Listing TLS 1.3 Ciphers

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Listing TLS 1.3 Ciphers

Richard Moore
Hi All,

I haven't found a way to list the supported openssl ciphers from the command line (i.e. get the list of potential values for -ciphersuites). I understand that currently there are only 5 options however this could change over time, so I wanted to avoid hard coding the list in a script. Am I missing something?

Thanks

Rich
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Dennis Clarke-2
On 4/10/19 7:37 AM, Richard Moore wrote:

> Hi All,
>
> I haven't found a way to list the supported openssl ciphers from the
> command line (i.e. get the list of potential values for -ciphersuites).
> I understand that currently there are only 5 options however this could
> change over time, so I wanted to avoid hard coding the list in a script.
> Am I missing something?
>
> Thanks
>
> Rich

Strangely I only see three :

nix$ openssl version
OpenSSL 1.1.1b  26 Feb 2019
nix$ openssl ciphers -V -tls1_3 -s
           0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any
Au=any  Enc=AESGCM(256) Mac=AEAD
           0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any
Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
           0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any
Au=any  Enc=AESGCM(128) Mac=AEAD
nix$

Very odd. I thought that there were more at one point.
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Matt Caswell-2


On 10/04/2019 17:13, Dennis Clarke wrote:

> On 4/10/19 7:37 AM, Richard Moore wrote:
>> Hi All,
>>
>> I haven't found a way to list the supported openssl ciphers from the command
>> line (i.e. get the list of potential values for -ciphersuites). I understand
>> that currently there are only 5 options however this could change over time,
>> so I wanted to avoid hard coding the list in a script. Am I missing something?
>>
>> Thanks
>>
>> Rich
>
> Strangely I only see three :
>
> nix$ openssl version
> OpenSSL 1.1.1b  26 Feb 2019
> nix$ openssl ciphers -V -tls1_3 -s
>           0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any Au=any 
> Enc=AESGCM(256) Mac=AEAD
>           0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any 
> Enc=CHACHA20/POLY1305(256) Mac=AEAD
>           0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any Au=any 
> Enc=AESGCM(128) Mac=AEAD
> nix$
>
> Very odd. I thought that there were more at one point.
>

There are 5 but only 3 are enabled by default. I'm not sure it is possible to
get "openssl ciphers" to list all of the ones it knows about. You have to
explicitly list them in the "-ciphersuites" option. Probably we should add that
capability.

Matt
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

OpenSSL - User mailing list
In reply to this post by Dennis Clarke-2
On Wed, Apr 10, 2019 at 12:13:27PM -0400, Dennis Clarke wrote:

> On 4/10/19 7:37 AM, Richard Moore wrote:
> >Hi All,
> >
> >I haven't found a way to list the supported openssl ciphers from the
> >command line (i.e. get the list of potential values for -ciphersuites). I
> >understand that currently there are only 5 options however this could
> >change over time, so I wanted to avoid hard coding the list in a script.
> >Am I missing something?
> >
> >Thanks
> >
> >Rich
>
> Strangely I only see three :
>
> nix$ openssl version
> OpenSSL 1.1.1b  26 Feb 2019
> nix$ openssl ciphers -V -tls1_3 -s
>           0x13,0x02 - TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any Au=any
> Enc=AESGCM(256) Mac=AEAD
>           0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any
> Enc=CHACHA20/POLY1305(256) Mac=AEAD
>           0x13,0x01 - TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any Au=any
> Enc=AESGCM(128) Mac=AEAD
> nix$
>
> Very odd. I thought that there were more at one point.

The ones with truncated (8-byte) authentication tag are not intended for
general use and don't make it into the default list.

-Ben
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Dennis Clarke-2

>
> The ones with truncated (8-byte) authentication tag are not intended for
> general use and don't make it into the default list.

There must be a Configuration option in 10-main.conf to enable them also?

Dennis


Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Richard Moore
In reply to this post by OpenSSL - User mailing list


On Wed, 10 Apr 2019 at 17:25, Benjamin Kaduk via openssl-users <[hidden email]> wrote:
On Wed, Apr 10, 2019 at 12:13:27PM -0400, Dennis Clarke wrote:

> Very odd. I thought that there were more at one point.

The ones with truncated (8-byte) authentication tag are not intended for
general use and don't make it into the default list.

They also don't appear if you explicitly try to list 'All' which is what I found surprising.

Rich

 
-Ben
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Michael Richardson-2
In reply to this post by OpenSSL - User mailing list

Benjamin Kaduk via openssl-users <[hidden email]> wrote:
    >> Very odd. I thought that there were more at one point.

    > The ones with truncated (8-byte) authentication tag are not intended
    > for general use and don't make it into the default list.

I think that those are the ones that constrained devices prefer,
such as ECDHE-ECDSA-AES128-CCM8?
So is there a way to validate that they are available, that there were
compiled in?

--
Michael Richardson <[hidden email]>, Sandelman Software Works
 -= IPv6 IoT consulting =-




signature.asc (497 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Listing TLS 1.3 Ciphers

Matt Caswell-2
In reply to this post by Richard Moore


On 10/04/2019 22:06, Richard Moore wrote:
> They also don't appear if you explicitly try to list 'All' which is what I found
> surprising.

"ALL" is a TLSv1.2 cipherstring and has no impact on the TLSv1.3 ciphersuite
selection. The two sets of ciphersuites are configured separately.


On 11/04/2019 00:06, Michael Richardson wrote:
> I think that those are the ones that constrained devices prefer,
> such as ECDHE-ECDSA-AES128-CCM8?
> So is there a way to validate that they are available, that there were
> compiled in?

You can get "openssl ciphers" to show them if you explicitly ask for them, i.e.

$ openssl ciphers -v -ciphersuites
"TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256"
| grep "TLSv1.3"
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any
Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
TLS_AES_128_CCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESCCM(128) Mac=AEAD
TLS_AES_128_CCM_8_SHA256 TLSv1.3 Kx=any      Au=any  Enc=AESCCM8(128) Mac=AEAD


Matt