Does anyone know how I can go about using a pure php solution for retrieving a list of ciphers supported by a remote server?
This is the code to test again a local client (web browser)
$ciphers = openssl_get_cipher_methods();
foreach($ciphers as $cipher) {
echo "{$cipher}<br>";
}
Here is what I need to do
Here is some code to establish a secure connection but need help to factor in the above requirements.
$url = $_REQUEST['host'];
$ssloptions = array(
"capture_peer_cert" => false,
"allow_self_signed"=>false,
"CN_match"=>$url,
"verify_peer"=>false,
"SNI_enabled"=>true,
"SNI_server_name"=>$url,
);
$ctx = stream_context_create( array("ssl" => $ssloptions) );
$result = stream_socket_client("ssl://$url:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx);
$cont = stream_context_get_params($result);
Here is a list of some ciphers we can use to connect with:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
I needed to add this to my socket array:
'ciphers' => $value,
I also created an array with all the ciphersuites and put it through a foreach ($ciphersuites_to_test as $value) to cycle through all the ciphers.