From 09b1fe9a0d3392b266e47fd1808617059e41c1c3 Mon Sep 17 00:00:00 2001
From: Benjamin Saunders <ben.e.saunders@gmail.com>
Date: Tue, 13 Mar 2018 18:36:18 -0700
Subject: [PATCH] Expose additional cipher and digest accessors

---
 openssl-sys/src/lib.rs     |  4 ++++
 openssl-sys/src/ossl110.rs |  3 +++
 openssl-sys/src/ossl111.rs |  1 +
 openssl/src/hash.rs        |  7 +++++++
 openssl/src/ssl/mod.rs     | 26 ++++++++++++++++++++++++++
 openssl/src/symm.rs        | 11 +++++++++++
 6 files changed, 52 insertions(+)

diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs
index 331479ed..8d4344dd 100644
--- a/openssl-sys/src/lib.rs
+++ b/openssl-sys/src/lib.rs
@@ -2112,6 +2112,7 @@ extern "C" {
         a: *const ASN1_OBJECT,
         no_name: c_int,
     ) -> c_int;
+    pub fn OBJ_nid2sn(nid: c_int) -> *const c_char;
 
     pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP;
     pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP);
@@ -2855,4 +2856,7 @@ extern "C" {
             cookie_len: c_uint
         ) -> c_int>
     );
+
+    pub fn EVP_MD_size(md: *const EVP_MD) -> c_int;
+    pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER;
 }
diff --git a/openssl-sys/src/ossl110.rs b/openssl-sys/src/ossl110.rs
index 580c3f72..96e9b1e3 100644
--- a/openssl-sys/src/ossl110.rs
+++ b/openssl-sys/src/ossl110.rs
@@ -367,4 +367,7 @@ extern "C" {
     pub fn SSL_extension_supported(ext_type: c_uint) -> c_int;
     pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM);
     pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int;
+
+    pub fn SSL_CIPHER_get_cipher_nid(c: *const ::SSL_CIPHER) -> c_int;
+    pub fn SSL_CIPHER_get_digest_nid(c: *const ::SSL_CIPHER) -> c_int;
 }
diff --git a/openssl-sys/src/ossl111.rs b/openssl-sys/src/ossl111.rs
index cca06fda..23599d32 100644
--- a/openssl-sys/src/ossl111.rs
+++ b/openssl-sys/src/ossl111.rs
@@ -64,4 +64,5 @@ extern "C" {
                                   parse_cb: SSL_custom_ext_parse_cb_ex,
                                   parse_arg: *mut c_void) -> c_int;
     pub fn SSL_stateless(s: *mut ::SSL) -> c_int;
+    pub fn SSL_CIPHER_get_handshake_digest(cipher: *const ::SSL_CIPHER) -> *const ::EVP_MD;
 }
diff --git a/openssl/src/hash.rs b/openssl/src/hash.rs
index c6d4c862..726ebe9c 100644
--- a/openssl/src/hash.rs
+++ b/openssl/src/hash.rs
@@ -16,6 +16,8 @@ use error::ErrorStack;
 pub struct MessageDigest(*const ffi::EVP_MD);
 
 impl MessageDigest {
+    pub unsafe fn from_ptr(x: *const ffi::EVP_MD) -> Self { MessageDigest(x) }
+
     pub fn md5() -> MessageDigest {
         unsafe { MessageDigest(ffi::EVP_md5()) }
     }
@@ -47,6 +49,11 @@ impl MessageDigest {
     pub fn as_ptr(&self) -> *const ffi::EVP_MD {
         self.0
     }
+
+    /// The size of the digest in bytes
+    pub fn size(&self) -> usize {
+        unsafe { ffi::EVP_MD_size(self.0) as usize }
+    }
 }
 
 unsafe impl Sync for MessageDigest {}
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index e2a0f156..f7f46a7f 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -96,6 +96,8 @@ use stack::{Stack, StackRef};
 use ssl::bio::BioMethod;
 use ssl::error::InnerError;
 use ssl::callbacks::*;
+use nid::Nid;
+use hash::MessageDigest;
 
 pub use ssl::connector::{ConnectConfiguration, SslAcceptor, SslAcceptorBuilder, SslConnector,
                          SslConnectorBuilder};
@@ -1814,6 +1816,30 @@ impl SslCipherRef {
             String::from_utf8(CStr::from_ptr(ptr as *const _).to_bytes().to_vec()).unwrap()
         }
     }
+
+    /// Returns the handshake digest of the cipher.
+    ///
+    /// Available as of OpenSSL 1.1.1. This corresponds to [`SSL_CIPHER_get_handshake_digest`].
+    ///
+    /// [`SSL_CIPHER_get_handshake_digest`]: https://www.openssl.org/docs/man1.1.1/man3/SSL_CIPHER_get_handshake_digest.html
+    #[cfg(all(feature = "v111", ossl111))]
+    pub fn handshake_digest(&self) -> Option<MessageDigest> {
+        unsafe {
+            let ptr = ffi::SSL_CIPHER_get_handshake_digest(self.as_ptr());
+            if ptr.is_null() { None } else { Some(MessageDigest::from_ptr(ptr)) }
+        }
+    }
+
+    /// Returns the NID corresponding to the cipher.
+    ///
+    /// Available as of OpenSSL 1.1.0. This corresponds to [`SSL_CIPHER_get_cipher_nid`]
+    ///
+    /// [`SSL_CIPHER_get_cipher_nid`]: https://www.openssl.org/docs/man1.1.0/ssl/SSL_CIPHER_get_cipher_nid.html
+    #[cfg(any(all(feature = "v110", ossl110), all(feature = "v111", ossl111)))]
+    pub fn cipher_nid(&self) -> Option<Nid> {
+        let n = unsafe { ffi::SSL_CIPHER_get_cipher_nid(self.as_ptr()) };
+        if n == 0 { None } else { Some(Nid::from_raw(n)) }
+    }
 }
 
 foreign_type! {
diff --git a/openssl/src/symm.rs b/openssl/src/symm.rs
index 6b1d0134..a7068584 100644
--- a/openssl/src/symm.rs
+++ b/openssl/src/symm.rs
@@ -59,6 +59,7 @@ use ffi;
 
 use {cvt, cvt_p};
 use error::ErrorStack;
+use nid::Nid;
 
 #[derive(Copy, Clone)]
 pub enum Mode {
@@ -75,6 +76,16 @@ pub enum Mode {
 pub struct Cipher(*const ffi::EVP_CIPHER);
 
 impl Cipher {
+    /// Looks up the cipher for a certain nid.
+    ///
+    /// This corresponds to [`EVP_get_cipherbynid`]
+    ///
+    /// [`EVP_get_cipherbynid`]: https://www.openssl.org/docs/man1.0.2/crypto/EVP_get_cipherbyname.html
+    pub fn from_nid(nid: Nid) -> Option<Cipher> {
+        let ptr = unsafe { ffi::EVP_get_cipherbyname(ffi::OBJ_nid2sn(nid.as_raw())) };
+        if ptr.is_null() { None } else { Some(Cipher(ptr)) }
+    }
+
     pub fn aes_128_ecb() -> Cipher {
         unsafe { Cipher(ffi::EVP_aes_128_ecb()) }
     }