Does this help? It is from s_client. It is commented as only working with
(the deprecated) SSLv2 but I think I see this output when I run s_client
with TLSv1:
p=SSL_get_shared_ciphers(s,buf,sizeof buf);
if (p != NULL)
{
/* This works only for SSL 2. In later protocol
* versions, the client does not know what other
* ciphers (in addition to the one to be used
* in the current connection) the server supports.
*/
BIO_printf(bio,"---\nCiphers common between both SSL
endpoints:\n");
j=i=0;
while (*p)
{
if (*p == ':')
{
BIO_write(bio,space,15-j%25);
i++;
j=0;
BIO_write(bio,((i%3)?" ":"\n"),1);
}
else
{
BIO_write(bio,p,1);
j++;
}
p++;
}
BIO_write(bio,"\n",1);
}
Charles
-----Original Message-----
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Saurabh Pandya
Sent: Thursday, August 23, 2012 4:12 AM
To: openssl-users
Subject: confusion with defination of SSL_CIPHER struct
I found following definition of "SSL_CIPHER" in openssl code
typedef struct ssl_cipher_st
{
int valid;
const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
unsigned long algorithms; /* what ciphers are used */
unsigned long algo_strength; /* strength and export flags */
unsigned long algorithm2; /* Extra flags */
int strength_bits; /* Number of bits really used */
int alg_bits; /* Number of bits for algorithm */
unsigned long mask; /* used for matching */
unsigned long mask_strength; /* also used for matching */
} SSL_CIPHER;
My interest is to get ids of supported ciphers by my SSL *.
Is following field of above structure hold the same info.
unsigned long id; /* id, 4 bytes, first is version */
While here 4 bytes is given to this field. Description says one byte
(Guess left most byte)
is used for version, and rest "3" byes are used as cipher id ?? isn't it ?
tcpdump/wireshark displays only two bytes for ciphers id in client
hello message.
so for what the third byte is ???
Please clear my confusion...
I am solely interested in printing supported ciphers by my SSL *, using
STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(my_ssl);
// and print the stuff for each supported ciphers
______________________________________________________________________
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
