From ef793f4b6f061eee565beb7e72e20ea5739adbe6 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Thu, 5 Nov 2015 18:16:27 -0500
Subject: [PATCH] Add various functions for SSL_CIPHER.

Change-Id: I21051a6d1594c2606e171449d377663f8eccc847
Reviewed-on: https://boringssl-review.googlesource.com/6450
Reviewed-by: Adam Langley <agl@google.com>
---
 include/openssl/ssl.h |  9 +++++++++
 ssl/ssl_cipher.c      | 19 +++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index e3be5cf8..5b49fdc3 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1042,9 +1042,15 @@ OPENSSL_EXPORT int SSL_CIPHER_is_AES(const SSL_CIPHER *cipher);
 /* SSL_CIPHER_has_MD5_HMAC returns one if |cipher| uses HMAC-MD5. */
 OPENSSL_EXPORT int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *cipher);
 
+/* SSL_CIPHER_has_SHA1_HMAC returns one if |cipher| uses HMAC-SHA1. */
+OPENSSL_EXPORT int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher);
+
 /* SSL_CIPHER_is_AESGCM returns one if |cipher| uses AES-GCM. */
 OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher);
 
+/* SSL_CIPHER_is_AES128GCM returns one if |cipher| uses 128-bit AES-GCM. */
+OPENSSL_EXPORT int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher);
+
 /* SSL_CIPHER_is_CHACHA20POLY1305 returns one if |cipher| uses
  * CHACHA20_POLY1305. */
 OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher);
@@ -1058,6 +1064,9 @@ OPENSSL_EXPORT int SSL_CIPHER_is_RC4(const SSL_CIPHER *cipher);
 /* SSL_CIPHER_is_block_cipher returns one if |cipher| is a block cipher. */
 OPENSSL_EXPORT int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher);
 
+/* SSL_CIPHER_is_ECDSA returns one if |cipher| uses ECDSA. */
+OPENSSL_EXPORT int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher);
+
 /* SSL_CIPHER_get_name returns the OpenSSL name of |cipher|. */
 OPENSSL_EXPORT const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
 
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 0ffeb5ba..e87835f0 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1384,10 +1384,18 @@ int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_mac & SSL_MD5) != 0;
 }
 
+int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_mac & SSL_SHA1) != 0;
+}
+
 int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) != 0;
 }
 
+int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_enc & SSL_AES128GCM) != 0;
+}
+
 int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_enc & SSL_CHACHA20POLY1305_OLD) != 0;
 }
@@ -1406,6 +1414,17 @@ int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher) {
       cipher->algorithm_mac != SSL_AEAD;
 }
 
+int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher) {
+  return (cipher->algorithm_auth & SSL_aECDSA) != 0;
+}
+
+uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
+  if (cipher->algorithm_ssl & SSL_TLSV1_2) {
+    return TLS1_2_VERSION;
+  }
+  return SSL3_VERSION;
+}
+
 /* return the actual cipher being used */
 const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher) {
   if (cipher != NULL) {