diff options
author | Michael Baentsch <info@baentsch.ch> | 2021-01-07 09:09:32 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-01-08 17:04:46 +0000 |
commit | becbacd705170952725571ae4404846b0ecee86a (patch) | |
tree | f7be4e390ca3736c25c5a5b8c500cce9aeb20615 /ssl | |
parent | 22aa4a3afb53984201c84970ec03b251d0117f00 (diff) | |
download | openssl-becbacd705170952725571ae4404846b0ecee86a.zip openssl-becbacd705170952725571ae4404846b0ecee86a.tar.gz openssl-becbacd705170952725571ae4404846b0ecee86a.tar.bz2 |
Adding TLS group name retrieval
Function SSL_group_to_name() added, together with documentation and tests.
This now permits displaying names of internal and external
provider-implemented groups.
Partial fix of #13767
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13785)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 18 | ||||
-rw-r--r-- | ssl/ssl_local.h | 1 | ||||
-rw-r--r-- | ssl/t1_lib.c | 2 |
3 files changed, 20 insertions, 1 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 298efdc..0739bc9 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4986,3 +4986,21 @@ int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey, EVP_PKEY_CTX_free(pctx); return rv; } + +const char *SSL_group_to_name(SSL *s, int nid) { + int group_id = 0; + const TLS_GROUP_INFO *cinf = NULL; + + /* first convert to real group id for internal and external IDs */ + if (nid & TLSEXT_nid_unknown) + group_id = nid & 0xFFFF; + else + group_id = tls1_nid2group_id(nid); + + /* then look up */ + cinf = tls1_group_id_lookup(s->ctx, group_id); + + if (cinf != NULL) + return cinf->tlsname; + return NULL; +} diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index c2a4087..22ab387 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2650,6 +2650,7 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); __owur const TLS_GROUP_INFO *tls1_group_id_lookup(SSL_CTX *ctx, uint16_t curve_id); __owur int tls1_group_id2nid(uint16_t group_id, int include_unknown); +__owur uint16_t tls1_nid2group_id(int nid); __owur int tls1_check_group_id(SSL *s, uint16_t group_id, int check_own_curves); __owur uint16_t tls1_shared_group(SSL *s, int nmatch); __owur int tls1_set_groups(uint16_t **pext, size_t *pextlen, diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bc366c8..60c17dd 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -460,7 +460,7 @@ int tls1_group_id2nid(uint16_t group_id, int include_unknown) return TLSEXT_nid_unknown | (int)group_id; } -static uint16_t tls1_nid2group_id(int nid) +uint16_t tls1_nid2group_id(int nid) { size_t i; |