Provide SSL_CIPHER_get_auth_nid(), SSL_CIPHER_get_cipher_nid(),

SSL_CIPHER_get_digest_nid(), SSL_CIPHER_get_kx_nid() and SSL_CIPHER_is_aead().
author: jsing <> 2018-03-17 14:40:45 +0000
committer: jsing <> 2018-03-17 14:40:45 +0000
commit: e1a22b8c62b92cd313093f7abfeac785adc963e5 (patch)
tree: 6d4bf08e65211843db6a2d7d8335ac799b364e0e
parent: 66eff36ef195a6a7a765636645756dca24d23c6b (diff)
download: openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.tar.gz
openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.tar.bz2
openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.zip
3 files changed, 110 insertions, 2 deletions
diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list
index 4947bce162..cf5ff1453d 100644
--- a/src/lib/libssl/Symbols.list
+++ b/src/lib/libssl/Symbols.list
@@ -39,13 +39,18 @@ ERR_load_SSL_strings
 /* general API */
 SSL_CIPHER_description
+SSL_CIPHER_get_auth_nid
 SSL_CIPHER_get_bits
 SSL_CIPHER_get_by_id
 SSL_CIPHER_get_by_value
+SSL_CIPHER_get_cipher_nid
+SSL_CIPHER_get_digest_nid
 SSL_CIPHER_get_id
+SSL_CIPHER_get_kx_nid
 SSL_CIPHER_get_name
 SSL_CIPHER_get_value
 SSL_CIPHER_get_version
+SSL_CIPHER_is_aead
 SSL_COMP_add_compression_method
 SSL_COMP_get_compression_methods
 SSL_COMP_get_name
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 3a5e2f5f03..206049887d 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.148 2018/03/17 14:26:13 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.149 2018/03/17 14:40:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1255,6 +1255,11 @@ char *	SSL_CIPHER_get_version(const SSL_CIPHER *c);
 const char *    SSL_CIPHER_get_name(const SSL_CIPHER *c);
 unsigned long   SSL_CIPHER_get_id(const SSL_CIPHER *c);
 uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
+int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
+int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
+int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
+int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
+int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
 int     SSL_get_fd(const SSL *s);
 int     SSL_get_rfd(const SSL *s);
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index f30ffeaf2c..271d77f38b 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.97 2017/08/28 16:37:04 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.98 2018/03/17 14:40:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1720,6 +1720,104 @@ SSL_CIPHER_get_value(const SSL_CIPHER *c)
        return ssl3_cipher_get_value(c);
 }
+int
+SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
+{
+        switch (c->algorithm_enc) {
+        case SSL_eNULL:
+                return NID_undef;
+        case SSL_3DES:
+                return NID_des_ede3_cbc;
+        case SSL_AES128:
+                return NID_aes_128_cbc;
+        case SSL_AES128GCM:
+                return NID_aes_128_gcm;
+        case SSL_AES256:
+                return NID_aes_256_cbc;
+        case SSL_AES256GCM:
+                return NID_aes_256_gcm;
+        case SSL_CAMELLIA128:
+                return NID_camellia_128_cbc;
+        case SSL_CAMELLIA256:
+                return NID_camellia_256_cbc;
+        case SSL_CHACHA20POLY1305:
+                return NID_chacha20_poly1305;
+        case SSL_DES:
+                return NID_des_cbc;
+        case SSL_RC4:
+                return NID_rc4;
+        case SSL_eGOST2814789CNT:
+                return NID_gost89_cnt;
+        default:
+                return NID_undef;
+        }
+}
+int
+SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
+{
+        switch (c->algorithm_mac) {
+        case SSL_AEAD:
+                return NID_undef;
+        case SSL_GOST89MAC:
+                return NID_id_Gost28147_89_MAC;
+        case SSL_GOST94:
+                return NID_id_GostR3411_94;
+        case SSL_MD5:
+                return NID_md5;
+        case SSL_SHA1:
+                return NID_sha1;
+        case SSL_SHA256:
+                return NID_sha256;
+        case SSL_SHA384:
+                return NID_sha384;
+        case SSL_STREEBOG256:
+                return NID_id_tc26_gost3411_2012_256;
+        default:
+                return NID_undef;
+        }
+}
+int
+SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
+{
+        switch (c->algorithm_mkey) {
+        case SSL_kDHE:
+                return NID_kx_dhe;
+        case SSL_kECDHE:
+                return NID_kx_ecdhe;
+        case SSL_kGOST:
+                return NID_kx_gost;
+        case SSL_kRSA:
+                return NID_kx_rsa;
+        default:
+                return NID_undef;
+        }
+}
+int
+SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
+{
+        switch (c->algorithm_auth) {
+        case SSL_aNULL:
+                return NID_auth_null;
+        case SSL_aECDSA:
+                return NID_auth_ecdsa;
+        case SSL_aGOST01:
+                return NID_auth_gost01;
+        case SSL_aRSA:
+                return NID_auth_rsa;
+        default:
+                return NID_undef;
+        }
+}
+int
+SSL_CIPHER_is_aead(const SSL_CIPHER *c)
+{
+        return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
+}
 void *
 SSL_COMP_get_compression_methods(void)
 {
author	jsing <>	2018-03-17 14:40:45 +0000
committer	jsing <>	2018-03-17 14:40:45 +0000
commit	e1a22b8c62b92cd313093f7abfeac785adc963e5 (patch)
tree	6d4bf08e65211843db6a2d7d8335ac799b364e0e
parent	66eff36ef195a6a7a765636645756dca24d23c6b (diff)
download	openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.tar.gz openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.tar.bz2 openbsd-e1a22b8c62b92cd313093f7abfeac785adc963e5.zip

diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list index 4947bce162..cf5ff1453d 100644 --- a/src/lib/libssl/Symbols.list +++ b/src/lib/libssl/Symbols.list
@@ -39,13 +39,18 @@ ERR_load_SSL_strings
39		39
40	/* general API */	40	/* general API */
41	SSL_CIPHER_description	41	SSL_CIPHER_description
		42	SSL_CIPHER_get_auth_nid
42	SSL_CIPHER_get_bits	43	SSL_CIPHER_get_bits
43	SSL_CIPHER_get_by_id	44	SSL_CIPHER_get_by_id
44	SSL_CIPHER_get_by_value	45	SSL_CIPHER_get_by_value
		46	SSL_CIPHER_get_cipher_nid
		47	SSL_CIPHER_get_digest_nid
45	SSL_CIPHER_get_id	48	SSL_CIPHER_get_id
		49	SSL_CIPHER_get_kx_nid
46	SSL_CIPHER_get_name	50	SSL_CIPHER_get_name
47	SSL_CIPHER_get_value	51	SSL_CIPHER_get_value
48	SSL_CIPHER_get_version	52	SSL_CIPHER_get_version
		53	SSL_CIPHER_is_aead
49	SSL_COMP_add_compression_method	54	SSL_COMP_add_compression_method
50	SSL_COMP_get_compression_methods	55	SSL_COMP_get_compression_methods
51	SSL_COMP_get_name	56	SSL_COMP_get_name


diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 3a5e2f5f03..206049887d 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.148 2018/03/17 14:26:13 jsing Exp $ */	1	/* $OpenBSD: ssl.h,v 1.149 2018/03/17 14:40:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1255,6 +1255,11 @@ char * SSL_CIPHER_get_version(const SSL_CIPHER *c);
1255	const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);	1255	const char * SSL_CIPHER_get_name(const SSL_CIPHER *c);
1256	unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);	1256	unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
1257	uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);	1257	uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
		1258	int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
		1259	int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c);
		1260	int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c);
		1261	int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c);
		1262	int SSL_CIPHER_is_aead(const SSL_CIPHER *c);
1258		1263
1259	int SSL_get_fd(const SSL *s);	1264	int SSL_get_fd(const SSL *s);
1260	int SSL_get_rfd(const SSL *s);	1265	int SSL_get_rfd(const SSL *s);


diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index f30ffeaf2c..271d77f38b 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_ciph.c,v 1.97 2017/08/28 16:37:04 jsing Exp $ */	1	/* $OpenBSD: ssl_ciph.c,v 1.98 2018/03/17 14:40:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1720,6 +1720,104 @@ SSL_CIPHER_get_value(const SSL_CIPHER *c)
1720	return ssl3_cipher_get_value(c);	1720	return ssl3_cipher_get_value(c);
1721	}	1721	}
1722		1722
		1723	int
		1724	SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c)
		1725	{
		1726	switch (c->algorithm_enc) {
		1727	case SSL_eNULL:
		1728	return NID_undef;
		1729	case SSL_3DES:
		1730	return NID_des_ede3_cbc;
		1731	case SSL_AES128:
		1732	return NID_aes_128_cbc;
		1733	case SSL_AES128GCM:
		1734	return NID_aes_128_gcm;
		1735	case SSL_AES256:
		1736	return NID_aes_256_cbc;
		1737	case SSL_AES256GCM:
		1738	return NID_aes_256_gcm;
		1739	case SSL_CAMELLIA128:
		1740	return NID_camellia_128_cbc;
		1741	case SSL_CAMELLIA256:
		1742	return NID_camellia_256_cbc;
		1743	case SSL_CHACHA20POLY1305:
		1744	return NID_chacha20_poly1305;
		1745	case SSL_DES:
		1746	return NID_des_cbc;
		1747	case SSL_RC4:
		1748	return NID_rc4;
		1749	case SSL_eGOST2814789CNT:
		1750	return NID_gost89_cnt;
		1751	default:
		1752	return NID_undef;
		1753	}
		1754	}
		1755
		1756	int
		1757	SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c)
		1758	{
		1759	switch (c->algorithm_mac) {
		1760	case SSL_AEAD:
		1761	return NID_undef;
		1762	case SSL_GOST89MAC:
		1763	return NID_id_Gost28147_89_MAC;
		1764	case SSL_GOST94:
		1765	return NID_id_GostR3411_94;
		1766	case SSL_MD5:
		1767	return NID_md5;
		1768	case SSL_SHA1:
		1769	return NID_sha1;
		1770	case SSL_SHA256:
		1771	return NID_sha256;
		1772	case SSL_SHA384:
		1773	return NID_sha384;
		1774	case SSL_STREEBOG256:
		1775	return NID_id_tc26_gost3411_2012_256;
		1776	default:
		1777	return NID_undef;
		1778	}
		1779	}
		1780
		1781	int
		1782	SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c)
		1783	{
		1784	switch (c->algorithm_mkey) {
		1785	case SSL_kDHE:
		1786	return NID_kx_dhe;
		1787	case SSL_kECDHE:
		1788	return NID_kx_ecdhe;
		1789	case SSL_kGOST:
		1790	return NID_kx_gost;
		1791	case SSL_kRSA:
		1792	return NID_kx_rsa;
		1793	default:
		1794	return NID_undef;
		1795	}
		1796	}
		1797
		1798	int
		1799	SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c)
		1800	{
		1801	switch (c->algorithm_auth) {
		1802	case SSL_aNULL:
		1803	return NID_auth_null;
		1804	case SSL_aECDSA:
		1805	return NID_auth_ecdsa;
		1806	case SSL_aGOST01:
		1807	return NID_auth_gost01;
		1808	case SSL_aRSA:
		1809	return NID_auth_rsa;
		1810	default:
		1811	return NID_undef;
		1812	}
		1813	}
		1814
		1815	int
		1816	SSL_CIPHER_is_aead(const SSL_CIPHER *c)
		1817	{
		1818	return (c->algorithm_mac & SSL_AEAD) == SSL_AEAD;
		1819	}
		1820
1723	void *	1821	void *
1724	SSL_COMP_get_compression_methods(void)	1822	SSL_COMP_get_compression_methods(void)
1725	{	1823	{