curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Feature request: Make TLS Ciphers discoverable

From: Marc Alff via curl-library <>
Date: Mon, 18 Sep 2023 18:04:07 +0200

Feature request: Make TLS Ciphers discoverable


Please find below a feature request for CURL.


A client application uses curl, and exposes options such as

my_app --tls12 --cipher-list <<PICK_A_CIPHER>>
my_app --tls13 --cipher-suite <<PICK_A_CIPHER>>

from the command line (or from a configuration file)

The cipher-list and cipher-suite options are used to ultimately invoke:

Now, to use the application, an end-user has to actually provide a
`known` cipher.

Supported ciphers are documented already:

The problem is that this doc is overwhelming for an end user of my_app,
who would typically not know:

- which version of CURL is used in the build for my_app
- which SSL implementation is used when building the CURL library
- which version of the SSL implementation is used
- which compilation flags are set/unset



In the command line tool, add an option to enumerate supported ciphers.

See similar features in openssl:
   openssl ciphers -v


In the curl library, add an API to enumerate supported ciphers.

The goal is to use this api in an application,
to implement helpers like

my_app --verbose --help cipher

which can then print the list of ciphers supported by:
- the CURL library and version actually used,
- the SSL library and version actually used,
- listing only ciphers that are compiled in the library.

Keep in mind that my_app could be deployed on a system where curl,
the command line tool, is not available
so exposing an API in the CURL library is critical here.

Beside, my_app invoking the API in the library will report ciphers for
the proper version then (in case of static linking).


Thanks for your consideration.
Best regards,
-- Marc Alff
Received on 2023-09-18