diff options
author | David Benjamin <davidben@chromium.org> | 2015-12-19 22:23:26 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-12-23 02:12:25 +0300 |
commit | 4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927 (patch) | |
tree | 9fb3f856f6704f624667108dd08fcead5a53f17c /ssl/ssl_cipher.c | |
parent | 4298d773794dcfef675aeeacd970bcc8f2fe406d (diff) |
Make it possible to tell what curve was used on the server.
We don't actually have an API to let you know if the value is legal to
interpret as a curve ID. (This was kind of a poor API. Oh well.) Also add tests
for key_exchange_info. I've intentionally left server-side plain RSA missing
for now because the SSL_PRIVATE_KEY_METHOD abstraction only gives you bytes and
it's probably better to tweak this API instead.
(key_exchange_info also wasn't populated on the server, though due to a
rebasing error, that fix ended up in the parent CL. Oh well.)
Change-Id: I74a322c8ad03f25b02059da7568c9e1a78419069
Reviewed-on: https://boringssl-review.googlesource.com/6783
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/ssl_cipher.c')
-rw-r--r-- | ssl/ssl_cipher.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c index 6d8237da..77fa8fa6 100644 --- a/ssl/ssl_cipher.c +++ b/ssl/ssl_cipher.c @@ -1616,6 +1616,10 @@ int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher) { return (cipher->algorithm_auth & SSL_aECDSA) != 0; } +int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) { + return (cipher->algorithm_mkey & SSL_kECDHE) != 0; +} + uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) { if (cipher->algorithm_prf != SSL_HANDSHAKE_MAC_DEFAULT) { /* Cipher suites before TLS 1.2 use the default PRF, while all those added |