diff options
Diffstat (limited to 'secure/usr.bin/openssl/man/ciphers.1')
-rw-r--r-- | secure/usr.bin/openssl/man/ciphers.1 | 85 |
1 files changed, 47 insertions, 38 deletions
diff --git a/secure/usr.bin/openssl/man/ciphers.1 b/secure/usr.bin/openssl/man/ciphers.1 index b46cf88..c2dfe43 100644 --- a/secure/usr.bin/openssl/man/ciphers.1 +++ b/secure/usr.bin/openssl/man/ciphers.1 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.28) +.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28) .\" .\" Standard preamble: .\" ======================================================================== @@ -38,6 +38,8 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. @@ -48,17 +50,24 @@ .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.ie \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX .. -. nr % 0 -. rr F -.\} -.el \{\ -. de IX +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{ +. if \nF \{ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. +. if !\nF==2 \{ +. nr % 0 +. nr F 2 +. \} +. \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -124,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "CIPHERS 1" -.TH CIPHERS 1 "2014-10-15" "1.0.1j" "OpenSSL" +.TH CIPHERS 1 "2015-01-08" "1.0.1k" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -191,7 +200,7 @@ algorithms. .PP Lists of cipher suites can be combined in a single cipher string using the \&\fB+\fR character. This is used as a logical \fBand\fR operation. For example -\&\fB\s-1SHA1+DES\s0\fR represents all cipher suites containing the \s-1SHA1\s0 \fBand\fR the \s-1DES\s0 +\&\fB\s-1SHA1+DES\s0\fR represents all cipher suites containing the \s-1SHA1 \s0\fBand\fR the \s-1DES\s0 algorithms. .PP Each cipher string can be optionally preceded by the characters \fB!\fR, @@ -258,7 +267,7 @@ export encryption algorithms. Including 40 and 56 bits algorithms. with support for experimental ciphers. .IP "\fBeNULL\fR, \fB\s-1NULL\s0\fR" 4 .IX Item "eNULL, NULL" -the \*(L"\s-1NULL\s0\*(R" ciphers that is those offering no encryption. Because these offer no +the \*(L"\s-1NULL\*(R"\s0 ciphers that is those offering no encryption. Because these offer no encryption at all and are a security risk they are disabled unless explicitly included. .IP "\fBaNULL\fR" 4 @@ -283,10 +292,10 @@ cipher suites using authenticated ephemeral \s-1DH\s0 key agreement. .IP "\fB\s-1ADH\s0\fR" 4 .IX Item "ADH" anonymous \s-1DH\s0 cipher suites, note that this does not include anonymous Elliptic -Curve \s-1DH\s0 (\s-1ECDH\s0) cipher suites. +Curve \s-1DH \s0(\s-1ECDH\s0) cipher suites. .IP "\fB\s-1DH\s0\fR" 4 .IX Item "DH" -cipher suites using \s-1DH\s0, including anonymous \s-1DH\s0, ephemeral \s-1DH\s0 and fixed \s-1DH\s0. +cipher suites using \s-1DH,\s0 including anonymous \s-1DH,\s0 ephemeral \s-1DH\s0 and fixed \s-1DH.\s0 .IP "\fBkECDHr\fR, \fBkECDHe\fR, \fBkECDH\fR" 4 .IX Item "kECDHr, kECDHe, kECDH" cipher suites using fixed \s-1ECDH\s0 key agreement signed by CAs with \s-1RSA\s0 and \s-1ECDSA\s0 @@ -304,7 +313,7 @@ anonymous Elliptic Curve Diffie Hellman cipher suites. .IP "\fB\s-1ECDH\s0\fR" 4 .IX Item "ECDH" cipher suites using \s-1ECDH\s0 key exchange, including anonymous, ephemeral and -fixed \s-1ECDH\s0. +fixed \s-1ECDH.\s0 .IP "\fBaRSA\fR" 4 .IX Item "aRSA" cipher suites using \s-1RSA\s0 authentication, i.e. the certificates carry \s-1RSA\s0 keys. @@ -333,62 +342,62 @@ ciphers suites using \s-1FORTEZZA\s0 key exchange, authentication, encryption or there are no ciphersuites specific to \s-1TLS\s0 v1.1. .IP "\fB\s-1AES128\s0\fR, \fB\s-1AES256\s0\fR, \fB\s-1AES\s0\fR" 4 .IX Item "AES128, AES256, AES" -cipher suites using 128 bit \s-1AES\s0, 256 bit \s-1AES\s0 or either 128 or 256 bit \s-1AES\s0. +cipher suites using 128 bit \s-1AES, 256\s0 bit \s-1AES\s0 or either 128 or 256 bit \s-1AES.\s0 .IP "\fB\s-1AESGCM\s0\fR" 4 .IX Item "AESGCM" \&\s-1AES\s0 in Galois Counter Mode (\s-1GCM\s0): these ciphersuites are only supported in \s-1TLS\s0 v1.2. .IP "\fB\s-1CAMELLIA128\s0\fR, \fB\s-1CAMELLIA256\s0\fR, \fB\s-1CAMELLIA\s0\fR" 4 .IX Item "CAMELLIA128, CAMELLIA256, CAMELLIA" -cipher suites using 128 bit \s-1CAMELLIA\s0, 256 bit \s-1CAMELLIA\s0 or either 128 or 256 bit -\&\s-1CAMELLIA\s0. +cipher suites using 128 bit \s-1CAMELLIA, 256\s0 bit \s-1CAMELLIA\s0 or either 128 or 256 bit +\&\s-1CAMELLIA.\s0 .IP "\fB3DES\fR" 4 .IX Item "3DES" -cipher suites using triple \s-1DES\s0. +cipher suites using triple \s-1DES.\s0 .IP "\fB\s-1DES\s0\fR" 4 .IX Item "DES" -cipher suites using \s-1DES\s0 (not triple \s-1DES\s0). +cipher suites using \s-1DES \s0(not triple \s-1DES\s0). .IP "\fB\s-1RC4\s0\fR" 4 .IX Item "RC4" -cipher suites using \s-1RC4\s0. +cipher suites using \s-1RC4.\s0 .IP "\fB\s-1RC2\s0\fR" 4 .IX Item "RC2" -cipher suites using \s-1RC2\s0. +cipher suites using \s-1RC2.\s0 .IP "\fB\s-1IDEA\s0\fR" 4 .IX Item "IDEA" -cipher suites using \s-1IDEA\s0. +cipher suites using \s-1IDEA.\s0 .IP "\fB\s-1SEED\s0\fR" 4 .IX Item "SEED" -cipher suites using \s-1SEED\s0. +cipher suites using \s-1SEED.\s0 .IP "\fB\s-1MD5\s0\fR" 4 .IX Item "MD5" -cipher suites using \s-1MD5\s0. +cipher suites using \s-1MD5.\s0 .IP "\fB\s-1SHA1\s0\fR, \fB\s-1SHA\s0\fR" 4 .IX Item "SHA1, SHA" -cipher suites using \s-1SHA1\s0. +cipher suites using \s-1SHA1.\s0 .IP "\fB\s-1SHA256\s0\fR, \fB\s-1SHA384\s0\fR" 4 .IX Item "SHA256, SHA384" -ciphersuites using \s-1SHA256\s0 or \s-1SHA384\s0. +ciphersuites using \s-1SHA256\s0 or \s-1SHA384.\s0 .IP "\fBaGOST\fR" 4 .IX Item "aGOST" -cipher suites using \s-1GOST\s0 R 34.10 (either 2001 or 94) for authenticaction +cipher suites using \s-1GOST R 34.10 \s0(either 2001 or 94) for authenticaction (needs an engine supporting \s-1GOST\s0 algorithms). .IP "\fBaGOST01\fR" 4 .IX Item "aGOST01" -cipher suites using \s-1GOST\s0 R 34.10\-2001 authentication. +cipher suites using \s-1GOST R 34.10\-2001\s0 authentication. .IP "\fBaGOST94\fR" 4 .IX Item "aGOST94" -cipher suites using \s-1GOST\s0 R 34.10\-94 authentication (note that R 34.10\-94 -standard has been expired so use \s-1GOST\s0 R 34.10\-2001) +cipher suites using \s-1GOST R 34.10\-94\s0 authentication (note that R 34.10\-94 +standard has been expired so use \s-1GOST R 34.10\-2001\s0) .IP "\fBkGOST\fR" 4 .IX Item "kGOST" -cipher suites, using \s-1VKO\s0 34.10 key exchange, specified in the \s-1RFC\s0 4357. +cipher suites, using \s-1VKO 34.10\s0 key exchange, specified in the \s-1RFC 4357.\s0 .IP "\fB\s-1GOST94\s0\fR" 4 .IX Item "GOST94" -cipher suites, using \s-1HMAC\s0 based on \s-1GOST\s0 R 34.11\-94. +cipher suites, using \s-1HMAC\s0 based on \s-1GOST R 34.11\-94.\s0 .IP "\fB\s-1GOST89MAC\s0\fR" 4 .IX Item "GOST89MAC" -cipher suites using \s-1GOST\s0 28147\-89 \s-1MAC\s0 \fBinstead of\fR \s-1HMAC\s0. +cipher suites using \s-1GOST 28147\-89 MAC \s0\fBinstead of\fR \s-1HMAC.\s0 .IP "\fB\s-1PSK\s0\fR" 4 .IX Item "PSK" cipher suites using pre-shared keys (\s-1PSK\s0). @@ -397,7 +406,7 @@ cipher suites using pre-shared keys (\s-1PSK\s0). The following lists give the \s-1SSL\s0 or \s-1TLS\s0 cipher suites names from the relevant specification and their OpenSSL equivalents. It should be noted, that several cipher suite names do not include the authentication used, -e.g. \s-1DES\-CBC3\-SHA\s0. In these cases, \s-1RSA\s0 authentication is used. +e.g. \s-1DES\-CBC3\-SHA.\s0 In these cases, \s-1RSA\s0 authentication is used. .SS "\s-1SSL\s0 v3.0 cipher suites." .IX Subsection "SSL v3.0 cipher suites." .Vb 10 @@ -468,7 +477,7 @@ e.g. \s-1DES\-CBC3\-SHA\s0. In these cases, \s-1RSA\s0 authentication is used. \& TLS_DH_anon_WITH_DES_CBC_SHA ADH\-DES\-CBC\-SHA \& TLS_DH_anon_WITH_3DES_EDE_CBC_SHA ADH\-DES\-CBC3\-SHA .Ve -.SS "\s-1AES\s0 ciphersuites from \s-1RFC3268\s0, extending \s-1TLS\s0 v1.0" +.SS "\s-1AES\s0 ciphersuites from \s-1RFC3268,\s0 extending \s-1TLS\s0 v1.0" .IX Subsection "AES ciphersuites from RFC3268, extending TLS v1.0" .Vb 2 \& TLS_RSA_WITH_AES_128_CBC_SHA AES128\-SHA @@ -487,7 +496,7 @@ e.g. \s-1DES\-CBC3\-SHA\s0. In these cases, \s-1RSA\s0 authentication is used. \& TLS_DH_anon_WITH_AES_128_CBC_SHA ADH\-AES128\-SHA \& TLS_DH_anon_WITH_AES_256_CBC_SHA ADH\-AES256\-SHA .Ve -.SS "Camellia ciphersuites from \s-1RFC4132\s0, extending \s-1TLS\s0 v1.0" +.SS "Camellia ciphersuites from \s-1RFC4132,\s0 extending \s-1TLS\s0 v1.0" .IX Subsection "Camellia ciphersuites from RFC4132, extending TLS v1.0" .Vb 2 \& TLS_RSA_WITH_CAMELLIA_128_CBC_SHA CAMELLIA128\-SHA @@ -506,7 +515,7 @@ e.g. \s-1DES\-CBC3\-SHA\s0. In these cases, \s-1RSA\s0 authentication is used. \& TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA ADH\-CAMELLIA128\-SHA \& TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA ADH\-CAMELLIA256\-SHA .Ve -.SS "\s-1SEED\s0 ciphersuites from \s-1RFC4162\s0, extending \s-1TLS\s0 v1.0" +.SS "\s-1SEED\s0 ciphersuites from \s-1RFC4162,\s0 extending \s-1TLS\s0 v1.0" .IX Subsection "SEED ciphersuites from RFC4162, extending TLS v1.0" .Vb 1 \& TLS_RSA_WITH_SEED_CBC_SHA SEED\-SHA |