Patrick Li wrote:
>
> Hi,
>
> I am trying to match the cipher suite supported by OpenSSL (listed out by
> the command openssl ciphers -tlsv1) to the cipher suite specified in the TLS
> Protocol version 1 IETF RFC 2246. But they seemed to be using different
> naming conventions. The cipher suite name used in OpenSSL is not following
> the naming convention (Authentication algorithn name + Key Exchange +
> Encryption + Digest) which is used in RFC 2246.
>
> My question is
>
> - Is there a 1 to 1 mapping between the cipher suites between OpenSSL and
> RFC 2246. I think it is not the case. Please confirm.
>
Not all ciphersuites in RFC2246 are supported by OpenSSL in particular
the static DH ciphersuites are not due to the lack of DH certificate
support and no one else seems to be using them anyway.
> What does RC4-MD5 (in OpenSSL) map to in RFC 2246? As there are a few
> cipher suites supported RC4 encryption and MD5 digest.
>
Read the 'ciphers' manual page for a complete description of the mapping
and cipher listing usage. In there you will find:
SSL_RSA_WITH_RC4_128_MD5 is the same as RC4-MD5.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
