[openssl-dev] [openssl.org #3953] Bug: !RSA does not exclude aRSA
Lynch, Paul[E] via RT
rt at openssl.org
Wed Jul 22 19:38:48 UTC 2015
The ciphers documentation page (https://www.openssl.org/docs/apps/ciphers.html) says:
"kRSA, aRSA, RSA
cipher suites using RSA key exchange, authentication or either respectively."
That sounds like "RSA" should be a superset of kRSA and aRSA, but actually aRSA includes cipher suites not in "RSA", as can be seen from:
(bash)$ diff <(openssl ciphers 'RSA' | sed -e 's/:/\n/g') <(openssl ciphers 'aRSA'| sed -e 's/:/\n/g')
As a consequence, !RSA allows some aRSA ciphers.
I don't know whether this is a documentation problem or a software problem.
I am using "OpenSSL 1.0.1e-fips 11 Feb 2013" on "Red Hat Enterprise Linux Workstation release 6.6 (Santiago)".
Thanks,
--Paul
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list