加密算法

想知道DHE_RSA_AES256_SHA 和TLS_DHE_RSA_WITH_AES256_CBC_SHA这两个东西是不是一样的。后者是firefox使用的加密算法(wireshark says),而前者是curl选择的加密算法(says by curl itself. wireshark says  it is the same as firefox)。

这里有一篇文章有个简单介绍,还有一些代码:
http://www.cppblog.com/ArthasLee/archive/2010/12/01/135186.html

 

http://www.cnblogs.com/zhuqil/archive/2012/10/06/ssl_detail.html

openssl:   ssl.h/s3_lib.c
struct ssl_cipher_st
{
int valid;
const char *name;               /* text name */
unsigned long id;               /* id, 4 bytes, first is version */

/* changed in 0.9.9: these four used to be portions of a single value ‘algorithms’ */
unsigned long algorithm_mkey;   /* key exchange algorithm */
unsigned long algorithm_auth;   /* server authentication */
unsigned long algorithm_enc;    /* symmetric encryption */
unsigned long algorithm_mac;    /* symmetric authentication */
unsigned long algorithm_ssl;    /* (major) protocol version */

unsigned long algo_strength;    /* strength and export flags */
unsigned long algorithm2;       /* Extra flags */
int strength_bits;              /* Number of bits really used */
int alg_bits;                   /* Number of bits for algorithm */
};

对应的加密数据结构:
/* Cipher 39 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
SSL_kEDH,
SSL_aRSA,
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP|SSL_HIGH|SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
256,
},

 



本文地址: http://www.bagualu.net/wordpress/archives/3508 转载请注明




发表评论

电子邮件地址不会被公开。 必填项已用*标注