Add SSL_CIPHER_get_prf_nid. draft-ietf-quic-tls needs access to the cipher's PRF hash to size its keys correctly. Change-Id: Ie4851f990e5e1be724f262f608f7195f7ca837ca Reviewed-on: https://boringssl-review.googlesource.com/20624 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: b1b76aee3cb43ce11889403c5334283d951ebd37 [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Sep 21 17:03:34 2017 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Sep 21 21:44:15 2017 +0000
tree: ade359bba779784eafabd97017a06e2820caf41e
parent: cecf1a72ba85ad1055e9179c529d1f3a84afbf96 [diff] [blame]
diff --git a/ssl/ssl_cipher.cc b/ssl/ssl_cipher.cc
index 78cf60d..435441d 100644
--- a/ssl/ssl_cipher.cc
+++ b/ssl/ssl_cipher.cc

@@ -1513,6 +1513,19 @@
   return NID_undef;
 }
 
+int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *cipher) {
+  switch (cipher->algorithm_prf) {
+    case SSL_HANDSHAKE_MAC_DEFAULT:
+      return NID_md5_sha1;
+    case SSL_HANDSHAKE_MAC_SHA256:
+      return NID_sha256;
+    case SSL_HANDSHAKE_MAC_SHA384:
+      return NID_sha384;
+  }
+  assert(0);
+  return NID_undef;
+}
+
 int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_enc & SSL_eNULL) == 0 &&
       cipher->algorithm_mac != SSL_AEAD;
commit	b1b76aee3cb43ce11889403c5334283d951ebd37	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Sep 21 17:03:34 2017 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Thu Sep 21 21:44:15 2017 +0000
tree	ade359bba779784eafabd97017a06e2820caf41e
parent	cecf1a72ba85ad1055e9179c529d1f3a84afbf96 [diff] [blame]