diff --git a/boring/src/ssl/mod.rs b/boring/src/ssl/mod.rs index 223f625f..aa57bff0 100644 --- a/boring/src/ssl/mod.rs +++ b/boring/src/ssl/mod.rs @@ -696,6 +696,22 @@ impl SslCurve { #[cfg(feature = "pq-experimental")] pub const P256_KYBER768_DRAFT00: SslCurve = SslCurve(ffi::NID_P256Kyber768Draft00); + + /// Returns the curve name + /// + /// This corresponds to [`SSL_get_curve_name`] + /// + /// [`SSL_get_curve_name`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_get_curve_name + pub fn name(&self) -> Option<&'static str> { + unsafe { + let ptr = ffi::SSL_get_curve_name(self.0 as u16); + if ptr.is_null() { + return None; + } + + CStr::from_ptr(ptr).to_str().ok() + } + } } /// A compliance policy. @@ -2745,6 +2761,19 @@ impl SslRef { .expect("invalid default server curves list"); } + /// Returns the [`SslCurve`] used for this `SslRef`. + /// + /// This corresponds to [`SSL_get_curve_id`] + /// + /// [`SSL_get_curve_id`]: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#SSL_get_curve_id + pub fn curve(&self) -> Option { + let curve_id = unsafe { ffi::SSL_get_curve_id(self.as_ptr()) }; + if curve_id == 0 { + return None; + } + Some(SslCurve(curve_id.into())) + } + /// Returns an `ErrorCode` value for the most recent operation on this `SslRef`. /// /// This corresponds to [`SSL_get_error`]. diff --git a/boring/src/ssl/test/mod.rs b/boring/src/ssl/test/mod.rs index 08ef7e28..1abdde3a 100644 --- a/boring/src/ssl/test/mod.rs +++ b/boring/src/ssl/test/mod.rs @@ -920,6 +920,15 @@ fn server_set_default_curves_list() { ssl.server_set_default_curves_list(); } +#[test] +fn get_curve() { + let server = Server::builder().build(); + let client = server.client_with_root_ca(); + let client_stream = client.connect(); + let curve = client_stream.ssl().curve().expect("curve"); + assert!(curve.name().is_some()); +} + #[test] fn test_get_ciphers() { let ctx_builder = SslContext::builder(SslMethod::tls()).unwrap();