Negotiating a Ciphersuite
A ciphersuite is a collection of information that dictates how data and messages are transferred between clients and servers. This information includes encryption mode, mutual authentication mode, message authentication mode, etc. TLS supports several different ciphersuites, however, currently LEADTOOLS supports only those indicated in the L_CIPHERSUITE data type. Before the client and server can begin transferring data and messages they must negotiate the ciphersuite to use.
The client sends the server a list of ciphersuites that it understands. These are sent in order of preference. To get or set the ciphersuites at specific indices within the list, use the LDicomNet::GetCipherFromIndexTLS and LDicomNet::SetCipherToIndexTLS functions. The server selects the first ciphersuite that it understands. If this is acceptable to both sides, this is the ciphersuite selected for use. Once a ciphersuite has been negotiated, the selected ciphersuite can be obtained by calling LDicomNet::GetCiphersuiteTLS.
Once the negotiated ciphersuite is known, information associated with this ciphersuite can be obtained using the following functions:
LDicomNet::GetAuthenticationAlgorithmTLS
LDicomNet::GetIntegrityAlgorithmTLS
LDicomNet::GetKeyExchangeAlgorithmTLS