Lines Matching refs:cipher

6 ciphers - SSL cipher display and cipher list tool
30 The B<ciphers> command converts textual OpenSSL cipher lists into ordered
31 SSL cipher preference lists. It can be used as a test tool to determine
45 minimum and maximum protocol version. This is closer to the actual cipher list
61 When combined with B<-s> includes cipher suites which require PSK.
65 When combined with B<-s> includes cipher suites which require SRP.
69 Verbose output: For each cipher suite, list details as provided by
74 Like B<-v>, but include the official cipher suite values in hex.
85 Precede each cipher suite by its standard name.
89 Convert a standard cipher B<name> to its OpenSSL name.
102 A cipher list of TLSv1.2 and below ciphersuites to convert to a cipher
104 have been configured. If it is not included then the default cipher list will be
111 The cipher list consists of one or more I<cipher strings> separated by colons.
114 The actual cipher string can take several different forms.
116 It can consist of a single cipher suite such as B<RC4-SHA>.
118 It can represent a list of cipher suites containing a certain algorithm, or
119 cipher suites of a certain type. For example B<SHA1> represents all ciphers
123 Lists of cipher suites can be combined in a single cipher string using the
125 B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
128 Each cipher string can be optionally preceded by the characters B<!>,
146 The cipher string B<@STRENGTH> can be used at any point to sort the current
147 cipher list in order of encryption algorithm key length.
149 The cipher string B<@SECLEVEL=n> can be used at any point to set the security
153 The cipher list can be prefixed with the B<DEFAULT> keyword, which enables
154 the default cipher list as defined below. Unlike cipher strings,
163 The following is a list of all permitted cipher strings and their meanings.
172 necessary). Note that RC4 based cipher suites are not built into OpenSSL by
177 All cipher suites except the B<eNULL> ciphers (which must be explicitly enabled
179 As of OpenSSL 1.0.0, the B<ALL> cipher suites are sensibly ordered by default.
183 The cipher suites not enabled by B<ALL>, currently B<eNULL>.
187 "High" encryption cipher suites. This currently means those with key lengths
188 larger than 128 bits, and some cipher suites with 128-bit keys.
192 "Medium" encryption cipher suites, currently some of those using 128 bit
197 "Low" encryption cipher suites, currently those using 64 or 56 bit
198 encryption algorithms but excluding export cipher suites. All these
199 cipher suites have been removed as of OpenSSL 1.1.0.
205 B<DEFAULT> or B<ALL> cipher strings.
212 The cipher suites offering no authentication. This is currently the anonymous
213 DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable
230 All these cipher suites have been removed in OpenSSL 1.1.0.
234 Cipher suites using ephemeral DH key agreement, including anonymous cipher
243 Anonymous DH cipher suites, note that this does not include anonymous Elliptic
244 Curve DH (ECDH) cipher suites.
249 cipher suites.
257 Anonymous Elliptic Curve Diffie-Hellman cipher suites.
267 All these cipher suites have been removed in OpenSSL 1.1.0.
276 Lists cipher suites which are only supported in at least TLS v1.2, TLS v1.0 or
278 Note: there are no cipher suites specific to TLS v1.1.
280 then both TLSv1.0 and SSLv3.0 cipher suites are available.
282 Note: these cipher strings B<do not> change the negotiated version of SSL or
283 TLS, they only affect the list of available cipher suites.
287 cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.
291 AES in Galois Counter Mode (GCM): these cipher suites are only supported
297 cipher suites are only supported in TLS v1.2. B<AESCCM> references CCM
298 cipher suites using both 16 and 8 octet Integrity Check Value (ICV)
322 All these cipher suites have been removed in OpenSSL 1.1.0.
375 All cipher suites using pre-shared keys (PSK).
391 If used these cipherstrings should appear first in the cipher
397 used and only the two suite B compliant cipher suites
405 The following lists give the SSL or TLS cipher suites names from the
407 that several cipher suite names do not include the authentication used,
410 =head2 SSL v3.0 cipher suites
431 =head2 TLS v1.0 cipher suites
448 =head2 AES cipher suites from RFC3268, extending TLS v1.0
466 =head2 Camellia cipher suites from RFC4132, extending TLS v1.0
484 =head2 SEED cipher suites from RFC4162, extending TLS v1.0
496 =head2 GOST cipher suites from draft-chudov-cryptopro-cptls, extending TLS v1.0
506 =head2 Additional Export 1024 and other cipher suites
512 =head2 Elliptic curve cipher suites.
532 =head2 TLS v1.2 cipher suites
589 =head2 ARIA cipher suites from RFC6209, extending TLS v1.2
610 =head2 Camellia HMAC-Based cipher suites from RFC6367, extending TLS v1.2
617 =head2 Pre-shared keying (PSK) cipher suites
691 =head2 ChaCha20-Poly1305 cipher suites, extending TLS v1.2
701 =head2 TLS v1.3 cipher suites