(ssl_object: Any)
| 97 | |
| 98 | |
| 99 | def get_temp_key_info(ssl_object: Any) -> str | None: |
| 100 | # adapted from OpenSSL apps/s_cb.c::ssl_print_tmp_key() |
| 101 | if not hasattr(pyOpenSSLutil.lib, "SSL_get_server_tmp_key"): |
| 102 | # removed in cryptography 40.0.0 |
| 103 | return None |
| 104 | temp_key_p = pyOpenSSLutil.ffi.new("EVP_PKEY **") |
| 105 | if not pyOpenSSLutil.lib.SSL_get_server_tmp_key(ssl_object, temp_key_p): |
| 106 | return None |
| 107 | temp_key = temp_key_p[0] |
| 108 | if temp_key == pyOpenSSLutil.ffi.NULL: |
| 109 | return None |
| 110 | temp_key = pyOpenSSLutil.ffi.gc(temp_key, pyOpenSSLutil.lib.EVP_PKEY_free) |
| 111 | key_info = [] |
| 112 | key_type = pyOpenSSLutil.lib.EVP_PKEY_id(temp_key) |
| 113 | if key_type == pyOpenSSLutil.lib.EVP_PKEY_RSA: |
| 114 | key_info.append("RSA") |
| 115 | elif key_type == pyOpenSSLutil.lib.EVP_PKEY_DH: |
| 116 | key_info.append("DH") |
| 117 | elif key_type == pyOpenSSLutil.lib.EVP_PKEY_EC: |
| 118 | key_info.append("ECDH") |
| 119 | ec_key = pyOpenSSLutil.lib.EVP_PKEY_get1_EC_KEY(temp_key) |
| 120 | ec_key = pyOpenSSLutil.ffi.gc(ec_key, pyOpenSSLutil.lib.EC_KEY_free) |
| 121 | nid = pyOpenSSLutil.lib.EC_GROUP_get_curve_name( |
| 122 | pyOpenSSLutil.lib.EC_KEY_get0_group(ec_key) |
| 123 | ) |
| 124 | cname = pyOpenSSLutil.lib.EC_curve_nid2nist(nid) |
| 125 | if cname == pyOpenSSLutil.ffi.NULL: |
| 126 | cname = pyOpenSSLutil.lib.OBJ_nid2sn(nid) |
| 127 | key_info.append(ffi_buf_to_string(cname)) |
| 128 | else: |
| 129 | key_info.append(ffi_buf_to_string(pyOpenSSLutil.lib.OBJ_nid2sn(key_type))) |
| 130 | key_info.append(f"{pyOpenSSLutil.lib.EVP_PKEY_bits(temp_key)} bits") |
| 131 | return ", ".join(key_info) |
| 132 | |
| 133 | |
| 134 | def get_openssl_version() -> str: |
no test coverage detected