summaryrefslogtreecommitdiff
path: root/lib/state.c
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2017-09-20 13:43:14 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2018-02-19 15:29:34 +0100
commit732707b1faa412eef6081899e9a58a95e4c19f51 (patch)
treeaecd2546c6103e7476b5dce522110c54370a5a26 /lib/state.c
parent2ac8d9219ead0c48f6ed277b4d70fc721201c53f (diff)
downloadgnutls-732707b1faa412eef6081899e9a58a95e4c19f51.tar.gz
gnutls_session_get_desc: more descriptive name for TLS1.3 ciphersuites
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/state.c')
-rw-r--r--lib/state.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/state.c b/lib/state.c
index 32829cf6a5..65468cdca6 100644
--- a/lib/state.c
+++ b/lib/state.c
@@ -102,6 +102,11 @@ gnutls_certificate_type_get(gnutls_session_t session)
*
* Get currently used key exchange algorithm.
*
+ * This function will return %GNUTLS_KX_ECDHE_RSA, or %GNUTLS_KX_DHE_RSA
+ * under TLS 1.3, to indicate an elliptic curve DH key exchange or
+ * a finite field one. The precise group used is available
+ * by calling gnutls_group_get() instead.
+ *
* Returns: the key exchange algorithm used in the last handshake, a
* #gnutls_kx_algorithm_t value.
**/
@@ -109,6 +114,19 @@ gnutls_kx_algorithm_t gnutls_kx_get(gnutls_session_t session)
{
if (session->security_parameters.cs == 0)
return 0;
+
+ if (session->security_parameters.cs->kx_algorithm == 0) { /* TLS 1.3 */
+ const version_entry_st *ver = get_version(session);
+ const gnutls_group_entry_st *group = get_group(session);
+
+ if (ver->tls13_sem && group) {
+ if (group->curve)
+ return GNUTLS_KX_ECDHE_RSA;
+ else
+ return GNUTLS_KX_DHE_RSA;
+ }
+ }
+
return session->security_parameters.cs->kx_algorithm;
}
View Lorry Controller Status