On Mon, Feb 13, 2006 at 12:34:42PM -0800, Chris Clark wrote: > I'm trying to allow my program to be configurable for either AES 128 > bit, or AES 256 bit. The problem is that when I select only the > AES128-SHA cipher, the other AES ciphers (including 256 bit) get added > automaticlly. > > Is this a limitation of selecting AES, or am I doing something wrong? > Here is my code: > > 1. Set cyphers: > > CString Shif = "AES128-SHA"; > > Shif+="!IDEA:!ADH:";
You probably have to add some ":" here. With the explicit selection of AES128-SHA you do not have to remove the other ciphers anyway. > SSL_CTX_set_cipher_list(m_ctx, Shif.GetBuffer()); > SSL_CTX_set_options(SSL_OP_NO_SSLv2); > > 2. Display chypers: > > SSL* lSSL = SSL_new(lCTX); > > int ccnt=0; > const char *res=(char*)1; > for (int i=0;res!=NULL;i++) > { > res = SSL_get_cipher_list(lSSL, i); > if (res) > { > m_List.AddString((char*)res); > ccnt++; > } > } The openssl command line tool seems to handle problem well... lutzpc 30: openssl ciphers -v AES128-SHA AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]