From ba4df6828620acddab3c2bf3b99a2b4a838c61de Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 12 Jun 2017 16:56:15 +0100 Subject: [PATCH] Add a function to get the handshake digest for an SSL_CIPHER Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3670) --- include/openssl/ssl.h | 1 + ssl/ssl_ciph.c | 10 ++++++++++ util/libssl.num | 1 + 3 files changed, 12 insertions(+) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 9928781f2f..e4aa743141 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1418,6 +1418,7 @@ __owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c); __owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c); __owur int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c); +__owur const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c); __owur int SSL_CIPHER_is_aead(const SSL_CIPHER *c); __owur int SSL_get_fd(const SSL *s); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index f048b34afd..0afdfdaba1 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1931,6 +1931,16 @@ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c) return ssl_cipher_table_auth[i].nid; } +const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c) +{ + int idx = c->algorithm2; + + idx &= SSL_HANDSHAKE_MAC_MASK; + if (idx < 0 || idx >= SSL_MD_NUM_IDX) + return NULL; + return ssl_digest_methods[idx]; +} + int SSL_CIPHER_is_aead(const SSL_CIPHER *c) { return (c->algorithm_mac & SSL_AEAD) ? 1 : 0; diff --git a/util/libssl.num b/util/libssl.num index e1c28d00a9..959e134ea0 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -455,3 +455,4 @@ SSL_set_psk_find_session_callback 455 1_1_1 EXIST::FUNCTION: SSL_set_psk_use_session_callback 456 1_1_1 EXIST::FUNCTION: SSL_CTX_set_psk_use_session_callback 457 1_1_1 EXIST::FUNCTION: SSL_CTX_set_psk_find_session_callback 458 1_1_1 EXIST::FUNCTION: +SSL_CIPHER_get_handshake_digest 459 1_1_1 EXIST::FUNCTION: -- GitLab