Method SSL.Context()->configure_suite_b()
- Method
configure_suite_b
voidconfigure_suite_b(int(128..)|voidmin_keylength,int(0..)|voidstrictness_level)- Description
Configure the context for Suite B compliant operation.
This restricts the context to the cipher suites specified by RFC 6460 in strict mode.
Additional suites may be enabled, but they will only be selected if a Suite B suite isn't available.
- Parameter
min_keylength Minimum supported key length in bits. Either
128or192.- Parameter
strictness_level Allow additional suites.
(2..)Strict mode.
Allow only the Suite B suites from RFC 6460 and TLS 1.2.
1Transitional mode.
Also allow the transitional suites from RFC 5430 for use with TLS 1.0 and 1.1.
0Permissive mode (default).
Also allow other suites that conform to the minimum key length.
- Note
This function is only present when Suite B compliant operation is possible (ie both elliptic curves and GCM are available).
- Note
Note also that for Suite B server operation compliant certificates need to be added with add_cert().
- See also