Drop redundant and outdated __CYGWIN32__ tests.

[oweals/openssl.git] / doc / apps / ciphers.pod

diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 153e8910153cc6a81dc5c2718f39d2d4b149f1cf..5f8dac4e197ae8f316c7156ecddb23da4a449af2 100644 (file)
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -10,7 +10,6 @@ B<openssl> B<ciphers>
 [B<-s>]
 [B<-v>]
 [B<-V>]
-[B<-ssl2>]
 [B<-ssl3>]
 [B<-tls1>]
 [B<-stdname>]
@@ -35,12 +34,9 @@ not used then ciphers excluded by the security level will still be listed.
 =item B<-v>
 
 Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+protocol version, key exchange,
 authentication, encryption and mac algorithms used along with any key size
 restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
 
 =item B<-V>
 
@@ -50,10 +46,6 @@ Like B<-v>, but include cipher suite codes in output (hex format).
 
 only include SSL v3 ciphers.
 
-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
 =item B<-tls1>
 
 only include TLS v1 ciphers.
@@ -222,7 +214,7 @@ keys or either respectively.
 cipher suites using ephemeral ECDH key agreement, including anonymous
 cipher suites.
 
-=item B<ECDHE>, B<EECDHE>
+=item B<ECDHE>, B<EECDH>
 
 cipher suites using authenticated ephemeral ECDH key agreement.
 
@@ -259,9 +251,9 @@ keys.
 ciphers suites using FORTEZZA key exchange, authentication, encryption or all
 FORTEZZA algorithms. Not implemented.
 
-=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>
 
-TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+TLS v1.2, TLS v1.0 or SSL v3.0 cipher suites respectively. Note:
 there are no ciphersuites specific to TLS v1.1.
 
 =item B<AES128>, B<AES256>, B<AES>
@@ -587,6 +579,17 @@ Note: these ciphers can also be used in SSL v3.
  TLS_DH_anon_WITH_AES_128_GCM_SHA256       ADH-AES128-GCM-SHA256
  TLS_DH_anon_WITH_AES_256_GCM_SHA384       ADH-AES256-GCM-SHA384
 
+=head2 Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2
+
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256
+ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 ECDHE-ECDSA-CAMELLIA256-SHA384
+ TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  ECDH-ECDSA-CAMELLIA128-SHA256
+ TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  ECDH-ECDSA-CAMELLIA256-SHA384
+ TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   ECDHE-RSA-CAMELLIA128-SHA256
+ TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   ECDHE-RSA-CAMELLIA256-SHA384
+ TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    ECDH-RSA-CAMELLIA128-SHA256
+ TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    ECDH-RSA-CAMELLIA256-SHA384
+
 =head2 Pre shared keying (PSK) cipheruites
 
  TLS_PSK_WITH_RC4_128_SHA                  PSK-RC4-SHA
@@ -594,17 +597,6 @@ Note: these ciphers can also be used in SSL v3.
  TLS_PSK_WITH_AES_128_CBC_SHA              PSK-AES128-CBC-SHA
  TLS_PSK_WITH_AES_256_CBC_SHA              PSK-AES256-CBC-SHA
 
-=head2 Deprecated SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
-
-
 =head1 NOTES
 
 Some compiled versions of OpenSSL may not include all the ciphers