generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fill in missing information about the string returned from

Browse Source 
SSL_CIPHER_description(), as there is no other API function to find
out details about the cipher used besides the number of bits or protocol used.
This commit is contained in:
Lutz Jänicke 2000-11-15 18:42:41 +00:00
parent 60b8607727
commit 803e4e93d4
1 changed files with 52 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
doc/ssl/SSL_CIPHER_get_name.pod
View File

@ -2,8 +2,7 @@
=head1 NAME =head1 NAME
SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties
SSL_CIPHER_description - get SSL_CIPHER properties
=head1 SYNOPSIS =head1 SYNOPSIS
@ -29,9 +28,10 @@ SSL_CIPHER_get_version() returns the protocol version for B<cipher>, currently
SSL_CIPHER_description() returns a textual description of the cipher used SSL_CIPHER_description() returns a textual description of the cipher used
into the buffer B<buf> of length B<len> provided. B<len> must be at least into the buffer B<buf> of length B<len> provided. B<len> must be at least
128 bytes, otherwise the string "Buffer too small" is returned. If B<buf> 128 bytes, otherwise a pointer to the the string "Buffer too small" is
is NULL, a buffer of 128 bytes is allocated using OPENSSL_malloc(). If the returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using
allocation fails, the string "OPENSSL_malloc Error" is returned. OPENSSL_malloc(). If the allocation fails, a pointer to the string
"OPENSSL_malloc Error" is returned.
=head1 NOTES =head1 NOTES
@ -40,11 +40,57 @@ export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The algorithm
does use the full 128 bits (which would be returned for B<alg_bits>), of does use the full 128 bits (which would be returned for B<alg_bits>), of
which however 88bits are fixed. The search space is hence only 40 bits. which however 88bits are fixed. The search space is hence only 40 bits.
The string returned by SSL_CIPHER_description() in case of success consists
of cleartext information seperated by one or more blanks in the following
sequence:
=over 4
=item <ciphername>
Textual representation of the cipher name.
=item <protocol version>
Protocol version: B<SSLv2>, B<SSLv3>. The TLSv1 ciphers are flagged with SSLv3.
=item Kx=<key exchange>
Key exchange method: B<RSA> (for export ciphers as B<RSA(512)> or
B<RSA(1024)>), B<DH> (for export ciphers as B<DH(512)> or B<DH(1024)>),
B<DH/RSA>, B<DH/DSS>, B<Fortezza>.
=item Au=<authentication>
Authentication method: B<RSA>, B<DSS>, B<DH>, B<None>. None is the
representation of anonymous ciphers.
=item Enc=<symmectric encryption method>
Encryption method with number of secret bits: B<DES(40)>, B<DES(56)>,
B<3DES(168)>, B<RC4(40)>, B<RC4(56)>, B<RC4(64)>, B<RC4(128)>,
B<RC2(40)>, B<RC2(56)>, B<RC2(128)>, B<IDEA(128)>, B<Fortezza>, B<None>.
=item Mac=<message authentication code>
Message digest: B<MD5>, B<SHA1>.
=item <export flag>
If the cipher is flagged exportable with respect to old US crypto
regulations, the word "B<export>" is printed.
=back
=head1 BUGS =head1 BUGS
If SSL_CIPHER_description() is called with B<cipher> being NULL, the If SSL_CIPHER_description() is called with B<cipher> being NULL, the
library crashes. library crashes.
If SSL_CIPHER_description() cannot handle a built-in cipher, the according
description of the cipher property is B<unknown>. This case should not
occur.
=head1 RETURN VALUES =head1 RETURN VALUES
See DESCRIPTION See DESCRIPTION
@ -52,6 +98,6 @@ See DESCRIPTION
=head1 SEE ALSO =head1 SEE ALSO
L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>, L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>,
L<SSL_get_ciphers(3)|SSL_get_ciphers(3)> L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)>
=cut =cut