OpenSSL Curve Names, Algorithms, and Options

Information about the OpenSSL curve names and options supported by DSG.

Curve Name	Description
secp112r1	SECG/WTLS curve over a 112-bit prime field
secp112r2	SECG curve over a 112-bit prime field
secp128r1	SECG curve over a 128-bit prime field
secp128r2	SECG curve over a 128-bit prime field
secp160k1	SECG curve over a 160-bit prime field
secp160r1	SECG curve over a 160-bit prime field
secp160r2	SECG/WTLS curve over a 160-bit prime field
secp192k1	SECG curve over a 192-bit prime field
secp224k1	SECG curve over a 224-bit prime field
secp224r1	NIST/SECG curve over a 224-bit prime field
secp256k1	SECG curve over a 256-bit prime field
secp384r1	NIST/SECG curve over a 384-bit prime field
secp521r1	NIST/SECG curve over a 521-bit prime field
prime192v1	NIST/X9.62/SECG curve over a 192-bit prime field
prime192v2	X9.62 curve over a 192-bit prime field
prime192v3	X9.62 curve over a 192-bit prime field
prime239v1	X9.62 curve over a 239-bit prime field
prime239v2	X9.62 curve over a 239-bit prime field
prime239v3	X9.62 curve over a 239-bit prime field
prime256v1	X9.62/SECG curve over a 256-bit prime field
sect113r1	SECG curve over a 113-bit binary field
sect113r2	SECG curve over a 113-bit binary field
sect131r1	SECG/WTLS curve over a 131-bit binary field
sect131r2	SECG curve over a 131-bit binary field
sect163k1	NIST/SECG/WTLS curve over a 163-bit binary field
sect163r1	SECG curve over a 163-bit binary field
sect163r2	NIST/SECG curve over a 163-bit binary field
sect193r1	SECG curve over a 193-bit binary field
sect193r2	SECG curve over a 193-bit binary field
sect233k1	NIST/SECG/WTLS curve over a 233-bit binary field
sect233r1	NIST/SECG/WTLS curve over a 233-bit binary field
sect239k1	SECG curve over a 239-bit binary field
sect283k1	NIST/SECG curve over a 283-bit binary field
sect283r1	NIST/SECG curve over a 283-bit binary field
sect409k1	NIST/SECG curve over a 409-bit binary field
sect409r1	NIST/SECG curve over a 409-bit binary field
sect571k1	NIST/SECG curve over a 571-bit binary field
sect571r1	NIST/SECG curve over a 571-bit binary field
c2pnb163v1	X9.62 curve over a 163-bit binary field
c2pnb163v2	X9.62 curve over a 163-bit binary field
c2pnb163v3	X9.62 curve over a 163-bit binary field
c2pnb176v1	X9.62 curve over a 176-bit binary field
c2tnb191v1	X9.62 curve over a 191-bit binary field
c2tnb191v2	X9.62 curve over a 191-bit binary field
c2tnb191v3	X9.62 curve over a 191-bit binary field
c2pnb208w1	X9.62 curve over a 208-bit binary field
c2tnb239v1	X9.62 curve over a 239-bit binary field
c2tnb239v2	X9.62 curve over a 239-bit binary field
c2tnb239v3	X9.62 curve over a 239-bit binary field
c2pnb272w1	X9.62 curve over a 272-bit binary field
c2pnb304w1	X9.62 curve over a 304-bit binary field
c2tnb359v1	X9.62 curve over a 359-bit binary field
c2pnb368w1	X9.62 curve over a 368-bit binary field
c2tnb431r1	X9.62 curve over a 431-bit binary field
wap-wsg-idm-ecid-wtls1	WTLS curve over a 113-bit binary field
wap-wsg-idm-ecid-wtls3	NIST/SECG/WTLS curve over a 163-bit binary field
wap-wsg-idm-ecid-wtls4	SECG curve over a 113-bit binary field
wap-wsg-idm-ecid-wtls5	X9.62 curve over a 163-bit binary field
wap-wsg-idm-ecid-wtls6	SECG/WTLS curve over a 112-bit prime field
wap-wsg-idm-ecid-wtls7	SECG/WTLS curve over a 160-bit prime field
wap-wsg-idm-ecid-wtls8	WTLS curve over a 112-bit prime field
wap-wsg-idm-ecid-wtls9	WTLS curve over a 160-bit prime field
wap-wsg-idm-ecid-wtls10	NIST/SECG/WTLS curve over a 233-bit binary field
wap-wsg-idm-ecid-wtls11	NIST/SECG/WTLS curve over a 233-bit binary field
wap-wsg-idm-ecid-wtls12	WTLS curve over a 224-bit prime field

Options	Description
OP_ALL	Enables workarounds for various bugs present in other SSL implementations. This option is set by default. It does not necessarily set the same flags as OpenSSL’s SSL_OP_ALL constant.
OP_NO_SSLv2	Prevents an SSLv2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv2 as the protocol version.
OP_NO_SSLv3	Prevents an SSLv3 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv3 as the protocol version.
OP_NO_TLSv1	Prevents a TLSv1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1 as the protocol version.
OP_NO_TLSv1_1	Prevents a TLSv1.1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.1 as the protocol version. Available only with openSSL version 1.0.1+.
OP_NO_TLSv1_2	Prevents a TLSv1.2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.2 as the protocol version. Available only with openSSL version 1.0.1+.
OP_CIPHER_SERVER_PREFERENCE	Use the server’s cipher ordering preference, rather than the client’s. This option has no effect on client sockets and SSLv2 server sockets.
OP_SINGLE_DH_USE	Prevents re-use of the same DH key for distinct SSL sessions. This improves forward secrecy but requires more computational resources. This option only applies to server sockets.
OP_SINGLE_ECDH_USE	Prevents re-use of the same ECDH key for distinct SSL sessions. This improves forward secrecy but requires more computational resources. This option only applies to server sockets.
OP_NO_COMPRESSION	Disable compression on the SSL channel. This is useful if the application protocol supports its own compression scheme. This option is only available with OpenSSL 1.0.0 and later

Last modified February 7, 2025