Shared_ciphers() Method Of SSLSocket Class In Python

Method Name:


Method Signature:




Return Value:

  • A list of tuples of ciphers, their TLS (also still called as SSL) protocol version, number of secret bits used.
  • None if invoked before the SSL handshake.


  • The method shared_ciphers() returns a list of tuples containing the ciphers, the TLS protocol version and the number of secret bits shared with the peer.
  • It does not make sense to call this method on a server socket before or after connections are accepted.
  • However, this method works and retrieves the list of ciphers shared with the peer in the following scenarios:
    • A client socket connecting to a server. The method returns the list of tuples containing cipher information After the SSL handshake
    • A server creating a client socket for a request from client.



# Example Python program that gets the cipher information

# used in a secure communication through SSLScoket

import socket

import ssl

import platform


# SSL context

cx               = ssl.SSLContext();

cx.verify_mode   = ssl.CERT_REQUIRED;


# Check for OS X platform

if platform.system().lower() == 'darwin':

    import certifi

    import os


    # Load the CA certificates used for validating the peer's certificate






# Make a secure socket to connect to the server

s   = socket.socket();

ss  = cx.wrap_socket(s);


# Connect to the server

ss.connect(("", 443));

shared_ciphers = ss.shared_ciphers();

print("List of shared ciphers :");




List of shared ciphers :

[('TLS_AES_256_GCM_SHA384', 'TLSv1.3', 256), ('TLS_CHACHA20_POLY1305_SHA256', 'TLSv1.3', 256), ('TLS_AES_128_GCM_SHA256', 'TLSv1.3', 128), ('ECDHE-ECDSA-AES256-GCM-SHA384', 'TLSv1.2', 256), ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256), ('DHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256), ('ECDHE-ECDSA-CHACHA20-POLY1305', 'TLSv1.2', 256), ('ECDHE-RSA-CHACHA20-POLY1305', 'TLSv1.2', 256), ('DHE-RSA-CHACHA20-POLY1305', 'TLSv1.2', 256), ('ECDHE-ECDSA-AES128-GCM-SHA256', 'TLSv1.2', 128), ('ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1.2', 128), ('DHE-RSA-AES128-GCM-SHA256', 'TLSv1.2', 128), ('ECDHE-ECDSA-AES256-SHA384', 'TLSv1.2', 256), ('ECDHE-RSA-AES256-SHA384', 'TLSv1.2', 256), ('DHE-RSA-AES256-SHA256', 'TLSv1.2', 256), ('ECDHE-ECDSA-AES128-SHA256', 'TLSv1.2', 128), ('ECDHE-RSA-AES128-SHA256', 'TLSv1.2', 128), ('DHE-RSA-AES128-SHA256', 'TLSv1.2', 128), ('ECDHE-ECDSA-AES256-SHA', 'TLSv1.0', 256), ('ECDHE-RSA-AES256-SHA', 'TLSv1.0', 256), ('DHE-RSA-AES256-SHA', 'SSLv3', 256), ('ECDHE-ECDSA-AES128-SHA', 'TLSv1.0', 128), ('ECDHE-RSA-AES128-SHA', 'TLSv1.0', 128), ('DHE-RSA-AES128-SHA', 'SSLv3', 128), ('AES256-GCM-SHA384', 'TLSv1.2', 256), ('AES128-GCM-SHA256', 'TLSv1.2', 128), ('AES256-SHA256', 'TLSv1.2', 256), ('AES128-SHA256', 'TLSv1.2', 128), ('AES256-SHA', 'SSLv3', 256), ('AES128-SHA', 'SSLv3', 128)]

Copyright 2022 ©