This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

OpenSSL Curve Names, Algorithms, and Options

Information about the OpenSSL curve names and options supported by DSG.
    Curve NameDescription
    secp112r1SECG/WTLS curve over a 112-bit prime field
    secp112r2SECG curve over a 112-bit prime field
    secp128r1SECG curve over a 128-bit prime field
    secp128r2SECG curve over a 128-bit prime field
    secp160k1SECG curve over a 160-bit prime field
    secp160r1SECG curve over a 160-bit prime field
    secp160r2SECG/WTLS curve over a 160-bit prime field
    secp192k1SECG curve over a 192-bit prime field
    secp224k1SECG curve over a 224-bit prime field
    secp224r1NIST/SECG curve over a 224-bit prime field
    secp256k1SECG curve over a 256-bit prime field
    secp384r1NIST/SECG curve over a 384-bit prime field
    secp521r1NIST/SECG curve over a 521-bit prime field
    prime192v1NIST/X9.62/SECG curve over a 192-bit prime field
    prime192v2X9.62 curve over a 192-bit prime field
    prime192v3X9.62 curve over a 192-bit prime field
    prime239v1X9.62 curve over a 239-bit prime field
    prime239v2X9.62 curve over a 239-bit prime field
    prime239v3X9.62 curve over a 239-bit prime field
    prime256v1X9.62/SECG curve over a 256-bit prime field
    sect113r1SECG curve over a 113-bit binary field
    sect113r2SECG curve over a 113-bit binary field
    sect131r1SECG/WTLS curve over a 131-bit binary field
    sect131r2SECG curve over a 131-bit binary field
    sect163k1NIST/SECG/WTLS curve over a 163-bit binary field
    sect163r1SECG curve over a 163-bit binary field
    sect163r2NIST/SECG curve over a 163-bit binary field
    sect193r1SECG curve over a 193-bit binary field
    sect193r2SECG curve over a 193-bit binary field
    sect233k1NIST/SECG/WTLS curve over a 233-bit binary field
    sect233r1NIST/SECG/WTLS curve over a 233-bit binary field
    sect239k1SECG curve over a 239-bit binary field
    sect283k1NIST/SECG curve over a 283-bit binary field
    sect283r1NIST/SECG curve over a 283-bit binary field
    sect409k1NIST/SECG curve over a 409-bit binary field
    sect409r1NIST/SECG curve over a 409-bit binary field
    sect571k1NIST/SECG curve over a 571-bit binary field
    sect571r1NIST/SECG curve over a 571-bit binary field
    c2pnb163v1X9.62 curve over a 163-bit binary field
    c2pnb163v2X9.62 curve over a 163-bit binary field
    c2pnb163v3X9.62 curve over a 163-bit binary field
    c2pnb176v1X9.62 curve over a 176-bit binary field
    c2tnb191v1X9.62 curve over a 191-bit binary field
    c2tnb191v2X9.62 curve over a 191-bit binary field
    c2tnb191v3X9.62 curve over a 191-bit binary field
    c2pnb208w1X9.62 curve over a 208-bit binary field
    c2tnb239v1X9.62 curve over a 239-bit binary field
    c2tnb239v2X9.62 curve over a 239-bit binary field
    c2tnb239v3X9.62 curve over a 239-bit binary field
    c2pnb272w1X9.62 curve over a 272-bit binary field
    c2pnb304w1X9.62 curve over a 304-bit binary field
    c2tnb359v1X9.62 curve over a 359-bit binary field
    c2pnb368w1X9.62 curve over a 368-bit binary field
    c2tnb431r1X9.62 curve over a 431-bit binary field
    wap-wsg-idm-ecid-wtls1WTLS curve over a 113-bit binary field
    wap-wsg-idm-ecid-wtls3NIST/SECG/WTLS curve over a 163-bit binary field
    wap-wsg-idm-ecid-wtls4SECG curve over a 113-bit binary field
    wap-wsg-idm-ecid-wtls5X9.62 curve over a 163-bit binary field
    wap-wsg-idm-ecid-wtls6SECG/WTLS curve over a 112-bit prime field
    wap-wsg-idm-ecid-wtls7SECG/WTLS curve over a 160-bit prime field
    wap-wsg-idm-ecid-wtls8WTLS curve over a 112-bit prime field
    wap-wsg-idm-ecid-wtls9WTLS curve over a 160-bit prime field
    wap-wsg-idm-ecid-wtls10NIST/SECG/WTLS curve over a 233-bit binary field
    wap-wsg-idm-ecid-wtls11NIST/SECG/WTLS curve over a 233-bit binary field
    wap-wsg-idm-ecid-wtls12WTLS curve over a 224-bit prime field
    OptionsDescription
    OP_ALLEnables workarounds for various bugs present in other SSL implementations. This option is set by default. It does not necessarily set the same flags as OpenSSL’s SSL_OP_ALL constant.
    OP_NO_SSLv2Prevents an SSLv2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv2 as the protocol version.
    OP_NO_SSLv3Prevents an SSLv3 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing SSLv3 as the protocol version.
    OP_NO_TLSv1Prevents a TLSv1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1 as the protocol version.
    OP_NO_TLSv1_1Prevents a TLSv1.1 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.1 as the protocol version. Available only with openSSL version 1.0.1+.
    OP_NO_TLSv1_2Prevents a TLSv1.2 connection. This option is only applicable in conjunction with PROTOCOL_SSLv23. It prevents the peers from choosing TLSv1.2 as the protocol version. Available only with openSSL version 1.0.1+.
    OP_CIPHER_SERVER_PREFERENCEUse the server’s cipher ordering preference, rather than the client’s. This option has no effect on client sockets and SSLv2 server sockets.
    OP_SINGLE_DH_USEPrevents re-use of the same DH key for distinct SSL sessions. This improves forward secrecy but requires more computational resources. This option only applies to server sockets.
    OP_SINGLE_ECDH_USEPrevents re-use of the same ECDH key for distinct SSL sessions. This improves forward secrecy but requires more computational resources. This option only applies to server sockets.
    OP_NO_COMPRESSIONDisable compression on the SSL channel. This is useful if the application protocol supports its own compression scheme. This option is only available with OpenSSL 1.0.0 and later