NAME
SSLCIPHERgetname, SSLCIPHERgetbits, SSLCIPHERgetversion,SSLCIPHERdescription - get SSLCIPHER properties
SYNOPSIS
#include
const char *SSLCIPHERgetname(const SSLCIPHER *cipher); int SSLCIPHERgetbits(const SSLCIPHER *cipher, int *algbits); char *SSLCIPHERgetversion(const SSLCIPHER *cipher); char *SSLCIPHERdescription(SSLCIPHER *cipher, char *buf, int size);DESCRIPTION
SSLCIPHERgetname() returns a pointer to the name of cciipphheerr. If the argument is the NULL pointer, a pointer to the constant value "NONE" is returned. SSLCIPHERgetbits() returns the number of secret bits used for cciipphheerr. If aallggbbiittss is not NULL, it contains the number of bits processed by the chosen algorithm. If cciipphheerr is NULL, 0 is returned. SSLCIPHERgetversion() returns the protocol version for cciipphheerr, currently "SSLv2", "SSLv3", or "TLSv1". If cciipphheerr is NULL, "(NONE)" is returned. SSLCIPHERdescription() returns a textual description of the cipher used into the buffer bbuuff of length lleenn provided. lleenn must be at least 128 bytes, otherwise a pointer to the the string "Buffer too small" is returned. If bbuuff is NULL, a buffer of 128 bytes is allocated using OPENSSLmalloc(). If the allocation fails, a pointer to the string "OPENSSLmalloc Error" is returned. NNOOTTEESS The number of bits processed can be different from the secret bits. Anexport cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The
algorithm does use the full 128 bits (which would be returned for aallggbbiittss), of which however 88bits are fixed. The search space is hence only 40 bits. The string returned by SSLCIPHERdescription() in case of success consists of cleartext information separated by one or more blanks in the following sequence:Textual representation of the cipher name. Protocol version: SSSSLLvv22, SSSSLLvv33. The TLSv1 ciphers are flagged with SSLv3. Kx= Key exchange method: RRSSAA (for export ciphers as RRSSAA((551122)) or RRSSAA((11002244))), DDHH (for export ciphers as DDHH((551122)) or DDHH((11002244))), DDHH//RRSSAA, DDHH//DDSSSS, FFoorrtteezzzzaa. Au= Authentication method: RRSSAA, DDSSSS, DDHH, NNoonnee. None is the representation of anonymous ciphers. Enc= Encryption method with number of secret bits: DDEESS((4400)), DDEESS((5566)), 33DDEESS((116688)), RRCC44((4400)), RRCC44((5566)), RRCC44((6644)), RRCC44((112288)), RRCC22((4400)), RRCC22((5566)), RRCC22((112288)), IIDDEEAA((112288)), FFoorrtteezzzzaa, NNoonnee. Mac= Message digest: MMDD55, SSHHAA11. If the cipher is flagged exportable with respect to old US crypto regulations, the word "eexxppoorrtt" is printed. EEXXAAMMPPLLEESS Some examples for the output of SSLCIPHERdescription(): EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
BUGS
If SSLCIPHERdescription() is called with cciipphheerr being NULL, the library crashes.If SSLCIPHERdescription() cannot handle a built-in cipher, the
according description of the cipher property is uunnkknnoowwnn. This case should not occur.RETURN VALUES
See DESCRIPTION
SEE ALSO
ssl(3), SSLgetcurrentcipher(3), SSLgetciphers(3), ciphers(1)0.9.7l 2005-03-30 SSLCIPHERgetname(3)