[B<-s>]
[B<-v>]
[B<-V>]
-[B<-ssl2>]
[B<-ssl3>]
[B<-tls1>]
+[B<-tls1_1>]
+[B<-tls1_2>]
+[B<-s>]
+[B<-psk>]
[B<-stdname>]
[B<cipherlist>]
is the actual cipher list an application will support. If this option is
not used then ciphers excluded by the security level will still be listed.
+=item B<-psk>
+
+When combined with B<-s> includes cipher suites which require PSK.
+
=item B<-v>
Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+protocol version, key exchange,
authentication, encryption and mac algorithms used along with any key size
restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
=item B<-V>
=item B<-ssl3>
-only include SSL v3 ciphers.
+List the ciphers which would be used if SSL v3 was negotiated.
-=item B<-ssl2>
+=item B<-tls1>
-only include SSL v2 ciphers.
+List the ciphers which would be used if TLS v1.0 was negotiated.
-=item B<-tls1>
+=item B<-tls1_1>
+
+List the ciphers which would be used if TLS v1.1 was negotiated.
-only include TLS v1 ciphers.
+=item B<-tls1_2>
+
+List the ciphers which would be used if TLS v1.2 was negotiated.
=item B<-stdname>
=item B<DEFAULT>
-the default cipher list. This is determined at compile time and, as of OpenSSL
-1.0.0, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string
-specified.
+the default cipher list. This is determined at compile time and
+is B<ALL:!COMPLEMENTOFDEFAULT:!eNULL>. This must be the first cipher
+string specified.
=item B<COMPLEMENTOFDEFAULT>
the ciphers included in B<ALL>, but not enabled by default. Currently
-this is B<ADH> and B<AECDH>. Note that this rule does not cover B<eNULL>,
-which is not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
+this includes all RC4, DES, RC2 and anonymous ciphers. Note that this rule does
+not cover B<eNULL>, which is not included by B<ALL> (use B<COMPLEMENTOFALL> if
+necessary).
=item B<ALL>
=item B<EXPORT56>
-56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
-56 bit export ciphers is empty unless OpenSSL has been explicitly configured
-with support for experimental ciphers.
+56 bit export encryption algorithms. This list is empty.
=item B<eNULL>, B<NULL>
cipher suites using ephemeral ECDH key agreement, including anonymous
cipher suites.
-=item B<ECDHE>, B<EECDHE>
+=item B<ECDHE>, B<EECDH>
cipher suites using authenticated ephemeral ECDH key agreement.
cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
keys.
-=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
-
-ciphers suites using FORTEZZA key exchange, authentication, encryption or all
-FORTEZZA algorithms. Not implemented.
+=item B<TLSv1.2>, B<TLSv1.0>, B<SSLv3>
-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+Lists ciphersuites which are only supported in at least TLS v1.2, TLS v1.0
+or SSL v3.0 respectively. Note: there are no ciphersuites specific to TLS v1.1.
+Since this is only the minimum version if, for example, TLS v1.0 is supported
+then both TLS v1.0 and SSL v3.0 ciphersuites are included.
-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
-there are no ciphersuites specific to TLS v1.1.
+Note: these cipher strings B<do not> change the negotiated version of SSL or
+TLS only the list of cipher suites.
=item B<AES128>, B<AES256>, B<AES>
AES in Galois Counter Mode (GCM): these ciphersuites are only supported
in TLS v1.2.
+=item B<AESCCM>, B<AESCCM8>
+
+AES in Cipher Block Chaining - Message Authentication Mode (CCM): these
+ciphersuites are only supported in TLS v1.2. B<AESCCM> references CCM
+cipher suites using both 16 and 8 octet Integrity Check Value (ICV)
+while B<AESCCM8> only references 8 octet ICV.
+
=item B<CAMELLIA128>, B<CAMELLIA256>, B<CAMELLIA>
cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
=item B<aGOST>
-cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
+cipher suites using GOST R 34.10 (either 2001 or 94) for authentication
(needs an engine supporting GOST algorithms).
=item B<aGOST01>
cipher suites using GOST R 34.10-2001 authentication.
-=item B<aGOST94>
-
-cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
-standard has been expired so use GOST R 34.10-2001)
-
=item B<kGOST>
cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
=item B<PSK>
-cipher suites using pre-shared keys (PSK).
+all cipher suites using pre-shared keys (PSK).
+
+=item B<kPSK>, B<kECDHEPSK>, B<kDHEPSK>, B<kRSAPSK>
+
+cipher suites using PSK key exchange, ECDHE_PSK, DHE_PSK or RSA_PSK.
+
+=item B<aPSK>
+
+cipher suites using PSK authentication (currently all PSK modes apart from
+RSA_PSK).
=item B<SUITEB128>, B<SUITEB128ONLY>, B<SUITEB192>
SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
- SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DH-DSS-DES-CBC-SHA
SSL_DH_DSS_WITH_DES_CBC_SHA DH-DSS-DES-CBC-SHA
SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA DH-DSS-DES-CBC3-SHA
- SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DH-RSA-DES-CBC-SHA
SSL_DH_RSA_WITH_DES_CBC_SHA DH-RSA-DES-CBC-SHA
SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA DH-RSA-DES-CBC3-SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DHE-DSS-DES-CBC-SHA
TLS_DH_anon_WITH_AES_128_GCM_SHA256 ADH-AES128-GCM-SHA256
TLS_DH_anon_WITH_AES_256_GCM_SHA384 ADH-AES256-GCM-SHA384
+ RSA_WITH_AES_128_CCM AES128-CCM
+ RSA_WITH_AES_256_CCM AES256-CCM
+ DHE_RSA_WITH_AES_128_CCM DHE-RSA-AES128-CCM
+ DHE_RSA_WITH_AES_256_CCM DHE-RSA-AES256-CCM
+ RSA_WITH_AES_128_CCM_8 AES128-CCM8
+ RSA_WITH_AES_256_CCM_8 AES256-CCM8
+ DHE_RSA_WITH_AES_128_CCM_8 DHE-RSA-AES128-CCM8
+ DHE_RSA_WITH_AES_256_CCM_8 DHE-RSA-AES256-CCM8
+ ECDHE_ECDSA_WITH_AES_128_CCM ECDHE-ECDSA-AES128-CCM
+ ECDHE_ECDSA_WITH_AES_256_CCM ECDHE-ECDSA-AES256-CCM
+ ECDHE_ECDSA_WITH_AES_128_CCM_8 ECDHE-ECDSA-AES128-CCM8
+ ECDHE_ECDSA_WITH_AES_256_CCM_8 ECDHE-ECDSA-AES256-CCM8
+
=head2 Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 ECDH-RSA-CAMELLIA128-SHA256
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 ECDH-RSA-CAMELLIA256-SHA384
-=head2 Pre shared keying (PSK) cipheruites
-
- TLS_PSK_WITH_RC4_128_SHA PSK-RC4-SHA
- TLS_PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
- TLS_PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
- TLS_PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
-
-=head2 Deprecated SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
-
+=head2 Pre shared keying (PSK) ciphersuites
+
+ PSK_WITH_NULL_SHA PSK-NULL-SHA
+ DHE_PSK_WITH_NULL_SHA DHE-PSK-NULL-SHA
+ RSA_PSK_WITH_NULL_SHA RSA-PSK-NULL-SHA
+
+ PSK_WITH_RC4_128_SHA PSK-RC4-SHA
+ PSK_WITH_3DES_EDE_CBC_SHA PSK-3DES-EDE-CBC-SHA
+ PSK_WITH_AES_128_CBC_SHA PSK-AES128-CBC-SHA
+ PSK_WITH_AES_256_CBC_SHA PSK-AES256-CBC-SHA
+
+ DHE_PSK_WITH_RC4_128_SHA DHE-PSK-RC4-SHA
+ DHE_PSK_WITH_3DES_EDE_CBC_SHA DHE-PSK-3DES-EDE-CBC-SHA
+ DHE_PSK_WITH_AES_128_CBC_SHA DHE-PSK-AES128-CBC-SHA
+ DHE_PSK_WITH_AES_256_CBC_SHA DHE-PSK-AES256-CBC-SHA
+
+ RSA_PSK_WITH_RC4_128_SHA RSA-PSK-RC4-SHA
+ RSA_PSK_WITH_3DES_EDE_CBC_SHA RSA-PSK-3DES-EDE-CBC-SHA
+ RSA_PSK_WITH_AES_128_CBC_SHA RSA-PSK-AES128-CBC-SHA
+ RSA_PSK_WITH_AES_256_CBC_SHA RSA-PSK-AES256-CBC-SHA
+
+ PSK_WITH_AES_128_GCM_SHA256 PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384 PSK-AES256-GCM-SHA384
+ DHE_PSK_WITH_AES_128_GCM_SHA256 DHE-PSK-AES128-GCM-SHA256
+ DHE_PSK_WITH_AES_256_GCM_SHA384 DHE-PSK-AES256-GCM-SHA384
+ RSA_PSK_WITH_AES_128_GCM_SHA256 RSA-PSK-AES128-GCM-SHA256
+ RSA_PSK_WITH_AES_256_GCM_SHA384 RSA-PSK-AES256-GCM-SHA384
+
+ PSK_WITH_AES_128_CBC_SHA256 PSK-AES128-CBC-SHA256
+ PSK_WITH_AES_256_CBC_SHA384 PSK-AES256-CBC-SHA384
+ PSK_WITH_NULL_SHA256 PSK-NULL-SHA256
+ PSK_WITH_NULL_SHA384 PSK-NULL-SHA384
+ DHE_PSK_WITH_AES_128_CBC_SHA256 DHE-PSK-AES128-CBC-SHA256
+ DHE_PSK_WITH_AES_256_CBC_SHA384 DHE-PSK-AES256-CBC-SHA384
+ DHE_PSK_WITH_NULL_SHA256 DHE-PSK-NULL-SHA256
+ DHE_PSK_WITH_NULL_SHA384 DHE-PSK-NULL-SHA384
+ RSA_PSK_WITH_AES_128_CBC_SHA256 RSA-PSK-AES128-CBC-SHA256
+ RSA_PSK_WITH_AES_256_CBC_SHA384 RSA-PSK-AES256-CBC-SHA384
+ RSA_PSK_WITH_NULL_SHA256 RSA-PSK-NULL-SHA256
+ RSA_PSK_WITH_NULL_SHA384 RSA-PSK-NULL-SHA384
+ PSK_WITH_AES_128_GCM_SHA256 PSK-AES128-GCM-SHA256
+ PSK_WITH_AES_256_GCM_SHA384 PSK-AES256-GCM-SHA384
+
+ ECDHE_PSK_WITH_RC4_128_SHA ECDHE-PSK-RC4-SHA
+ ECDHE_PSK_WITH_3DES_EDE_CBC_SHA ECDHE-PSK-3DES-EDE-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA ECDHE-PSK-AES128-CBC-SHA
+ ECDHE_PSK_WITH_AES_256_CBC_SHA ECDHE-PSK-AES256-CBC-SHA
+ ECDHE_PSK_WITH_AES_128_CBC_SHA256 ECDHE-PSK-AES128-CBC-SHA256
+ ECDHE_PSK_WITH_AES_256_CBC_SHA384 ECDHE-PSK-AES256-CBC-SHA384
+ ECDHE_PSK_WITH_NULL_SHA ECDHE-PSK-NULL-SHA
+ ECDHE_PSK_WITH_NULL_SHA256 ECDHE-PSK-NULL-SHA256
+ ECDHE_PSK_WITH_NULL_SHA384 ECDHE-PSK-NULL-SHA384
+
+ PSK_WITH_CAMELLIA_128_CBC_SHA256 PSK-CAMELLIA128-SHA256
+ PSK_WITH_CAMELLIA_256_CBC_SHA384 PSK-CAMELLIA256-SHA384
+
+ DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 DHE-PSK-CAMELLIA128-SHA256
+ DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 DHE-PSK-CAMELLIA256-SHA384
+
+ RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 RSA-PSK-CAMELLIA128-SHA256
+ RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 RSA-PSK-CAMELLIA256-SHA384
+
+ ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-PSK-CAMELLIA128-SHA256
+ ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-PSK-CAMELLIA256-SHA384
+
+ PSK_WITH_AES_128_CCM PSK-AES128-CCM
+ PSK_WITH_AES_256_CCM PSK-AES256-CCM
+ DHE_PSK_WITH_AES_128_CCM DHE-PSK-AES128-CCM
+ DHE_PSK_WITH_AES_256_CCM DHE-PSK-AES256-CCM
+ PSK_WITH_AES_128_CCM_8 PSK-AES128-CCM8
+ PSK_WITH_AES_256_CCM_8 PSK-AES256-CCM8
+ DHE_PSK_WITH_AES_128_CCM_8 DHE-PSK-AES128-CCM8
+ DHE_PSK_WITH_AES_256_CCM_8 DHE-PSK-AES256-CCM8
=head1 NOTES
openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
-Include all chiphers with RSA authentication but leave out ciphers without
+Include all ciphers with RSA authentication but leave out ciphers without
encryption.
openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
=head1 SEE ALSO
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
+L<s_client(1)>, L<s_server(1)>, L<ssl(3)>
=head1 HISTORY
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
-for cipherlist strings were added in OpenSSL 0.9.7.
The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
=cut
projects / openssl.git / blobdiff