[erlang-questions] OTP 20.3 has no gcm ciphers
derek
denc716@REDACTED
Wed Mar 14 19:10:54 CET 2018
I can reproduce the issue, while I change to call this
http://erlang.org/doc/man/ssl.html#cipher_suites-2
with 2nd argument 'tlsv1.2' it seems still have some gcm ciphers;
wonder is this change intended ? I am not seeing the change in
http://erlang.org/download/otp_src_20.3.readme
13> ssl:cipher_suites(all, 'tlsv1.2').
[#{cipher => aes_256_gcm,key_exchange => ecdhe_ecdsa,
mac => aead,prf => sha384},
#{cipher => aes_256_gcm,key_exchange => ecdhe_rsa,mac => aead,
prf => sha384},
#{cipher => aes_256_cbc,key_exchange => ecdhe_ecdsa,
mac => sha384,prf => sha384},
#{cipher => aes_256_cbc,key_exchange => ecdhe_rsa,
mac => sha384,prf => sha384},
#{cipher => aes_256_gcm,key_exchange => ecdh_ecdsa,
mac => aead,prf => sha384},
#{cipher => aes_256_gcm,key_exchange => ecdh_rsa,mac => aead,
prf => sha384},
#{cipher => aes_256_cbc,key_exchange => ecdh_ecdsa,
mac => sha384,prf => sha384},
#{cipher => aes_256_cbc,key_exchange => ecdh_rsa,
mac => sha384,prf => sha384},
#{cipher => chacha20_poly1305,key_exchange => ecdhe_ecdsa,
mac => aead,prf => sha256},
#{cipher => chacha20_poly1305,key_exchange => ecdhe_rsa,
mac => aead,prf => sha256},
#{cipher => chacha20_poly1305,key_exchange => dhe_rsa,
mac => aead,prf => sha256},
#{cipher => aes_256_gcm,key_exchange => dhe_rsa,mac => aead,
prf => sha384},
#{cipher => aes_256_gcm,key_exchange => dhe_dss,mac => aead,
prf => sha384},
On Wed, Mar 14, 2018 at 9:18 AM, Leo Liu <sdl.web@REDACTED> wrote:
> I just compiled Erlang 20.3 from github with openssl 1.0.1 (centos 7)
> and 1.0.2 (Sierra 10.12.6). ssl:cipher_suites(erlang) returns no gcm
> ciphers.
>
> I have previously compiled 20.2 from source and it has gcm ciphers. I
> wonder if this is an intended change in OTP 20.3? Thanks.
More information about the erlang-questions
mailing list