Google Git
Sign in
boringssl/boringssl/96ba15fc69f73e2c5e2bd0a66e4bab05ee5d7c55^!/.
commit
96ba15fc69f73e2c5e2bd0a66e4bab05ee5d7c55
[log]
author
David Benjamin <davidben@chromium.org>
Fri Dec 25 14:10:17 2015 -0500
committer
Adam Langley <alangley@gmail.com>
Fri Jan 15 20:15:29 2016 +0000
tree
72a624e372a9b37949e6d5c83bfe84be4f612d86
parent
ef1b0093444e62644f9cdec4e516705cb79bcf79 [diff]
Add SSL_get_client_random and SSL_get_server_random.

wpa_supplicant needs to get at the client and server random. OpenSSL
1.1.0 added these APIs, so match their semantics.

Change-Id: I2b71ba850ac63e574c9ea79012d1d0efec5a979a
Reviewed-on: https://boringssl-review.googlesource.com/6830
Reviewed-by: Adam Langley <alangley@gmail.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index dcfee91..27701b1 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -2860,6 +2860,18 @@
  * |TLSEXT_hash_none|. */
 OPENSSL_EXPORT uint8_t SSL_get_server_key_exchange_hash(const SSL *ssl);
 
+/* SSL_get_client_random writes up to |max_out| bytes of the most recent
+ * handshake's client_random to |out| and returns the number of bytes written.
+ * If |max_out| is zero, it returns the size of the client_random. */
+OPENSSL_EXPORT size_t SSL_get_client_random(const SSL *ssl, uint8_t *out,
+                                            size_t max_out);
+
+/* SSL_get_server_random writes up to |max_out| bytes of the most recent
+ * handshake's server_random to |out| and returns the number of bytes written.
+ * If |max_out| is zero, it returns the size of the server_random. */
+OPENSSL_EXPORT size_t SSL_get_server_random(const SSL *ssl, uint8_t *out,
+                                            size_t max_out);
+
 
 /* Deprecated functions. */
 

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 08578a6..8c09031 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -2570,6 +2570,28 @@
   return ssl->s3->tmp.server_key_exchange_hash;
 }
 
+size_t SSL_get_client_random(const SSL *ssl, uint8_t *out, size_t max_out) {
+  if (max_out == 0) {
+    return sizeof(ssl->s3->client_random);
+  }
+  if (max_out > sizeof(ssl->s3->client_random)) {
+    max_out = sizeof(ssl->s3->client_random);
+  }
+  memcpy(out, ssl->s3->client_random, max_out);
+  return max_out;
+}
+
+size_t SSL_get_server_random(const SSL *ssl, uint8_t *out, size_t max_out) {
+  if (max_out == 0) {
+    return sizeof(ssl->s3->server_random);
+  }
+  if (max_out > sizeof(ssl->s3->server_random)) {
+    max_out = sizeof(ssl->s3->server_random);
+  }
+  memcpy(out, ssl->s3->server_random, max_out);
+  return max_out;
+}
+
 int SSL_clear(SSL *ssl) {
   if (ssl->method == NULL) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_NO_METHOD_SPECIFIED);