[gnutls-devel] cipher suites
Stefan Bühler
stbuehler at lighttpd.net
Fri Oct 25 12:56:25 CEST 2013
Hi,
On Fri, 25 Oct 2013 09:53:02 +0200
Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> > TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
> > TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
>
> These two exist though.
Ah. I used the kx, cipher and mac (prf for AEAD mac) algorithm names to
generate the "official" TLS names. You configured these two to have
mac=SHA256 - which is why i couldn't find them. I guess they should use
mac=SHA384, right?
From some naming inconsistencies aside I think all other names match the
specified algorithms, although I didn't check whether the 16-bit id
matches the official listing.
The inconsistencies are:
* ARCFOUR is ARCFOUR_128 in ECDH* ciphers
* if the mac is SHA1 and the cipher not a SALSA20 one, PSK, DHE-PSK and
RSA-PSK become *PSK-SHA
More information about the Gnutls-devel
mailing list