[openssl-users] Is there a way to get the numeric-value for a openssl-cipher-suite
Ajay Garg
ajaygargnsit at gmail.com
Wed Dec 14 08:09:27 UTC 2016
Hi All.
I am using the following script at myu laptop, to test for the available
cipher-suites :
####################################################
#!/usr/bin/env bash
# OpenSSL requires the port number.
SERVER=server.ip.com:12345
DELAY=1
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')
echo Obtaining cipher list from $(openssl version).
for cipher in ${ciphers[@]}
do
# echo -n Testing $cipher...
result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)
if [[ "$result" =~ ":error:" ]] ; then
true
else
if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher :" ]]
; then
echo ${cipher}
else
true
fi
fi
sleep $DELAY
done
####################################################
Above script works, and I am able to get the supported-ciphers-listing.
But all those ciphers are in stringified-form.
Is there a way, so that I can get the supported-ciphers in their
corrsponding numeric-values form?
I ask this, because a particular device supports only a restricted set of
ciphers, and I am not able to properly match the cipher-suites using their
stringified-forms.
Looking forward to some help from the experts :)
Thanks and Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161214/b13d894a/attachment.html>
More information about the openssl-users
mailing list