[openssl-users] is there an API to list all the TLS 1.3 cipher suite names?

Viktor Dukhovni openssl-users at dukhovni.org
Mon Jan 14 20:33:23 UTC 2019


On Mon, Jan 14, 2019 at 03:31:36PM -0500, Viktor Dukhovni wrote:

> > to not depend on this "accident", right?
> 
> The correct form would be:
> 
>     $ /usr/local/bin/openssl ciphers -s tls1_3 | tr ':' '\n'
>     TLS_AES_256_GCM_SHA384
>     TLS_CHACHA20_POLY1305_SHA256
>     TLS_AES_128_GCM_SHA256

Sorry, that shoulld "-tls1_3" not "tls1_3".

> This shows which ciphers are applicable to TLS 1.3.  If TLS 1.4 ever
> appears, and supports both TLS 1.3 and TLS 1.4 ciphers, then:
> 
>     $ /usr/local/bin/openssl ciphers -s tls1_4 | tr ':' '\n'

And likewise here: "-tls1_4" (if that comes to pass).

-- 
	Viktor.


More information about the openssl-users mailing list