[openssl-users] How to get encryption strength?
Dr. Stephen Henson
steve at openssl.org
Wed Mar 25 15:35:06 UTC 2015
On Wed, Mar 25, 2015, Dirk Menstermann wrote:
> Hello,
>
> which API function can I use to obtain the bit strength of the key exchange
> (size of the DH or ECDH parameters)?
>
> There is the function SSL_get_cipher_bits, but this is only for the symmetric
> cipher, not including the key exchange.
>
This is only supported in OpenSSL 1.0.2 and later. You can call
SSL_get_server_tmp_key() to get the peer temporary key. This returns an
EVP_PKEY structue which you can then analyse further.
Check out the function ssl_print_tmp_key() in apps/s_cb.c for a simple
example.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users
mailing list