> From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of > PGNet Dev > Sent: Friday, July 19, 2019 11:38 > > Checking cipherlist for just TLSv1.3 ciphers FAILs here, > > openssl ciphers -stdname -s -V 'TTLS13-CHACHA20-POLY1305- > SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384' > Error in cipher list Works for me: ----- $ openssl ciphers -stdname -s -V 'TTLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384' 0x13,0x02 - TLS_AES_256_GCM_SHA384 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD 0x13,0x03 - TLS_CHACHA20_POLY1305_SHA256 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD 0x13,0x01 - TLS_AES_128_GCM_SHA256 - TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD $ openssl version -f -p OpenSSL 1.1.1 11 Sep 2018 platform: VC-WIN64A compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSL_NO_AUTOLOAD_CONFIG ----- Different OpenSSL release? (This particular openssl.exe executable is a bit old, obviously; I haven't bothered to update the one on this machine in a while.) Difference in build configuration? Configuration file difference? -- Michael Wojcik Distinguished Engineer, Micro Focus
