Add accessor for own cid to ssl context
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
parent
cefa904759
commit
0113cf1022
4 changed files with 69 additions and 2 deletions
4
ChangeLog.d/add_own_cid_accessors
Normal file
4
ChangeLog.d/add_own_cid_accessors
Normal file
|
@ -0,0 +1,4 @@
|
|||
Features
|
||||
* Add the function mbedtls_ssl_get_own_cid() to access our own connection id
|
||||
within mbedtls_ssl_context, as requested in #5184
|
||||
|
|
@ -1317,8 +1317,9 @@
|
|||
* in the underlying transport.
|
||||
*
|
||||
* Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`,
|
||||
* `mbedtls_ssl_get_peer_cid()` and `mbedtls_ssl_conf_cid()`.
|
||||
* See the corresponding documentation for more information.
|
||||
* mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and
|
||||
* `mbedtls_ssl_conf_cid()`. See the corresponding documentation for
|
||||
* more information.
|
||||
*
|
||||
* \warning The Connection ID extension is still in draft state.
|
||||
* We make no stability promises for the availability
|
||||
|
|
|
@ -2023,6 +2023,40 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
|
|||
unsigned char const *own_cid,
|
||||
size_t own_cid_len );
|
||||
|
||||
/**
|
||||
* \brief Get information about our request for usage of the CID
|
||||
* extension in the current connection.
|
||||
*
|
||||
* \param ssl The SSL context to query.
|
||||
* \param enabled The address at which to store whether the CID extension
|
||||
* is requested to be used or not. If the CID is
|
||||
* requested, `*enabled` is set to
|
||||
* MBEDTLS_SSL_CID_ENABLED; otherwise, it is set to
|
||||
* MBEDTLS_SSL_CID_DISABLED.
|
||||
* \param own_cid The address of the buffer in which to store our own
|
||||
* CID (if the CID extension is requested). This may be
|
||||
* \c NULL in case the value of our CID isn't needed. If
|
||||
* it is not \c NULL, \p own_cid_len must not be \c NULL.
|
||||
* \param own_cid_len The address at which to store the size of our own CID
|
||||
* (if the CID extension is requested). This is also the
|
||||
* number of Bytes in \p own_cid that have been written.
|
||||
* This may be \c NULL in case the length of our own CID
|
||||
* isn't needed. If it is \c NULL, \p own_cid must be
|
||||
* \c NULL, too.
|
||||
*
|
||||
*\note If we are requesting an empty CID this function sets
|
||||
* `*enabled` to #MBEDTLS_SSL_CID_DISABLED (the rationale
|
||||
* for this is that the resulting outcome is the
|
||||
* same as if the CID extensions wasn't requested).
|
||||
*
|
||||
* \return \c 0 on success.
|
||||
* \return A negative error code on failure.
|
||||
*/
|
||||
int mbedtls_ssl_get_own_cid( mbedtls_ssl_context *ssl,
|
||||
int *enabled,
|
||||
unsigned char own_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
|
||||
size_t *own_cid_len );
|
||||
|
||||
/**
|
||||
* \brief Get information about the use of the CID extension
|
||||
* in the current connection.
|
||||
|
|
|
@ -112,6 +112,34 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_get_own_cid( mbedtls_ssl_context *ssl,
|
||||
int *enabled,
|
||||
unsigned char own_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX],
|
||||
size_t *own_cid_len )
|
||||
{
|
||||
*enabled = MBEDTLS_SSL_CID_DISABLED;
|
||||
|
||||
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
/* We report MBEDTLS_SSL_CID_DISABLED in case the CID length is
|
||||
* zero as this is indistinguishable from not requesting to use
|
||||
* the CID extension. */
|
||||
if( ssl->own_cid_len == 0 || ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED )
|
||||
return( 0 );
|
||||
|
||||
if( own_cid_len != NULL )
|
||||
{
|
||||
*own_cid_len = ssl->own_cid_len;
|
||||
if( own_cid != NULL )
|
||||
memcpy( own_cid, ssl->own_cid, ssl->own_cid_len );
|
||||
}
|
||||
|
||||
*enabled = MBEDTLS_SSL_CID_ENABLED;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
|
||||
int *enabled,
|
||||
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
|
||||
|
|
Loading…
Reference in a new issue