Make it possible to tell what curve was used on the server.

We don't actually have an API to let you know if the value is legal to interpret as a curve ID. (This was kind of a poor API. Oh well.) Also add tests for key_exchange_info. I've intentionally left server-side plain RSA missing for now because the SSL_PRIVATE_KEY_METHOD abstraction only gives you bytes and it's probably better to tweak this API instead. (key_exchange_info also wasn't populated on the server, though due to a rebasing error, that fix ended up in the parent CL. Oh well.) Change-Id: I74a322c8ad03f25b02059da7568c9e1a78419069 Reviewed-on: https://boringssl-review.googlesource.com/6783 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2015-12-19 22:23:26 +0300
committer: Adam Langley <agl@google.com> 2015-12-23 02:12:25 +0300
commit: 4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927 (patch)
tree: 9fb3f856f6704f624667108dd08fcead5a53f17c /ssl/ssl_cipher.c
parent: 4298d773794dcfef675aeeacd970bcc8f2fe406d (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 6d8237da..77fa8fa6 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1616,6 +1616,10 @@ int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_auth & SSL_aECDSA) != 0;
 }
 
+int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_mkey & SSL_kECDHE) != 0;
+}
+
 uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
   if (cipher->algorithm_prf != SSL_HANDSHAKE_MAC_DEFAULT) {
     /* Cipher suites before TLS 1.2 use the default PRF, while all those added
author	David Benjamin <davidben@chromium.org>	2015-12-19 22:23:26 +0300
committer	Adam Langley <agl@google.com>	2015-12-23 02:12:25 +0300
commit	4cc36adf5a62ff1366e8e9a4d40d9c007c0c8927 (patch)
tree	9fb3f856f6704f624667108dd08fcead5a53f17c /ssl/ssl_cipher.c
parent	4298d773794dcfef675aeeacd970bcc8f2fe406d (diff)