Add SSL_CIPHER_get_prf_nid.
draft-ietf-quic-tls needs access to the cipher's PRF hash to size its
keys correctly.
Change-Id: Ie4851f990e5e1be724f262f608f7195f7ca837ca
Reviewed-on: https://boringssl-review.googlesource.com/20624
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 440c431..d6f6149 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1232,6 +1232,12 @@
// function returns |NID_auth_any|.
OPENSSL_EXPORT int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *cipher);
+// SSL_CIPHER_get_prf_nid retuns the NID for |cipher|'s PRF hash. If |cipher| is
+// a pre-TLS-1.2 cipher, it returns |NID_md5_sha1| but note these ciphers use
+// SHA-256 in TLS 1.2. Other return values may be treated uniformly in all
+// applicable versions.
+OPENSSL_EXPORT int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *cipher);
+
// SSL_CIPHER_get_min_version returns the minimum protocol version required
// for |cipher|.
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher);
diff --git a/ssl/ssl_cipher.cc b/ssl/ssl_cipher.cc
index 78cf60d..435441d 100644
--- a/ssl/ssl_cipher.cc
+++ b/ssl/ssl_cipher.cc
@@ -1513,6 +1513,19 @@
return NID_undef;
}
+int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *cipher) {
+ switch (cipher->algorithm_prf) {
+ case SSL_HANDSHAKE_MAC_DEFAULT:
+ return NID_md5_sha1;
+ case SSL_HANDSHAKE_MAC_SHA256:
+ return NID_sha256;
+ case SSL_HANDSHAKE_MAC_SHA384:
+ return NID_sha384;
+ }
+ assert(0);
+ return NID_undef;
+}
+
int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher) {
return (cipher->algorithm_enc & SSL_eNULL) == 0 &&
cipher->algorithm_mac != SSL_AEAD;
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index f032b25..10bc215 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -828,6 +828,7 @@
int digest_nid;
int kx_nid;
int auth_nid;
+ int prf_nid;
} kTests[] = {
{
SSL3_CK_RSA_DES_192_CBC3_SHA,
@@ -836,6 +837,7 @@
NID_sha1,
NID_kx_rsa,
NID_auth_rsa,
+ NID_md5_sha1,
},
{
TLS1_CK_RSA_WITH_AES_128_SHA,
@@ -844,6 +846,7 @@
NID_sha1,
NID_kx_rsa,
NID_auth_rsa,
+ NID_md5_sha1,
},
{
TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
@@ -852,6 +855,7 @@
NID_sha1,
NID_kx_psk,
NID_auth_psk,
+ NID_md5_sha1,
},
{
TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
@@ -860,6 +864,7 @@
NID_sha256,
NID_kx_ecdhe,
NID_auth_rsa,
+ NID_sha256,
},
{
TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
@@ -868,6 +873,7 @@
NID_sha384,
NID_kx_ecdhe,
NID_auth_rsa,
+ NID_sha384,
},
{
TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
@@ -876,6 +882,7 @@
NID_undef,
NID_kx_ecdhe,
NID_auth_rsa,
+ NID_sha256,
},
{
TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
@@ -884,6 +891,7 @@
NID_undef,
NID_kx_ecdhe,
NID_auth_ecdsa,
+ NID_sha256,
},
{
TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
@@ -892,6 +900,7 @@
NID_undef,
NID_kx_ecdhe,
NID_auth_ecdsa,
+ NID_sha384,
},
{
TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA,
@@ -900,6 +909,7 @@
NID_sha1,
NID_kx_ecdhe,
NID_auth_psk,
+ NID_md5_sha1,
},
{
TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
@@ -908,6 +918,7 @@
NID_undef,
NID_kx_ecdhe,
NID_auth_rsa,
+ NID_sha256,
},
{
TLS1_CK_AES_256_GCM_SHA384,
@@ -916,6 +927,7 @@
NID_undef,
NID_kx_any,
NID_auth_any,
+ NID_sha384,
},
{
TLS1_CK_AES_128_GCM_SHA256,
@@ -924,6 +936,7 @@
NID_undef,
NID_kx_any,
NID_auth_any,
+ NID_sha256,
},
{
TLS1_CK_CHACHA20_POLY1305_SHA256,
@@ -932,6 +945,7 @@
NID_undef,
NID_kx_any,
NID_auth_any,
+ NID_sha256,
},
};
@@ -950,6 +964,7 @@
EXPECT_EQ(t.digest_nid, SSL_CIPHER_get_digest_nid(cipher));
EXPECT_EQ(t.kx_nid, SSL_CIPHER_get_kx_nid(cipher));
EXPECT_EQ(t.auth_nid, SSL_CIPHER_get_auth_nid(cipher));
+ EXPECT_EQ(t.prf_nid, SSL_CIPHER_get_prf_nid(cipher));
}
}
