Add accessors for ciphersuite info

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2025-02-20 12:40:47 +00:00 · 2022-01-13 00:04:49 -05:00 · 2022-01-13 00:04:49 -05:00 · 8f52690956
commit 8f52690956
parent dfc5c7117e
5 changed files with 40 additions and 0 deletions
--- a/ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt
+++ b/ChangeLog.d/mbedtls_ssl_get_ciphersuite_id.txt
@ -0,0 +1,3 @@
+Features
+   * Add accessor to obtain ciphersuite id from ssl context.
+   * Add accessors to get members from ciphersuite info.
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -3888,6 +3888,15 @@ size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
 */
 uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );

+/**
+ * \brief          Return the id of the current ciphersuite
+ *
+ * \param ssl      SSL context
+ *
+ * \return         a ciphersuite id
+ */
+int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl );
+
 /**
 * \brief          Return the name of the current ciphersuite
 *
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@ -394,6 +394,13 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphers
 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );

+static inline const char *mbedtls_ssl_ciphersuite_get_name( const mbedtls_ssl_ciphersuite_t *info )
+{
+    return info->MBEDTLS_PRIVATE(name);
+}
+
+size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info );
+
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
 static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
 {
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@ -2064,6 +2064,19 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
    return( cur->id );
 }

+size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info )
+{
+#if defined(MBEDTLS_CIPHER_C)
+    const mbedtls_cipher_info_t * const cipher_info =
+      mbedtls_cipher_info_from_type( info->cipher );
+
+    return( mbedtls_cipher_info_get_key_bitlen( cipher_info ) );
+#else
+    (void)info;
+    return( 0 );
+#endif
+}
+
 #if defined(MBEDTLS_PK_C)
 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
 {
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -4358,6 +4358,14 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl )
    return( 0xFFFFFFFF );
 }

+int mbedtls_ssl_get_ciphersuite_id_from_ssl( const mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL || ssl->session == NULL )
+        return( 0 );
+
+    return( ssl->session->ciphersuite );
+}
+
 const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl )
 {
    if( ssl == NULL || ssl->session == NULL )