What is the most appropriate way to programmatically get the following information about an SSL_CIPHER? Currently, we need to read: * Which cipher algorithm is being used * Which key exchange algorithm is being used * Which MAC hash algorithm is being used The way we've currently been doing this is by looking at the SSL_CIPHER's algorithm_enc, algorithm_mkey, and algorithm_mac fields. But since there is no public header that contains the enum values, we've copied the values out of ssl/ssl_locl.h into our own code. This is problematic, since these values have recently changed with https://github.com/openssl/openssl/commit/bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb For example: -# define SSL_kDHE 0x00000008U +# define SSL_kDHE 0x00000002U One option we've discussed is to compare strings returned from SSL_CIPHER_get_name, or SSL_CIPHER_description, but this seems less than ideal. Is there a better way to programmatically get this information? Thanks in advance, Eric Erhardt -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160120/d07385d6/attachment-0001.html>
