Factor out TLS cipher selection to ssl_choose_tls_cipher. This is factored out since ESNI will need to do its own cipher selection. Bug: 275 Change-Id: Id87fd91272fbcd9098b3f2a9caa78a2129b154b5 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36544 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: d6f9c359d219055a89c676cb8886421b145a08da [log] [tgz]
author: Steven Valdez <svaldez@google.com> Tue Jun 25 10:13:18 2019 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Jun 27 18:01:55 2019 +0000
tree: f7e3eadcb6bef121871830bd390f919fe6a2fc1e
parent: cfcb0060e8b8fba92d275fa4ac27d369890ea9bf [diff] [blame]
diff --git a/ssl/internal.h b/ssl/internal.h
index f03271e..bc17af9 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -560,6 +560,12 @@
 // it returns zero.
 size_t ssl_cipher_get_record_split_len(const SSL_CIPHER *cipher);
 
+// ssl_choose_tls13_cipher returns an |SSL_CIPHER| corresponding with the best
+// available from |cipher_suites| compatible with |version| and |group_id|. It
+// returns NULL if there isn't a compatible cipher.
+const SSL_CIPHER *ssl_choose_tls13_cipher(CBS cipher_suites, uint16_t version,
+                                          uint16_t group_id);
+
 
 // Transcript layer.
commit	d6f9c359d219055a89c676cb8886421b145a08da	[log] [tgz]
author	Steven Valdez <svaldez@google.com>	Tue Jun 25 10:13:18 2019 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Thu Jun 27 18:01:55 2019 +0000
tree	f7e3eadcb6bef121871830bd390f919fe6a2fc1e
parent	cfcb0060e8b8fba92d275fa4ac27d369890ea9bf [diff] [blame]