Class SSL.Cipher.CipherSpec

Description: Cipher specification.

Variable bulk_cipher_algorithm: program SSL.Cipher.CipherSpec.bulk_cipher_algorithm
Description: The algorithm to use for the bulk of the transfered data.

Variable explicit_iv_size

int SSL.Cipher.CipherSpec.explicit_iv_size

Description

The number of bytes of explicit data needed for initialization vectors. This is used by AEAD ciphers in TLS 1.2, where there's a secret part of the iv "salt" of length iv_size, and an explicit part that is sent in the clear.

This is usually bulk_cipher_algorithm->iv_size() - iv_size, but may be set to zero to just have the sequence number expanded to the same size as an implicit iv. This is used by the suites with Crypto.ChaCha20.POLY1305.

Variable hash

Crypto.Hash SSL.Cipher.CipherSpec.hash

Description

The hash algorithm for signing the handshake.

Usually the same hash as is the base for the prf.

Note

Only used in TLS 1.2 and later.

Variable hash_size: int SSL.Cipher.CipherSpec.hash_size
Description: The number of bytes in the MAC hashes.

Variable is_exportable: int SSL.Cipher.CipherSpec.is_exportable
Description: Indication whether the combination uses strong or weak (aka exportable) crypto.

Variable iv_size: int SSL.Cipher.CipherSpec.iv_size
Description: The number of bytes of random data needed for initialization vectors.

Variable ke_factory: program SSL.Cipher.CipherSpec.ke_factory
Description: Key exchange factory.

Variable key_bits

int SSL.Cipher.CipherSpec.key_bits

Description

The effective number of bits in key_material.

This is typically key_material * 8, but for eg DES this is key_material * 7.

Variable key_material: int SSL.Cipher.CipherSpec.key_material
Description: The number of bytes of key material used on initialization.

Variable mac_algorithm: program SSL.Cipher.CipherSpec.mac_algorithm
Description: The Message Authentication Code to use for the packets.

Variable max_bytes: int SSL.Cipher.CipherSpec.max_bytes
Description: The number of bytes that is safe to send before we must renegotiate the keys.

Variable prf: function(string(8bit), string(8bit), string(8bit), int:string(8bit)) SSL.Cipher.CipherSpec.prf
Description: The Pseudo Random Function to use.
See also: prf_ssl_3_0(), prf_tls_1_0(), prf_tls_1_2()

Variable signature_alg: SignatureAlgorithm SSL.Cipher.CipherSpec.signature_alg
Description: The signature algorithm used for key exchange signatures.

Variable signature_hash: HashAlgorithm SSL.Cipher.CipherSpec.signature_hash
Description: The hash algorithm used for key exchange signatures.