TLS 1.3 migration: how to get current SSL session authentication

Michel michel.sales at free.fr
Thu Apr 2 16:47:27 UTC 2020


Hi, 

By the way : 
It was possible to get the authentication from a TLS1.2 ciphersuite 
Using SSL_CIPHER_get_auth_nid().

With a TLS1.3 SSL_CIPHER, the result is logically 'any'.

So my question is : 
Is there any other [new ?] API to get the effective authentication mode 
from the current SSL session (RSA, PSK, ...) ? 
Or do we need to rely on a [/PSK like] callback ?

Regards,

Michel.

-----Message d'origine-----
[...]
A TLSv1.2 ciphersuite combines the symmetric cipher, 
with the key exchange algorithm, the authentication algorithm and the hash.
In TLSv1.3 we just have the symmetric cipher and hash. 
[...]




More information about the openssl-users mailing list