[openssl-users] Runtime list of FIPS ciphers
Dr. Stephen Henson
steve at openssl.org
Fri Mar 20 16:47:58 UTC 2015
On Fri, Mar 20, 2015, jonetsu wrote:
> I have the impression that the 'ciphers -v' option to openssl, when OpenSSL is compiled in FIPS mode, lists more than FIPS-only. There are RC5 and RC4 in there, for instance. Is there a specific openssl command that will list only the ones that are FIPS-allowed ?
If you are in FIPS mode it will only list FIPS ciphersuites in the default
OPENSSL_FIPS=1 openssl ciphers -v
If outside FIPS mode you can use the cipher string "FIPS":
openssl ciphers -v FIPS
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users