mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-01-28 00:35:21 +00:00
Add ssl_get_record_expansion()
This commit is contained in:
parent
e63582a166
commit
9b35f18f66
@ -1856,6 +1856,18 @@ const char *ssl_get_ciphersuite( const ssl_context *ssl );
|
|||||||
*/
|
*/
|
||||||
const char *ssl_get_version( const ssl_context *ssl );
|
const char *ssl_get_version( const ssl_context *ssl );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Return the (maximum) number of bytes added by the record
|
||||||
|
* layer: header + encryption/MAC overhead (inc. padding)
|
||||||
|
*
|
||||||
|
* \param ssl SSL context
|
||||||
|
*
|
||||||
|
* \return Current maximum record expansion in bytes, or
|
||||||
|
* POLARSSL_ERR_FEATURE_UNAVAILABLE if compression is enabled,
|
||||||
|
* which makes expansion much less predictable
|
||||||
|
*/
|
||||||
|
int ssl_get_record_expansion( const ssl_context *ssl );
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||||
/**
|
/**
|
||||||
* \brief Return the peer certificate from the current connection
|
* \brief Return the peer certificate from the current connection
|
||||||
|
@ -5476,6 +5476,40 @@ const char *ssl_get_version( const ssl_context *ssl )
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int ssl_get_record_expansion( const ssl_context *ssl )
|
||||||
|
{
|
||||||
|
int transform_expansion;
|
||||||
|
const ssl_transform *transform = ssl->transform_out;
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ZLIB_SUPPORT)
|
||||||
|
if( ssl->session_out->compression != SSL_COMPRESS_NULL )
|
||||||
|
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if( transform == NULL )
|
||||||
|
return( ssl_hdr_len( ssl ) );
|
||||||
|
|
||||||
|
switch( cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
|
||||||
|
{
|
||||||
|
case POLARSSL_MODE_GCM:
|
||||||
|
case POLARSSL_MODE_CCM:
|
||||||
|
case POLARSSL_MODE_STREAM:
|
||||||
|
transform_expansion = transform->minlen;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case POLARSSL_MODE_CBC:
|
||||||
|
transform_expansion = transform->maclen
|
||||||
|
+ cipher_get_block_size( &transform->cipher_ctx_enc );
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
SSL_DEBUG_MSG( 0, ( "should never happen" ) );
|
||||||
|
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
|
||||||
|
}
|
||||||
|
|
||||||
|
return( ssl_hdr_len( ssl ) + transform_expansion );
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||||
const x509_crt *ssl_get_peer_cert( const ssl_context *ssl )
|
const x509_crt *ssl_get_peer_cert( const ssl_context *ssl )
|
||||||
{
|
{
|
||||||
|
@ -1099,6 +1099,11 @@ int main( int argc, char *argv[] )
|
|||||||
printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
|
printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
|
||||||
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
|
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
|
||||||
|
|
||||||
|
if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 )
|
||||||
|
printf( " [ Record expansion is %d ]\n", ret );
|
||||||
|
else
|
||||||
|
printf( " [ Record expansion is unknown (compression) ]\n" );
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_ALPN)
|
#if defined(POLARSSL_SSL_ALPN)
|
||||||
if( opt.alpn_string != NULL )
|
if( opt.alpn_string != NULL )
|
||||||
{
|
{
|
||||||
|
@ -1704,6 +1704,11 @@ reset:
|
|||||||
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
|
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 )
|
||||||
|
printf( " [ Record expansion is %d ]\n", ret );
|
||||||
|
else
|
||||||
|
printf( " [ Record expansion is unknown (compression) ]\n" );
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_ALPN)
|
#if defined(POLARSSL_SSL_ALPN)
|
||||||
if( opt.alpn_string != NULL )
|
if( opt.alpn_string != NULL )
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user