On Fri, Mar 20, 2015, jonetsu wrote: > Hello, > > ? I have the impression that the 'ciphers -v' option to openssl, when OpenSSL is compiled in FIPS mode, lists more than FIPS-only.? There are RC5 and RC4 in there, for instance.? Is there a specific openssl command that will list only the ones that are FIPS-allowed? ? > If you are in FIPS mode it will only list FIPS ciphersuites in the default cipher string: OPENSSL_FIPS=1 openssl ciphers -v If outside FIPS mode you can use the cipher string "FIPS": openssl ciphers -v FIPS Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
