Cipher family functions.

This change adds functions to check membership of various cipher
families. Clients and servers need this in order to optimise the size of
records because different families have different amounts of prefix and
postfix overhead.
This commit is contained in:
Adam Langley 2014-06-20 12:00:00 -07:00
parent 48105fa215
commit 4d4bff89bb
2 changed files with 20 additions and 0 deletions

View File

@ -2235,6 +2235,10 @@ long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
int SSL_get_error(const SSL *s,int ret_code); int SSL_get_error(const SSL *s,int ret_code);
const char *SSL_get_version(const SSL *s); const char *SSL_get_version(const SSL *s);
int SSL_CIPHER_is_AES(const SSL_CIPHER *c);
int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *c);
int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *c);
/* This sets the 'default' SSL version that SSL_new() will create */ /* This sets the 'default' SSL version that SSL_new() will create */
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);

View File

@ -1626,6 +1626,22 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
return(buf); return(buf);
} }
/* Next three functions require non-null cipher */
int SSL_CIPHER_is_AES(const SSL_CIPHER *c)
{
return (c->algorithm_enc & SSL_AES) != 0;
}
int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *c)
{
return (c->algorithm_mac & SSL_MD5) != 0;
}
int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *c)
{
return (c->algorithm_mac & (SSL_AES128GCM|SSL_AES256GCM)) != 0;
}
char *SSL_CIPHER_get_version(const SSL_CIPHER *c) char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
{ {
int i; int i;