Skip to content

Instantly share code, notes, and snippets.

@vpereira

vpereira/gist:8543492

Last active January 4, 2016 00:39
Show Gist options
  • Save vpereira/8543492 to your computer and use it in GitHub Desktop.
Save vpereira/8543492 to your computer and use it in GitHub Desktop.
Download ZIP
some translations gnutls -> openssl and vice-versa
Raw
gistfile1.md

gnutls NORMAL ciphersuite to openssl

./gnutls NORMAL | ./cipher_translate.rb gnutls_to_openssl


TLS_RSA_AES_128_GCM_SHA256 -> -
TLS_RSA_AES_128_CBC_SHA1 -> -
TLS_RSA_AES_128_CBC_SHA256 -> -
TLS_RSA_AES_256_CBC_SHA1 -> AES256-SHA
TLS_RSA_AES_256_CBC_SHA256 -> -
TLS_RSA_CAMELLIA_128_CBC_SHA1 -> CAMELLIA128-SHA
TLS_RSA_CAMELLIA_256_CBC_SHA1 -> CAMELLIA256-SHA
TLS_RSA_3DES_EDE_CBC_SHA1 -> -
TLS_RSA_ARCFOUR_SHA1 -> RC4-SHA
TLS_RSA_ARCFOUR_MD5 -> RC4-MD5
TLS_DHE_RSA_AES_128_GCM_SHA256 -> -
TLS_DHE_RSA_AES_128_CBC_SHA1 -> DHE-RSA-AES128-SHA
TLS_DHE_RSA_AES_128_CBC_SHA256 -> DHE-RSA-AES128-SHA256
TLS_DHE_RSA_AES_256_CBC_SHA1 -> DHE-RSA-AES256-SHA
TLS_DHE_RSA_AES_256_CBC_SHA256 -> -
TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 -> DHE-RSA-CAMELLIA128-SHA
TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 -> DHE-RSA-CAMELLIA256-SHA
TLS_DHE_RSA_3DES_EDE_CBC_SHA1 -> EDH-RSA-DES-CBC3-SHA
TLS_DHE_DSS_AES_128_GCM_SHA256 -> -
TLS_DHE_DSS_AES_128_CBC_SHA1 -> DHE-DSS-AES128-SHA
TLS_DHE_DSS_AES_128_CBC_SHA256 -> DHE-DSS-AES128-SHA256
TLS_DHE_DSS_AES_256_CBC_SHA1 -> DHE-DSS-AES256-SHA
TLS_DHE_DSS_AES_256_CBC_SHA256 -> -
TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 -> DHE-DSS-CAMELLIA128-SHA
TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 -> DHE-DSS-CAMELLIA256-SHA
TLS_DHE_DSS_3DES_EDE_CBC_SHA1 -> EDH-DSS-DES-CBC3-SHA
TLS_DHE_DSS_ARCFOUR_SHA1 -> -

gnutls PFS ciphersuite to openssl

./gnutls PFS | ./cipher_translate.rb gnutls_to_openssl

TLS_DHE_RSA_AES_128_GCM_SHA256 -> -
TLS_DHE_RSA_AES_128_CBC_SHA1 -> DHE-RSA-AES128-SHA
TLS_DHE_RSA_AES_128_CBC_SHA256 -> DHE-RSA-AES128-SHA256
TLS_DHE_RSA_AES_256_CBC_SHA1 -> DHE-RSA-AES256-SHA
TLS_DHE_RSA_AES_256_CBC_SHA256 -> -
TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 -> DHE-RSA-CAMELLIA128-SHA
TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 -> DHE-RSA-CAMELLIA256-SHA
TLS_DHE_RSA_3DES_EDE_CBC_SHA1 -> EDH-RSA-DES-CBC3-SHA
TLS_DHE_DSS_AES_128_GCM_SHA256 -> -
TLS_DHE_DSS_AES_128_CBC_SHA1 -> DHE-DSS-AES128-SHA
TLS_DHE_DSS_AES_128_CBC_SHA256 -> DHE-DSS-AES128-SHA256
TLS_DHE_DSS_AES_256_CBC_SHA1 -> DHE-DSS-AES256-SHA
TLS_DHE_DSS_AES_256_CBC_SHA256 -> -
TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1 -> DHE-DSS-CAMELLIA128-SHA
TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1 -> DHE-DSS-CAMELLIA256-SHA
TLS_DHE_DSS_3DES_EDE_CBC_SHA1 -> EDH-DSS-DES-CBC3-SHA
TLS_DHE_DSS_ARCFOUR_SHA1 -> -

openssl default suite to gnutls

openssl ciphers DEFAULT -V | ./cipher_translate.rb openssl_to_gnutls

ECDHE-RSA-AES256-GCM-SHA384 -> -
ECDHE-ECDSA-AES256-GCM-SHA384 -> -
ECDHE-RSA-AES256-SHA384 -> -
ECDHE-ECDSA-AES256-SHA384 -> -
ECDHE-RSA-AES256-SHA -> -
ECDHE-ECDSA-AES256-SHA -> -
SRP-DSS-AES-256-CBC-SHA -> -
SRP-RSA-AES-256-CBC-SHA -> -
DHE-DSS-AES256-GCM-SHA384 -> -
DHE-RSA-AES256-GCM-SHA384 -> -
DHE-RSA-AES256-SHA256 -> -
DHE-DSS-AES256-SHA256 -> -
DHE-RSA-AES256-SHA -> TLS_DHE_RSA_AES_256_CBC_SHA1
DHE-DSS-AES256-SHA -> TLS_DHE_DSS_AES_256_CBC_SHA1
DHE-RSA-CAMELLIA256-SHA -> TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1
DHE-DSS-CAMELLIA256-SHA -> TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1
ECDH-RSA-AES256-GCM-SHA384 -> -
ECDH-ECDSA-AES256-GCM-SHA384 -> -
ECDH-RSA-AES256-SHA384 -> -
ECDH-ECDSA-AES256-SHA384 -> -
ECDH-RSA-AES256-SHA -> -
ECDH-ECDSA-AES256-SHA -> -
AES256-GCM-SHA384 -> -
AES256-SHA256 -> -
AES256-SHA -> TLS_RSA_AES_256_CBC_SHA1
CAMELLIA256-SHA -> TLS_RSA_CAMELLIA_256_CBC_SHA1
PSK-AES256-CBC-SHA -> -
ECDHE-RSA-DES-CBC3-SHA -> -
ECDHE-ECDSA-DES-CBC3-SHA -> -
SRP-DSS-3DES-EDE-CBC-SHA -> -
SRP-RSA-3DES-EDE-CBC-SHA -> -
EDH-RSA-DES-CBC3-SHA -> TLS_DHE_RSA_3DES_EDE_CBC_SHA1
EDH-DSS-DES-CBC3-SHA -> TLS_DHE_DSS_3DES_EDE_CBC_SHA1
ECDH-RSA-DES-CBC3-SHA -> -
ECDH-ECDSA-DES-CBC3-SHA -> -
DES-CBC3-SHA -> -
PSK-3DES-EDE-CBC-SHA -> -
ECDHE-RSA-AES128-GCM-SHA256 -> -
ECDHE-ECDSA-AES128-GCM-SHA256 -> -
ECDHE-RSA-AES128-SHA256 -> -
ECDHE-ECDSA-AES128-SHA256 -> -
ECDHE-RSA-AES128-SHA -> -
ECDHE-ECDSA-AES128-SHA -> -
SRP-DSS-AES-128-CBC-SHA -> -
SRP-RSA-AES-128-CBC-SHA -> -
DHE-DSS-AES128-GCM-SHA256 -> -
DHE-RSA-AES128-GCM-SHA256 -> -
DHE-RSA-AES128-SHA256 -> TLS_DHE_RSA_AES_128_CBC_SHA256
DHE-DSS-AES128-SHA256 -> TLS_DHE_DSS_AES_128_CBC_SHA256
DHE-RSA-AES128-SHA -> TLS_DHE_RSA_AES_128_CBC_SHA1
DHE-DSS-AES128-SHA -> TLS_DHE_DSS_AES_128_CBC_SHA1
DHE-RSA-SEED-SHA -> -
DHE-DSS-SEED-SHA -> -
DHE-RSA-CAMELLIA128-SHA -> TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1
DHE-DSS-CAMELLIA128-SHA -> TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1
ECDH-RSA-AES128-GCM-SHA256 -> -
ECDH-ECDSA-AES128-GCM-SHA256 -> -
ECDH-RSA-AES128-SHA256 -> -
ECDH-ECDSA-AES128-SHA256 -> -
ECDH-RSA-AES128-SHA -> -
ECDH-ECDSA-AES128-SHA -> -
AES128-GCM-SHA256 -> -
AES128-SHA256 -> -
AES128-SHA -> -
SEED-SHA -> -
CAMELLIA128-SHA -> TLS_RSA_CAMELLIA_128_CBC_SHA1
PSK-AES128-CBC-SHA -> -
ECDHE-RSA-RC4-SHA -> -
ECDHE-ECDSA-RC4-SHA -> -
ECDH-RSA-RC4-SHA -> -
ECDH-ECDSA-RC4-SHA -> -
RC4-SHA -> TLS_RSA_ARCFOUR_SHA1
RC4-MD5 -> TLS_RSA_ARCFOUR_MD5
PSK-RC4-SHA -> -
EDH-RSA-DES-CBC-SHA -> -
EDH-DSS-DES-CBC-SHA -> -
DES-CBC-SHA -> -
EXP-EDH-RSA-DES-CBC-SHA -> -
EXP-EDH-DSS-DES-CBC-SHA -> -
EXP-DES-CBC-SHA -> -
EXP-RC2-CBC-MD5 -> -
EXP-RC4-MD5 -> -

possible default suse cipher

openssl ciphers 'HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH' -V | ./cipher_translate.rb \ openssl_to_gnutls


ECDHE-RSA-AES256-GCM-SHA384 -> -
ECDHE-ECDSA-AES256-GCM-SHA384 -> -
ECDHE-RSA-AES256-SHA384 -> -
ECDHE-ECDSA-AES256-SHA384 -> -
ECDHE-RSA-AES256-SHA -> -
ECDHE-ECDSA-AES256-SHA -> -
SRP-DSS-AES-256-CBC-SHA -> -
SRP-RSA-AES-256-CBC-SHA -> -
DHE-DSS-AES256-GCM-SHA384 -> -
DHE-RSA-AES256-GCM-SHA384 -> -
DHE-RSA-AES256-SHA256 -> -
DHE-DSS-AES256-SHA256 -> -
DHE-RSA-AES256-SHA -> TLS_DHE_RSA_AES_256_CBC_SHA1
DHE-DSS-AES256-SHA -> TLS_DHE_DSS_AES_256_CBC_SHA1
DHE-RSA-CAMELLIA256-SHA -> TLS_DHE_RSA_CAMELLIA_256_CBC_SHA1
DHE-DSS-CAMELLIA256-SHA -> TLS_DHE_DSS_CAMELLIA_256_CBC_SHA1
ECDH-RSA-AES256-GCM-SHA384 -> -
ECDH-ECDSA-AES256-GCM-SHA384 -> -
ECDH-RSA-AES256-SHA384 -> -
ECDH-ECDSA-AES256-SHA384 -> -
ECDH-RSA-AES256-SHA -> -
ECDH-ECDSA-AES256-SHA -> -
AES256-GCM-SHA384 -> -
AES256-SHA256 -> -
AES256-SHA -> TLS_RSA_AES_256_CBC_SHA1
CAMELLIA256-SHA -> TLS_RSA_CAMELLIA_256_CBC_SHA1
ECDHE-RSA-AES128-GCM-SHA256 -> -
ECDHE-ECDSA-AES128-GCM-SHA256 -> -
ECDHE-RSA-AES128-SHA256 -> -
ECDHE-ECDSA-AES128-SHA256 -> -
ECDHE-RSA-AES128-SHA -> -
ECDHE-ECDSA-AES128-SHA -> -
SRP-DSS-AES-128-CBC-SHA -> -
SRP-RSA-AES-128-CBC-SHA -> -
DHE-DSS-AES128-GCM-SHA256 -> -
DHE-RSA-AES128-GCM-SHA256 -> -
DHE-RSA-AES128-SHA256 -> TLS_DHE_RSA_AES_128_CBC_SHA256
DHE-DSS-AES128-SHA256 -> TLS_DHE_DSS_AES_128_CBC_SHA256
DHE-RSA-AES128-SHA -> TLS_DHE_RSA_AES_128_CBC_SHA1
DHE-DSS-AES128-SHA -> TLS_DHE_DSS_AES_128_CBC_SHA1
DHE-RSA-CAMELLIA128-SHA -> TLS_DHE_RSA_CAMELLIA_128_CBC_SHA1
DHE-DSS-CAMELLIA128-SHA -> TLS_DHE_DSS_CAMELLIA_128_CBC_SHA1
ECDH-RSA-AES128-GCM-SHA256 -> -
ECDH-ECDSA-AES128-GCM-SHA256 -> -
ECDH-RSA-AES128-SHA256 -> -
ECDH-ECDSA-AES128-SHA256 -> -
ECDH-RSA-AES128-SHA -> -
ECDH-ECDSA-AES128-SHA -> -
AES128-GCM-SHA256 -> -
AES128-SHA256 -> -
AES128-SHA -> -
CAMELLIA128-SHA -> TLS_RSA_CAMELLIA_128_CBC_SHA1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment