[openssl-dev] [openssl.org #3845] Feature Request: Allow specification of ciphers by raw cipher ID
Benny Baumann via RT
rt at openssl.org
Sat May 9 16:22:52 UTC 2015
Hi,
as the normal specification of cipher strings can be somewhat clumsy to
use from time to time it would be nice if one could use the raw ID of a
cipher (with all the usual operators):
ALL:!0x00c012
Allow everything except TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
HIGH:-AES:+0x00c030
Allow all HIGH secure ciphers except AES, but explicitly include
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
AES256:-0xc030:+AES+GCM
Allow AES256, but (soft-)exclude TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
if it's not in the AESGCM ciphers list.
Additionally it would be awesome if one could simply use the names as
they appear in the RFCs ;-)
Regards,
BenBE.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5449 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150509/022751ee/attachment.bin>
More information about the openssl-dev
mailing list