Looking at the, er, documentation:
/* constant table enumerating all implemented SSL 2 and 3 cipher suites. */
SSL_IMPORT const PRUint16 SSL_ImplementedCiphers[];
/* the same as the above, but is a function */
SSL_IMPORT const PRUint16 *SSL_GetImplementedCiphers(void);
/* number of entries in the above table. */
SSL_IMPORT const PRUint16 SSL_NumImplementedCiphers;
/* the same as the above, but is a function */
SSL_IMPORT PRUint16 SSL_GetNumImplementedCiphers(void);
I suspect that will return something like:
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Otoh, if there is something we can call we'll be able to clean up our
crypto a bit by dropping the #ifdefs and instead probing everything at
runtime. If nothing else, only enable algorithms if their test passes.
Andrew
On 16 March 2016 at 11:38, Paul Wouters <[email protected]> wrote:
>
> The function to check for cryptographic algorithms in NSS appararently
> is the function SSL_GetImplementedCiphers()
>
> Eg, we need to use that so see if we have CHACHA20/POLY1305 support in
> the future. Probably we also need it to test for various CCM algos
> needed to support IoT devices that we know aren't all in NSS yet.
>
> Paul
>
> _______________________________________________
> Swan-dev mailing list
> [email protected]
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
