Hello,
I am trying this on 5.6-stable.
Is there a way to list all POLY1305/CHACHA20 based ciphers which are
enabled?
For example, if I try with RSA:
# openssl ciphers RSA
AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:IDEA-CBC-SHA:RC4-SHA:RC4-MD5:DES-CBC3-SHA:DES-CBC-SHA:NULL-SHA256:NULL-SHA:NULL-MD5
But with the others:
# openssl ciphers POLY1305
Error in cipher list1082963419196:error:1410D0B9:SSL
routines:SSL_CTX_set_cipher_list:no cipher
match:/usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:1312:
# openssl ciphers CHACHA20
Error in cipher list
32850802282556:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no
cipher match:/usr/src/lib/libssl/ssl/../../libssl/src/ssl/ssl_lib.c:1312:
However, trying something like this works:
# openssl ciphers ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-ECDSA-CHACHA20-POLY1305
The idea is to be able to enable them in configuration files of services
without having to list them all by hand (which might change).
Thanks
