TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 DHE-PSK-CHACHA20-POLY1305
TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 RSA-PSK-CHACHA20-POLY1305
+=head2 TLS v1.3 cipher suites
+
+ TLS_AES_128_GCM_SHA256 TLS13-AES-128-GCM-SHA256
+ TLS_AES_256_GCM_SHA384 TLS13-AES-256-GCM-SHA384
+ TLS_CHACHA20_POLY1305_SHA256 TLS13-CHACHA20-POLY1305-SHA256
+ TLS_AES_128_CCM_SHA256 TLS13-AES-128-CCM-SHA256
+ TLS_AES_128_CCM_8_SHA256 TLS13-AES-128-CCM-8-SHA256
+
=head2 Older names used by OpenSSL
The following names are accepted by older releases:
B<NID_undef> is returned.
SSL_CIPHER_get_kx_nid() returns the key exchange NID corresponding to the method
-used by B<c>. If there is no key exchange, then B<NID_undef> is returned. Examples (not comprehensive):
+used by B<c>. If there is no key exchange, then B<NID_undef> is returned.
+If any appropriate key exchange algorithm can be used (as in the case of TLS 1.3
+ciphersuites) B<NID_kx_any> is returned. Examples (not comprehensive):
NID_kx_rsa
NID_kx_ecdhe
SSL_CIPHER_get_auth_nid() returns the authentication NID corresponding to the method
used by B<c>. If there is no authentication, then B<NID_undef> is returned.
-Examples (not comprehensive):
+If any appropriate authentication algorithm can be used (as in the case of
+TLS 1.3 ciphersuites) B<NID_auth_any> is returned. Examples (not comprehensive):
NID_auth_rsa
NID_auth_ecdsa
projects / oweals / openssl.git / commitdiff