From: Matt Caswell Date: Mon, 12 Jun 2017 15:56:15 +0000 (+0100) Subject: Add a function to get the handshake digest for an SSL_CIPHER X-Git-Tag: OpenSSL_1_1_1-pre1~1249 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ba4df6828620acddab3c2bf3b99a2b4a838c61de;p=thirdparty%2Fopenssl.git Add a function to get the handshake digest for an SSL_CIPHER Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3670) --- diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 9928781f2f2..e4aa7431411 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1418,6 +1418,7 @@ __owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c); __owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c); __owur int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c); __owur int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c); +__owur const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c); __owur int SSL_CIPHER_is_aead(const SSL_CIPHER *c); __owur int SSL_get_fd(const SSL *s); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index f048b34afd2..0afdfdaba10 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1931,6 +1931,16 @@ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c) return ssl_cipher_table_auth[i].nid; } +const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c) +{ + int idx = c->algorithm2; + + idx &= SSL_HANDSHAKE_MAC_MASK; + if (idx < 0 || idx >= SSL_MD_NUM_IDX) + return NULL; + return ssl_digest_methods[idx]; +} + int SSL_CIPHER_is_aead(const SSL_CIPHER *c) { return (c->algorithm_mac & SSL_AEAD) ? 1 : 0; diff --git a/util/libssl.num b/util/libssl.num index e1c28d00a96..959e134ea09 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -455,3 +455,4 @@ SSL_set_psk_find_session_callback 455 1_1_1 EXIST::FUNCTION: SSL_set_psk_use_session_callback 456 1_1_1 EXIST::FUNCTION: SSL_CTX_set_psk_use_session_callback 457 1_1_1 EXIST::FUNCTION: SSL_CTX_set_psk_find_session_callback 458 1_1_1 EXIST::FUNCTION: +SSL_CIPHER_get_handshake_digest 459 1_1_1 EXIST::FUNCTION: