[thirdparty/openssl.git] / doc / ssl / SSL_CIPHER_get_name.pod

=pod

=head1 NAME

SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
 int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
 char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
 char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
 int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
 int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);

=head1 DESCRIPTION

SSL_CIPHER_get_name() returns a pointer to the name of B<cipher>. If the
B<cipher> is NULL, it returns "(NONE)".

SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>.
If B<cipher> is NULL, 0 is returned.

SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
version that first defined the cipher.  It returns "(NONE)" if B<cipher> is NULL.

SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to B<c>.
If there is no cipher (e.g. for ciphersuites with no encryption) then
B<NID_undef> is returned.

SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC
used by B<c>. If there is no digest (e.g. for AEAD ciphersuites) then
B<NID_undef> is returned.

SSL_CIPHER_description() returns a textual description of the cipher used
into the buffer B<buf> of length B<len> provided.  If B<buf> is provided, it
must be at least 128 bytes, otherwise a buffer will be allocated using
OPENSSL_malloc().  If the provided buffer is too small, or the allocation fails,
B<NULL> is returned.

The string returned by SSL_CIPHER_description() consists of several fields
separated by whitespace:

=over 4

=item <ciphername>

Textual representation of the cipher name.

=item <protocol version>

Protocol version, such as B<TLSv1.2>, when the cipher was first defined.

=item Kx=<key exchange>

Key exchange method such as B<RSA>, B<ECDHE>, etc.

=item Au=<authentication>

Authentication method such as B<RSA>, B<None>, etc.. None is the
representation of anonymous ciphers.

=item Enc=<symmetric encryption method>

Encryption method, with number of secret bits, such as B<AESGCM(128)>.

=item Mac=<message authentication code>

Message digest, such as B<SHA256>.

=back

Some examples for the output of SSL_CIPHER_description():

 ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
 RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK   Au=RSA  Enc=AES(256)  Mac=SHA384

=head1 HISTORY

SSL_CIPHER_get_version() was updated to always return the correct protocol
string in OpenSSL 1.1.

SSL_CIPHER_description() was changed to return B<NULL> on error,
rather than a fixed string, in OpenSSL 1.1

=head1 SEE ALSO

L<ssl(3)>, L<SSL_get_current_cipher(3)>,
L<SSL_get_ciphers(3)>, L<ciphers(1)>

=cut
Commit	Line	Data
615513ba RL	1	=pod
	2
	3	=head1 NAME
	4
803e4e93	5	SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties
615513ba RL	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/ssl.h>
	10
c3e64028 NL	11	const char SSL_CIPHER_get_name(const SSL_CIPHER cipher);
	12	int SSL_CIPHER_get_bits(const SSL_CIPHER cipher, int alg_bits);
	13	char SSL_CIPHER_get_version(const SSL_CIPHER cipher);
7689ed34	14	char SSL_CIPHER_description(const SSL_CIPHER cipher, char *buf, int size);
98c9ce2f DSH	15	int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
98c9ce2f DSH	16	int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
615513ba RL	17
	18	=head1 DESCRIPTION
	19
	20	SSL_CIPHER_get_name() returns a pointer to the name of B<cipher>. If the
baf245ec	21	B<cipher> is NULL, it returns "(NONE)".
615513ba	22
baf245ec RS	23	SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>.
baf245ec RS	24	If B<cipher> is NULL, 0 is returned.
615513ba	25
fc1d88f0	26	SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
baf245ec	27	version that first defined the cipher. It returns "(NONE)" if B<cipher> is NULL.
615513ba	28
98c9ce2f DSH	29	SSL_CIPHER_get_cipher_nid() returns the cipher NID corresponding to B<c>.
	30	If there is no cipher (e.g. for ciphersuites with no encryption) then
	31	B<NID_undef> is returned.
	32
	33	SSL_CIPHER_get_digest_nid() returns the digest NID corresponding to the MAC
	34	used by B<c>. If there is no digest (e.g. for AEAD ciphersuites) then
	35	B<NID_undef> is returned.
	36
baf245ec RS	37	SSL_CIPHER_description() returns a textual description of the cipher used
	38	into the buffer B<buf> of length B<len> provided. If B<buf> is provided, it
	39	must be at least 128 bytes, otherwise a buffer will be allocated using
	40	OPENSSL_malloc(). If the provided buffer is too small, or the allocation fails,
	41	B<NULL> is returned.
615513ba	42
baf245ec RS	43	The string returned by SSL_CIPHER_description() consists of several fields
baf245ec RS	44	separated by whitespace:
803e4e93 LJ	45
	46	=over 4
	47
	48	=item <ciphername>
	49
	50	Textual representation of the cipher name.
	51
	52	=item <protocol version>
	53
baf245ec	54	Protocol version, such as B<TLSv1.2>, when the cipher was first defined.
803e4e93 LJ	55
	56	=item Kx=<key exchange>
	57
baf245ec	58	Key exchange method such as B<RSA>, B<ECDHE>, etc.
803e4e93 LJ	59
	60	=item Au=<authentication>
	61
baf245ec	62	Authentication method such as B<RSA>, B<None>, etc.. None is the
803e4e93 LJ	63	representation of anonymous ciphers.
803e4e93 LJ	64
52d160d8	65	=item Enc=<symmetric encryption method>
803e4e93	66
baf245ec	67	Encryption method, with number of secret bits, such as B<AESGCM(128)>.
803e4e93 LJ	68
	69	=item Mac=<message authentication code>
	70
baf245ec	71	Message digest, such as B<SHA256>.
803e4e93 LJ	72
	73	=back
	74
b1e21f8f LJ	75	Some examples for the output of SSL_CIPHER_description():
b1e21f8f LJ	76
baf245ec RS	77	ECDHE-RSA-AES256-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
baf245ec RS	78	RSA-PSK-AES256-CBC-SHA384 TLSv1.0 Kx=RSAPSK Au=RSA Enc=AES(256) Mac=SHA384
615513ba	79
baf245ec	80	=head1 HISTORY
803e4e93	81
baf245ec RS	82	SSL_CIPHER_get_version() was updated to always return the correct protocol
baf245ec RS	83	string in OpenSSL 1.1.
615513ba	84
baf245ec RS	85	SSL_CIPHER_description() was changed to return B<NULL> on error,
baf245ec RS	86	rather than a fixed string, in OpenSSL 1.1
615513ba RL	87
	88	=head1 SEE ALSO
	89
9b86974e RS	90	L<ssl(3)>, L<SSL_get_current_cipher(3)>,
9b86974e RS	91	L<SSL_get_ciphers(3)>, L<ciphers(1)>
615513ba RL	92
615513ba RL	93	=cut