openssl-ciphers.1 - OpenGrok cross reference for /freebsd/secure/usr.bin/openssl/man/openssl-ciphers.1

Lines Matching full:s0
166 ordered \s-1SSL\s0 cipher preference lists. It can be used to
188 \&\s-1PSK\s0 and \s-1SRP\s0 ciphers are not enabled by default: they require \fB\-psk\fR or \fB\-sr…
194 depending on the configured certificates and presence of \s-1DH\s0 parameters.
200 When combined with \fB\-s\fR includes cipher suites which require \s-1PSK.\s0
203 When combined with \fB\-s\fR includes cipher suites which require \s-1SRP.\s0 This option
247 It can consist of a single cipher suite such as \fB\s-1RC4\-SHA\s0\fR.
250 cipher suites of a certain type. For example \fB\s-1SHA1\s0\fR represents all ciphers
251 suites using the digest algorithm \s-1SHA1\s0 and \fBSSLv3\fR represents all \s-1SSL\s0 v3
256 \&\fB\s-1SHA1+DES\s0\fR represents all cipher suites containing the \s-1SHA1\s0 \fBand\fR the \s-1D…
284 The cipher list can be prefixed with the \fB\s-1DEFAULT\s0\fR keyword, which enables
287 For example, \fB\s-1DEFAULT+DES\s0\fR is not valid.
290 corresponds to \fB\s-1ALL:\s0!COMPLEMENTOFDEFAULT:!eNULL\fR.
294 .IP "\fB\s-1COMPLEMENTOFDEFAULT\s0\fR" 4
296 The ciphers included in \fB\s-1ALL\s0\fR, but not enabled by default. Currently
297 this includes all \s-1RC4\s0 and anonymous ciphers. Note that this rule does
298 not cover \fBeNULL\fR, which is not included by \fB\s-1ALL\s0\fR (use \fB\s-1COMPLEMENTOFALL\s0\fR …
299 necessary). Note that \s-1RC4\s0 based cipher suites are not built into OpenSSL by
301 .IP "\fB\s-1ALL\s0\fR" 4
305 As of OpenSSL 1.0.0, the \fB\s-1ALL\s0\fR cipher suites are sensibly ordered by default.
306 .IP "\fB\s-1COMPLEMENTOFALL\s0\fR" 4
308 The cipher suites not enabled by \fB\s-1ALL\s0\fR, currently \fBeNULL\fR.
309 .IP "\fB\s-1HIGH\s0\fR" 4
313 .IP "\fB\s-1MEDIUM\s0\fR" 4
317 .IP "\fB\s-1LOW\s0\fR" 4
322 .IP "\fBeNULL\fR, \fB\s-1NULL\s0\fR" 4
324 The \*(L"\s-1NULL\*(R"\s0 ciphers that is those offering no encryption. Because these offer no
326 \&\fB\s-1DEFAULT\s0\fR or \fB\s-1ALL\s0\fR cipher strings.
333 \&\s-1DH\s0 algorithms and anonymous \s-1ECDH\s0 algorithms. These cipher suites are vulnerable
335 These are excluded from the \fB\s-1DEFAULT\s0\fR ciphers, but included in the \fB\s-1ALL\s0\fR
338 \&\fBkDHE\fR or \fB\s-1AES\s0\fR as these do overlap with the \fBaNULL\fR ciphers.
340 .IP "\fBkRSA\fR, \fBaRSA\fR, \fB\s-1RSA\s0\fR" 4
342 Cipher suites using \s-1RSA\s0 key exchange or authentication. \fB\s-1RSA\s0\fR is an alias for
346 Cipher suites using static \s-1DH\s0 key agreement and \s-1DH\s0 certificates signed by CAs
347 with \s-1RSA\s0 and \s-1DSS\s0 keys or either respectively.
349 .IP "\fBkDHE\fR, \fBkEDH\fR, \fB\s-1DH\s0\fR" 4
351 Cipher suites using ephemeral \s-1DH\s0 key agreement, including anonymous cipher
353 .IP "\fB\s-1DHE\s0\fR, \fB\s-1EDH\s0\fR" 4
355 Cipher suites using authenticated ephemeral \s-1DH\s0 key agreement.
356 .IP "\fB\s-1ADH\s0\fR" 4
358 Anonymous \s-1DH\s0 cipher suites, note that this does not include anonymous Elliptic
359 Curve \s-1DH\s0 (\s-1ECDH\s0) cipher suites.
360 .IP "\fBkEECDH\fR, \fBkECDHE\fR, \fB\s-1ECDH\s0\fR" 4
362 Cipher suites using ephemeral \s-1ECDH\s0 key agreement, including anonymous
364 .IP "\fB\s-1ECDHE\s0\fR, \fB\s-1EECDH\s0\fR" 4
366 Cipher suites using authenticated ephemeral \s-1ECDH\s0 key agreement.
367 .IP "\fB\s-1AECDH\s0\fR" 4
370 .IP "\fBaDSS\fR, \fB\s-1DSS\s0\fR" 4
372 Cipher suites using \s-1DSS\s0 authentication, i.e. the certificates carry \s-1DSS\s0 keys.
375 Cipher suites effectively using \s-1DH\s0 authentication, i.e. the certificates carry
376 \&\s-1DH\s0 keys.
378 .IP "\fBaECDSA\fR, \fB\s-1ECDSA\s0\fR" 4
380 Cipher suites using \s-1ECDSA\s0 authentication, i.e. the certificates carry \s-1ECDSA\s0
384 Lists cipher suites which are only supported in at least \s-1TLS\s0 v1.2, \s-1TLS\s0 v1.0 or
385 \&\s-1SSL\s0 v3.0 respectively.
386 Note: there are no cipher suites specific to \s-1TLS\s0 v1.1.
390 Note: these cipher strings \fBdo not\fR change the negotiated version of \s-1SSL\s0 or
391 \&\s-1TLS,\s0 they only affect the list of available cipher suites.
392 .IP "\fB\s-1AES128\s0\fR, \fB\s-1AES256\s0\fR, \fB\s-1AES\s0\fR" 4
394 cipher suites using 128 bit \s-1AES, 256\s0 bit \s-1AES\s0 or either 128 or 256 bit \s-1AES.\s0
395 .IP "\fB\s-1AESGCM\s0\fR" 4
397 \&\s-1AES\s0 in Galois Counter Mode (\s-1GCM\s0): these cipher suites are only supported
398 in \s-1TLS\s0 v1.2.
399 .IP "\fB\s-1AESCCM\s0\fR, \fB\s-1AESCCM8\s0\fR" 4
401 \&\s-1AES\s0 in Cipher Block Chaining \- Message Authentication Mode (\s-1CCM\s0): these
402 cipher suites are only supported in \s-1TLS\s0 v1.2. \fB\s-1AESCCM\s0\fR references \s-1CCM\s0
403 cipher suites using both 16 and 8 octet Integrity Check Value (\s-1ICV\s0)
404 while \fB\s-1AESCCM8\s0\fR only references 8 octet \s-1ICV.\s0
405 .IP "\fB\s-1ARIA128\s0\fR, \fB\s-1ARIA256\s0\fR, \fB\s-1ARIA\s0\fR" 4
407 Cipher suites using 128 bit \s-1ARIA, 256\s0 bit \s-1ARIA\s0 or either 128 or 256 bit
408 \&\s-1ARIA.\s0
409 .IP "\fB\s-1CAMELLIA128\s0\fR, \fB\s-1CAMELLIA256\s0\fR, \fB\s-1CAMELLIA\s0\fR" 4
411 Cipher suites using 128 bit \s-1CAMELLIA, 256\s0 bit \s-1CAMELLIA\s0 or either 128 or 256 bit
412 \&\s-1CAMELLIA.\s0
413 .IP "\fB\s-1CHACHA20\s0\fR" 4
418 Cipher suites using triple \s-1DES.\s0
419 .IP "\fB\s-1DES\s0\fR" 4
421 Cipher suites using \s-1DES\s0 (not triple \s-1DES\s0).
423 .IP "\fB\s-1RC4\s0\fR" 4
425 Cipher suites using \s-1RC4.\s0
426 .IP "\fB\s-1RC2\s0\fR" 4
428 Cipher suites using \s-1RC2.\s0
429 .IP "\fB\s-1IDEA\s0\fR" 4
431 Cipher suites using \s-1IDEA.\s0
432 .IP "\fB\s-1SEED\s0\fR" 4
434 Cipher suites using \s-1SEED.\s0
435 .IP "\fB\s-1MD5\s0\fR" 4
437 Cipher suites using \s-1MD5.\s0
438 .IP "\fB\s-1SHA1\s0\fR, \fB\s-1SHA\s0\fR" 4
440 Cipher suites using \s-1SHA1.\s0
441 .IP "\fB\s-1SHA256\s0\fR, \fB\s-1SHA384\s0\fR" 4
443 Cipher suites using \s-1SHA256\s0 or \s-1SHA384.\s0
446 Cipher suites using \s-1GOST R 34.10\s0 (either 2001 or 94) for authentication
447 (needs an engine supporting \s-1GOST\s0 algorithms).
450 Cipher suites using \s-1GOST R 34.10\-2001\s0 authentication.
453 Cipher suites, using \s-1VKO 34.10\s0 key exchange, specified in the \s-1RFC 4357.\s0
454 .IP "\fB\s-1GOST94\s0\fR" 4
456 Cipher suites, using \s-1HMAC\s0 based on \s-1GOST R 34.11\-94.\s0
457 .IP "\fB\s-1GOST89MAC\s0\fR" 4
459 Cipher suites using \s-1GOST 28147\-89 MAC\s0 \fBinstead of\fR \s-1HMAC.\s0
460 .IP "\fB\s-1PSK\s0\fR" 4
462 All cipher suites using pre-shared keys (\s-1PSK\s0).
465 Cipher suites using \s-1PSK\s0 key exchange, \s-1ECDHE_PSK, DHE_PSK\s0 or \s-1RSA_PSK.\s0
468 Cipher suites using \s-1PSK\s0 authentication (currently all \s-1PSK\s0 modes apart from
469 \&\s-1RSA_PSK\s0).
470 .IP "\fB\s-1SUITEB128\s0\fR, \fB\s-1SUITEB128ONLY\s0\fR, \fB\s-1SUITEB192\s0\fR" 4
478 \&\s-1RFC6460.\s0
480 \&\s-1ECDSA\s0 and \s-1SHA256\s0 or \s-1SHA384,\s0 only the elliptic curves P\-256 and P\-384 can be
482 (\s-1ECDHE\-ECDSA\-AES128\-GCM\-SHA256\s0 and \s-1ECDHE\-ECDSA\-AES256\-GCM\-SHA384\s0) are
484 .IP "\fB\s-1CBC\s0\fR" 4
486 All cipher suites using encryption algorithm in Cipher Block Chaining (\s-1CBC\s0)
487 mode. These cipher suites are only supported in \s-1TLS\s0 v1.2 and earlier. Currently
488 …lias for the following cipherstrings: \fB\s-1SSL_DES\s0\fR, \fB\s-1SSL_3DES\s0\fR, \fB\s-1SSL_RC2\…
489 …SSL_IDEA\s0\fR, \fB\s-1SSL_AES128\s0\fR, \fB\s-1SSL_AES256\s0\fR, \fB\s-1SSL_CAMELLIA128\s0\fR, \f…
492 The following lists give the \s-1SSL\s0 or \s-1TLS\s0 cipher suites names from the
495 e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used.
496 .SS "\s-1SSL\s0 v3.0 cipher suites"
518 .SS "\s-1TLS\s0 v1.0 cipher suites"
536 .SS "\s-1AES\s0 cipher suites from \s-1RFC3268,\s0 extending \s-1TLS\s0 v1.0"
555 .SS "Camellia cipher suites from \s-1RFC4132,\s0 extending \s-1TLS\s0 v1.0"
574 .SS "\s-1SEED\s0 cipher suites from \s-1RFC4162,\s0 extending \s-1TLS\s0 v1.0"
587 .SS "\s-1GOST\s0 cipher suites from draft-chudov-cryptopro-cptls, extending \s-1TLS\s0 v1.0"
589 Note: these ciphers require an engine which including \s-1GOST\s0 cryptographic
599 .SS "\s-1GOST\s0 cipher suites, extending \s-1TLS\s0 v1.2"
601 Note: these ciphers require an engine which including \s-1GOST\s0 cryptographic
610 Note: \s-1GOST2012\-GOST8912\-GOST8912\s0 is an alias for two ciphers \s-1ID\s0
611 old \s-1LEGACY\-GOST2012\-GOST8912\-GOST8912\s0 and new \s-1IANA\-GOST2012\-GOST8912\-GOST8912\s0
614 Note: these ciphers can also be used in \s-1SSL\s0 v3.
640 .SS "\s-1TLS\s0 v1.2 cipher suites"
698 .SS "\s-1ARIA\s0 cipher suites from \s-1RFC6209,\s0 extending \s-1TLS\s0 v1.2"
700 Note: the \s-1CBC\s0 modes mentioned in this \s-1RFC\s0 are not supported.
720 .SS "Camellia HMAC-Based cipher suites from \s-1RFC6367,\s0 extending \s-1TLS\s0 v1.2"
728 .SS "Pre-shared keying (\s-1PSK\s0) cipher suites"
803 .SS "ChaCha20\-Poly1305 cipher suites, extending \s-1TLS\s0 v1.2"
814 .SS "\s-1TLS\s0 v1.3 cipher suites"
837 Verbose listing of all OpenSSL ciphers including \s-1NULL\s0 ciphers:
843 Include all ciphers except \s-1NULL\s0 and anonymous \s-1DH\s0 then sort by
857 Include only 3DES ciphers and then place \s-1RSA\s0 ciphers last:
863 Include all \s-1RC4\s0 ciphers but leave out those without authentication:
869 Include all ciphers with \s-1RSA\s0 authentication but leave out ciphers without
901 in the file \s-1LICENSE\s0 in the source distribution or at
In current file

In project "undefined"

On Google
