Find out IV length

Matt Caswell matt at
Wed Aug 17 10:11:07 UTC 2022

On 17/08/2022 06:30, Kreissl, Jochen wrote:
> Hi,
> given an SSL* or respectively an SSLCIPHER* struct, how can I figure out 
> the length of the IV used by the negotiated cipher of the handshake?
> I noticed that EVP_CIPHER has a metod to query this information, but I 
> also don’t find a way to get an EVP_CIPHER from SSL*.
> Any pointers (heh) would be very helpful, thanks.
> Cheers

Given an SSL_CIPHER structure the associated EVP_CIPHER can be obtained 
using something like this:

EVP_CIPHER *ciph = 

But note that IV handling in TLS is a little complicated with the actual 
IV that is used for an actual encryption/decryption operation being 
composed of different elements. The details of which vary by ciphersuite 
and protocol version.


More information about the openssl-users mailing list