diff --git a/components/openssl/include/internal/ssl_methods.h b/components/openssl/include/internal/ssl_methods.h index 7a63b9e949..cd2f8c0533 100644 --- a/components/openssl/include/internal/ssl_methods.h +++ b/components/openssl/include/internal/ssl_methods.h @@ -71,12 +71,14 @@ #define IMPLEMENT_X509_METHOD(func_name, \ new, \ free, \ - load) \ + load, \ + show_info) \ const X509_METHOD* func_name(void) { \ static const X509_METHOD func_name##_data LOCAL_ATRR = { \ new, \ free, \ - load \ + load, \ + show_info \ }; \ return &func_name##_data; \ } diff --git a/components/openssl/include/internal/ssl_types.h b/components/openssl/include/internal/ssl_types.h index c571865c1e..19944c7819 100644 --- a/components/openssl/include/internal/ssl_types.h +++ b/components/openssl/include/internal/ssl_types.h @@ -275,6 +275,8 @@ struct x509_method_st { void (*x509_free)(X509 *x); int (*x509_load)(X509 *x, const unsigned char *buf, int len); + + int (*x509_show_info)(X509 *x); }; struct pkey_method_st { diff --git a/components/openssl/include/openssl/ssl.h b/components/openssl/include/openssl/ssl.h index 1d115214fd..d8400e66b5 100644 --- a/components/openssl/include/openssl/ssl.h +++ b/components/openssl/include/openssl/ssl.h @@ -447,6 +447,28 @@ int SSL_pending(const SSL *ssl); */ int SSL_want_nothing(const SSL *ssl); +/** + * @brief check if SSL want to read + * + * @param ssl - SSL point + * + * @return result + * 0 : false + * 1 : true + */ +int SSL_want_read(const SSL *ssl); + +/** + * @brief check if SSL want to write + * + * @param ssl - SSL point + * + * @return result + * 0 : false + * 1 : true + */ +int SSL_want_write(const SSL *ssl); + /** * @brief get the SSL context current method * diff --git a/components/openssl/include/platform/ssl_pm.h b/components/openssl/include/platform/ssl_pm.h index cf1d213799..a516d57422 100644 --- a/components/openssl/include/platform/ssl_pm.h +++ b/components/openssl/include/platform/ssl_pm.h @@ -42,6 +42,7 @@ OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl); void ssl_pm_set_bufflen(SSL *ssl, int len); +int x509_pm_show_info(X509 *x); int x509_pm_new(X509 *x, X509 *m_x); void x509_pm_free(X509 *x); int x509_pm_load(X509 *x, const unsigned char *buffer, int len); diff --git a/components/openssl/library/ssl_methods.c b/components/openssl/library/ssl_methods.c index 8159511c49..0002360846 100644 --- a/components/openssl/library/ssl_methods.c +++ b/components/openssl/library/ssl_methods.c @@ -71,7 +71,7 @@ IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method); */ IMPLEMENT_X509_METHOD(X509_method, x509_pm_new, x509_pm_free, - x509_pm_load); + x509_pm_load, x509_pm_show_info); /** * @brief get private key object method diff --git a/components/openssl/library/ssl_x509.c b/components/openssl/library/ssl_x509.c index d060419e6a..06e6e7b544 100644 --- a/components/openssl/library/ssl_x509.c +++ b/components/openssl/library/ssl_x509.c @@ -17,6 +17,14 @@ #include "ssl_dbg.h" #include "ssl_port.h" +/** + * @brief show X509 certification information + */ +int __X509_show_info(X509 *x) +{ + return X509_METHOD_CALL(show_info, x); +} + /** * @brief create a X509 certification object according to input X509 certification */ @@ -256,3 +264,4 @@ X509 *SSL_get_peer_certificate(const SSL *ssl) return ssl->session->peer; } + diff --git a/components/openssl/platform/ssl_pm.c b/components/openssl/platform/ssl_pm.c index 4bc631382f..bbe290f2a3 100644 --- a/components/openssl/platform/ssl_pm.c +++ b/components/openssl/platform/ssl_pm.c @@ -31,6 +31,8 @@ #define DEBUG_LOAD_BUF_STRING(str) #endif +#define X509_INFO_STRING_LENGTH 1024 + struct ssl_pm { /* local socket file description */ @@ -370,6 +372,42 @@ OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl) return state; } +int x509_pm_show_info(X509 *x) +{ + int ret; + char *buf; + mbedtls_x509_crt *x509_crt; + struct x509_pm *x509_pm = x->x509_pm; + + if (x509_pm->x509_crt) + x509_crt = x509_pm->x509_crt; + else if (x509_pm->ex_crt) + x509_crt = x509_pm->ex_crt; + else + x509_crt = NULL; + + if (!x509_crt) + return -1; + + buf = ssl_malloc(X509_INFO_STRING_LENGTH); + if (!buf) + SSL_RET(failed1, ""); + + ret = mbedtls_x509_crt_info(buf, X509_INFO_STRING_LENGTH - 1, "", x509_crt); + if (ret <= 0) + SSL_RET(failed2, ""); + buf[ret] = 0; + + SSL_PRINT("%s", buf); + + return 0; + +failed2: + ssl_free(buf); +failed1: + return -1; +} + int x509_pm_new(X509 *x, X509 *m_x) { struct x509_pm *x509_pm;