Add various functions for SSL_CIPHER.
Change-Id: I21051a6d1594c2606e171449d377663f8eccc847
Reviewed-on: https://boringssl-review.googlesource.com/6450
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index e3be5cf..5b49fdc 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1042,9 +1042,15 @@
/* SSL_CIPHER_has_MD5_HMAC returns one if |cipher| uses HMAC-MD5. */
OPENSSL_EXPORT int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *cipher);
+/* SSL_CIPHER_has_SHA1_HMAC returns one if |cipher| uses HMAC-SHA1. */
+OPENSSL_EXPORT int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher);
+
/* SSL_CIPHER_is_AESGCM returns one if |cipher| uses AES-GCM. */
OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher);
+/* SSL_CIPHER_is_AES128GCM returns one if |cipher| uses 128-bit AES-GCM. */
+OPENSSL_EXPORT int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher);
+
/* SSL_CIPHER_is_CHACHA20POLY1305 returns one if |cipher| uses
* CHACHA20_POLY1305. */
OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher);
@@ -1058,6 +1064,9 @@
/* SSL_CIPHER_is_block_cipher returns one if |cipher| is a block cipher. */
OPENSSL_EXPORT int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher);
+/* SSL_CIPHER_is_ECDSA returns one if |cipher| uses ECDSA. */
+OPENSSL_EXPORT int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher);
+
/* SSL_CIPHER_get_name returns the OpenSSL name of |cipher|. */
OPENSSL_EXPORT const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 0ffeb5b..e87835f 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1384,10 +1384,18 @@
return (cipher->algorithm_mac & SSL_MD5) != 0;
}
+int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher) {
+ return (cipher->algorithm_mac & SSL_SHA1) != 0;
+}
+
int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher) {
return (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) != 0;
}
+int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher) {
+ return (cipher->algorithm_enc & SSL_AES128GCM) != 0;
+}
+
int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher) {
return (cipher->algorithm_enc & SSL_CHACHA20POLY1305_OLD) != 0;
}
@@ -1406,6 +1414,17 @@
cipher->algorithm_mac != SSL_AEAD;
}
+int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher) {
+ return (cipher->algorithm_auth & SSL_aECDSA) != 0;
+}
+
+uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
+ if (cipher->algorithm_ssl & SSL_TLSV1_2) {
+ return TLS1_2_VERSION;
+ }
+ return SSL3_VERSION;
+}
+
/* return the actual cipher being used */
const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher) {
if (cipher != NULL) {