[openssl-users] is there an API to list all the TLS 1.3 cipher suite names?
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Jan 14 20:33:23 UTC 2019
On Mon, Jan 14, 2019 at 03:31:36PM -0500, Viktor Dukhovni wrote:
> > to not depend on this "accident", right?
>
> The correct form would be:
>
> $ /usr/local/bin/openssl ciphers -s tls1_3 | tr ':' '\n'
> TLS_AES_256_GCM_SHA384
> TLS_CHACHA20_POLY1305_SHA256
> TLS_AES_128_GCM_SHA256
Sorry, that shoulld "-tls1_3" not "tls1_3".
> This shows which ciphers are applicable to TLS 1.3. If TLS 1.4 ever
> appears, and supports both TLS 1.3 and TLS 1.4 ciphers, then:
>
> $ /usr/local/bin/openssl ciphers -s tls1_4 | tr ':' '\n'
And likewise here: "-tls1_4" (if that comes to pass).
--
Viktor.
More information about the openssl-users
mailing list