Skip to content

Latest commit

 

History

History
68 lines (49 loc) · 2.59 KB

readme.md

File metadata and controls

68 lines (49 loc) · 2.59 KB

#ciphersuite-name-converter

A simple CLI (and possibly web) library/script to convert between (in either direction) openSSL and SSL/TLS ciphersuite names.

For example, you may have a standard SSL/TLS ciphersuite string given to you as a requirement, for (a contrived) example:

SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA

Which you want to use in an application which requires openssl format ciphersuite strings (for me, this is often nginx - although admittedly nginx is capable of being built with several TLS libraries nowadays). So you would want to convert the above to an openssl:

#convert-tls-to-openssl "SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384 SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA"

#ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA

You can then configure your application with the above openssl format ciphersuite string.

##Requirements

  • NodeJS or IOJS
  • npm or git (see below)

##Installation The simplest way is via npm (-g for global install which make it globally availanle in your *nix CLI):

npm install ciphersuite-name-converter -g

Or via git clone:

git clone https://github.com/neilstuartcraig/ciphersuite-name-converter.git
npm install -g

##Usage

Get help:
convert-openssl-to-tls -h
convert-tls-to-openssl -h

Convert openSSL to TLS cipher string: 
convert-openssl-to-tls <ciphersuite string>

Convert TLS to openSSL cipher string: 
convert-tls-to-openssl <ciphersuite string>

###Ciphersuite ordering The output (converted) ciphersuite names will be in the same order as the input - ordering is preserved.

###Separators ####Input Input ciphersuite lists can use spaces or commas (or a mixture thereof) as separators

####Outputs Conversions from TLS/SSL to openSSL format use : as a separator in the output.
Conversions from openSSL to TLS/SSL format use space as a separator in the output.

##Semver This project aims to maintain the semver version numbering scheme.

##Credits The mapping between SSL/TLS and openssl ciphersuite names is derived from a page on openssl.org which describes the relationships

##License MIT