Google Git
Sign in
boringssl/boringssl.git/4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927^!/./ssl/ssl_cipher.c
commit
4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927
[log]
author
David Benjamin <davidben@chromium.org>
Sat Dec 19 14:23:26 2015 -0500
committer
Adam Langley <agl@google.com>
Tue Dec 22 23:12:25 2015 +0000
tree
9fb3f856f6704f624667108dd08fcead5a53f17c
parent
4298d773794dcfef675aeeacd970bcc8f2fe406d [diff] [blame]
Make it possible to tell what curve was used on the server.

We don't actually have an API to let you know if the value is legal to
interpret as a curve ID. (This was kind of a poor API. Oh well.) Also add tests
for key_exchange_info. I've intentionally left server-side plain RSA missing
for now because the SSL_PRIVATE_KEY_METHOD abstraction only gives you bytes and
it's probably better to tweak this API instead.

(key_exchange_info also wasn't populated on the server, though due to a
rebasing error, that fix ended up in the parent CL. Oh well.)

Change-Id: I74a322c8ad03f25b02059da7568c9e1a78419069
Reviewed-on: https://boringssl-review.googlesource.com/6783
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 6d8237d..77fa8fa 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c

@@ -1616,6 +1616,10 @@
   return (cipher->algorithm_auth & SSL_aECDSA) != 0;
 }
 
+int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_mkey & SSL_kECDHE) != 0;
+}
+
 uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
   if (cipher->algorithm_prf != SSL_HANDSHAKE_MAC_DEFAULT) {
     /* Cipher suites before TLS 1.2 use the default PRF, while all those added