How can I know the SHA type in OpenSSL ChaCha cipher

Question

I want to check OpenSSL 1.1.0g against an application ciphersuite lists. The application I have has ciphersuites as follows: ecdhe-ecdsa-chacha20-poly1305-sha256 ecdhe-rsa-chacha20-poly1305-sha256

By checking Openssl TLS 1.2 ciphers using the command: openssl ciphers -s -tls1_2 -V I got some ChaCha ciphersuites as follows:

0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

0xCC,0xA8 - ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD

The only difference is that OpenSSL ciphersuite name does not contain the SHA type. There are many SHA types (256, 384, etc.). How can I know what is the SHA type in OpenSSL ciphersuites?

score 0 · Accepted Answer · edited Oct 07 '21 at 13:28

0

openssl ciphers shows you the codes for this ciphers, i.e. 0xCC,0xA9 and 0xCC,0xA8. According to IANA these codes map to TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 and TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 which are both defined in RFC 7905.

edited Oct 07 '21 at 13:28

Community

1
1

answered Jun 03 '18 at 12:43

Steffen Ullrich

114,247
10
131
172

How can I know the SHA type in OpenSSL ChaCha cipher

1 Answers1