- 使用OpenSSL或者Nginx实现SSL/TLS协议时,都需要指定加密套件。
- 一般指定这样指定就可以了,表示指定加密套件为任意算法,但身份认证算法和加密算法不能为空。这样客户端和服务端就会自动协商一个加密套件进行通信。
ssl_ciphers ALL:!aNULL; #Nginx配置加密套件
SSL_CTX_set_cipher_list(ServerCTX, “ALL:!aNULL”); #openssl接口配置加密套件
- 但如果想自己指定加密套件,就可以使用以下列表中的一种。
序号 | 加密套件(完整名称) | 加密套件(openssl接口指定名称) | 版本 | 密钥协商算法 | 身份验证算法 | 加密算法 | MAC |
---|---|---|---|---|---|---|---|
1 | TLS_AES_256_GCM_SHA384 | TLS_AES_256_GCM_SHA384 | TLSv1.3 | any | any | AESGCM(256) | AEAD |
2 | TLS_CHACHA20_POLY1305_SHA256 | TLS_CHACHA20_POLY1305_SHA256 | TLSv1.3 | any | any | CHACHA20/POLY1305(256) | AEAD |
3 | TLS_AES_128_GCM_SHA256 | TLS_AES_128_GCM_SHA256 | TLSv1.3 | any | any | AESGCM(128) | AEAD |
4 | TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | ECDHE-ECDSA-AES256-GCM-SHA384 | TLSv1.2 | ECDH | ECDSA | AESGCM(256) | AEAD |
5 | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | ECDHE-RSA-AES256-GCM-SHA384 | TLSv1.2 | ECDH | RSA | AESGCM(256) | AEAD |
6 | TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | DHE-RSA-AES256-GCM-SHA384 | TLSv1.2 | DH | RSA | AESGCM(256) | AEAD |
7 | TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-ECDSA-CHACHA20-POLY1305 | TLSv1.2 | ECDH | ECDSA | CHACHA20/POLY1305(256) | AEAD |
8 | TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-RSA-CHACHA20-POLY1305 | TLSv1.2 | ECDH | RSA | CHACHA20/POLY1305(256) | AEAD |
9 | TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | DHE-RSA-CHACHA20-POLY1305 | TLSv1.2 | DH | RSA | CHACHA20/POLY1305(256) | AEAD |
10 | TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | ECDHE-ECDSA-AES128-GCM-SHA256 | TLSv1.2 | ECDH | ECDSA | AESGCM(128) | AEAD |
11 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | ECDHE-RSA-AES128-GCM-SHA256 | TLSv1.2 | ECDH | RSA | AESGCM(128) | AEAD |
12 | TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | DHE-RSA-AES128-GCM-SHA256 | TLSv1.2 | DH | RSA | AESGCM(128) | AEAD |
13 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | ECDHE-ECDSA-AES256-SHA384 | TLSv1.2 | ECDH | ECDSA | AES(256) | SHA384 |
14 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | ECDHE-RSA-AES256-SHA384 | TLSv1.2 | ECDH | RSA | AES(256) | SHA384 |
15 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | DHE-RSA-AES256-SHA256 | TLSv1.2 | DH | RSA | AES(256) | SHA256 |
16 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | ECDHE-ECDSA-AES128-SHA256 | TLSv1.2 | ECDH | ECDSA | AES(128) | SHA256 |
17 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | ECDHE-RSA-AES128-SHA256 | TLSv1.2 | ECDH | RSA | AES(128) | SHA256 |
18 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 | DHE-RSA-AES128-SHA256 | TLSv1.2 | DH | RSA | AES(128) | SHA256 |
19 | TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | ECDHE-ECDSA-AES256-SHA | TLSv1 | ECDH | ECDSA | AES(256) | SHA1 |
20 | TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | ECDHE-RSA-AES256-SHA | TLSv1 | ECDH | RSA | AES(256) | SHA1 |
21 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA | DHE-RSA-AES256-SHA | SSLv3 | DH | RSA | AES(256) | SHA1 |
22 | TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA | ECDHE-ECDSA-AES128-SHA | TLSv1 | ECDH | ECDSA | AES(128) | SHA1 |
23 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | ECDHE-RSA-AES128-SHA | TLSv1 | ECDH | RSA | AES(128) | SHA1 |
24 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA | DHE-RSA-AES128-SHA | SSLv3 | DH | RSA | AES(128) | SHA1 |
25 | RSA_PSK_WITH_AES_256_GCM_SHA384 | RSA-PSK-AES256-GCM-SHA384 | TLSv1.2 | RSAPSK | RSA | AESGCM(256) | AEAD |
26 | DHE_PSK_WITH_AES_256_GCM_SHA384 | DHE-PSK-AES256-GCM-SHA384 | TLSv1.2 | DHEPSK | PSK | AESGCM(256) | AEAD |
27 | TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 | RSA-PSK-CHACHA20-POLY1305 | TLSv1.2 | RSAPSK | RSA | CHACHA20/POLY1305(256) | AEAD |
28 | TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | DHE-PSK-CHACHA20-POLY1305 | TLSv1.2 | DHEPSK | PSK | CHACHA20/POLY1305(256) | AEAD |
29 | TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | ECDHE-PSK-CHACHA20-POLY1305 | TLSv1.2 | ECDHEPSK | PSK | CHACHA20/POLY1305(256) | AEAD |
30 | TLS_RSA_WITH_AES_256_GCM_SHA384 | AES256-GCM-SHA384 | TLSv1.2 | RSA | RSA | AESGCM(256) | AEAD |
31 | PSK_WITH_AES_256_GCM_SHA384 | PSK-AES256-GCM-SHA384 | TLSv1.2 | PSK | PSK | AESGCM(256) | AEAD |
32 | TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 | PSK-CHACHA20-POLY1305 | TLSv1.2 | PSK | PSK | CHACHA20/POLY1305(256) | AEAD |
33 | RSA_PSK_WITH_AES_128_GCM_SHA256 | RSA-PSK-AES128-GCM-SHA256 | TLSv1.2 | RSAPSK | RSA | AESGCM(128) | AEAD |
34 | DHE_PSK_WITH_AES_128_GCM_SHA256 | DHE-PSK-AES128-GCM-SHA256 | TLSv1.2 | DHEPSK | PSK | AESGCM(128) | AEAD |
35 | TLS_RSA_WITH_AES_128_GCM_SHA256 | AES128-GCM-SHA256 | TLSv1.2 | RSA | RSA | AESGCM(128) | AEAD |
36 | PSK_WITH_AES_128_GCM_SHA256 | PSK-AES128-GCM-SHA256 | TLSv1.2 | PSK | PSK | AESGCM(128) | AEAD |
37 | TLS_RSA_WITH_AES_256_CBC_SHA256 | AES256-SHA256 | TLSv1.2 | RSA | RSA | AES(256) | SHA256 |
38 | TLS_RSA_WITH_AES_128_CBC_SHA256 | AES128-SHA256 | TLSv1.2 | RSA | RSA | AES(128) | SHA256 |
39 | ECDHE_PSK_WITH_AES_256_CBC_SHA384 | ECDHE-PSK-AES256-CBC-SHA384 | TLSv1 | ECDHEPSK | PSK | AES(256) | SHA384 |
40 | ECDHE_PSK_WITH_AES_256_CBC_SHA | ECDHE-PSK-AES256-CBC-SHA | TLSv1 | ECDHEPSK | PSK | AES(256) | SHA1 |
41 | RSA_PSK_WITH_AES_256_CBC_SHA384 | RSA-PSK-AES256-CBC-SHA384 | TLSv1 | RSAPSK | RSA | AES(256) | SHA384 |
42 | DHE_PSK_WITH_AES_256_CBC_SHA384 | DHE-PSK-AES256-CBC-SHA384 | TLSv1 | DHEPSK | PSK | AES(256) | SHA384 |
43 | RSA_PSK_WITH_AES_256_CBC_SHA | RSA-PSK-AES256-CBC-SHA | SSLv3 | RSAPSK | RSA | AES(256) | SHA1 |
44 | DHE_PSK_WITH_AES_256_CBC_SHA | DHE-PSK-AES256-CBC-SHA | SSLv3 | DHEPSK | PSK | AES(256) | SHA1 |
45 | TLS_RSA_WITH_AES_256_CBC_SHA | AES256-SHA | SSLv3 | RSA | RSA | AES(256) | SHA1 |
46 | PSK_WITH_AES_256_CBC_SHA384 | PSK-AES256-CBC-SHA384 | TLSv1 | PSK | PSK | AES(256) | SHA384 |
47 | PSK_WITH_AES_256_CBC_SHA | PSK-AES256-CBC-SHA | SSLv3 | PSK | PSK | AES(256) | SHA1 |
48 | ECDHE_PSK_WITH_AES_128_CBC_SHA256 | ECDHE-PSK-AES128-CBC-SHA256 | TLSv1 | ECDHEPSK | PSK | AES(128) | SHA256 |
49 | ECDHE_PSK_WITH_AES_128_CBC_SHA | ECDHE-PSK-AES128-CBC-SHA | TLSv1 | ECDHEPSK | PSK | AES(128) | SHA1 |
50 | RSA_PSK_WITH_AES_128_CBC_SHA256 | RSA-PSK-AES128-CBC-SHA256 | TLSv1 | RSAPSK | RSA | AES(128) | SHA256 |
自我介绍一下,小编13年上海交大毕业,曾经在小公司待过,也去过华为、OPPO等大厂,18年进入阿里一直到现在。
深知大多数网络安全工程师,想要提升技能,往往是自己摸索成长,但自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!
因此收集整理了一份《2024年网络安全全套学习资料》,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友。
既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,基本涵盖了95%以上网络安全知识点,真正体系化!
由于文件比较大,这里只是将部分目录大纲截图出来,每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频,并且后续会持续更新
如果你觉得这些内容对你有帮助,可以添加VX:vip204888 (备注网络安全获取)
得这些内容对你有帮助,可以添加VX:vip204888 (备注网络安全获取)**
[外链图片转存中…(img-VNPDUBIb-1712792181103)]