1CIPHERS(1) OpenSSL CIPHERS(1)
2
6 ciphers - SSL cipher display and cipher list tool.
7
9 openssl ciphers [-v] [-V] [-ssl2] [-ssl3] [-tls1] [cipherlist]
10
12 The ciphers command converts textual OpenSSL cipher lists into ordered
13 SSL cipher preference lists. It can be used as a test tool to determine
14 the appropriate cipherlist.
15
17 -v Verbose option. List ciphers with a complete description of
18 protocol version (SSLv2 or SSLv3; the latter includes TLS), key
19 exchange, authentication, encryption and mac algorithms used along
20 with any key size restrictions and whether the algorithm is classed
21 as an "export" cipher. Note that without the -v option, ciphers
22 may seem to appear twice in a cipher list; this is when similar
23 ciphers are available for SSL v2 and for SSL v3/TLS v1.
24 -V Like -V, but include cipher suite codes in output (hex format).
26 -ssl3
28 only include SSL v3 ciphers.
29 -ssl2
31 only include SSL v2 ciphers.
32 -tls1
34 only include TLS v1 ciphers.
35 -h, -?
37 print a brief usage message.
38 cipherlist
40 a cipher list to convert to a cipher preference list. If it is not
41 included then the default cipher list will be used. The format is
42 described below.
43
45 The cipher list consists of one or more cipher strings separated by
46 colons. Commas or spaces are also acceptable separators but colons are
47 normally used.
48 The actual cipher string can take several different forms.
50 It can consist of a single cipher suite such as RC4-SHA.
52 It can represent a list of cipher suites containing a certain
54 algorithm, or cipher suites of a certain type. For example SHA1
55 represents all ciphers suites using the digest algorithm SHA1 and SSLv3
56 represents all SSL v3 algorithms.
57 Lists of cipher suites can be combined in a single cipher string using
59 the + character. This is used as a logical and operation. For example
60 SHA1+DES represents all cipher suites containing the SHA1 and the DES
61 algorithms.
62 Each cipher string can be optionally preceded by the characters !, - or
64 +.
65 If ! is used then the ciphers are permanently deleted from the list.
67 The ciphers deleted can never reappear in the list even if they are
68 explicitly stated.
69 If - is used then the ciphers are deleted from the list, but some or
71 all of the ciphers can be added again by later options.
72 If + is used then the ciphers are moved to the end of the list. This
74 option doesn't add any new ciphers it just moves matching existing
75 ones.
76 If none of these characters is present then the string is just
78 interpreted as a list of ciphers to be appended to the current
79 preference list. If the list includes any ciphers already present they
80 will be ignored: that is they will not moved to the end of the list.
81 Additionally the cipher string @STRENGTH can be used at any point to
83 sort the current cipher list in order of encryption algorithm key
84 length.
85
87 The following is a list of all permitted cipher strings and their
88 meanings.
89 DEFAULT
91 the default cipher list. This is determined at compile time and, as
92 of OpenSSL 1.0.0, is normally ALL:!aNULL:!eNULL. This must be the
93 first cipher string specified.
94 COMPLEMENTOFDEFAULT
96 the ciphers included in ALL, but not enabled by default. Currently
97 this is ADH. Note that this rule does not cover eNULL, which is not
98 included by ALL (use COMPLEMENTOFALL if necessary).
99 ALL all cipher suites except the eNULL ciphers which must be explicitly
101 enabled; as of OpenSSL, the ALL cipher suites are reasonably
102 ordered by default
103 COMPLEMENTOFALL
105 the cipher suites not enabled by ALL, currently being eNULL.
106 HIGH
108 "high" encryption cipher suites. This currently means those with
109 key lengths larger than 128 bits, and some cipher suites with
110 128-bit keys.
111 MEDIUM
113 "medium" encryption cipher suites, currently some of those using
114 128 bit encryption.
115 LOW "low" encryption cipher suites, currently those using 64 or 56 bit
117 encryption algorithms but excluding export cipher suites.
118 EXP, EXPORT
120 export encryption algorithms. Including 40 and 56 bits algorithms.
121 EXPORT40
123 40 bit export encryption algorithms
124 EXPORT56
126 56 bit export encryption algorithms. In OpenSSL 0.9.8c and later
127 the set of 56 bit export ciphers is empty unless OpenSSL has been
128 explicitly configured with support for experimental ciphers.
129 eNULL, NULL
131 the "NULL" ciphers that is those offering no encryption. Because
132 these offer no encryption at all and are a security risk they are
133 disabled unless explicitly included.
134 aNULL
136 the cipher suites offering no authentication. This is currently the
137 anonymous DH algorithms. These cipher suites are vulnerable to a
138 "man in the middle" attack and so their use is normally
139 discouraged.
140 kRSA, RSA
142 cipher suites using RSA key exchange.
143 kEDH
145 cipher suites using ephemeral DH key agreement.
146 kDHr, kDHd
148 cipher suites using DH key agreement and DH certificates signed by
149 CAs with RSA and DSS keys respectively. Not implemented.
150 aRSA
152 cipher suites using RSA authentication, i.e. the certificates carry
153 RSA keys.
154 aDSS, DSS
156 cipher suites using DSS authentication, i.e. the certificates carry
157 DSS keys.
158 aDH cipher suites effectively using DH authentication, i.e. the
160 certificates carry DH keys. Not implemented.
161 kFZA, aFZA, eFZA, FZA
163 ciphers suites using FORTEZZA key exchange, authentication,
164 encryption or all FORTEZZA algorithms. Not implemented.
165 TLSv1, SSLv3, SSLv2
167 TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively.
168 DH cipher suites using DH, including anonymous DH.
170 ADH anonymous DH cipher suites.
172 AES cipher suites using AES.
174 CAMELLIA
176 cipher suites using Camellia.
177 3DES
179 cipher suites using triple DES.
180 DES cipher suites using DES (not triple DES).
182 RC4 cipher suites using RC4.
184 RC2 cipher suites using RC2.
186 IDEA
188 cipher suites using IDEA.
189 SEED
191 cipher suites using SEED.
192 MD5 cipher suites using MD5.
194 SHA1, SHA
196 cipher suites using SHA1.
197 aGOST
199 cipher suites using GOST R 34.10 (either 2001 or 94) for
200 authenticaction (needs an engine supporting GOST algorithms).
201 aGOST01
203 cipher suites using GOST R 34.10-2001 authentication.
204 aGOST94
206 cipher suites using GOST R 34.10-94 authentication (note that R
207 34.10-94 standard has been expired so use GOST R 34.10-2001)
208 kGOST
210 cipher suites, using VKO 34.10 key exchange, specified in the RFC
211 4357.
212 GOST94
214 cipher suites, using HMAC based on GOST R 34.11-94.
215 GOST89MAC
217 cipher suites using GOST 28147-89 MAC instead of HMAC.
218
220 The following lists give the SSL or TLS cipher suites names from the
221 relevant specification and their OpenSSL equivalents. It should be
222 noted, that several cipher suite names do not include the
223 authentication used, e.g. DES-CBC3-SHA. In these cases, RSA
224 authentication is used.
225 SSL v3.0 cipher suites.
227 SSL_RSA_WITH_NULL_MD5 NULL-MD5
228 SSL_RSA_WITH_NULL_SHA NULL-SHA
229 SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
230 SSL_RSA_WITH_RC4_128_MD5 RC4-MD5
231 SSL_RSA_WITH_RC4_128_SHA RC4-SHA
232 SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
233 SSL_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
234 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
235 SSL_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
236 SSL_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
237 SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
239 SSL_DH_DSS_WITH_DES_CBC_SHA Not implemented.
240 SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
241 SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
242 SSL_DH_RSA_WITH_DES_CBC_SHA Not implemented.
243 SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
244 SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
245 SSL_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
246 SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
247 SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
248 SSL_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
249 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
250 SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
252 SSL_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
253 SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
254 SSL_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
255 SSL_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
256 SSL_FORTEZZA_KEA_WITH_NULL_SHA Not implemented.
258 SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA Not implemented.
259 SSL_FORTEZZA_KEA_WITH_RC4_128_SHA Not implemented.
260 TLS v1.0 cipher suites.
262 TLS_RSA_WITH_NULL_MD5 NULL-MD5
263 TLS_RSA_WITH_NULL_SHA NULL-SHA
264 TLS_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
265 TLS_RSA_WITH_RC4_128_MD5 RC4-MD5
266 TLS_RSA_WITH_RC4_128_SHA RC4-SHA
267 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
268 TLS_RSA_WITH_IDEA_CBC_SHA IDEA-CBC-SHA
269 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
270 TLS_RSA_WITH_DES_CBC_SHA DES-CBC-SHA
271 TLS_RSA_WITH_3DES_EDE_CBC_SHA DES-CBC3-SHA
272 TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA Not implemented.
274 TLS_DH_DSS_WITH_DES_CBC_SHA Not implemented.
275 TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA Not implemented.
276 TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA Not implemented.
277 TLS_DH_RSA_WITH_DES_CBC_SHA Not implemented.
278 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA Not implemented.
279 TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
280 TLS_DHE_DSS_WITH_DES_CBC_SHA EDH-DSS-CBC-SHA
281 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA EDH-DSS-DES-CBC3-SHA
282 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
283 TLS_DHE_RSA_WITH_DES_CBC_SHA EDH-RSA-DES-CBC-SHA
284 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA EDH-RSA-DES-CBC3-SHA
285 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
287 TLS_DH_anon_WITH_RC4_128_MD5 ADH-RC4-MD5
288 TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
289 TLS_DH_anon_WITH_DES_CBC_SHA ADH-DES-CBC-SHA
290 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH-DES-CBC3-SHA
291 AES ciphersuites from RFC3268, extending TLS v1.0
293 TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
294 TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
295 TLS_DH_DSS_WITH_AES_128_CBC_SHA Not implemented.
297 TLS_DH_DSS_WITH_AES_256_CBC_SHA Not implemented.
298 TLS_DH_RSA_WITH_AES_128_CBC_SHA Not implemented.
299 TLS_DH_RSA_WITH_AES_256_CBC_SHA Not implemented.
300 TLS_DHE_DSS_WITH_AES_128_CBC_SHA DHE-DSS-AES128-SHA
302 TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE-DSS-AES256-SHA
303 TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE-RSA-AES128-SHA
304 TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE-RSA-AES256-SHA
305 TLS_DH_anon_WITH_AES_128_CBC_SHA ADH-AES128-SHA
307 TLS_DH_anon_WITH_AES_256_CBC_SHA ADH-AES256-SHA
308 Camellia ciphersuites from RFC4132, extending TLS v1.0
310 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128-SHA
311 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA CAMELLIA256-SHA
312 TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA Not implemented.
314 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA Not implemented.
315 TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA Not implemented.
316 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA Not implemented.
317 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA DHE-DSS-CAMELLIA128-SHA
319 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA DHE-DSS-CAMELLIA256-SHA
320 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DHE-RSA-CAMELLIA128-SHA
321 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DHE-RSA-CAMELLIA256-SHA
322 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH-CAMELLIA128-SHA
324 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH-CAMELLIA256-SHA
325 SEED ciphersuites from RFC4162, extending TLS v1.0
327 TLS_RSA_WITH_SEED_CBC_SHA SEED-SHA
328 TLS_DH_DSS_WITH_SEED_CBC_SHA Not implemented.
330 TLS_DH_RSA_WITH_SEED_CBC_SHA Not implemented.
331 TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE-DSS-SEED-SHA
333 TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE-RSA-SEED-SHA
334 TLS_DH_anon_WITH_SEED_CBC_SHA ADH-SEED-SHA
336 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
338 Note: these ciphers require an engine which including GOST
339 cryptographic algorithms, such as the ccgost engine, included in the
340 OpenSSL distribution.
341 TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
343 TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
344 TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
345 TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
346 Additional Export 1024 and other cipher suites
348 Note: these ciphers can also be used in SSL v3.
349 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA
351 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA
352 TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
353 TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA
354 TLS_DHE_DSS_WITH_RC4_128_SHA DHE-DSS-RC4-SHA
355 SSL v2.0 cipher suites.
357 SSL_CK_RC4_128_WITH_MD5 RC4-MD5
358 SSL_CK_RC4_128_EXPORT40_WITH_MD5 EXP-RC4-MD5
359 SSL_CK_RC2_128_CBC_WITH_MD5 RC2-MD5
360 SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 EXP-RC2-MD5
361 SSL_CK_IDEA_128_CBC_WITH_MD5 IDEA-CBC-MD5
362 SSL_CK_DES_64_CBC_WITH_MD5 DES-CBC-MD5
363 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 DES-CBC3-MD5
364
366 The non-ephemeral DH modes are currently unimplemented in OpenSSL
367 because there is no support for DH certificates.
368 Some compiled versions of OpenSSL may not include all the ciphers
370 listed here because some ciphers were excluded at compile time.
371
373 Verbose listing of all OpenSSL ciphers including NULL ciphers:
374 openssl ciphers -v 'ALL:eNULL'
376 Include all ciphers except NULL and anonymous DH then sort by strength:
378 openssl ciphers -v 'ALL:!ADH:@STRENGTH'
380 Include only 3DES ciphers and then place RSA ciphers last:
382 openssl ciphers -v '3DES:+RSA'
384 Include all RC4 ciphers but leave out those without authentication:
386 openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
388 Include all chiphers with RSA authentication but leave out ciphers
390 without encryption.
391 openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
393
395 s_client(1), s_server(1), ssl(3)
396
398 The COMPLENTOFALL and COMPLEMENTOFDEFAULT selection options for
399 cipherlist strings were added in OpenSSL 0.9.7. The -V option for the
400 ciphers command was added in OpenSSL 1.0.0.
4011.0.0e 2009-09-30 CIPHERS(1)