commit 4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927
author David Benjamin <davidben@chromium.org> Sat Dec 19 14:23:26 2015 -0500
committer Adam Langley <agl@google.com> Tue Dec 22 23:12:25 2015 +0000
tree 9fb3f856f6704f624667108dd08fcead5a53f17c
parent 4298d773794dcfef675aeeacd970bcc8f2fe406d

Make it possible to tell what curve was used on the server.

We don't actually have an API to let you know if the value is legal to
interpret as a curve ID. (This was kind of a poor API. Oh well.) Also add tests
for key_exchange_info. I've intentionally left server-side plain RSA missing
for now because the SSL_PRIVATE_KEY_METHOD abstraction only gives you bytes and
it's probably better to tweak this API instead.

(key_exchange_info also wasn't populated on the server, though due to a
rebasing error, that fix ended up in the parent CL. Oh well.)

Change-Id: I74a322c8ad03f25b02059da7568c9e1a78419069
Reviewed-on: https://boringssl-review.googlesource.com/6783
Reviewed-by: Adam Langley <agl@google.com>

include/openssl/ssl.h

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 589f4c4..681066c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1061,6 +1061,9 @@
 /* SSL_CIPHER_is_ECDSA returns one if |cipher| uses ECDSA. */
 OPENSSL_EXPORT int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher);
 
+/* SSL_CIPHER_is_ECDHE returns one if |cipher| uses ECDHE. */
+OPENSSL_EXPORT int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher);
+
 /* SSL_CIPHER_get_min_version returns the minimum protocol version required
  * for |cipher|. */
 OPENSSL_EXPORT uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher);