1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
|
.\" Automatically generated by Pod::Man version 1.15
.\" Wed Feb 19 16:47:37 2003
.\"
.\" Standard preamble:
.\" ======================================================================
.de Sh \" Subsection heading
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. | will give a
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
.tr \(*W-|\(bv\*(Tr
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
'br\}
.\"
.\" If the F register is turned on, we'll generate index entries on stderr
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
.\" index entries marked with X<> in POD. Of course, you'll have to process
.\" the output yourself in some meaningful fashion.
.if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. nr % 0
. rr F
.\}
.\"
.\" For nroff, turn off justification. Always turn off hyphenation; it
.\" makes way too many mistakes in technical documents.
.hy 0
.if n .na
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
.bd B 3
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ======================================================================
.\"
.IX Title "SSL_CIPHER_get_name 3"
.TH SSL_CIPHER_get_name 3 "0.9.7a" "2003-02-19" "OpenSSL"
.UC
.SH "NAME"
SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description \- get \s-1SSL_CIPHER\s0 properties
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/ssl.h>
.Ve
.Vb 4
\& const char *SSL_CIPHER_get_name(SSL_CIPHER *cipher);
\& int SSL_CIPHER_get_bits(SSL_CIPHER *cipher, int *alg_bits);
\& char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
\& char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int size);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\fISSL_CIPHER_get_name()\fR returns a pointer to the name of \fBcipher\fR. If the
argument is the \s-1NULL\s0 pointer, a pointer to the constant value \*(L"\s-1NONE\s0\*(R" is
returned.
.PP
\&\fISSL_CIPHER_get_bits()\fR returns the number of secret bits used for \fBcipher\fR. If
\&\fBalg_bits\fR is not \s-1NULL\s0, it contains the number of bits processed by the
chosen algorithm. If \fBcipher\fR is \s-1NULL\s0, 0 is returned.
.PP
\&\fISSL_CIPHER_get_version()\fR returns the protocol version for \fBcipher\fR, currently
\&\*(L"SSLv2\*(R", \*(L"SSLv3\*(R", or \*(L"TLSv1\*(R". If \fBcipher\fR is \s-1NULL\s0, \*(L"(\s-1NONE\s0)\*(R" is returned.
.PP
\&\fISSL_CIPHER_description()\fR returns a textual description of the cipher used
into the buffer \fBbuf\fR of length \fBlen\fR provided. \fBlen\fR must be at least
128 bytes, otherwise a pointer to the the string \*(L"Buffer too small\*(R" is
returned. If \fBbuf\fR is \s-1NULL\s0, a buffer of 128 bytes is allocated using
\&\fIOPENSSL_malloc()\fR. If the allocation fails, a pointer to the string
\&\*(L"OPENSSL_malloc Error\*(R" is returned.
.SH "NOTES"
.IX Header "NOTES"
The number of bits processed can be different from the secret bits. An
export cipher like e.g. \s-1EXP-RC4\-MD5\s0 has only 40 secret bits. The algorithm
does use the full 128 bits (which would be returned for \fBalg_bits\fR), of
which however 88bits are fixed. The search space is hence only 40 bits.
.PP
The string returned by \fISSL_CIPHER_description()\fR in case of success consists
of cleartext information separated by one or more blanks in the following
sequence:
.Ip "<ciphername>" 4
.IX Item "<ciphername>"
Textual representation of the cipher name.
.Ip "<protocol version>" 4
.IX Item "<protocol version>"
Protocol version: \fBSSLv2\fR, \fBSSLv3\fR. The TLSv1 ciphers are flagged with SSLv3.
.Ip "Kx=<key exchange>" 4
.IX Item "Kx=<key exchange>"
Key exchange method: \fB\s-1RSA\s0\fR (for export ciphers as \fBRSA(512)\fR or
\&\fBRSA(1024)\fR), \fB\s-1DH\s0\fR (for export ciphers as \fBDH(512)\fR or \fBDH(1024)\fR),
\&\fB\s-1DH/RSA\s0\fR, \fB\s-1DH/DSS\s0\fR, \fBFortezza\fR.
.Ip "Au=<authentication>" 4
.IX Item "Au=<authentication>"
Authentication method: \fB\s-1RSA\s0\fR, \fB\s-1DSS\s0\fR, \fB\s-1DH\s0\fR, \fBNone\fR. None is the
representation of anonymous ciphers.
.Ip "Enc=<symmetric encryption method>" 4
.IX Item "Enc=<symmetric encryption method>"
Encryption method with number of secret bits: \fBDES(40)\fR, \fBDES(56)\fR,
\&\fB3DES(168)\fR, \fBRC4(40)\fR, \fBRC4(56)\fR, \fBRC4(64)\fR, \fBRC4(128)\fR,
\&\fBRC2(40)\fR, \fBRC2(56)\fR, \fBRC2(128)\fR, \fBIDEA(128)\fR, \fBFortezza\fR, \fBNone\fR.
.Ip "Mac=<message authentication code>" 4
.IX Item "Mac=<message authentication code>"
Message digest: \fB\s-1MD5\s0\fR, \fB\s-1SHA1\s0\fR.
.Ip "<export flag>" 4
.IX Item "<export flag>"
If the cipher is flagged exportable with respect to old \s-1US\s0 crypto
regulations, the word "\fBexport\fR" is printed.
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Some examples for the output of \fISSL_CIPHER_description()\fR:
.PP
.Vb 4
\& EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
\& EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
\& RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
\& EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
.Ve
.SH "BUGS"
.IX Header "BUGS"
If \fISSL_CIPHER_description()\fR is called with \fBcipher\fR being \s-1NULL\s0, the
library crashes.
.PP
If \fISSL_CIPHER_description()\fR cannot handle a built-in cipher, the according
description of the cipher property is \fBunknown\fR. This case should not
occur.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
See \s-1DESCRIPTION\s0
.SH "SEE ALSO"
.IX Header "SEE ALSO"
ssl(3), SSL_get_current_cipher(3),
SSL_get_ciphers(3), ciphers(1)
|