SSL_CIPHER_description(3ssl)

1SSL_CIPHER_get_name(3)              OpenSSL             SSL_CIPHER_get_name(3)
2
3
4

NAME

6       SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version,
7       SSL_CIPHER_description - get SSL_CIPHER properties
8

SYNOPSIS

10        #include <openssl/ssl.h>
11
12        const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
13        int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
14        char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
15        char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
16

DESCRIPTION

18       SSL_CIPHER_get_name() returns a pointer to the name of cipher. If the
19       argument is the NULL pointer, a pointer to the constant value "NONE" is
20       returned.
21
22       SSL_CIPHER_get_bits() returns the number of secret bits used for
23       cipher. If alg_bits is not NULL, it contains the number of bits
24       processed by the chosen algorithm. If cipher is NULL, 0 is returned.
25
26       SSL_CIPHER_get_version() returns the protocol version for cipher,
27       currently "SSLv2", "SSLv3", or "TLSv1". If cipher is NULL, "(NONE)" is
28       returned.
29
30       SSL_CIPHER_description() returns a textual description of the cipher
31       used into the buffer buf of length len provided. len must be at least
32       128 bytes, otherwise a pointer to the string "Buffer too small" is
33       returned. If buf is NULL, a buffer of 128 bytes is allocated using
34       OPENSSL_malloc(). If the allocation fails, a pointer to the string
35       "OPENSSL_malloc Error" is returned.
36

NOTES

38       The number of bits processed can be different from the secret bits. An
39       export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The
40       algorithm does use the full 128 bits (which would be returned for
41       alg_bits), of which however 88bits are fixed. The search space is hence
42       only 40 bits.
43
44       The string returned by SSL_CIPHER_description() in case of success
45       consists of cleartext information separated by one or more blanks in
46       the following sequence:
47
48       <ciphername>
49           Textual representation of the cipher name.
50
51       <protocol version>
52           Protocol version: SSLv2, SSLv3. The TLSv1 ciphers are flagged with
53           SSLv3.
54
55       Kx=<key exchange>
56           Key exchange method: RSA (for export ciphers as RSA(512) or
57           RSA(1024)), DH (for export ciphers as DH(512) or DH(1024)), DH/RSA,
58           DH/DSS, Fortezza.
59
60       Au=<authentication>
61           Authentication method: RSA, DSS, DH, None. None is the
62           representation of anonymous ciphers.
63
64       Enc=<symmetric encryption method>
65           Encryption method with number of secret bits: DES(40), DES(56),
66           3DES(168), RC4(40), RC4(56), RC4(64), RC4(128), RC2(40), RC2(56),
67           RC2(128), IDEA(128), Fortezza, None.
68
69       Mac=<message authentication code>
70           Message digest: MD5, SHA1.
71
72       <export flag>
73           If the cipher is flagged exportable with respect to old US crypto
74           regulations, the word "export" is printed.
75

EXAMPLES

77       Some examples for the output of SSL_CIPHER_description():
78
79        EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
80        EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
81        RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
82        EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
83

BUGS

85       If SSL_CIPHER_description() is called with cipher being NULL, the
86       library crashes.
87
88       If SSL_CIPHER_description() cannot handle a built-in cipher, the
89       according description of the cipher property is unknown. This case
90       should not occur.
91

RETURN VALUES

93       See DESCRIPTION
94