Method SSL.Context()->configure_suite_b()
- Method configure_suite_b
void
configure_suite_b(int(128..)
|void
min_keylength
,int(0..)
|void
strictness_level
)- Description
Configure the context for Suite B compliant operation.
This restricts the context to the cipher suites specified by RFC 6460 in strict mode.
Additional suites may be enabled, but they will only be selected if a Suite B suite isn't available.
- Parameter
min_keylength
Minimum supported key length in bits. Either
128
or192
.- Parameter
strictness_level
Allow additional suites.
(2..)
Strict mode.
Allow only the Suite B suites from RFC 6460 and TLS 1.2.
1
Transitional mode.
Also allow the transitional suites from RFC 5430 for use with TLS 1.0 and 1.1.
0
Permissive mode (default).
Also allow other suites that conform to the minimum key length.
- Note
This function is only present when Suite B compliant operation is possible (ie both elliptic curves and GCM are available).
- Note
Note also that for Suite B server operation compliant certificates need to be added with add_cert().
- See also