libtls: Add getters for TLS handshake authentication details

diff --git a/src/libtls/tls.c b/src/libtls/tls.c
index 201612470fe38dac7dfe2f135aff13f63f91ea64..08a06f5ef2b7e19b0e760898428b5184c3b9d52f 100644 (file)
--- a/src/libtls/tls.c
+++ b/src/libtls/tls.c
@@ -415,6 +415,12 @@ METHOD(tls_t, get_eap_msk, chunk_t,
        return this->crypto->get_eap_msk(this->crypto);
 }
 
+METHOD(tls_t, get_auth, auth_cfg_t*,
+       private_tls_t *this)
+{
+       return this->handshake->get_auth(this->handshake);
+}
+
 METHOD(tls_t, destroy, void,
        private_tls_t *this)
 {
@@ -465,6 +471,7 @@ tls_t *tls_create(bool is_server, identification_t *server,
                        .get_purpose = _get_purpose,
                        .is_complete = _is_complete,
                        .get_eap_msk = _get_eap_msk,
+                       .get_auth = _get_auth,
                        .destroy = _destroy,
                },
                .is_server = is_server,

diff --git a/src/libtls/tls.h b/src/libtls/tls.h
index fc1d9b9fd0515088f28cb46ea87a5c9ebb8dff66..f3dc198cfe46c5136086f6333013e1f0900a271b 100644 (file)
--- a/src/libtls/tls.h
+++ b/src/libtls/tls.h
@@ -251,6 +251,13 @@ struct tls_t {
         */
        chunk_t (*get_eap_msk)(tls_t *this);
 
+       /**
+        * Get the authentication details after completing the handshake.
+        *
+        * @return                      authentication details, internal data
+        */
+       auth_cfg_t* (*get_auth)(tls_t *this);
+
        /**
         * Destroy a tls_t.
         */

diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c
index ebe5bc3a82f8a042f57c170434a662d303086187..12d5aed53bc3d259903e0ee9a8c41497e14d6919 100644 (file)
--- a/src/libtls/tls_eap.c
+++ b/src/libtls/tls_eap.c
@@ -426,6 +426,12 @@ METHOD(tls_eap_t, set_identifier, void,
        this->identifier = identifier;
 }
 
+METHOD(tls_eap_t, get_auth, auth_cfg_t*,
+       private_tls_eap_t *this)
+{
+       return this->tls->get_auth(this->tls);
+}
+
 METHOD(tls_eap_t, destroy, void,
        private_tls_eap_t *this)
 {
@@ -453,6 +459,7 @@ tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size,
                        .get_msk = _get_msk,
                        .get_identifier = _get_identifier,
                        .set_identifier = _set_identifier,
+                       .get_auth = _get_auth,
                        .destroy = _destroy,
                },
                .type = type,

diff --git a/src/libtls/tls_eap.h b/src/libtls/tls_eap.h
index f3fbba078c002799e597c30a012d38ae147edffa..df41fc4d7a5836ebdea356f2d7506f8d5a01a535 100644 (file)
--- a/src/libtls/tls_eap.h
+++ b/src/libtls/tls_eap.h
@@ -76,6 +76,13 @@ struct tls_eap_t {
         */
        void (*set_identifier) (tls_eap_t *this, uint8_t identifier);
 
+       /**
+        * Get the authentication details after completing the handshake.
+        *
+        * @return                              authentication details, internal data
+        */
+       auth_cfg_t* (*get_auth)(tls_eap_t *this);
+
        /**
         * Destroy a tls_eap_t.
         */

diff --git a/src/libtls/tls_handshake.h b/src/libtls/tls_handshake.h
index 7fa660c58e3398cd8aff49eda1df7c7ed8c468fd..7edb49ba052b6d4703e79f35390e2cf892867a3a 100644 (file)
--- a/src/libtls/tls_handshake.h
+++ b/src/libtls/tls_handshake.h
@@ -97,6 +97,13 @@ struct tls_handshake_t {
         */
        identification_t* (*get_server_id)(tls_handshake_t *this);
 
+       /**
+        * Get the peers authentication information after completing the handshake.
+        *
+        * @return                      authentication data, internal data
+        */
+       auth_cfg_t* (*get_auth)(tls_handshake_t *this);
+
        /**
         * Destroy a tls_handshake_t.
         */

diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 1bee436c4af0ccd7b719000a272f5a420d1a0933..08e36de3698f95c4732413f84e8bfb2e9ee451ed 100644 (file)
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -1154,6 +1154,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*,
        return this->server;
 }
 
+METHOD(tls_handshake_t, get_auth, auth_cfg_t*,
+       private_tls_peer_t *this)
+{
+       return this->server_auth;
+}
+
 METHOD(tls_handshake_t, destroy, void,
        private_tls_peer_t *this)
 {
@@ -1187,6 +1193,7 @@ tls_peer_t *tls_peer_create(tls_t *tls, tls_crypto_t *crypto, tls_alert_t *alert
                                .finished = _finished,
                                .get_peer_id = _get_peer_id,
                                .get_server_id = _get_server_id,
+                               .get_auth = _get_auth,
                                .destroy = _destroy,
                        },
                },

diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index a861a267a169874a882defdf9916239a9fda45f9..b6e706d23460e05cdf3d5d5a9b190398d8cbefb6 100644 (file)
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -1074,6 +1074,12 @@ METHOD(tls_handshake_t, get_server_id, identification_t*,
        return this->server;
 }
 
+METHOD(tls_handshake_t, get_auth, auth_cfg_t*,
+       private_tls_server_t *this)
+{
+       return this->peer_auth;
+}
+
 METHOD(tls_handshake_t, destroy, void,
        private_tls_server_t *this)
 {
@@ -1108,6 +1114,7 @@ tls_server_t *tls_server_create(tls_t *tls,
                                .finished = _finished,
                                .get_peer_id = _get_peer_id,
                                .get_server_id = _get_server_id,
+                               .get_auth = _get_auth,
                                .destroy = _destroy,
                        },
                },