<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 09/06/2017 12:02 AM, mahesh gs wrote:<br>
<blockquote type="cite"
cite="mid:CAF7NSfQpyQGwt7ND3t1DQBgq2wrvAmTER867=-VSvF1nkPhz9Q@mail.gmail.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div dir="ltr">Hi All,
<div><br>
</div>
<div>I am using openssl version 01.01.00f for providing TLS and
DTLS security for TCP and SCTP connection for our application.
I have query regarding the "Ciphers" that are accepted by the
SSL_CTX_set_cpiher_list API. The list of ciphers that are
supported by openssl version 01.01.00f that is output of
command "openssl ciphers -v" is as listed down below. When i
try to set these ciphers through APIĀ "SSL_CTX_set_cipher_list"
returns success for some and failure for some other ciphers.</div>
<div><br>
</div>
<div>For example if i set "ECDHE-RSA-AES256-GCM-SHA384" API
returns success but if i set "DHE-DSS-AES256-GCM-SHA384" or
"RC4-MD5" API returns failure. My query is what are the
accepted ciphers ? and what is the reason behind not accepting
some of them?</div>
<br>
</div>
</blockquote>
<br>
OpenSSL 1.1.0 added a concept of "security level" for ciphers; see
<a class="moz-txt-link-freetext" href="https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level">https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level</a>
for which levels correspond to bits of security, prohibited message
digests, etc.<br>
<br>
-Ben<br>
</body>
</html>