TLS_RSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and RSA key exchange | X | X | |
30 | 0030 | TLS_DH_DSS_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
31 | 0031 | TLS_DH_RSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
32 | 0032 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
33 | 0033 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
35 | 0035 | TLS_RSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and RSA key exchange | X | X | |
36 | 0036 | TLS_DH_DSS_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
37 | 0037 | TLS_DH_RSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
38 | 0038 | TLS_DHE_DSS_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
39 | 0039 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
3B | 003B | TLS_RSA_WITH_NULL_SHA256 | No encryption with SHA-256 message authentication and RSA key exchange | X | X | |
3C | 003C | TLS_RSA_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and RSA key exchange | X | X | |
3D | 003D | TLS_RSA_WITH_AES_256_CBC_SHA256 | 256-bit AES encryption with SHA-256 message authentication and RSA key exchange | X | X | |
3E | 003E | TLS_DH_DSS_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
3F | 003F | TLS_DH_RSA_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
40 | 0040 | TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
67 | 0067 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
68 | 0068 | TLS_DH_DSS_WITH_AES_256_CBC_SHA256 | 256-bit AES encryption with SHA-256 message authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
69 | 0069 | TLS_DH_RSA_WITH_AES_256_CBC_SHA256 | 256-bit AES encryption with SHA-256 message authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
6A | 006A | TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | 256-bit AES encryption with SHA-256 message authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
6B | 006B | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | 256-bit AES encryption with SHA-256 message authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
9C | 009C | TLS_RSA_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and RSA key exchange | X | X | |
9D | 009D | TLS_RSA_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and RSA key exchange | X | X | |
9E | 009E | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
9F | 009F | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and ephemeral Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
A0 | 00A0 | TLS_DH_RSA_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
A1 | 00A1 | TLS_DH_RSA_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and fixed Diffie-Hellman key exchange signed with an RSA certificate | X | X | |
A2 | 00A2 | TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
A3 | 00A3 | TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and ephemeral Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
A4 | 00A4 | TLS_DH_DSS_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
A5 | 00A5 | TLS_DH_DSS_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and fixed Diffie-Hellman key exchange signed with a DSA certificate | X | X | |
C001 | TLS_ECDH_ECDSA_WITH_NULL_SHA | NULL encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C002 | TLS_ECDH_ECDSA_WITH_RC4_128_SHA | 128-bit RC4 encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | |||
C003 | TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C004 | TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C005 | TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C006 | TLS_ECDHE_ECDSA_WITH_NULL_SHA | NULL encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C007 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | 128-bit RC4 encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | |||
C008 | TLS_ECDHE_ECDSA_WITH_3DES_EDE_ |
168-bit Triple DES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C009 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C00A | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C00B | TLS_ECDH_RSA_WITH_NULL_SHA | NULL encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C00C | TLS_ECDH_RSA_WITH_RC4_128_SHA | 128-bit RC4 encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | |||
C00D | TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C00E | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C00F | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C010 | TLS_ECDHE_RSA_WITH_NULL_SHA | NULL encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C011 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | 128-bit RC4 encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | |||
C012 | TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | 168-bit Triple DES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C013 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | 128-bit AES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C014 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | 256-bit AES encryption with SHA-1 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C023 | TLS_ECDHE_ECDSA_WITH_AES_128_ |
128-bit AES encryption with SHA-256 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C024 | TLS_ECDHE_ECDSA_WITH_AES_256_ |
256-bit AES encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C025 | TLS_ECDH_ECDSA_WITH_AES_128_ |
128-bit AES encryption with SHA-256 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C026 | TLS_ECDH_ECDSA_WITH_AES_256_ |
256-bit AES encryption with SHA-384 message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C027 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C028 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | 256-bit AES encryption with SHA-384 message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C029 | TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 | 128-bit AES encryption with SHA-256 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C02A | TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | 256-bit AES encryption with SHA-384 message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C02B | TLS_ECDHE_ECDSA_WITH_AES_128_ |
128-bit AES in Galois Counter Mode encryption with 128-bit AEAD authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C02C | TLS_ECDHE_ECDSA_WITH_AES_256_ |
256-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and ephemeral ECDH key exchange signed with an ECDSA certificate | X | X | ||
C02D | TLS_ECDH_ECDSA_WITH_AES_128_ |
128-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C02E | TLS_ECDH_ECDSA_WITH_AES_256_ |
256-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and fixed ECDH key exchange signed with an ECDSA certificate | X | X | ||
C02F | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C030 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and ephemeral ECDH key exchange signed with an RSA certificate | X | X | ||
C031 | TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 | 128-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X | ||
C032 | TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 | 256-bit AES in Galois Counter Mode encryption with 128-bit AEAD message authentication and fixed ECDH key exchange signed with an RSA certificate | X | X |
1 See Table 4 for more information about the signing algorithm required for the key exchanges.
Cipher suite | Protocol support | Symmetric algorithm | Message MAC | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
4 Char | 2 Char | SSL V3 | TLS V1.0 | TLS V1.1 | TLS V1.2 | RC2 or RC4 | DES or 3DES | AES- CBC 128 | AES- CBC 256 | AES- GCM 128 | AES- GCM 256 | MD5 | SHA 1 | SHA 256 | SHA 384 | AEAD |
0000 | 00 | X | X | X | X | |||||||||||
0001 | 01 | X | X | X | X | X | ||||||||||
0002 | 02 | X | X | X | X | X | ||||||||||
0003 | 03 | X | X | RC4 | X | |||||||||||
0004 | 04 | X | X | X | X | RC4 | X | |||||||||
0005 | 05 | X | X | X | X | RC4 | X | |||||||||
0006 | 06 | X | X | RC2 | X | |||||||||||
0009 | 09 | X | X | X | DES | X | ||||||||||
000A | 0A | X | X | X | X | 3DES | X | |||||||||
000C | 0C | X | X | X | DES | X | ||||||||||
000D | 0D | X | X | X | X | 3DES | X | |||||||||
000F | 0F | X | X | X | DES | X | ||||||||||
0010 | 10 | X | X | X | X | 3DES | X | |||||||||
0012 | 12 | X | X | X | DES | X | ||||||||||
0013 | 13 | X | X | X | X | 3DES | X | |||||||||
0015 | 15 | X | X | X | DES | X | ||||||||||
0016 | 16 | X | X | X | X | 3DES | X | |||||||||
002F | 2F | X | X | X | X | X | X | |||||||||
0030 | 30 | X | X | X | X | X | X | |||||||||
0031 | 31 | X | X | X | X | X | X | |||||||||
0032 | 32 | X | X | X | X | X | X | |||||||||
0033 | 33 | X | X | X | X | X | X | |||||||||
0035 | 35 | X | X | X | X | X | X | |||||||||
0036 | 36 | X | X | X | X | X | X | |||||||||
0037 | 37 | X | X | X | X | X | X | |||||||||
0038 | 38 | X | X | X | X | X | X | |||||||||
0039 | 39 | X | X | X | X | X | X | |||||||||
003B | 3B | X | X | |||||||||||||
003C | 3C | X | X | X | ||||||||||||
003D | 3D | X | X | X | ||||||||||||
003E | 3E | X | X | X | ||||||||||||
003F | 3F | X | X | X | ||||||||||||
0040 | 40 | X | X | X | ||||||||||||
0067 | 67 | X | X | X | ||||||||||||
0068 | 68 | X | X | X | ||||||||||||
0069 | 69 | X | X | X | ||||||||||||
006A | 6A | X | X | X | ||||||||||||
006B | 6B | X | X | X | ||||||||||||
009C | 9C | X | X | X | ||||||||||||
009D | 9D | X | X | X | ||||||||||||
009E | 9E | X | X | X | ||||||||||||
009F | 9F | X | X | X | ||||||||||||
00A0 | A0 | X | X | X | ||||||||||||
00A1 | A1 | X | X | X | ||||||||||||
00A2 | A2 | X | X | X | ||||||||||||
00A3 | A3 | X | X | X | ||||||||||||
00A4 | A4 | X | X | X | ||||||||||||
00A5 | A5 | X | X | X | ||||||||||||
C001 | X | X | X | X | ||||||||||||
C002 | X | X | X | RC4 | X | |||||||||||
C003 | X | X | X | 3DES | X | |||||||||||
C004 | X | X | X | X | X | |||||||||||
C005 | X | X | X | X | X | |||||||||||
C006 | X | X | X | X | ||||||||||||
C007 | X | X | X | RC4 | X | |||||||||||
C008 | X | X | X | 3DES | X | |||||||||||
C009 | X | X | X | X | X | |||||||||||
C00A | X | X | X | X | X | |||||||||||
C00B | X | X | X | X | ||||||||||||
C00C | X | X | X | RC4 | X | |||||||||||
C00D | X | X | X | 3DES | X | |||||||||||
C00E | X | X | X | X | X | |||||||||||
C00F | X | X | X | X | X | |||||||||||
C010 | X | X | X | X | ||||||||||||
C011 | X | X | X | RC4 | X | |||||||||||
C012 | X | X | X | 3DES | X | |||||||||||
C013 | X | X | X | X | X | |||||||||||
C014 | X | X | X | X | X | |||||||||||
C023 | X | X | X | |||||||||||||
C024 | X | X | X | |||||||||||||
C025 | X | X | X | |||||||||||||
C026 | X | X | X | |||||||||||||
C027 | X | X | X | |||||||||||||
C028 | X | X | X | |||||||||||||
C029 | X | X | X | |||||||||||||
C02A | X | X | X | |||||||||||||
C02B | X | X | X | |||||||||||||
C02C | X | X | X | |||||||||||||
C02D | X | X | X | |||||||||||||
C02E | X | X | X | |||||||||||||
C02F | X | X | X | |||||||||||||
C030 | X | X | X | |||||||||||||
C031 | X | X | X | |||||||||||||
C032 | X | X | X |
Cipher suite | RSA key exchange | Fixed Diffie-Hellman key exchange | Ephemeral Diffie-Hellman key exchange | Fixed EC Diffie-Hellman key exchange | Ephemeral EC Diffie-Hellman key exchange | |||||
---|---|---|---|---|---|---|---|---|---|---|
4 Char | 2 Char | Signed by RSA1 | Signed by DSA1 | Signed by RSA1 | Signed by DSA1 | Signed by RSA1 | Signed by ECDSA1 | Signed by RSA1 | Signed by ECDSA1 | |
0000 | 00 | X | ||||||||
0001 | 01 | X | ||||||||
0002 | 02 | X | ||||||||
0003 | 03 | X | ||||||||
0004 | 04 | X | ||||||||
0005 | 05 | X | ||||||||
0006 | 06 | X | ||||||||
0009 | 09 | X | ||||||||
000A | 0A | X | ||||||||
000C | 0C | X | ||||||||
000D | 0D | X | ||||||||
000F | 0F | X | ||||||||
0010 | 10 | X | ||||||||
0012 | 12 | X | ||||||||
0013 | 13 | X | ||||||||
0015 | 15 | X | ||||||||
0016 | 16 | X | ||||||||
002F | 2F | X | ||||||||
0030 | 30 | X | ||||||||
0031 | 31 | X | ||||||||
0032 | 32 | X | ||||||||
0033 | 33 | X | ||||||||
0035 | 35 | X | ||||||||
0036 | 36 | X | ||||||||
0037 | 37 | X | ||||||||
0038 | 38 | X | ||||||||
0039 | 39 | X | ||||||||
003B | 3B | X | ||||||||
003C | 3C | X | ||||||||
003D | 3D | X | ||||||||
003E | 3E | X | ||||||||
003F | 3F | X | ||||||||
0040 | 40 | X | ||||||||
0067 | 67 | X | ||||||||
0068 | 68 | X | ||||||||
0069 | 69 | X | ||||||||
006A | 6A | X | ||||||||
006B | 6B | X | ||||||||
009C | 9C | X | ||||||||
009D | 9D | X | ||||||||
009E | 9E | X | ||||||||
009F | 9F | X | ||||||||
00A0 | A0 | X | ||||||||
00A1 | A1 | X | ||||||||
00A2 | A2 | X | ||||||||
00A3 | A3 | X | ||||||||
00A4 | A4 | X | ||||||||
00A5 | A5 | X | ||||||||
C001 | X | |||||||||
C002 | X | |||||||||
C003 | X | |||||||||
C004 | X | |||||||||
C005 | X | |||||||||
C006 | X | |||||||||
C007 | X | |||||||||
C008 | X | |||||||||
C009 | X | |||||||||
C00A | X | |||||||||
C00B | X | |||||||||
C00C | X | |||||||||
C00D | X | |||||||||
C00E | X | |||||||||
C00F | X | |||||||||
C010 | X | |||||||||
C011 | X | |||||||||
C012 | X | |||||||||
C013 | X | |||||||||
C014 | X | |||||||||
C023 | X | |||||||||
C024 | X | |||||||||
C025 | X | |||||||||
C026 | X | |||||||||
C027 | X | |||||||||
C028 | X | |||||||||
C029 | X | |||||||||
C02A | X | |||||||||
C02B | X | |||||||||
C02C | X | |||||||||
C02D | X | |||||||||
C02E | X | |||||||||
C02F | X | |||||||||
C030 | X | |||||||||
C031 | X | |||||||||
C032 | X |
1 SSL V3, TLS V1.0, and TLS V1.1 imposed restrictions on the signing algorithm that must be used to sign a server certificate when using any cipher suites that use a Diffie-Hellman based key-exchange. The TLS V1.2 protocol does not impose such restriction. If the server certificate signing algorithm is listed in the signature algorithm pairs that are specified by the client, the certificate can be used.
I.A.N.A Elliptic curve enumerator (decimal) | Named curve by standards organizations | ||
---|---|---|---|
SECG | ANSI X9.62 | NIST | |
0019 | secp192r1 | prime192v1 | NIST P-192 |
0021 | secp224r1 | NIST P-224 | |
0023 | secp256r1 | prime256v1 | NIST P-256 |
0024 | secp384r1 | NIST P-384 | |
0025 | secp521r1 | NIST P-521 |
Signature algorithm enumerator | Hash and signature algorithm |
---|---|
0101 | MD5 with RSA |
0201 | SHA-1 with RSA |
0202 | SHA-1 with DSA |
0203 | SHA-1 with ECDSA |
0301 | SHA-224 with RSA |
0302 | SHA-224 with DSA |
0303 | SHA-224 with ECDSA |
0401 | SHA-256 with RSA |
0402 | SHA-256 with DSA |
0403 | SHA-256 with ECDSA |
0501 | SHA-384 with RSA |
0503 | SHA-384 with ECDSA |
0601 | SHA-512 with RSA |
0603 | SHA-512 with ECDSA |