gtpc1m66Transmission Control Protocol/Internet Protocol

SSL_set_cipher_list

The SSL_set_cipher_list function sets the ciphers for use by a specific Secure Sockets Layer (SSL) session that session that is started using the specified SSL structure.

Format

#include <openssl/ssl.h>
int ssl_set_cipher_list(SSL *ssl,const char *str)

ssl
A pointer to a token returned on the SSL_new call.

str
A pointer to a string that contains one or more ciphers separated by a colon, comma, or blank. The maximum length is 255 characters.

You must specify the ciphers in order of preference from highest to lowest. The TPF system supports the following SSL version 3 and Transport Layer Security (TLS) version 1 ciphers that are used by the Rivest-Shamir-Adelman (RSA) key exchange:

NULL-MD5
No data encryption; MD5 for message integrity.

NULL-SHA
No data encryption; SHA for message integrity.

EXP-RC4-MD5
Export RC4 (40-bit key) for data encryption; MD5 for message integrity.

RC4-MD5
RC4 (128-bit key) for data encryption; MD5 for message integrity.

RC4-SHA
RC4 (128-bit key) for data encryption; SHA for message integrity.

EXP-RC2-CBC-MD5
Export RC2 (40-bit key) for data encryption; MD5 for message integrity.

EXP-DES-CBC-SHA
Export DES (40-bit key) for data encryption; SHA for message integrity.

DES-CBC-SHA
DES (56-bit key) for data encryption; SHA for message integrity.

DES-CBC3-SHA
Triple-DES (168-bit key) for data encryption; SHA for message integrity.

The TPF system supports the following SSL version 2 ciphers that are used by the RSA key exchange:

RC4-MD5
RC4 (128-bit key) for data encryption; MD5 for message integrity.

EXP-RC4-MD5
Export RC4 (40-bit key) for data encryption; MD5 for message integrity.

RC2-CBC-MD5
RC2 (128-bit key) for data encryption; MD5 for message integrity.

EXP-RC2-CBC-MD5
Export RC2 (40-bit key) for data encryption; MD5 for message integrity.

DES-CBC-MD5
DES (56-bit key) for data encryption; MD5 for message integrity.

DES-CBC3-MD5
Triple-DES (168-bit key) for data encryption; MD5 for message integrity.

Normal Return

Return code 1 indicates that the function was successful.

Error Return

A return code equal to 0 indicates an error.

Programming Considerations

Examples

For sample SSL applications, go to http://www.ibm.com/tpf/pubs/tpfpubs.htm, click SSL for the TPF 4.1 System: An Online User's Guide, and click Examples from the left navigation bar.

Related Information