On Tue, Jan 8, 2019 at 7:10 PM Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote: > On Tue, Jan 08, 2019 at 02:23:27PM -0800, Sam Roberts wrote: > > node.js has an API that lists all the cipher suite names that can be > > validly passed to set_cipher_list(), but I don't see how to get them > > for TLS1.3 to list the valid inputs to set_cipher_suites(). > > The intent is that you SHOULD NOT generally customize the list. There are many reasons users might want to customize it, writing unit tests for example, to ensure that their software interoperates with clients that only support some of the ciphers. For the same reasons OpenSSL allows the cipher suite to be customized, Node.js exposes this capability to its users, along with a recommendation to not do this casually. The Node.js default will, of course, be the same as OpenSSL for TLS1.3. Anyhow, my question isn't about how to call set_cipher_suites(), its about how to get the list of ciphers supported by OpenSSL for TLS1.3 in such a way that when new ciphers become available, they are returned. I realized the link to the API I provided, not that its that relevant, was to my local dev filesystem, oops! The API is https://nodejs.org/api/crypto.html#crypto_crypto_getciphers. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
