On 2/17/2024 11:01 AM, Wall, Stephen
wrote:
Is there a way to list the supported curves and groups with openssl? I saw nothing in the `openssl list` command. I’m interested mainly listing all the valid values for SSL_CTX_set1_group_list(). I see the man page for that function has a list of valid groups/curves for TLS 1.3, but also mentions providers can change that list, and does not give a list for valid curves in other TLS versions.
You don't say whether you want a C way to do it or a shell way to do it. Somebody else gave the shell way: openssl ecparam -list_curves
The C way is using EC_get_builtin_curves().
-- Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
