From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 26 Dec 2012 18:13:49 +0000 (+0000)
Subject: Add support for printing out and retrieving EC point formats extension.
X-Git-Tag: OpenSSL_1_0_2-beta1~487
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=78b5d89ddfdc66b5bf5919b7858f11d2e491efbf;p=oweals%2Fopenssl.git

Add support for printing out and retrieving EC point formats extension.
(backport from HEAD)
---

diff --git a/CHANGES b/CHANGES
index 0c64d156a1..1789ce49c8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.1 and 1.0.2 [xx XXX xxxx]
 
+  *) New ctrl and macro to retrieve supported points extensions.
+     Print out extension in s_server.
+     [Steve Henson]
+
   *) New functions to retrieve certificate signature and signature
      OID NID.
      [Steve Henson]
diff --git a/apps/s_apps.h b/apps/s_apps.h
index b45c1b9a56..e4e9bbcdbf 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -161,6 +161,7 @@ int set_cert_key_and_authz(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
                            unsigned char *authz, size_t authz_length);
 # endif
 int ssl_print_sigalgs(BIO *out, SSL *s);
+int ssl_print_point_formats(BIO *out, SSL *s);
 int ssl_print_curves(BIO *out, SSL *s);
 #endif
 int ssl_print_tmp_key(BIO *out, SSL *s);
diff --git a/apps/s_cb.c b/apps/s_cb.c
index fc40f391e3..2ac7656f06 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -418,6 +418,45 @@ int ssl_print_sigalgs(BIO *out, SSL *s)
 		BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid));
 	return 1;
 	}
+ 
+int ssl_print_point_formats(BIO *out, SSL *s)
+	{
+	int i, nformats;
+	const char *pformats;
+	nformats = SSL_get0_ec_point_formats(s, &pformats);
+	if (nformats <= 0)
+		return 1;
+	BIO_puts(out, "Supported Elliptic Curve Point Formats: ");
+	for (i = 0; i < nformats; i++, pformats++)
+		{
+		if (i)
+			BIO_puts(out, ":");
+		switch(*pformats)
+			{
+		case TLSEXT_ECPOINTFORMAT_uncompressed:
+			BIO_puts(out, "uncompressed");
+			break;
+
+		case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime:
+			BIO_puts(out, "ansiX962_compressed_prime");
+			break;
+
+		case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2:
+			BIO_puts(out, "ansiX962_compressed_char2");
+			break;
+
+		default:
+			BIO_printf(out, "unknown(%d)", (int)*pformats);
+			break;
+
+			}
+		}
+	if (nformats <= 0)
+		BIO_puts(out, "NONE");
+	BIO_puts(out, "\n");
+	return 1;
+	}
+
 
 int ssl_print_curves(BIO *out, SSL *s)
 	{
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index f8b3e4a32a..9f5331ef32 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3514,6 +3514,19 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 			return 0;
 			}
 
+	case SSL_CTRL_GET_EC_POINT_FORMATS:
+		if (!s->server)
+			return 0;
+		else
+			{
+			SSL_SESSION *sess = s->session;
+			const unsigned char **pformat = parg;
+			if (!sess || !sess->tlsext_ecpointformatlist)
+				return 0;
+			*pformat = sess->tlsext_ecpointformatlist;
+			return (int)sess->tlsext_ecpointformatlist_length;
+			}
+
 	default:
 		break;
 		}
diff --git a/ssl/ssl.h b/ssl/ssl.h
index c6cc41b1b2..f4b802bac8 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1700,6 +1700,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_GET_PEER_SIGNATURE_NID		108
 #define SSL_CTRL_GET_SERVER_TMP_KEY		109
 #define SSL_CTRL_GET_RAW_CIPHERLIST		110
+#define SSL_CTRL_GET_EC_POINT_FORMATS		111
 
 #define DTLSv1_get_timeout(ssl, arg) \
 	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1833,6 +1834,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_get0_raw_cipherlist(s, plst) \
 	SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
 
+#define SSL_get0_ec_point_formats(s, plst) \
+	SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+
 #ifndef OPENSSL_NO_BIO
 BIO_METHOD *BIO_f_ssl(void);
 BIO *BIO_new_ssl(SSL_CTX *ctx,int client);