OPENSSL-LIST(1ssl) OpenSSL OPENSSL-LIST(1ssl)

openssl-list - list algorithms and features

openssl list [-help] [-verbose] [-select name] [-1] [-all-algorithms] [-commands] [-standard-commands] [-digest-algorithms] [-digest-commands] [-kdf-algorithms] [-mac-algorithms] [-random-instances] [-random-generators] [-cipher-algorithms] [-cipher-commands] [-encoders] [-decoders] [-key-managers] [-key-exchange-algorithms] [-kem-algorithms] [-signature-algorithms] [-asymcipher-algorithms] [-public-key-algorithms] [-public-key-methods] [-store-loaders] [-providers] [-engines] [-disabled] [-objects] [-options command] [-provider name] [-provider-path path] [-propquery propq]

This command is used to generate list of algorithms or disabled features.

Display a usage message.
Displays extra information. The options below where verbosity applies say a bit more about what that means.
Only list algorithms that match this name.
-1
List the commands, digest-commands, or cipher-commands in a single column. If used, this option must be given first.
Display lists of all algorithms. These include:
Display a list of standard commands.
List of standard commands.
This option is deprecated. Use digest-algorithms instead.

Display a list of message digest commands, which are typically used as input to the openssl-dgst(1) or openssl-speed(1) commands.

This option is deprecated. Use cipher-algorithms instead.

Display a list of cipher commands, which are typically used as input to the openssl-enc(1) or openssl-speed(1) commands.

Display a list of symmetric cipher, digest, kdf and mac algorithms. See "Display of algorithm names" for a description of how names are displayed.

In verbose mode, the algorithms provided by a provider will get additional information on what parameters each implementation supports.

List the primary, public and private random number generator details.
Display a list of random number generators. See "Display of algorithm names" for a description of how names are displayed.
Display a list of encoders. See "Display of algorithm names" for a description of how names are displayed.

In verbose mode, the algorithms provided by a provider will get additional information on what parameters each implementation supports.

Display a list of decoders. See "Display of algorithm names" for a description of how names are displayed.

In verbose mode, the algorithms provided by a provider will get additional information on what parameters each implementation supports.

Display a list of public key algorithms, with each algorithm as a block of multiple lines, all but the first are indented. The options key-exchange-algorithms, kem-algorithms, signature-algorithms, and asymcipher-algorithms will display similar info.
Display a list of public key methods.
Display a list of key managers.
Display a list of key exchange algorithms.
Display a list of key encapsulation algorithms.
Display a list of signature algorithms.
Display a list of asymmetric cipher algorithms.
Display a list of store loaders.
Display a list of all loaded providers with their names, version and status.

In verbose mode, the full version and all provider parameters will additionally be displayed.

This option is deprecated.

Display a list of loaded engines.

Display a list of disabled features, those that were compiled out of the installation.
Display a list of built in objects, i.e. OIDs with names. They're listed in the format described in "ASN1 Object Configuration Module" in config(5).
Output a two-column list of the options accepted by the specified command. The first is the option name, and the second is a one-character indication of what type of parameter it takes, if any. This is an internal option, used for checking that the documentation is complete.
See "Provider Options" in openssl(1), provider(7), and property(7).

Algorithm names may be displayed in one of two manners:

Legacy implementations will simply display the main name of the algorithm on a line of its own, or in the form "<foo " bar>> to show that "foo" is an alias for the main name, "bar"
Implementations from a provider are displayed like this if the implementation is labeled with a single name:
foo @ bar

or like this if it's labeled with multiple names:

{ foo1, foo2 } @bar

In both cases, "bar" is the name of the provider.

The -engines, -digest-commands, and -cipher-commands options were deprecated in OpenSSL 3.0.

Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.

2024-06-04 3.3.1