From a51c9f637cdef7926d8a8991365e4b58975346db Mon Sep 17 00:00:00 2001 From: Viktor Dukhovni Date: Sat, 10 Nov 2018 01:53:56 -0500 Subject: Added missing signature algorithm reflection functions SSL_get_signature_nid() -- local signature algorithm SSL_get_signature_type_nid() -- local signature algorithm key type SSL_get_peer_tmp_key() -- Peer key-exchange public key SSL_get_tmp_key -- local key exchange public key Aliased pre-existing SSL_get_server_tmp_key(), which was formerly just for clients, to SSL_get_peer_tmp_key(). Changed internal calls to use the new name. Reviewed-by: Matt Caswell --- ssl/s3_lib.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'ssl/s3_lib.c') diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 7713f767b2..866ca4dfa9 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3681,9 +3681,15 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) *(int *)parg = s->s3->tmp.peer_sigalg->hash; return 1; - case SSL_CTRL_GET_SERVER_TMP_KEY: + case SSL_CTRL_GET_SIGNATURE_NID: + if (s->s3->tmp.sigalg == NULL) + return 0; + *(int *)parg = s->s3->tmp.sigalg->hash; + return 1; + + case SSL_CTRL_GET_PEER_TMP_KEY: #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) - if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) { + if (s->session == NULL || s->s3->peer_tmp == NULL) { return 0; } else { EVP_PKEY_up_ref(s->s3->peer_tmp); @@ -3693,6 +3699,20 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) #else return 0; #endif + + case SSL_CTRL_GET_TMP_KEY: +#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) + if (s->session == NULL || s->s3->tmp.pkey == NULL) { + return 0; + } else { + EVP_PKEY_up_ref(s->s3->tmp.pkey); + *(EVP_PKEY **)parg = s->s3->tmp.pkey; + return 1; + } +#else + return 0; +#endif + #ifndef OPENSSL_NO_EC case SSL_CTRL_GET_EC_POINT_FORMATS: { -- cgit v1.2.3