Hi,
I am currently evaluating the steps necessary to get the 56bit cipher
stuff working.
It might include the use of more bits to represent the EXPORT encryption
strength level.
We might also need at least one bit more for the RC6 encryption proposed in
the last days. Eventually other extensions will be necessary over longer time.
Hence, I would like to extend the
typedef struct ssl_cipher_st { ... } SSL_CIPHER;
structure. I am not completely sure on how to do it, but I tend to
seperate different properties, as on now just masked into
unsigned long algorithm;
like SSL_ENC_MASK, SSL_MAC_MASK, SSL_EXP_MASK (see ssl/ssl_locl.h)
into own elements.
Additionally, I would like to add fields for the number of bits used,
so that this information would be hardcoded and SSL_get_cipher_bits()
would return correct values (see mod_ssl and Apache+SSL for references).
Since this would break binary compatibility (and this should be done
as seldom as possible), I would like to hear opinions and maybe proposals
for further improvements/enhancements.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
