Google Git
Sign in
boringssl/boringssl.git/d7fe75ca5f167944e5c8d46b1058d8bd861159e6^!/.
commit
d7fe75ca5f167944e5c8d46b1058d8bd861159e6
[log]
author
Adam Langley <agl@google.com>
Fri Sep 18 15:40:48 2015 -0700
committer
Adam Langley <agl@google.com>
Fri Sep 18 23:03:40 2015 +0000
tree
a0c77c0b42f6d0352a138082e929e3e5ee5539eb
parent
306ece31bcaaed49e0240a2e5555f8901ebb2d45 [diff]
Add |SSL_CIPHER_is_RC4|.

We wish to be able to detect the use of RC4 so that we can flag it and
investigate before it's disabled.

Change-Id: I6dc3a5d2211b281097531a43fadf08edb5a09646
Reviewed-on: https://boringssl-review.googlesource.com/5930
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index bc815ca..14f9383 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -211,6 +211,9 @@
 /* SSL_CIPHER_is_NULL returns one if |cipher| does not encrypt. */
 OPENSSL_EXPORT int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher);
 
+/* SSL_CIPHER_is_RC4 returns one if |cipher| uses RC4. */
+OPENSSL_EXPORT int SSL_CIPHER_is_RC4(const SSL_CIPHER *cipher);
+
 /* SSL_CIPHER_is_block_cipher returns one if |cipher| is a block cipher. */
 OPENSSL_EXPORT int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher);
 

diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 8f8d639..632db30 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c

@@ -1392,6 +1392,10 @@
   return (cipher->algorithm_enc & SSL_eNULL) != 0;
 }
 
+int SSL_CIPHER_is_RC4(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_enc & SSL_RC4) != 0;
+}
+
 int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher) {
   /* Neither stream cipher nor AEAD. */
   return (cipher->algorithm_enc & (SSL_RC4 | SSL_eNULL)) == 0 &&