SSL握手后如何获取密码签名?
[英]How to get the cipher signature after SSL handshake?
问题描述
I'm making a DTLS client-server program with openssl. 
我正在用openssl制作DTLS客户端-服务器程序。 The program works fine, but I can't find a way to get the cipher signature after SSL handshake. 该程序运行良好,但是在SSL握手后我找不到找到加密签名的方法。
By after SSL handshake, I mean in the client side, after: 在SSL握手之后,我的意思是在客户端之后:
if (SSL_connect(ssl) <= 0)
{
//error handling
}
In the server side, after: 在服务器端,之后:
do
{
ret = SSL_accept(ssl);
} while (ret == 0);
I can see the actual cipher signature is sha256WithRSAEncryption from the captured DTLS packets, but how to get this information from openssl? 我可以从捕获的DTLS数据包中看到实际的密码签名是sha256WithRSAEncryption ,但是如何从openssl获取此信息?
Note that even though I'm using DTLS protocol, the code is almost the same as TLS/SSL. 请注意,即使我使用的是DTLS协议,代码也几乎与TLS / SSL相同。
1 个解决方案
解决方案1
0 已采纳 2013-10-16 07:52:06
Cipher algorithm used is stored in a certificate. 所使用的密码算法存储在证书中。 So when you have a certificate (x509), the type of cipher algorithm can be extracted. 因此,当您拥有证书(x509)时,可以提取密码算法的类型。 Numeric version only: 仅数字版本:
X509_get_signature_type(client_cert)
To get human readable string, convert the return value of the previous function with this: 要获取人类可读的字符串,请使用以下命令转换前一个函数的返回值:
OBJ_nid2ln(X509_get_signature_type(client_cert))
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.