[openssl-dev] [openssl.org #3953] Bug: !RSA does not exclude aRSA

Lynch, Paul[E] via RT Wed, 22 Jul 2015 12:39:52 -0700

The ciphers documentation page (https://www.openssl.org/docs/apps/ciphers.html) 
says:


"kRSA, aRSA, RSA
   cipher suites using RSA key exchange, authentication or either respectively."

That sounds like "RSA" should be a superset of kRSA and aRSA, but actually aRSA 
includes cipher suites not in "RSA", as can be seen from:

(bash)$ diff <(openssl ciphers 'RSA' | sed -e 's/:/\n/g') <(openssl ciphers 
'aRSA'| sed -e 's/:/\n/g')

As a consequence, !RSA allows some aRSA ciphers.

I don't know whether this is a documentation problem or a software problem.

I am using "OpenSSL 1.0.1e-fips 11 Feb 2013" on "Red Hat Enterprise Linux 
Workstation release 6.6 (Santiago)".

Thanks,

--Paul

_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #3953] Bug: !RSA does not exclude aRSA

Reply via email to