[openssl-users] How to get encryption strength?

Dirk Menstermann noadsplease at web.de
Thu Mar 26 12:37:26 UTC 2015


Hi Steve,

as far as I can see this works only if the application embedding openssl is the
ssl client; but how can this be achieved from the server's point of view?

Thanks
Dirk


On 25.03.2015 16:35, Dr. Stephen Henson wrote:
> On Wed, Mar 25, 2015, Dirk Menstermann wrote:
> 
>> Hello,
>>
>> which API function can I use to obtain the bit strength of the key exchange
>> (size of the DH or ECDH parameters)?
>>
>> There is the function SSL_get_cipher_bits, but this is only for the symmetric
>> cipher, not including the key exchange.
>>
> 
> This is only supported in OpenSSL 1.0.2 and later. You can call
> SSL_get_server_tmp_key() to get the peer temporary key. This returns an
> EVP_PKEY structue which you can then analyse further.
> 
> Check out the function ssl_print_tmp_key() in apps/s_cb.c for a simple
> example.
> 
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> 



More information about the openssl-users mailing list