On Mon, Feb 13, 2006 at 12:34:42PM -0800, Chris Clark wrote:
> I'm trying to allow my program to be configurable for either AES 128
> bit, or AES 256 bit. The problem is that when I select only the
> AES128-SHA cipher, the other AES ciphers (including 256 bit) get added
> automaticlly.
>
> Is this a limitation of selecting AES, or am I doing something wrong?
> Here is my code:
>
> 1. Set cyphers:
>
> CString Shif = "AES128-SHA";
>
> Shif+="!IDEA:!ADH:";
You probably have to add some ":" here. With the explicit selection of
AES128-SHA you do not have to remove the other ciphers anyway.
> SSL_CTX_set_cipher_list(m_ctx, Shif.GetBuffer());
> SSL_CTX_set_options(SSL_OP_NO_SSLv2);
>
> 2. Display chypers:
>
> SSL* lSSL = SSL_new(lCTX);
>
> int ccnt=0;
> const char *res=(char*)1;
> for (int i=0;res!=NULL;i++)
> {
> res = SSL_get_cipher_list(lSSL, i);
> if (res)
> {
> m_List.AddString((char*)res);
> ccnt++;
> }
> }
The openssl command line tool seems to handle problem well...
lutzpc 30: openssl ciphers -v AES128-SHA
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
