Commit graph

26 commits

Author SHA1 Message Date
Hubert Kario
750487899a Add support for Camellia HMAC-Based cipher suites from RFC6367
While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few
cipher suites that use SHA-2 based HMAC that can be very easily
added.

Tested against gnutls 3.3.5

PR#3443

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-08-15 23:41:20 +01:00
Hubert Kario
343e5cf194 add ECC strings to ciphers(1), point out difference between DH and ECDH
* Make a clear distinction between DH and ECDH key exchange.
 * Group all key exchange cipher suite identifiers, first DH then ECDH
 * add descriptions for all supported *DH* identifiers
 * add ECDSA authentication descriptions
 * add example showing how to disable all suites that offer no
   authentication or encryption
2014-06-10 20:53:07 +01:00
Dr. Stephen Henson
89e674744d Correct example. 2014-05-12 18:41:52 +01:00
Matt Caswell
c4afc40a9b Fixed CRLF in file 2014-05-10 01:19:50 +01:00
Dr. Stephen Henson
0f817d3b27 Add initial security framework docs. 2014-03-28 16:42:18 +00:00
Daniel Kahn Gillmor
0ecfd920e5 update remaining documentation to move from EDH to DHE
change documentation and comments to indicate that we prefer the
standard "DHE" naming scheme everywhere over the older "EDH"
2014-01-09 15:43:28 +00:00
Daniel Kahn Gillmor
5a21cadbeb use SSL_kDHE throughout instead of SSL_kEDH
DHE is the standard term used by the RFCs and by other TLS
implementations.  It's useful to have the internal variables use the
standard terminology.

This patch leaves a synonym SSL_kEDH in place, though, so that older
code can still be built against it, since that has been the
traditional API.  SSL_kEDH should probably be deprecated at some
point, though.
2014-01-09 15:43:28 +00:00
Dr. Stephen Henson
63d103ea48 typo 2012-11-16 12:49:14 +00:00
Dr. Stephen Henson
999ffeca6c update ciphers documentation to indicate implemented fixed DH ciphersuites 2012-11-16 01:15:15 +00:00
Dr. Stephen Henson
ffa4579679 initial update of ciphers doc 2012-11-16 00:42:38 +00:00
Dr. Stephen Henson
fb552ac616 Change version from 0.9.9 to 1.0.0 in docs 2009-09-30 23:43:01 +00:00
Dr. Stephen Henson
e5fa864f62 Updates from 1.0.0-stable. 2009-04-15 15:27:03 +00:00
Bodo Möller
96afc1cfd5 Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
2007-04-23 23:48:59 +00:00
Nils Larsch
bcb38217c4 add note about 56 bit ciphers
PR: 1461
2007-02-06 19:41:01 +00:00
Bodo Möller
75d61b33bc documentation for "HIGH" vs. "MEDIUM" was not up-to-date 2006-06-30 22:00:13 +00:00
Bodo Möller
f3dea9a595 Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:44:59 +00:00
Bodo Möller
13e4670c29 new option "openssl ciphers -V" 2005-10-01 04:08:48 +00:00
Lutz Jänicke
44fcd3ef3e Add information about AES cipher suites to ciphers manual page.
If no authentication method is mentioned in the cipher suite name (e.g.
AES128-SHA), RSA authentication is used (PR #396).
2002-12-29 21:24:50 +00:00
Bodo Möller
8be4e173e8 fix a typo and clarify 2002-07-22 09:04:36 +00:00
Lutz Jänicke
c6ccf055ba New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
Submitted by:
Reviewed by:
PR: 127
2002-07-19 19:55:34 +00:00
Bodo Möller
8acdd759b9 Clarifications. 2000-04-06 22:30:57 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Richard Levitte
bb075f8833 Update all links so they will be rendered better. 2000-01-27 01:25:31 +00:00
Richard Levitte
8548d44270 Correct indentation 2000-01-24 02:15:59 +00:00
Dr. Stephen Henson
64287002ce Minor patch: check only match @STRENGTH and remove eNULL
comment.

Add documentation for the ciphers command including a full
description of cipher lists.
2000-01-22 23:34:44 +00:00