On 09/06/2017 12:02 AM, mahesh gs wrote:
Hi All,
I am using openssl version 01.01.00f for providing TLS and
DTLS security for TCP and SCTP connection for our application.
I have query regarding the "Ciphers" that are accepted by the
SSL_CTX_set_cpiher_list API. The list of ciphers that are
supported by openssl version 01.01.00f that is output of
command "openssl ciphers -v" is as listed down below. When i
try to set these ciphers through API "SSL_CTX_set_cipher_list"
returns success for some and failure for some other ciphers.
For example if i set "ECDHE-RSA-AES256-GCM-SHA384" API
returns success but if i set "DHE-DSS-AES256-GCM-SHA384" or
"RC4-MD5" API returns failure. My query is what are the
accepted ciphers ? and what is the reason behind not accepting
some of them?
OpenSSL 1.1.0 added a concept of "security level" for ciphers; see
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level
for which levels correspond to bits of security, prohibited message
digests, etc.
-Ben
|
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
