Added missing signature algorithm reflection functions

SSL_get_signature_nid() -- local signature algorithm SSL_get_signature_type_nid() -- local signature algorithm key type SSL_get_peer_tmp_key() -- Peer key-exchange public key SSL_get_tmp_key -- local key exchange public key Aliased pre-existing SSL_get_server_tmp_key(), which was formerly just for clients, to SSL_get_peer_tmp_key(). Changed internal calls to use the new name. Reviewed-by: Matt Caswell <matt@openssl.org>
author: Viktor Dukhovni <openssl-users@dukhovni.org> 2018-11-10 01:53:56 -0500
committer: Viktor Dukhovni <openssl-users@dukhovni.org> 2018-11-12 16:55:38 -0500
commit: a51c9f637cdef7926d8a8991365e4b58975346db (patch)
tree: 12af19e095f480092b42d3884a6c07e8ba79f985 /ssl
parent: 6e68dae85a8f91944370125561c7ec0d5da46c20 (diff)
download: openssl-a51c9f637cdef7926d8a8991365e4b58975346db.zip
openssl-a51c9f637cdef7926d8a8991365e4b58975346db.tar.gz
openssl-a51c9f637cdef7926d8a8991365e4b58975346db.tar.bz2
2 files changed, 30 insertions, 2 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 7713f76..866ca4d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3681,9 +3681,15 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
         *(int *)parg = s->s3->tmp.peer_sigalg->hash;
         return 1;
 
-    case SSL_CTRL_GET_SERVER_TMP_KEY:
+    case SSL_CTRL_GET_SIGNATURE_NID:
+        if (s->s3->tmp.sigalg == NULL)
+            return 0;
+        *(int *)parg = s->s3->tmp.sigalg->hash;
+        return 1;
+
+    case SSL_CTRL_GET_PEER_TMP_KEY:
 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
-        if (s->server || s->session == NULL || s->s3->peer_tmp == NULL) {
+        if (s->session == NULL || s->s3->peer_tmp == NULL) {
             return 0;
         } else {
             EVP_PKEY_up_ref(s->s3->peer_tmp);
@@ -3693,6 +3699,20 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #else
         return 0;
 #endif
+
+    case SSL_CTRL_GET_TMP_KEY:
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
+        if (s->session == NULL || s->s3->tmp.pkey == NULL) {
+            return 0;
+        } else {
+            EVP_PKEY_up_ref(s->s3->tmp.pkey);
+            *(EVP_PKEY **)parg = s->s3->tmp.pkey;
+            return 1;
+        }
+#else
+        return 0;
+#endif
+
 #ifndef OPENSSL_NO_EC
     case SSL_CTRL_GET_EC_POINT_FORMATS:
         {
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ddafa0c..fe13a39 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1122,6 +1122,14 @@ int SSL_get_peer_signature_type_nid(const SSL *s, int *pnid)
     return 1;
 }
 
+int SSL_get_signature_type_nid(const SSL *s, int *pnid)
+{
+    if (s->s3->tmp.sigalg == NULL)
+        return 0;
+    *pnid = s->s3->tmp.sigalg->sig;
+    return 1;
+}
+
 /*
  * Set a mask of disabled algorithms: an algorithm is disabled if it isn't
  * supported, doesn't appear in supported signature algorithms, isn't supported
author	Viktor Dukhovni <openssl-users@dukhovni.org>	2018-11-10 01:53:56 -0500
committer	Viktor Dukhovni <openssl-users@dukhovni.org>	2018-11-12 16:55:38 -0500
commit	a51c9f637cdef7926d8a8991365e4b58975346db (patch)
tree	12af19e095f480092b42d3884a6c07e8ba79f985 /ssl
parent	6e68dae85a8f91944370125561c7ec0d5da46c20 (diff)
download	openssl-a51c9f637cdef7926d8a8991365e4b58975346db.zip openssl-a51c9f637cdef7926d8a8991365e4b58975346db.tar.gz openssl-a51c9f637cdef7926d8a8991365e4b58975346db.tar.bz2