Add cipher query functions

Add functions to determine authentication, key-exchange, FIPS and AEAD.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

3 files changed, 95 insertions, 3 deletions

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 0528dfb9cb..8cd3b2071e 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -60,9 +60,9 @@
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 1037
-#define NUM_SN 1030
-#define NUM_LN 1030
+#define NUM_NID 1054
+#define NUM_SN 1047
+#define NUM_LN 1047
 #define NUM_OBJ 951
 
 static const unsigned char lvalues[6722]={
@@ -2705,6 +2705,23 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"X25519","X25519",NID_X25519,9,&(lvalues[6703]),0},
 {"X448","X448",NID_X448,9,&(lvalues[6712]),0},
 {"HKDF","hkdf",NID_hkdf,0,NULL,0},
+{"KxRSA","kx-rsa",NID_kx_rsa,0,NULL,0},
+{"KxECDHE","kx-ecdhe",NID_kx_ecdhe,0,NULL,0},
+{"KxDHE","kx-dhe",NID_kx_dhe,0,NULL,0},
+{"KxECDHE-PSK","kx-ecdhe-psk",NID_kx_ecdhe_psk,0,NULL,0},
+{"KxDHE-PSK","kx-dhe-psk",NID_kx_dhe_psk,0,NULL,0},
+{"KxRSA_PSK","kx-rsa-psk",NID_kx_rsa_psk,0,NULL,0},
+{"KxPSK","kx-psk",NID_kx_psk,0,NULL,0},
+{"KxSRP","kx-srp",NID_kx_srp,0,NULL,0},
+{"KxGOST","kx-gost",NID_kx_gost,0,NULL,0},
+{"AuthRSA","auth-rsa",NID_auth_rsa,0,NULL,0},
+{"AuthECDSA","auth-ecdsa",NID_auth_ecdsa,0,NULL,0},
+{"AuthPSK","auth-psk",NID_auth_psk,0,NULL,0},
+{"AuthDSS","auth-dss",NID_auth_dss,0,NULL,0},
+{"AuthGOST01","auth-gost01",NID_auth_gost01,0,NULL,0},
+{"AuthGOST12","auth-gost12",NID_auth_gost12,0,NULL,0},
+{"AuthSRP","auth-srp",NID_auth_srp,0,NULL,0},
+{"AuthNULL","auth-null",NID_auth_null,0,NULL,0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -2741,6 +2758,14 @@ static const unsigned int sn_objs[NUM_SN]={
 960,	/* "AES-256-OCB" */
 428,	/* "AES-256-OFB" */
 914,	/* "AES-256-XTS" */
+1049,	/* "AuthDSS" */
+1047,	/* "AuthECDSA" */
+1050,	/* "AuthGOST01" */
+1051,	/* "AuthGOST12" */
+1053,	/* "AuthNULL" */
+1048,	/* "AuthPSK" */
+1046,	/* "AuthRSA" */
+1052,	/* "AuthSRP" */
 91,	/* "BF-CBC" */
 93,	/* "BF-CFB" */
 92,	/* "BF-ECB" */
@@ -2829,6 +2854,15 @@ static const unsigned int sn_objs[NUM_SN]={
 645,	/* "ITU-T" */
 646,	/* "JOINT-ISO-ITU-T" */
 773,	/* "KISA" */
+1039,	/* "KxDHE" */
+1041,	/* "KxDHE-PSK" */
+1038,	/* "KxECDHE" */
+1040,	/* "KxECDHE-PSK" */
+1045,	/* "KxGOST" */
+1043,	/* "KxPSK" */
+1037,	/* "KxRSA" */
+1042,	/* "KxRSA_PSK" */
+1044,	/* "KxSRP" */
 15,	/* "L" */
 856,	/* "LocalKeySet" */
  3,	/* "MD2" */
@@ -3961,6 +3995,14 @@ static const unsigned int ln_objs[NUM_LN]={
 484,	/* "associatedDomain" */
 485,	/* "associatedName" */
 501,	/* "audio" */
+1049,	/* "auth-dss" */
+1047,	/* "auth-ecdsa" */
+1050,	/* "auth-gost01" */
+1051,	/* "auth-gost12" */
+1053,	/* "auth-null" */
+1048,	/* "auth-psk" */
+1046,	/* "auth-rsa" */
+1052,	/* "auth-srp" */
 882,	/* "authorityRevocationList" */
 91,	/* "bf-cbc" */
 93,	/* "bf-cfb" */
@@ -4421,6 +4463,15 @@ static const unsigned int ln_objs[NUM_LN]={
 956,	/* "jurisdictionStateOrProvinceName" */
 150,	/* "keyBag" */
 773,	/* "kisa" */
+1039,	/* "kx-dhe" */
+1041,	/* "kx-dhe-psk" */
+1038,	/* "kx-ecdhe" */
+1040,	/* "kx-ecdhe-psk" */
+1045,	/* "kx-gost" */
+1043,	/* "kx-psk" */
+1037,	/* "kx-rsa" */
+1042,	/* "kx-rsa-psk" */
+1044,	/* "kx-srp" */
 477,	/* "lastModifiedBy" */
 476,	/* "lastModifiedTime" */
 157,	/* "localKeyID" */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index ce8e8ec28a..2a80d9d0c9 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1034,3 +1034,22 @@ pkInitKDC		1033
 X25519		1034
 X448		1035
 hkdf		1036
+kx_rsa		1037
+kx_ecdhe		1038
+kx_dhe		1039
+kx_ecdhe_psk		1040
+kx_dhe_psk		1041
+kx_rsa_psk		1042
+kx_psk		1043
+kx_srp		1044
+kx_gost		1045
+auth_rsa		1046
+auth_ecdsa		1047
+auth_psk		1048
+auth_dss		1049
+auth_gost01		1050
+auth_gost12		1051
+auth_srp		1052
+auth_null		1053
+fips_none		1054
+fips_140_2		1055
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 9d04a63431..a79968b85a 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -1456,3 +1456,25 @@ id-pkinit 5                     : pkInitKDC             : Signing KDC Response
 
 1 3 6 1 4 1 11591 15 1      : X25519
 1 3 6 1 4 1 11591 15 2      : X448
+
+# NIDs for cipher key exchange
+                            : KxRSA        : kx-rsa
+                            : KxECDHE      : kx-ecdhe
+                            : KxDHE        : kx-dhe
+                            : KxECDHE-PSK  : kx-ecdhe-psk
+                            : KxDHE-PSK    : kx-dhe-psk
+                            : KxRSA_PSK    : kx-rsa-psk
+                            : KxPSK        : kx-psk
+                            : KxSRP        : kx-srp
+                            : KxGOST       : kx-gost
+
+# NIDs for cipher authentication
+                            : AuthRSA      : auth-rsa
+                            : AuthECDSA    : auth-ecdsa
+                            : AuthPSK      : auth-psk
+                            : AuthDSS      : auth-dss
+                            : AuthGOST01   : auth-gost01
+                            : AuthGOST12   : auth-gost12
+                            : AuthSRP      : auth-srp
+                            : AuthNULL     : auth-null
+