Method SSL.Context()->get_suites()
- Method get_suites
array(int) get_suites(int(-1..)|void min_keylength, int(0..2)|void ke_flags, multiset(int)|void blacklisted_ciphers, multiset(KeyExchangeType)|void blacklisted_kes, multiset(HashAlgorithm)|void blacklisted_hashes, multiset(CipherModes)|void blacklisted_ciphermodes)
- Description
Get the prioritized list of supported cipher suites that satisfy the requirements.
- Parameter min_keylength
Minimum supported effective keylength in bits. Defaults to
128
. Specify-1
to enable null ciphers.- Parameter ke_mode
Level of protection for the key exchange.
0 Require forward secrecy (ephemeral keys).
1 Also allow certificate based key exchanges.
2 Allow anonymous server key exchange. Note that this allows for man in the middle attacks.
- Parameter blacklisted_ciphers
Multiset of ciphers that are NOT to be used.
- Parameter blacklisted_kes
Multiset of key exchange methods that are NOT to be used.
- Parameter blacklisted_hashes
Multiset of hash algoriths that are NOT to be used.
- Parameter blacklisted_ciphermodes
Multiset of cipher modes that are NOT to be used.
- Note
Note that the effective keylength may differ from the actual keylength for old ciphers where there are known attacks.