Create simple shell script to pretty-print OpenSSL ciphers.
Bourne Again SHell shell script.
#!/usr/bin/env bash
# Connect to the server using specific cipher
while read cipher_line; do
standard_cipher_name=$(echo $cipher_line | awk '{print $1}')
cipher_name=$(echo $cipher_line | awk '{print $3}')
protocol_version=$(echo $cipher_line | awk '{print $4}')
key_exchange=$(echo $cipher_line | awk '{split($5,m,"=");print m[2]}')
authentication=$(echo $cipher_line | awk '{split($6,m,"=");print m[2]}')
symmetric_encryption_method=$(echo $cipher_line | awk '{split($7,m,"=");print m[2]}')
message_authentication_method=$(echo $cipher_line | awk '{split($8,m,"=");print m[2]}')
echo "${standard_cipher_name}"
echo " Cipher name: ${cipher_name}"
echo " Protocol version: $protocol_version"
echo " Key exchange: ${key_exchange}"
echo " Authentication: ${authentication}"
echo " Symmetric encryption method: ${symmetric_encryption_method}"
echo " Message authentication method: ${message_authentication_method}"
#done <<< $(openssl ciphers -stdname ALL) # all ~144 ciphers
done <<< $(openssl ciphers -s -stdname ALL) # all ~77 supported ciphers
#done <<< $(openssl ciphers -s -stdname) # default ~30 cipher list, equal to "openssl ciphers -s -stdname DEFAULT"
#done <<< $(openssl ciphers -s -stdname -ciphersuites "" ) # default ~27 TLSv1.x cipher list
#done <<< $(openssl ciphers -s -stdname -ciphersuites "" ALL) # all supported ~74 TLSv1.x cipher list
Sample output.
$ bash pretty-print-openssl-ciphers.sh
TLS_AES_256_GCM_SHA384 Cipher name: TLS_AES_256_GCM_SHA384 Protocol version: TLSv1.3 Key exchange: any Authentication: any Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_CHACHA20_POLY1305_SHA256 Cipher name: TLS_CHACHA20_POLY1305_SHA256 Protocol version: TLSv1.3 Key exchange: any Authentication: any Symmetric encryption method: CHACHA20/POLY1305(256) Message authentication method: AEAD TLS_AES_128_GCM_SHA256 Cipher name: TLS_AES_128_GCM_SHA256 Protocol version: TLSv1.3 Key exchange: any Authentication: any Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Cipher name: ECDHE-ECDSA-AES256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Cipher name: ECDHE-RSA-AES256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 Cipher name: DHE-DSS-AES256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Cipher name: DHE-RSA-AES256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Cipher name: ECDHE-ECDSA-CHACHA20-POLY1305 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: CHACHA20/POLY1305(256) Message authentication method: AEAD TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 Cipher name: ECDHE-RSA-CHACHA20-POLY1305 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: CHACHA20/POLY1305(256) Message authentication method: AEAD TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 Cipher name: DHE-RSA-CHACHA20-POLY1305 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: CHACHA20/POLY1305(256) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 Cipher name: ECDHE-ECDSA-AES256-CCM8 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESCCM8(256) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CCM Cipher name: ECDHE-ECDSA-AES256-CCM Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESCCM(256) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_256_CCM_8 Cipher name: DHE-RSA-AES256-CCM8 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESCCM8(256) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_256_CCM Cipher name: DHE-RSA-AES256-CCM Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESCCM(256) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 Cipher name: ECDHE-ECDSA-ARIA256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: ARIAGCM(256) Message authentication method: AEAD TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 Cipher name: ECDHE-ARIA256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: ARIAGCM(256) Message authentication method: AEAD TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 Cipher name: DHE-DSS-ARIA256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: ARIAGCM(256) Message authentication method: AEAD TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 Cipher name: DHE-RSA-ARIA256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: ARIAGCM(256) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Cipher name: ECDHE-ECDSA-AES128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Cipher name: ECDHE-RSA-AES128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 Cipher name: DHE-DSS-AES128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 Cipher name: DHE-RSA-AES128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 Cipher name: ECDHE-ECDSA-AES128-CCM8 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESCCM8(128) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_128_CCM Cipher name: ECDHE-ECDSA-AES128-CCM Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AESCCM(128) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_128_CCM_8 Cipher name: DHE-RSA-AES128-CCM8 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESCCM8(128) Message authentication method: AEAD TLS_DHE_RSA_WITH_AES_128_CCM Cipher name: DHE-RSA-AES128-CCM Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AESCCM(128) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 Cipher name: ECDHE-ECDSA-ARIA128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: ARIAGCM(128) Message authentication method: AEAD TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 Cipher name: ECDHE-ARIA128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: ARIAGCM(128) Message authentication method: AEAD TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 Cipher name: DHE-DSS-ARIA128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: ARIAGCM(128) Message authentication method: AEAD TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 Cipher name: DHE-RSA-ARIA128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: ARIAGCM(128) Message authentication method: AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Cipher name: ECDHE-ECDSA-AES256-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AES(256) Message authentication method: SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Cipher name: ECDHE-RSA-AES256-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Cipher name: DHE-RSA-AES256-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Cipher name: DHE-DSS-AES256-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: AES(256) Message authentication method: SHA256 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Cipher name: ECDHE-ECDSA-CAMELLIA256-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: Camellia(256) Message authentication method: SHA384 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 Cipher name: ECDHE-RSA-CAMELLIA256-SHA384 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: Camellia(256) Message authentication method: SHA384 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 Cipher name: DHE-RSA-CAMELLIA256-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: Camellia(256) Message authentication method: SHA256 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 Cipher name: DHE-DSS-CAMELLIA256-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: Camellia(256) Message authentication method: SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 Cipher name: ECDHE-ECDSA-AES128-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AES(128) Message authentication method: SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Cipher name: ECDHE-RSA-AES128-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Cipher name: DHE-RSA-AES128-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 Cipher name: DHE-DSS-AES128-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: AES(128) Message authentication method: SHA256 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 Cipher name: ECDHE-ECDSA-CAMELLIA128-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: Camellia(128) Message authentication method: SHA256 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 Cipher name: ECDHE-RSA-CAMELLIA128-SHA256 Protocol version: TLSv1.2 Key exchange: ECDH Authentication: RSA Symmetric encryption method: Camellia(128) Message authentication method: SHA256 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 Cipher name: DHE-RSA-CAMELLIA128-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: RSA Symmetric encryption method: Camellia(128) Message authentication method: SHA256 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 Cipher name: DHE-DSS-CAMELLIA128-SHA256 Protocol version: TLSv1.2 Key exchange: DH Authentication: DSS Symmetric encryption method: Camellia(128) Message authentication method: SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA Cipher name: ECDHE-ECDSA-AES256-SHA Protocol version: TLSv1 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AES(256) Message authentication method: SHA1 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Cipher name: ECDHE-RSA-AES256-SHA Protocol version: TLSv1 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA1 TLS_DHE_RSA_WITH_AES_256_CBC_SHA Cipher name: DHE-RSA-AES256-SHA Protocol version: SSLv3 Key exchange: DH Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA1 TLS_DHE_DSS_WITH_AES_256_CBC_SHA Cipher name: DHE-DSS-AES256-SHA Protocol version: SSLv3 Key exchange: DH Authentication: DSS Symmetric encryption method: AES(256) Message authentication method: SHA1 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA Cipher name: DHE-RSA-CAMELLIA256-SHA Protocol version: SSLv3 Key exchange: DH Authentication: RSA Symmetric encryption method: Camellia(256) Message authentication method: SHA1 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA Cipher name: DHE-DSS-CAMELLIA256-SHA Protocol version: SSLv3 Key exchange: DH Authentication: DSS Symmetric encryption method: Camellia(256) Message authentication method: SHA1 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA Cipher name: ECDHE-ECDSA-AES128-SHA Protocol version: TLSv1 Key exchange: ECDH Authentication: ECDSA Symmetric encryption method: AES(128) Message authentication method: SHA1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Cipher name: ECDHE-RSA-AES128-SHA Protocol version: TLSv1 Key exchange: ECDH Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA Cipher name: DHE-RSA-AES128-SHA Protocol version: SSLv3 Key exchange: DH Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA1 TLS_DHE_DSS_WITH_AES_128_CBC_SHA Cipher name: DHE-DSS-AES128-SHA Protocol version: SSLv3 Key exchange: DH Authentication: DSS Symmetric encryption method: AES(128) Message authentication method: SHA1 TLS_DHE_RSA_WITH_SEED_CBC_SHA Cipher name: DHE-RSA-SEED-SHA Protocol version: SSLv3 Key exchange: DH Authentication: RSA Symmetric encryption method: SEED(128) Message authentication method: SHA1 TLS_DHE_DSS_WITH_SEED_CBC_SHA Cipher name: DHE-DSS-SEED-SHA Protocol version: SSLv3 Key exchange: DH Authentication: DSS Symmetric encryption method: SEED(128) Message authentication method: SHA1 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA Cipher name: DHE-RSA-CAMELLIA128-SHA Protocol version: SSLv3 Key exchange: DH Authentication: RSA Symmetric encryption method: Camellia(128) Message authentication method: SHA1 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA Cipher name: DHE-DSS-CAMELLIA128-SHA Protocol version: SSLv3 Key exchange: DH Authentication: DSS Symmetric encryption method: Camellia(128) Message authentication method: SHA1 TLS_RSA_WITH_AES_256_GCM_SHA384 Cipher name: AES256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESGCM(256) Message authentication method: AEAD TLS_RSA_WITH_AES_256_CCM_8 Cipher name: AES256-CCM8 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESCCM8(256) Message authentication method: AEAD TLS_RSA_WITH_AES_256_CCM Cipher name: AES256-CCM Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESCCM(256) Message authentication method: AEAD TLS_RSA_WITH_ARIA_256_GCM_SHA384 Cipher name: ARIA256-GCM-SHA384 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: ARIAGCM(256) Message authentication method: AEAD TLS_RSA_WITH_AES_128_GCM_SHA256 Cipher name: AES128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESGCM(128) Message authentication method: AEAD TLS_RSA_WITH_AES_128_CCM_8 Cipher name: AES128-CCM8 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESCCM8(128) Message authentication method: AEAD TLS_RSA_WITH_AES_128_CCM Cipher name: AES128-CCM Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AESCCM(128) Message authentication method: AEAD TLS_RSA_WITH_ARIA_128_GCM_SHA256 Cipher name: ARIA128-GCM-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: ARIAGCM(128) Message authentication method: AEAD TLS_RSA_WITH_AES_256_CBC_SHA256 Cipher name: AES256-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 Cipher name: CAMELLIA256-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: Camellia(256) Message authentication method: SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 Cipher name: AES128-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA256 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 Cipher name: CAMELLIA128-SHA256 Protocol version: TLSv1.2 Key exchange: RSA Authentication: RSA Symmetric encryption method: Camellia(128) Message authentication method: SHA256 TLS_RSA_WITH_AES_256_CBC_SHA Cipher name: AES256-SHA Protocol version: SSLv3 Key exchange: RSA Authentication: RSA Symmetric encryption method: AES(256) Message authentication method: SHA1 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA Cipher name: CAMELLIA256-SHA Protocol version: SSLv3 Key exchange: RSA Authentication: RSA Symmetric encryption method: Camellia(256) Message authentication method: SHA1 TLS_RSA_WITH_AES_128_CBC_SHA Cipher name: AES128-SHA Protocol version: SSLv3 Key exchange: RSA Authentication: RSA Symmetric encryption method: AES(128) Message authentication method: SHA1 TLS_RSA_WITH_SEED_CBC_SHA Cipher name: SEED-SHA Protocol version: SSLv3 Key exchange: RSA Authentication: RSA Symmetric encryption method: SEED(128) Message authentication method: SHA1 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA Cipher name: CAMELLIA128-SHA Protocol version: SSLv3 Key exchange: RSA Authentication: RSA Symmetric encryption method: Camellia(128) Message authentication method: SHA1