0

I would like to compare pairs (A;B) of TLS cipher suites with the result that either A or B is more secure.
I know that it's sometimes hard to tell, because for instance A has a better key algorithm than B, but B's hashing algorithm is more secure. I know that OpenSSL is capable of showing a sorted list (openssl ciphers -v 'ALL:@STRENGTH'). The output format however is wrong for me and the translation between the two formats seems infeasible:

Here are some examples:

   The Format I need                       OpenSSL Format
   ---------------------------------       ---------------------       
   SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
   TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       DHE-RSA-DES-CBC3-SHA
   TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA

(This question is related to my other question on stackoverflow.)

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
Hansi
  • 87
  • 1
  • 1
  • 6
  • 4
    "...the translation between the two formats seems infeasible" - Since you main problem seems to be the mapping between RFC and OpenSSL names: https://testssl.sh/openssl-rfc.mappping.html. Or use any of the other hits when [searching for "mapping cipher rfc openssl"](https://www.google.com/search?q=mapping+cipher+openssl+rfc) – Steffen Ullrich Aug 10 '16 at 12:35
  • Seems like I used the wrong words while googling for my problem. Your links are really helpful! But maybe, there's anyone who know different ways then utilizing OpenSSL and a (trusted?) Website. – Hansi Aug 10 '16 at 12:43
  • 1
    Hansl - what is it you are asking for that isn't answered by Steffen's first link? – Rory Alsop Aug 10 '16 at 12:48

0 Answers0