Add ability to TLS 1.3 cipher suites on SSL Context

schwabe · schwabe · commit 406e3191a2a0 · 2025-07-16T10:35:51.000+02:00
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -3,6 +3,19 @@ Changelog
 
 Versions are year-based with a strict backward-compatibility policy.
 The third digit is only for regressions.
+UNRELEASED
+----------
+
+Backward-incompatible changes:
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Deprecations:
+^^^^^^^^^^^^^
+
+Changes:
+^^^^^^^^
+
+- Added ``OpenSSL.SSL.Context.set_ciphersuites`` that allows the allowed TLS 1.3 ciphers.
 
 25.1.0 (2025-05-17)
 -------------------
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
@@ -1468,6 +1468,9 @@ def set_cipher_list(self, cipher_list: bytes) -> None:
         See the OpenSSL manual for more information (e.g.
         :manpage:`ciphers(1)`).
 
+        Note this API does not change the cipher suites used in TLS 1.3
+        Use `set_ciphersuites` for that.
+
         :param bytes cipher_list: An OpenSSL cipher string.
         :return: None
         """
@@ -1500,6 +1503,31 @@ def set_cipher_list(self, cipher_list: bytes) -> None:
                 ],
             )
 
+    @_require_not_used
+    def set_ciphersuites(self, ciphersuites: bytes) -> None:
+        """
+        Set the list of TLS 1.3 ciphers to be used in this context.
+        OpenSSL maintains a separate list of TLS 1.3+ ciphers to
+        ciphers for TLS 1.2 and lowers.
+
+        See the OpenSSL manual for more information (e.g.
+        :manpage:`ciphers(1)`).
+
+        :param bytes ciphersuites: An OpenSSL cipher string containing
+            TLS 1.3+ ciphersuites.
+        :return: None
+
+        .. versionadded:: 25.2.0
+        """
+        ciphersuites = _text_to_bytes_and_warn("ciphersuites", ciphersuites)
+
+        if not isinstance(ciphersuites, bytes):
+            raise TypeError("ciphersuites must be a byte string.")
+
+        _openssl_assert(
+            _lib.SSL_CTX_set_ciphersuites(self._context, ciphersuites) == 1
+        )
+
     @_require_not_used
     def set_client_ca_list(
         self, certificate_authorities: Sequence[X509Name]
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
@@ -497,20 +497,23 @@ class TestContext:
 
     @pytest.mark.parametrize(
         "cipher_string",
-        [b"hello world:AES128-SHA", "hello world:AES128-SHA"],
+        [b"TLS_AES_128_GCM_SHA256", "TLS_AES_128_GCM_SHA256"],
     )
-    def test_set_cipher_list(
+    def test_set_ciphersuites(
         self, context: Context, cipher_string: bytes
     ) -> None:
         """
-        `Context.set_cipher_list` accepts both byte and unicode strings
+        `Context.set_ciphersuites` accepts both byte and unicode strings
         for naming the ciphers which connections created with the context
         object will be able to choose from.
         """
-        context.set_cipher_list(cipher_string)
+        context.set_ciphersuites(cipher_string)
         conn = Connection(context, None)
 
-        assert "AES128-SHA" in conn.get_cipher_list()
+        # OpenSSL has different APIs for *setting* TLS <=1.2 and >= 1.3
+        # but only one API for retrieving them
+        assert "TLS_AES_128_GCM_SHA256" in conn.get_cipher_list()
+        assert "TLS_AES_256_GCM_SHA384" not in conn.get_cipher_list()
 
     def test_set_cipher_list_wrong_type(self, context: Context) -> None:
         """
