gnutls on RHEL5

Details of the capabilities of gnutls-1.4.1 on RHEL5

This article is part of the Securing Applications Collection

Due to the serious issues with the design of TLS and implementation issues in openssl uncovered during the lifetime of RHEL6 you should always use the latest version but at least

gnutls-1.4.1-16.el5_10

Capabilities

Protocols

TLSv1.1
TLSv1
SSLv3

Ciphers

TLS_ANON_DH_ARCFOUR_MD5                             0x00, 0x18  SSL3.0
TLS_ANON_DH_3DES_EDE_CBC_SHA1                       0x00, 0x1b  SSL3.0
TLS_ANON_DH_AES_128_CBC_SHA1                        0x00, 0x34  SSL3.0
TLS_ANON_DH_AES_256_CBC_SHA1                        0x00, 0x3a  SSL3.0
TLS_ANON_DH_CAMELLIA_128_CBC_SHA1                   0x00, 0x46  TLS1.0
TLS_ANON_DH_CAMELLIA_256_CBC_SHA1                   0x00, 0x89  TLS1.0
TLS_PSK_SHA_ARCFOUR_SHA1                            0x00, 0x8a  TLS1.0
TLS_PSK_SHA_3DES_EDE_CBC_SHA1                       0x00, 0x8b  TLS1.0
TLS_PSK_SHA_AES_128_CBC_SHA1                        0x00, 0x8c  TLS1.0
TLS_PSK_SHA_AES_256_CBC_SHA1                        0x00, 0x8d  TLS1.0
TLS_DHE_PSK_SHA_ARCFOUR_SHA1                        0x00, 0x8e  TLS1.0
TLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1                   0x00, 0x8f  TLS1.0
TLS_DHE_PSK_SHA_AES_128_CBC_SHA1                    0x00, 0x90  TLS1.0
TLS_DHE_PSK_SHA_AES_256_CBC_SHA1                    0x00, 0x91  TLS1.0
TLS_SRP_SHA_3DES_EDE_CBC_SHA1                       0xc0, 0x1a  TLS1.0
TLS_SRP_SHA_AES_128_CBC_SHA1                        0xc0, 0x1d  TLS1.0
TLS_SRP_SHA_AES_256_CBC_SHA1                        0xc0, 0x20  TLS1.0
TLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1                   0xc0, 0x1c  TLS1.0
TLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1                   0xc0, 0x1b  TLS1.0
TLS_SRP_SHA_DSS_AES_128_CBC_SHA1                    0xc0, 0x1f  TLS1.0
TLS_SRP_SHA_RSA_AES_128_CBC_SHA1                    0xc0, 0x1e  TLS1.0
TLS_SRP_SHA_DSS_AES_256_CBC_SHA1                    0xc0, 0x22  TLS1.0
TLS_SRP_SHA_RSA_AES_256_CBC_SHA1                    0xc0, 0x21  TLS1.0
TLS_DHE_DSS_ARCFOUR_SHA1                            0x00, 0x66  TLS1.0
TLS_DHE_DSS_3DES_EDE_CBC_SHA1                       0x00, 0x13  SSL3.0
TLS_DHE_DSS_AES_128_CBC_SHA1                        0x00, 0x32  SSL3.0
TLS_DHE_DSS_AES_256_CBC_SHA1                        0x00, 0x38  SSL3.0
TLS_DHE_RSA_3DES_EDE_CBC_SHA1                       0x00, 0x16  SSL3.0
TLS_DHE_RSA_AES_128_CBC_SHA1                        0x00, 0x33  SSL3.0
TLS_DHE_RSA_AES_256_CBC_SHA1                        0x00, 0x39  SSL3.0
TLS_RSA_NULL_MD5                                    0x00, 0x01  SSL3.0
TLS_RSA_EXPORT_ARCFOUR_40_MD5                       0x00, 0x03  SSL3.0
TLS_RSA_ARCFOUR_SHA1                                0x00, 0x05  SSL3.0
TLS_RSA_ARCFOUR_MD5                                 0x00, 0x04  SSL3.0
TLS_RSA_3DES_EDE_CBC_SHA1                           0x00, 0x0a  SSL3.0
TLS_RSA_AES_128_CBC_SHA1                            0x00, 0x2f  SSL3.0
TLS_RSA_AES_256_CBC_SHA1                            0x00, 0x35  SSL3.0

Certificates

certificates with RSA keys and SHA-1 signatures.

Hashes

md5 message digest algorithm
sha1 message digest algorithm

Additional Notes

Capabilities as given by gnutls-cli

$ gnutls-cli -l

Certificate types: X.509, OPENPGP
Protocols: TLS1.0, TLS1.1, SSL3.0
Ciphers: AES-256-CBC, AES-128-CBC, 3DES-CBC, ARCFOUR, ARCFOUR-40
MACs: MD5, RMD160, SHA1
Key exchange algorithms: RSA, RSA-EXPORT, DHE-DSS, DHE-RSA, DHE-PSK, PSK, SRP, SRP-RSA, SRP-DSS, ANON-DH
Compression methods: DEFLATE, LZO, NULL

Select Your Language

Capabilities

Protocols

Ciphers

Certificates

Hashes

Additional Notes

Capabilities as given by gnutls-cli

Comments

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Capabilities

Protocols

Ciphers

Certificates

Hashes

Additional Notes

Capabilities as given by gnutls-cli

Comments

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links