skip to main content
Reference : SSL Encryption Cipher Suites
 

Try DataDirect Drivers Now

SSL Encryption Cipher Suites

Refer to "Using Security" in the DataDirect Connect Series for ODBC User’s Guide for information about using Secure Sockets Layer (SSL) data encryption with the drivers. Transport Layer Security (TLS) protocols are supported as listed in this chapter.
The following tables list the SSL and encryption cipher suites supported by the DataDirect Connect for ODBC driver. The driver attempts to negotiate the supported cipher suites with the server using OpenSSL cipher suites.
The following table shows the OpenSSL encryption cipher suites that the driver can use if it can negotiate SSL v2 with the server, with the name of the corresponding SSL v2 encryption cipher suites.
Table 100. OpenSSL Cipher Suites to SSL v2 Cipher Suites
OpenSSL Cipher Suite
SSL Encryption Cipher Suite
DES-CBC-MD5
SSL_CK_DES_64_CBC_WITH_MD5
DES-CBC3-MD5
SSL_CK_DES_192_EDE3_CBC_WITH_MD5
EXP-RC2-CBC-MD5
SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5
EXP-RC4-MD5
SSL_CK_RC4_128_EXPORT40_WITH_MD5
RC2-CBC-MD5
SSL_CK_RC2_128_CBC_WITH_MD5
RC4-MD5
SSL_CK_RC4_128_WITH_MD5
The following table shows the OpenSSL encryption cipher suites that the driver can use if it can negotiate SSL v3 with the server, with the name of the corresponding SSL v3 encryption cipher suites.
Table 101. Mapping OpenSSL Cipher Suites to SSL v3 Cipher Suites
OpenSSL Cipher Suite
SSL v3 Cipher Suite
AES128-GCM-SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
AES128-SHA
TLS_RSA_WITH_AES_128_CBC_SHA1
AES128-SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
AES256-GCM-SHA384
TLS_RSA_WITH_AES_256_GCM_SHA384
AES256-SHA
TLS_RSA_WITH_AES_256_CBC_SHA 2
AES256-SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
DES-CBC3-SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
DES-CBC-SHA
SSL_RSA_WITH_DES_CBC_SHA
DHE-DSS-AES128-GCM-SHA256
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
DHE-DSS-AES128-SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA3
DHE-DSS-AES128-SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
DHE-DSS-AES256-GCM-SHA384
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
DHE-DSS-AES256-SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA4
DHE-DSS-AES256-SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
DHE-DSS-SEED-SHA
TLS_DHE_DSS_WITH_SEED_CBC_SHA5
DHE-RSA-AES128-GCM-SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DHE-RSA-AES128-SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA6
DHE-RSA-AES128-SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
DHE-RSA-AES256-GCM-SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DHE-RSA-AES256-SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA7
DHE-RSA-AES256-SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
DHE-RSA-SEED-SHA
TLS_DHE_RSA_WITH_SEED_CBC_SHA8
EDH-DSS-DES-CBC3-SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
EDH-DSS-DES-CBC-SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
EDH-RSA-DES-CBC3-SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
EDH-RSA-DES-CBC-SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
EXP-DES-CBC-SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
EXP-EDH-DSS-DES-CBC-SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
EXP-EDH-RSA-DES-CBC-SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
EXP-RC2-CBC-MD5
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
EXP-RC4-MD5
SSL_RSA_EXPORT_WITH_RC4_40_MD5
PSK-3DES-EDE-CBC-SHA
TLS_PSK_WITH_3DES_EDE_CBC_SHA
PSK-AES128-CBC-SHA
TLS_PSK_WITH_AES_128_CBC_SHA
PSK-AES256-CBC-SHA
TLS_PSK_WITH_AES_256_CBC_SHA
PSK-RC4-SHA
TLS_PSK_WITH_RC4_128_SHA
RC4-MD5
SSL_RSA_WITH_RC4_128_MD5
RC4-SHA
SSL_RSA_WITH_RC4_128_SHA
SEED-SHA
TLS_RSA_WITH_SEED_CBC_SHA9
SRP-3DES-EDE-CBC-SHA
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
SRP-AES-128-CBC-SHA
TLS_SRP_SHA_WITH_AES_128_CBC_SHA
SRP-AES-256-CBC-SHA
TLS_SRP_SHA_WITH_AES_256_CBC_SHA
SRP-DSS-3DES-EDE-CBC-SHA
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
SRP-DSS-AES-128-CBC-SHA
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
SRP-DSS-AES-256-CBC-SHA
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
SRP-RSA-3DES-EDE-CBC-SHA
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
SRP-RSA-AES-128-CBC-SHA
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
SRP-RSA-AES-256-CBC-SHA
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

1 AES cipher suites from RFC3268 are used to extend TLS v1.

2 AES cipher suites from RFC3268 are used to extend TLS v1.

3 AES cipher suites from RFC3268 are used to extend TLS v1.

4 AES cipher suites from RFC3268 are used to extend TLS v1.

5 Seed cipher suites from RFC4162 are used to extend TLS v1.

6 AES cipher suites from RFC3268 are used to extend TLS v1.

7 AES cipher suites from RFC3268 are used to extend TLS v1.

8 Seed cipher suites from RFC4162 are used to extend TLS v1.

9 Seed cipher suites from RFC4162 are used to extend TLS v1.

The following table shows the OpenSSL Encryption Cipher suites that the driver can use if it can negotiate TLS v1.0, TLS v1.1, and TLS v1.2 with the server, with the name of the corresponding cipher suites.
Table 102. Mapping OpenSSL Encryption Cipher Suites to TLS v1.0, TLS v1.1, and TLS v1.2 Cipher Suites
OpenSSL Cipher Suite
Maps to TLS v1 Cipher Suite
AES128-GCM-SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
AES128-SHA
TLS_RSA_WITH_AES_128_CBC_SHA1
AES128-SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
AES256-GCM-SHA384
TLS_RSA_WITH_AES_256_GCM_SHA384
AES256-SHA
TLS_RSA_WITH_AES_256_CBC_SHA2
AES256-SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
DES-CBC3-SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
DES-CBC-SHA
TLS_RSA_WITH_DES_CBC_SHA
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA3
DHE-DSS-AES128-SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
DHE-DSS-AES256-GCM-SHA384
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
DHE-DSS-AES256-SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA4
DHE-DSS-AES256-SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
DHE-DSS-SEED-SHA
TLS_DHE_DSS_WITH_SEED_CBC_SHA5
DHE-RSA-AES128-GCM-SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DHE-RSA-AES128-SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA6
DHE-RSA-AES128-SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
DHE-RSA-AES256-GCM-SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DHE-RSA-AES256-SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA7
DHE-RSA-AES256-SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
DHE-RSA-SEED-SHA
TLS_DHE_RSA_WITH_SEED_CBC_SHA8
EDH-DSS-DES-CBC3-SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
EDH-DSS-DES-CBC-SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
EDH-RSA-DES-CBC3-SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
EDH-RSA-DES-CBC-SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
EXP-DES-CBC-SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
EXP-EDH-DSS-DES-CBC-SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
EXP-EDH-RSA-DES-CBC-SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
EXP-RC2-CBC-MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
EXP-RC4-MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
PSK-3DES-EDE-CBC-SHA
TLS_PSK_WITH_3DES_EDE_CBC_SHA
PSK-AES128-CBC-SHA
TLS_PSK_WITH_AES_128_CBC_SHA
PSK-AES256-CBC-SHA
TLS_PSK_WITH_AES_256_CBC_SHA
PSK-RC4-SHA
TLS_PSK_WITH_RC4_128_SHA
RC4-MD5
TLS_RSA_WITH_RC4_128_MD5
RC4-SHA
TLS_RSA_WITH_RC4_128_SHA
SEED-SHA
TLS_RSA_WITH_SEED_CBC_SHA9
SRP-3DES-EDE-CBC-SHA
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
SRP-AES-128-CBC-SHA
TLS_SRP_SHA_WITH_AES_128_CBC_SHA
SRP-AES-128-CBC-SHA
TLS_SRP_SHA_WITH_AES_128_CBC_SHA
SRP-AES-256-CBC-SHA
TLS_SRP_SHA_WITH_AES_256_CBC_SHA
SRP-DSS-3DES-EDE-CBC-SHA
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
SRP-DSS-AES-128-CBC-SHA
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
SRP-DSS-AES-256-CBC-SHA
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
SRP-RSA-3DES-EDE-CBC-SHA
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
SRP-RSA-AES-128-CBC-SHA
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
SRP-RSA-AES-256-CBC-SHA
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA

1 AES cipher suites from RFC3268, extending TLS v1

2 AES cipher suites from RFC3268, extending TLS v1

3 AES cipher suites from RFC3268, extending TLS v1

4 AES cipher suites from RFC3268, extending TLS v1

5 Seed cipher suites from RFC4162 are used to extend TLS v1.

6 AES cipher suites from RFC3268, extending TLS v1

7 AES cipher suites from RFC3268, extending TLS v1

8 Seed cipher suites from RFC4162 are used to extend TLS v1.

9 Seed cipher suites from RFC4162 are used to extend TLS v1.

Reference:
OpenSSL Cryptography and SSL/TLS Toolkit