1.3.1 Obtaining Supported Suites
Let’s start this deep dive by first determining which suites are supported by your OpenSSL installation. To do this, invoke the ciphers
command with the -v
switch and ALL:COMPLEMENTOFALL
as a parameter:
$ openssl ciphers -v 'ALL:COMPLEMENTOFALL'
From OpenSSL 1.0.0, the ciphers
command supports the uppercase -V
switch to provide extra-verbose output. In this mode, the output will also contain suite IDs, which are always handy to have. For example, OpenSSL doesn’t always use the RFC names for suites; in such cases, you must use the IDs to cross-check. In this section, I use the lowercase -v
because the output is easier to show in the book.
At this point you will observe a lot of output, consisting of everything your installation of OpenSSL has to offer. In my case, there were 162 suites in the output. Let’s take a look at one line:
TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD
Each line of output provides extended information on one suite. From left to right:
-
Suite name
-
Required minimum protocol version1
-
Key exchange algorithm
-
Authentication algorithm
-
Encryption algorithm and strength
-
MAC (integrity) algorithm
Traditionally, OpenSSL didn’t use official suite names, although it does now for TLS 1.3 suites. As of recently, when you add the -stdname
switch to the ciphers
tool, you’ll get the official suite names and OpenSSL names at the same time.
You may notice that all TLS 1.3 suites have any
under key exchange and authentication. This is because this protocol version moved these two aspects of the handshake out of the cipher suites and into the protocol itself. It also removed all insecure algorithms, so in this context any
isn’t bad or insecure.