diff options
author | Paul Yang <yang.yang@baishancloud.com> | 2017-06-30 03:06:19 +0800 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2017-07-21 07:20:14 +1000 |
commit | bbb4ceb86eb6ea0300f744443c36fb6e980fff9d (patch) | |
tree | 57079deada8128837e38a4bd37f7bf9119f016a2 /doc | |
parent | b8a437ffa09bbf22c04a55015a6d2743cd0b7529 (diff) |
Support converting cipher name to RFC name and vice versa
Fixes: issue #3747
make SSL_CIPHER_standard_name globally available and introduce a new
function OPENSSL_cipher_name.
A new option '-convert' is also added to 'openssl ciphers' app.
Documentation and test cases are added.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3859)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man1/ciphers.pod | 13 | ||||
-rw-r--r-- | doc/man3/SSL_CIPHER_get_name.pod | 18 |
2 files changed, 29 insertions, 2 deletions
diff --git a/doc/man1/ciphers.pod b/doc/man1/ciphers.pod index 4774a546f5..0875a8736b 100644 --- a/doc/man1/ciphers.pod +++ b/doc/man1/ciphers.pod @@ -20,6 +20,7 @@ B<openssl> B<ciphers> [B<-psk>] [B<-srp>] [B<-stdname>] +[B<-convert name>] [B<cipherlist>] =head1 DESCRIPTION @@ -97,8 +98,11 @@ TLSv1.1 were negotiated. =item B<-stdname> -Precede each cipher suite by its standard name: only available is OpenSSL -is built with tracing enabled (B<enable-ssl-trace> argument to Configure). +Precede each cipher suite by its standard name. + +=item B<-convert name> + +Convert a standard cipher B<name> to its OpenSSL name. =item B<cipherlist> @@ -752,6 +756,11 @@ L<s_client(1)>, L<s_server(1)>, L<ssl(7)> The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0. +The B<-stdname> is only available if OpenSSL is built with tracing enabled +(B<enable-ssl-trace> argument to Configure) before OpenSSL 1.1.1. + +The B<-convert> was added in OpenSSL 1.1.1. + =head1 COPYRIGHT Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod index 157c162c85..691f9f46d8 100644 --- a/doc/man3/SSL_CIPHER_get_name.pod +++ b/doc/man3/SSL_CIPHER_get_name.pod @@ -3,6 +3,8 @@ =head1 NAME SSL_CIPHER_get_name, +SSL_CIPHER_standard_name, +OPENSSL_cipher_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description, @@ -19,6 +21,8 @@ SSL_CIPHER_is_aead #include <openssl/ssl.h> const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher); + const char *SSL_CIPHER_standard_name(const SSL_CIPHER *cipher); + const char *OPENSSL_cipher_name(const char *stdname); int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size); @@ -34,6 +38,14 @@ SSL_CIPHER_is_aead SSL_CIPHER_get_name() returns a pointer to the name of B<cipher>. If the B<cipher> is NULL, it returns "(NONE)". +SSL_CIPHER_standard_name() returns a pointer to the standard RFC name of +B<cipher>. If the B<cipher> is NULL, it returns "(NONE)". If the B<cipher> +has no standard name, it returns B<NULL>. + +OPENSSL_cipher_name() returns a pointer to the OpenSSL name of B<stdname>. +If the B<stdname> is NULL, or B<stdname> has no corresponding OpenSSL name, +it returns "(NONE)". + SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>. If B<cipher> is NULL, 0 is returned. @@ -127,6 +139,12 @@ rather than a fixed string, in OpenSSL 1.1.0. SSL_CIPHER_get_handshake_digest() was added in OpenSSL 1.1.1. +SSL_CIPHER_standard_name() was globally available in OpenSSL 1.1.1. Before +OpenSSL 1.1.1, tracing (B<enable-ssl-trace> argument to Configure) was +required to enable this function. + +OPENSSL_cipher_name() was added in OpenSSL 1.1.1. + =head1 SEE ALSO L<ssl(7)>, L<SSL_get_current_cipher(3)>, |