SSL_CTX_set_security_level.pod - OpenGrok cross reference for /freebsd-src/crypto/openssl/doc/man3/SSL_CTX_set_security

Lines Matching full:security
5 …rity_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework
42 the security level to B<level>. If not set the library default security level
46 retrieve the current security level.
50 the security callback associated with B<ctx> or B<s>. If not set a default
51 security callback is used. The meaning of the parameters and the behaviour
62 If an application doesn't set its own security callback the default
75 The security level corresponds to a minimum of 80 bits of security. Any
76 parameters offering below 80 bits of security are excluded. As a result RSA,
79 less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite
81 and MD5 are also forbidden at this level as they have less than 80 security
86 Security level set to 112 bits of security. As a result RSA, DSA and DH keys
93 Security level set to 128 bits of security. As a result RSA, DSA and DH keys
101 Security level set to 192 bits of security. As a result RSA, DSA and
108 Security level set to 256 bits of security. As a result RSA, DSA and DH keys
113 =head1 APPLICATION DEFINED SECURITY CALLBACKS
119 The default security level can be configured when OpenSSL is compiled by
122 The security framework disables or reject parameters inconsistent with the
123 set security level. In the past this was difficult as applications had to set
128 By setting an appropriate security level much of this complexity can be
131 The bits of security limits affect all relevant parameters including
136 then only cipher suites consistent with the security level are permissible.
138 See SP800-57 for how the security limits are related to individual
141 Some security levels require large key sizes for non-ECC public key
143 of security requires the use of RSA keys of at least 15360 bits in size.
146 offering insufficient security are not sent by the client and will not
151 Attempts to set certificates or parameters with insufficient security are
163 represents the security level with B<SSL_CTX> or B<SSL>, respectively.
169 to the security callback or NULL if the callback is not set.