From a5d190650bd73600c3a5eae654efe60281f6083f Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Thu, 26 Aug 2021 11:25:34 +0200
Subject: [PATCH] wolfSSL: Implement tls_get_tls_unique()

This is needed for EAP-TEAP. This needs wolfSSL 5.0.0 or newer.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
---
 src/crypto/tls_wolfssl.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 395104f04..234ebac86 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -2107,6 +2107,25 @@ void tls_connection_remove_session(struct tls_connection *conn)
 }
 
 
+int tls_get_tls_unique(struct tls_connection *conn, u8 *buf, size_t max_len)
+{
+	size_t len;
+	int reused;
+
+	reused = wolfSSL_session_reused(conn->ssl);
+	if ((wolfSSL_is_server(conn->ssl) && !reused) ||
+	    (!wolfSSL_is_server(conn->ssl) && reused))
+		len = wolfSSL_get_peer_finished(conn->ssl, buf, max_len);
+	else
+		len = wolfSSL_get_finished(conn->ssl, buf, max_len);
+
+	if (len == 0 || len > max_len)
+		return -1;
+
+	return len;
+}
+
+
 u16 tls_connection_get_cipher_suite(struct tls_connection *conn)
 {
 	return (u16) wolfSSL_get_current_cipher_suite(conn->ssl);