Adding TLS group name retrieval

Function SSL_group_to_name() added, together with documentation and tests. This now permits displaying names of internal and external provider-implemented groups. Partial fix of #13767 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13785)
author: Michael Baentsch <info@baentsch.ch> 2021-01-07 09:09:32 +0100
committer: Matt Caswell <matt@openssl.org> 2021-01-08 17:04:46 +0000
commit: becbacd705170952725571ae4404846b0ecee86a (patch)
tree: f7be4e390ca3736c25c5a5b8c500cce9aeb20615 /ssl
parent: 22aa4a3afb53984201c84970ec03b251d0117f00 (diff)
download: openssl-becbacd705170952725571ae4404846b0ecee86a.zip
openssl-becbacd705170952725571ae4404846b0ecee86a.tar.gz
openssl-becbacd705170952725571ae4404846b0ecee86a.tar.bz2
3 files changed, 20 insertions, 1 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 298efdc..0739bc9 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4986,3 +4986,21 @@ int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey,
     EVP_PKEY_CTX_free(pctx);
     return rv;
 }
+
+const char *SSL_group_to_name(SSL *s, int nid) {
+    int group_id = 0;
+    const TLS_GROUP_INFO *cinf = NULL;
+
+    /* first convert to real group id for internal and external IDs */
+    if (nid & TLSEXT_nid_unknown)
+        group_id = nid & 0xFFFF;
+    else
+        group_id = tls1_nid2group_id(nid);
+
+    /* then look up */
+    cinf = tls1_group_id_lookup(s->ctx, group_id);
+
+    if (cinf != NULL)
+        return cinf->tlsname;
+    return NULL;
+}
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index c2a4087..22ab387 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -2650,6 +2650,7 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
 
 __owur const TLS_GROUP_INFO *tls1_group_id_lookup(SSL_CTX *ctx, uint16_t curve_id);
 __owur int tls1_group_id2nid(uint16_t group_id, int include_unknown);
+__owur uint16_t tls1_nid2group_id(int nid);
 __owur int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_curves);
 __owur uint16_t tls1_shared_group(SSL *s, int nmatch);
 __owur int tls1_set_groups(uint16_t **pext, size_t *pextlen,
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index bc366c8..60c17dd 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -460,7 +460,7 @@ int tls1_group_id2nid(uint16_t group_id, int include_unknown)
     return TLSEXT_nid_unknown | (int)group_id;
 }
 
-static uint16_t tls1_nid2group_id(int nid)
+uint16_t tls1_nid2group_id(int nid)
 {
     size_t i;
author	Michael Baentsch <info@baentsch.ch>	2021-01-07 09:09:32 +0100
committer	Matt Caswell <matt@openssl.org>	2021-01-08 17:04:46 +0000
commit	becbacd705170952725571ae4404846b0ecee86a (patch)
tree	f7be4e390ca3736c25c5a5b8c500cce9aeb20615 /ssl
parent	22aa4a3afb53984201c84970ec03b251d0117f00 (diff)
download	openssl-becbacd705170952725571ae4404846b0ecee86a.zip openssl-becbacd705170952725571ae4404846b0ecee86a.tar.gz openssl-becbacd705170952725571ae4404846b0ecee86a.tar.bz2