state: add function to get the current hash algorithmtmp-prf-get

This is particularly useful when the application applies key
derivation function by itself with the same underlying hash algorithm
as the session.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

1 files changed, 26 insertions, 0 deletions

diff --git a/lib/state.c b/lib/state.c
index 35ebb2a230..d4d5254228 100644
--- a/lib/state.c
+++ b/lib/state.c
@@ -230,6 +230,32 @@ gnutls_compression_get(gnutls_session_t session)
 	return GNUTLS_COMP_NULL;
 }
 
+/**
+ * gnutls_prf_hash_get:
+ * @session: is a #gnutls_session_t type.
+ *
+ * Get the currently used hash algorithm. In TLS 1.3, the hash
+ * algorithm is used for both the key derivation function and
+ * handshake message authentication code. In TLS 1.2, it matches the
+ * hash algorithm used for PRF.
+ *
+ * Returns: the currently used hash algorithm, a
+ *    #gnutls_digest_algorithm_t value.
+ *
+ * Since: 3.6.13
+ **/
+gnutls_digest_algorithm_t
+gnutls_prf_hash_get(const gnutls_session_t session)
+{
+	if (session->security_parameters.prf == NULL)
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+
+	if (session->security_parameters.prf->id >= GNUTLS_MAC_AEAD)
+		return gnutls_assert_val(GNUTLS_DIG_UNKNOWN);
+
+	return (gnutls_digest_algorithm_t)session->security_parameters.prf->id;
+}
+
 void reset_binders(gnutls_session_t session)
 {
 	_gnutls_free_temp_key_datum(&session->key.binders[0].psk);