Does anyone know how I can go about using a pure php solution for retrieving a list of ciphers supported by a remote server?
This is the code to test again a local client (web browser)
$ciphers = openssl_get_cipher_methods();
foreach($ciphers as $cipher) {
echo "{$cipher}<br>";
}
Here is what I need to do
- I think what I need to do is create a socket connection to a remote connection
- I need to use a loop to connect with a different cipher each time.
- For each connection that is successfully established, it should print the name of the cipher we connected with.
Here is some code to establish a secure connection but need help to factor in the above requirements.
$url = $_REQUEST['host'];
$ssloptions = array(
"capture_peer_cert" => false,
"allow_self_signed"=>false,
"CN_match"=>$url,
"verify_peer"=>false,
"SNI_enabled"=>true,
"SNI_server_name"=>$url,
);
$ctx = stream_context_create( array("ssl" => $ssloptions) );
$result = stream_socket_client("ssl://$url:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx);
$cont = stream_context_get_params($result);
Here is a list of some ciphers we can use to connect with:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA