From 8f52690956b227083160a46f99c845b1ce39f7bc Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Thu, 13 Jan 2022 00:04:49 -0500 Subject: [PATCH] Add accessors for ciphersuite info Signed-off-by: Glenn Strauss --- ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt | 3 +++ include/mbedtls/ssl.h | 9 +++++++++ include/mbedtls/ssl_ciphersuites.h | 7 +++++++ library/ssl_ciphersuites.c | 13 +++++++++++++ library/ssl_tls.c | 8 ++++++++ 5 files changed, 40 insertions(+) create mode 100644 ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt diff --git a/ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt b/ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt new file mode 100644 index 0000000000..c4235b74b2 --- /dev/null +++ b/ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt @@ -0,0 +1,3 @@ +Features + * Add accessor to obtain ciphersuite id from ssl context. + * Add accessors to get members from ciphersuite info. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 072ebbe460..407eadf8dd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3888,6 +3888,15 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl ); */ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ); +/** + * \brief Return the id of the current ciphersuite + * + * \param ssl SSL context + * + * \return a ciphersuite id + */ +int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl ); + /** * \brief Return the name of the current ciphersuite * diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 18e7c98767..b46442a357 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -394,6 +394,13 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); +static inline const char *mbedtls_ssl_ciphersuite_get_name( const mbedtls_ssl_ciphersuite_t *info ) +{ + return info->MBEDTLS_PRIVATE(name); +} + +size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info ); + #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) { diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 62588dc2e5..cd2b1253f4 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -2064,6 +2064,19 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) return( cur->id ); } +size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info ) +{ +#if defined(MBEDTLS_CIPHER_C) + const mbedtls_cipher_info_t * const cipher_info = + mbedtls_cipher_info_from_type( info->cipher ); + + return( mbedtls_cipher_info_get_key_bitlen( cipher_info ) ); +#else + (void)info; + return( 0 ); +#endif +} + #if defined(MBEDTLS_PK_C) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d868e49650..05ede402c1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4358,6 +4358,14 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) return( 0xFFFFFFFF ); } +int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl ) +{ + if( ssl == NULL || ssl->session == NULL ) + return( 0 ); + + return( ssl->session->ciphersuite ); +} + const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) { if( ssl == NULL || ssl->session == NULL )