Fixed PR comments:Populate DataHash key size in SslConnectionInfo

Author: shrutigarg

src/Native/System.Security.Cryptography.Native/pal_ssl.cpp

@@ -367,54 +367,14 @@ enum class SSL_DataHashAlgorithm : int64_t
 class SSL_DataHashSize 
 { 
 public:
-  static const int32_t MD5_HashKeySize = 128;
-  static const int32_t SHA1_HashKeySize = 160;
-  static const int32_t SHA256_HashKeySize = 256;
-  static const int32_t SHA384_HashKeySize = 384;
-  static const int32_t GOST_HashKeySize = 256;
+    static const int32_t MD5_HashKeySize = 8 * MD5_DIGEST_LENGTH;
+    static const int32_t SHA1_HashKeySize = 8 * SHA_DIGEST_LENGTH;
+    static const int32_t SHA256_HashKeySize = 8 * SHA256_DIGEST_LENGTH;
+    static const int32_t SHA384_HashKeySize = 8 * SHA384_DIGEST_LENGTH;
+    static const int32_t GOST_HashKeySize = 256;
 };
 
-static HashAlgorithmType MapHashAlgorithmType(const SSL_CIPHER* cipher)
-{
-    unsigned long mac;
-#if HAVE_SSL_CIPHER_SPLIT_ALGORITHMS
-    mac = cipher->algorithm_mac;
-#else
-    const unsigned long SSL_MAC_MASK = 0x00c00000L;
-    mac = cipher->algorithms & SSL_MAC_MASK;
-#endif
-
-    SSL_DataHashAlgorithm sslMac = static_cast<SSL_DataHashAlgorithm>(mac);
-    switch (sslMac)
-    {
-        case SSL_DataHashAlgorithm::SSL_MD5:
-            return HashAlgorithmType::Md5;
-
-        case SSL_DataHashAlgorithm::SSL_SHA1:
-            return HashAlgorithmType::Sha1;
-
-#if HAVE_SSL_CIPHER_SPLIT_ALGORITHMS
-        case SSL_DataHashAlgorithm::SSL_GOST94:
-            return HashAlgorithmType::SSL_GOST94;
-
-        case SSL_DataHashAlgorithm::SSL_GOST89MAC:
-            return HashAlgorithmType::SSL_GOST89;
-
-        case SSL_DataHashAlgorithm::SSL_SHA256:
-            return HashAlgorithmType::SSL_SHA256;
-
-        case SSL_DataHashAlgorithm::SSL_SHA384:
-            return HashAlgorithmType::SSL_SHA384;
-
-        case SSL_DataHashAlgorithm::SSL_AEAD:
-            return HashAlgorithmType::SSL_AEAD;
-#endif
-    }
-
-    return HashAlgorithmType::None;
-}
-
-static int32_t GetHashKeySize(const SSL_CIPHER* cipher)
+static void GetHashAlgorithmTypeAndSize(const SSL_CIPHER* cipher, HashAlgorithmType* dataHashAlg, int32_t* hashKeySize)
 {
     unsigned long mac;
 #if HAVE_SSL_CIPHER_SPLIT_ALGORITHMS
@@ -428,28 +388,46 @@ static int32_t GetHashKeySize(const SSL_CIPHER* cipher)
     switch (sslMac)
     {
     case SSL_DataHashAlgorithm::SSL_MD5:
-        return SSL_DataHashSize::MD5_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::Md5;
+        *hashKeySize = SSL_DataHashSize::MD5_HashKeySize;
+        return;
 
     case SSL_DataHashAlgorithm::SSL_SHA1:
-        return SSL_DataHashSize::SHA1_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::Sha1;
+        *hashKeySize = SSL_DataHashSize::SHA1_HashKeySize;
+        return;
 
 #if HAVE_SSL_CIPHER_SPLIT_ALGORITHMS
     case SSL_DataHashAlgorithm::SSL_GOST94:
-        return SSL_DataHashSize::GOST_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::SSL_GOST94;
+        *hashKeySize = SSL_DataHashSize::GOST_HashKeySize;
+        return;
 
     case SSL_DataHashAlgorithm::SSL_GOST89MAC:
-        return SSL_DataHashSize::GOST_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::SSL_GOST89;
+        *hashKeySize = SSL_DataHashSize::GOST_HashKeySize;
+        return;
 
     case SSL_DataHashAlgorithm::SSL_SHA256:
-        return SSL_DataHashSize::SHA256_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::SSL_SHA256;
+        *hashKeySize = SSL_DataHashSize::SHA256_HashKeySize;
+        return;
 
     case SSL_DataHashAlgorithm::SSL_SHA384:
-        return SSL_DataHashSize::SHA384_HashKeySize;
+        *dataHashAlg = HashAlgorithmType::SSL_SHA384;
+        *hashKeySize = SSL_DataHashSize::SHA384_HashKeySize;
+        return;
 
     case SSL_DataHashAlgorithm::SSL_AEAD:
-        return 0;
+        *dataHashAlg = HashAlgorithmType::SSL_AEAD;
+        *hashKeySize = 0;
+        return;
 #endif
     }
+
+    *dataHashAlg = HashAlgorithmType::None;
+    *hashKeySize = 0;
+    return;
 }
 
 extern "C" int32_t GetSslConnectionInfo(SSL* ssl, CipherAlgorithmType* dataCipherAlg, ExchangeAlgorithmType* keyExchangeAlg, HashAlgorithmType* dataHashAlg, int32_t* dataKeySize, int32_t* hashKeySize)
@@ -469,9 +447,8 @@ extern "C" int32_t GetSslConnectionInfo(SSL* ssl, CipherAlgorithmType* dataCiphe
 
     *dataCipherAlg = MapCipherAlgorithmType(cipher);
     *keyExchangeAlg = MapExchangeAlgorithmType(cipher);
-    *dataHashAlg = MapHashAlgorithmType(cipher);
     *dataKeySize = cipher->alg_bits;
-    *hashKeySize = GetHashKeySize(cipher);
+    GetHashAlgorithmTypeAndSize(cipher, dataHashAlg, hashKeySize);
 
     return 1;
 
@@ -486,6 +463,8 @@ extern "C" int32_t GetSslConnectionInfo(SSL* ssl, CipherAlgorithmType* dataCiphe
         *dataHashAlg = HashAlgorithmType::None;
     if (dataKeySize)
         *dataKeySize = 0;
+    if (hashKeySize)
+        *hashKeySize = 0;
 
     return 0;
 }

src/Native/System.Security.Cryptography.Native/pal_ssl.h

@@ -4,6 +4,8 @@
 #include "pal_crypto_types.h"
 
 #include <openssl/ssl.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
 
 /*
 These values should be kept in sync with System.Security.Authentication.SslProtocols.