yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-30 04:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add ssl_get_record_expansion()

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-10-14 17:47:31 +02:00 committed by Paul Bakker
parent e63582a166
commit 9b35f18f66
4 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/polarssl/ssl.h
View File

@ -1856,6 +1856,18 @@ const char *ssl_get_ciphersuite( const ssl_context *ssl );
*/ */
const char *ssl_get_version( const ssl_context *ssl ); const char *ssl_get_version( const ssl_context *ssl );
/**
* \brief Return the (maximum) number of bytes added by the record
* layer: header + encryption/MAC overhead (inc. padding)
*
* \param ssl SSL context
*
* \return Current maximum record expansion in bytes, or
* POLARSSL_ERR_FEATURE_UNAVAILABLE if compression is enabled,
* which makes expansion much less predictable
*/
int ssl_get_record_expansion( const ssl_context *ssl );
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
/** /**
* \brief Return the peer certificate from the current connection * \brief Return the peer certificate from the current connection

34
library/ssl_tls.c
View File

@ -5476,6 +5476,40 @@ const char *ssl_get_version( const ssl_context *ssl )
} }
} }
int ssl_get_record_expansion( const ssl_context *ssl )
{
int transform_expansion;
const ssl_transform *transform = ssl->transform_out;
#if defined(POLARSSL_ZLIB_SUPPORT)
if( ssl->session_out->compression != SSL_COMPRESS_NULL )
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
#endif
if( transform == NULL )
return( ssl_hdr_len( ssl ) );
switch( cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
{
case POLARSSL_MODE_GCM:
case POLARSSL_MODE_CCM:
case POLARSSL_MODE_STREAM:
transform_expansion = transform->minlen;
break;
case POLARSSL_MODE_CBC:
transform_expansion = transform->maclen
+ cipher_get_block_size( &transform->cipher_ctx_enc );
break;
default:
SSL_DEBUG_MSG( 0, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
}
return( ssl_hdr_len( ssl ) + transform_expansion );
}
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
const x509_crt *ssl_get_peer_cert( const ssl_context *ssl ) const x509_crt *ssl_get_peer_cert( const ssl_context *ssl )
{ {

5
programs/ssl/ssl_client2.c
View File

@ -1099,6 +1099,11 @@ int main( int argc, char *argv[] )
printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n", printf( " ok\n [ Protocol is %s ]\n [ Ciphersuite is %s ]\n",
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) ); ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 )
printf( " [ Record expansion is %d ]\n", ret );
else
printf( " [ Record expansion is unknown (compression) ]\n" );
#if defined(POLARSSL_SSL_ALPN) #if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )
{ {

5
programs/ssl/ssl_server2.c
View File

@ -1704,6 +1704,11 @@ reset:
ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) ); ssl_get_version( &ssl ), ssl_get_ciphersuite( &ssl ) );
} }
if( ( ret = ssl_get_record_expansion( &ssl ) ) >= 0 )
printf( " [ Record expansion is %d ]\n", ret );
else
printf( " [ Record expansion is unknown (compression) ]\n" );
#if defined(POLARSSL_SSL_ALPN) #if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL ) if( opt.alpn_string != NULL )
{ {