SSL_CIPHER_get_version, SSL_CIPHER_description - Get
const char *SSL_CIPHER_get_name(
SSL_CIPHER *cipher ); int SSL_CIPHER_get_bits(
SSL_CIPHER *cipher, int *alg_bits ); char
SSL_CIPHER *cipher ); char *SSL_CIPHER_description(
SSL_CIPHER *cipher, char *buf, int size );
The SSL_CIPHER_get_name() function returns a pointer to
the name of cipher. If the argument is the NULL pointer, a
pointer to the constant value NONE is returned.
The SSL_CIPHER_get_bits() function returns the number of
secret bits used for cipher. If alg_bits is not NULL, it
contains the number of bits processed by the chosen algorithm.
If cipher is NULL, 0 is returned.
The SSL_CIPHER_get_version() function returns the protocol
version for cipher, currently SSLv2, SSLv3, or TLSv1. If
cipher is NULL, NONE is returned.
The SSL_CIPHER_description() function returns a textual
description of the cipher used into the buffer (buf) of
length (len) provided. The len must be at least 128 bytes,
otherwise a pointer to the the string "Buffer too small"
is returned. If buf is NULL, a buffer of 128 bytes is
allocated using the OPENSSL_malloc() function. If the
allocation fails, a pointer to the string "OPENSSL_malloc
Error" is returned.
The number of bits processed can be different from the
secret bits. An export cipher, such as EXP-RC4-MD5, has
40 secret bits. The algorithm uses the full 128 bits
(which would be returned for alg_bits), of which 88 bits
are fixed. The search space is 40 bits.
The string returned by the SSL_CIPHER_description() function
in case of success consists of cleartext information
separated by one or more blanks in the following sequence:
Textual representation of the cipher name. Protocol version:
SSLv2, SSLv3. The TLSv1 ciphers are flagged with
SSLv3. Key exchange method: RSA (for export ciphers as
RSA(512) or RSA(1024)), DH (for export ciphers as DH(512)
or DH(1024)), DH/RSA, DH/DSS, Fortezza. Authentication
method: RSA, DSS, DH, None. None is the representation of
anonymous ciphers. Encryption method with number of
secret bits: DES(40), DES(56), 3DES(168), RC4(40),
RC4(56), RC4(64), RC4(128), RC2(40), RC2(56), RC2(128),
IDEA(128), Fortezza, None. Message digest: MD5, SHA1. If
the cipher is flagged exportable with respect to old US
crypto regulations, the word "export" is printed.
If the SSL_CIPHER_description() function is called with
cipher being NULL, the library crashes.
If the SSL_CIPHER_description() function cannot handle a
built-in cipher, the description of the cipher property is
unknown. This case should not occur.
The following examples show output for the
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS
RC4-MD5 SSLv3 Kx=RSA Au=RSA
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA
Enc=RC4(40) Mac=MD5 export
Functions: ssl(3), SSL_get_current_cipher(3),
[ Back ]