[openssl-users] Runtime list of FIPS ciphers

Dr. Stephen Henson steve at openssl.org
Fri Mar 20 16:47:58 UTC 2015

On Fri, Mar 20, 2015, jonetsu wrote:

> Hello,
>   I have the impression that the 'ciphers -v' option to openssl, when OpenSSL is compiled in FIPS mode, lists more than FIPS-only.  There are RC5 and RC4 in there, for instance.  Is there a specific openssl command that will list only the ones that are FIPS-allowed  ?

If you are in FIPS mode it will only list FIPS ciphersuites in the default
cipher string:

	OPENSSL_FIPS=1 openssl ciphers -v

If outside FIPS mode you can use the cipher string "FIPS":

	openssl ciphers -v FIPS

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list