1 | /* |
---|---|
2 | * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. |
3 | * Copyright 2005 Nokia. All rights reserved. |
4 | * |
5 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
6 | * this file except in compliance with the License. You can obtain a copy |
7 | * in the file LICENSE in the source distribution or at |
8 | * https://www.openssl.org/source/license.html |
9 | */ |
10 | |
11 | #include <stdio.h> |
12 | #include "ssl_local.h" |
13 | |
14 | const char *SSL_state_string_long(const SSL *s) |
15 | { |
16 | if (ossl_statem_in_error(s)) |
17 | return "error"; |
18 | |
19 | switch (SSL_get_state(s)) { |
20 | case TLS_ST_CR_CERT_STATUS: |
21 | return "SSLv3/TLS read certificate status"; |
22 | case TLS_ST_CW_NEXT_PROTO: |
23 | return "SSLv3/TLS write next proto"; |
24 | case TLS_ST_SR_NEXT_PROTO: |
25 | return "SSLv3/TLS read next proto"; |
26 | case TLS_ST_SW_CERT_STATUS: |
27 | return "SSLv3/TLS write certificate status"; |
28 | case TLS_ST_BEFORE: |
29 | return "before SSL initialization"; |
30 | case TLS_ST_OK: |
31 | return "SSL negotiation finished successfully"; |
32 | case TLS_ST_CW_CLNT_HELLO: |
33 | return "SSLv3/TLS write client hello"; |
34 | case TLS_ST_CR_SRVR_HELLO: |
35 | return "SSLv3/TLS read server hello"; |
36 | case TLS_ST_CR_CERT: |
37 | return "SSLv3/TLS read server certificate"; |
38 | case TLS_ST_CR_KEY_EXCH: |
39 | return "SSLv3/TLS read server key exchange"; |
40 | case TLS_ST_CR_CERT_REQ: |
41 | return "SSLv3/TLS read server certificate request"; |
42 | case TLS_ST_CR_SESSION_TICKET: |
43 | return "SSLv3/TLS read server session ticket"; |
44 | case TLS_ST_CR_SRVR_DONE: |
45 | return "SSLv3/TLS read server done"; |
46 | case TLS_ST_CW_CERT: |
47 | return "SSLv3/TLS write client certificate"; |
48 | case TLS_ST_CW_KEY_EXCH: |
49 | return "SSLv3/TLS write client key exchange"; |
50 | case TLS_ST_CW_CERT_VRFY: |
51 | return "SSLv3/TLS write certificate verify"; |
52 | case TLS_ST_CW_CHANGE: |
53 | case TLS_ST_SW_CHANGE: |
54 | return "SSLv3/TLS write change cipher spec"; |
55 | case TLS_ST_CW_FINISHED: |
56 | case TLS_ST_SW_FINISHED: |
57 | return "SSLv3/TLS write finished"; |
58 | case TLS_ST_CR_CHANGE: |
59 | case TLS_ST_SR_CHANGE: |
60 | return "SSLv3/TLS read change cipher spec"; |
61 | case TLS_ST_CR_FINISHED: |
62 | case TLS_ST_SR_FINISHED: |
63 | return "SSLv3/TLS read finished"; |
64 | case TLS_ST_SR_CLNT_HELLO: |
65 | return "SSLv3/TLS read client hello"; |
66 | case TLS_ST_SW_HELLO_REQ: |
67 | return "SSLv3/TLS write hello request"; |
68 | case TLS_ST_SW_SRVR_HELLO: |
69 | return "SSLv3/TLS write server hello"; |
70 | case TLS_ST_SW_CERT: |
71 | return "SSLv3/TLS write certificate"; |
72 | case TLS_ST_SW_KEY_EXCH: |
73 | return "SSLv3/TLS write key exchange"; |
74 | case TLS_ST_SW_CERT_REQ: |
75 | return "SSLv3/TLS write certificate request"; |
76 | case TLS_ST_SW_SESSION_TICKET: |
77 | return "SSLv3/TLS write session ticket"; |
78 | case TLS_ST_SW_SRVR_DONE: |
79 | return "SSLv3/TLS write server done"; |
80 | case TLS_ST_SR_CERT: |
81 | return "SSLv3/TLS read client certificate"; |
82 | case TLS_ST_SR_KEY_EXCH: |
83 | return "SSLv3/TLS read client key exchange"; |
84 | case TLS_ST_SR_CERT_VRFY: |
85 | return "SSLv3/TLS read certificate verify"; |
86 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST: |
87 | return "DTLS1 read hello verify request"; |
88 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST: |
89 | return "DTLS1 write hello verify request"; |
90 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS: |
91 | return "TLSv1.3 write encrypted extensions"; |
92 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS: |
93 | return "TLSv1.3 read encrypted extensions"; |
94 | case TLS_ST_CR_CERT_VRFY: |
95 | return "TLSv1.3 read server certificate verify"; |
96 | case TLS_ST_SW_CERT_VRFY: |
97 | return "TLSv1.3 write server certificate verify"; |
98 | case TLS_ST_CR_HELLO_REQ: |
99 | return "SSLv3/TLS read hello request"; |
100 | case TLS_ST_SW_KEY_UPDATE: |
101 | return "TLSv1.3 write server key update"; |
102 | case TLS_ST_CW_KEY_UPDATE: |
103 | return "TLSv1.3 write client key update"; |
104 | case TLS_ST_SR_KEY_UPDATE: |
105 | return "TLSv1.3 read client key update"; |
106 | case TLS_ST_CR_KEY_UPDATE: |
107 | return "TLSv1.3 read server key update"; |
108 | case TLS_ST_EARLY_DATA: |
109 | return "TLSv1.3 early data"; |
110 | case TLS_ST_PENDING_EARLY_DATA_END: |
111 | return "TLSv1.3 pending early data end"; |
112 | case TLS_ST_CW_END_OF_EARLY_DATA: |
113 | return "TLSv1.3 write end of early data"; |
114 | case TLS_ST_SR_END_OF_EARLY_DATA: |
115 | return "TLSv1.3 read end of early data"; |
116 | default: |
117 | return "unknown state"; |
118 | } |
119 | } |
120 | |
121 | const char *SSL_state_string(const SSL *s) |
122 | { |
123 | if (ossl_statem_in_error(s)) |
124 | return "SSLERR"; |
125 | |
126 | switch (SSL_get_state(s)) { |
127 | case TLS_ST_SR_NEXT_PROTO: |
128 | return "TRNP"; |
129 | case TLS_ST_SW_SESSION_TICKET: |
130 | return "TWST"; |
131 | case TLS_ST_SW_CERT_STATUS: |
132 | return "TWCS"; |
133 | case TLS_ST_CR_CERT_STATUS: |
134 | return "TRCS"; |
135 | case TLS_ST_CR_SESSION_TICKET: |
136 | return "TRST"; |
137 | case TLS_ST_CW_NEXT_PROTO: |
138 | return "TWNP"; |
139 | case TLS_ST_BEFORE: |
140 | return "PINIT "; |
141 | case TLS_ST_OK: |
142 | return "SSLOK "; |
143 | case TLS_ST_CW_CLNT_HELLO: |
144 | return "TWCH"; |
145 | case TLS_ST_CR_SRVR_HELLO: |
146 | return "TRSH"; |
147 | case TLS_ST_CR_CERT: |
148 | return "TRSC"; |
149 | case TLS_ST_CR_KEY_EXCH: |
150 | return "TRSKE"; |
151 | case TLS_ST_CR_CERT_REQ: |
152 | return "TRCR"; |
153 | case TLS_ST_CR_SRVR_DONE: |
154 | return "TRSD"; |
155 | case TLS_ST_CW_CERT: |
156 | return "TWCC"; |
157 | case TLS_ST_CW_KEY_EXCH: |
158 | return "TWCKE"; |
159 | case TLS_ST_CW_CERT_VRFY: |
160 | return "TWCV"; |
161 | case TLS_ST_SW_CHANGE: |
162 | case TLS_ST_CW_CHANGE: |
163 | return "TWCCS"; |
164 | case TLS_ST_SW_FINISHED: |
165 | case TLS_ST_CW_FINISHED: |
166 | return "TWFIN"; |
167 | case TLS_ST_SR_CHANGE: |
168 | case TLS_ST_CR_CHANGE: |
169 | return "TRCCS"; |
170 | case TLS_ST_SR_FINISHED: |
171 | case TLS_ST_CR_FINISHED: |
172 | return "TRFIN"; |
173 | case TLS_ST_SW_HELLO_REQ: |
174 | return "TWHR"; |
175 | case TLS_ST_SR_CLNT_HELLO: |
176 | return "TRCH"; |
177 | case TLS_ST_SW_SRVR_HELLO: |
178 | return "TWSH"; |
179 | case TLS_ST_SW_CERT: |
180 | return "TWSC"; |
181 | case TLS_ST_SW_KEY_EXCH: |
182 | return "TWSKE"; |
183 | case TLS_ST_SW_CERT_REQ: |
184 | return "TWCR"; |
185 | case TLS_ST_SW_SRVR_DONE: |
186 | return "TWSD"; |
187 | case TLS_ST_SR_CERT: |
188 | return "TRCC"; |
189 | case TLS_ST_SR_KEY_EXCH: |
190 | return "TRCKE"; |
191 | case TLS_ST_SR_CERT_VRFY: |
192 | return "TRCV"; |
193 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST: |
194 | return "DRCHV"; |
195 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST: |
196 | return "DWCHV"; |
197 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS: |
198 | return "TWEE"; |
199 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS: |
200 | return "TREE"; |
201 | case TLS_ST_CR_CERT_VRFY: |
202 | return "TRSCV"; |
203 | case TLS_ST_SW_CERT_VRFY: |
204 | return "TRSCV"; |
205 | case TLS_ST_CR_HELLO_REQ: |
206 | return "TRHR"; |
207 | case TLS_ST_SW_KEY_UPDATE: |
208 | return "TWSKU"; |
209 | case TLS_ST_CW_KEY_UPDATE: |
210 | return "TWCKU"; |
211 | case TLS_ST_SR_KEY_UPDATE: |
212 | return "TRCKU"; |
213 | case TLS_ST_CR_KEY_UPDATE: |
214 | return "TRSKU"; |
215 | case TLS_ST_EARLY_DATA: |
216 | return "TED"; |
217 | case TLS_ST_PENDING_EARLY_DATA_END: |
218 | return "TPEDE"; |
219 | case TLS_ST_CW_END_OF_EARLY_DATA: |
220 | return "TWEOED"; |
221 | case TLS_ST_SR_END_OF_EARLY_DATA: |
222 | return "TWEOED"; |
223 | default: |
224 | return "UNKWN "; |
225 | } |
226 | } |
227 | |
228 | const char *SSL_alert_type_string_long(int value) |
229 | { |
230 | switch (value >> 8) { |
231 | case SSL3_AL_WARNING: |
232 | return "warning"; |
233 | case SSL3_AL_FATAL: |
234 | return "fatal"; |
235 | default: |
236 | return "unknown"; |
237 | } |
238 | } |
239 | |
240 | const char *SSL_alert_type_string(int value) |
241 | { |
242 | switch (value >> 8) { |
243 | case SSL3_AL_WARNING: |
244 | return "W"; |
245 | case SSL3_AL_FATAL: |
246 | return "F"; |
247 | default: |
248 | return "U"; |
249 | } |
250 | } |
251 | |
252 | const char *SSL_alert_desc_string(int value) |
253 | { |
254 | switch (value & 0xff) { |
255 | case SSL3_AD_CLOSE_NOTIFY: |
256 | return "CN"; |
257 | case SSL3_AD_UNEXPECTED_MESSAGE: |
258 | return "UM"; |
259 | case SSL3_AD_BAD_RECORD_MAC: |
260 | return "BM"; |
261 | case SSL3_AD_DECOMPRESSION_FAILURE: |
262 | return "DF"; |
263 | case SSL3_AD_HANDSHAKE_FAILURE: |
264 | return "HF"; |
265 | case SSL3_AD_NO_CERTIFICATE: |
266 | return "NC"; |
267 | case SSL3_AD_BAD_CERTIFICATE: |
268 | return "BC"; |
269 | case SSL3_AD_UNSUPPORTED_CERTIFICATE: |
270 | return "UC"; |
271 | case SSL3_AD_CERTIFICATE_REVOKED: |
272 | return "CR"; |
273 | case SSL3_AD_CERTIFICATE_EXPIRED: |
274 | return "CE"; |
275 | case SSL3_AD_CERTIFICATE_UNKNOWN: |
276 | return "CU"; |
277 | case SSL3_AD_ILLEGAL_PARAMETER: |
278 | return "IP"; |
279 | case TLS1_AD_DECRYPTION_FAILED: |
280 | return "DC"; |
281 | case TLS1_AD_RECORD_OVERFLOW: |
282 | return "RO"; |
283 | case TLS1_AD_UNKNOWN_CA: |
284 | return "CA"; |
285 | case TLS1_AD_ACCESS_DENIED: |
286 | return "AD"; |
287 | case TLS1_AD_DECODE_ERROR: |
288 | return "DE"; |
289 | case TLS1_AD_DECRYPT_ERROR: |
290 | return "CY"; |
291 | case TLS1_AD_EXPORT_RESTRICTION: |
292 | return "ER"; |
293 | case TLS1_AD_PROTOCOL_VERSION: |
294 | return "PV"; |
295 | case TLS1_AD_INSUFFICIENT_SECURITY: |
296 | return "IS"; |
297 | case TLS1_AD_INTERNAL_ERROR: |
298 | return "IE"; |
299 | case TLS1_AD_USER_CANCELLED: |
300 | return "US"; |
301 | case TLS1_AD_NO_RENEGOTIATION: |
302 | return "NR"; |
303 | case TLS1_AD_UNSUPPORTED_EXTENSION: |
304 | return "UE"; |
305 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE: |
306 | return "CO"; |
307 | case TLS1_AD_UNRECOGNIZED_NAME: |
308 | return "UN"; |
309 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: |
310 | return "BR"; |
311 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: |
312 | return "BH"; |
313 | case TLS1_AD_UNKNOWN_PSK_IDENTITY: |
314 | return "UP"; |
315 | default: |
316 | return "UK"; |
317 | } |
318 | } |
319 | |
320 | const char *SSL_alert_desc_string_long(int value) |
321 | { |
322 | switch (value & 0xff) { |
323 | case SSL3_AD_CLOSE_NOTIFY: |
324 | return "close notify"; |
325 | case SSL3_AD_UNEXPECTED_MESSAGE: |
326 | return "unexpected_message"; |
327 | case SSL3_AD_BAD_RECORD_MAC: |
328 | return "bad record mac"; |
329 | case SSL3_AD_DECOMPRESSION_FAILURE: |
330 | return "decompression failure"; |
331 | case SSL3_AD_HANDSHAKE_FAILURE: |
332 | return "handshake failure"; |
333 | case SSL3_AD_NO_CERTIFICATE: |
334 | return "no certificate"; |
335 | case SSL3_AD_BAD_CERTIFICATE: |
336 | return "bad certificate"; |
337 | case SSL3_AD_UNSUPPORTED_CERTIFICATE: |
338 | return "unsupported certificate"; |
339 | case SSL3_AD_CERTIFICATE_REVOKED: |
340 | return "certificate revoked"; |
341 | case SSL3_AD_CERTIFICATE_EXPIRED: |
342 | return "certificate expired"; |
343 | case SSL3_AD_CERTIFICATE_UNKNOWN: |
344 | return "certificate unknown"; |
345 | case SSL3_AD_ILLEGAL_PARAMETER: |
346 | return "illegal parameter"; |
347 | case TLS1_AD_DECRYPTION_FAILED: |
348 | return "decryption failed"; |
349 | case TLS1_AD_RECORD_OVERFLOW: |
350 | return "record overflow"; |
351 | case TLS1_AD_UNKNOWN_CA: |
352 | return "unknown CA"; |
353 | case TLS1_AD_ACCESS_DENIED: |
354 | return "access denied"; |
355 | case TLS1_AD_DECODE_ERROR: |
356 | return "decode error"; |
357 | case TLS1_AD_DECRYPT_ERROR: |
358 | return "decrypt error"; |
359 | case TLS1_AD_EXPORT_RESTRICTION: |
360 | return "export restriction"; |
361 | case TLS1_AD_PROTOCOL_VERSION: |
362 | return "protocol version"; |
363 | case TLS1_AD_INSUFFICIENT_SECURITY: |
364 | return "insufficient security"; |
365 | case TLS1_AD_INTERNAL_ERROR: |
366 | return "internal error"; |
367 | case TLS1_AD_USER_CANCELLED: |
368 | return "user canceled"; |
369 | case TLS1_AD_NO_RENEGOTIATION: |
370 | return "no renegotiation"; |
371 | case TLS1_AD_UNSUPPORTED_EXTENSION: |
372 | return "unsupported extension"; |
373 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE: |
374 | return "certificate unobtainable"; |
375 | case TLS1_AD_UNRECOGNIZED_NAME: |
376 | return "unrecognized name"; |
377 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: |
378 | return "bad certificate status response"; |
379 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: |
380 | return "bad certificate hash value"; |
381 | case TLS1_AD_UNKNOWN_PSK_IDENTITY: |
382 | return "unknown PSK identity"; |
383 | case TLS1_AD_NO_APPLICATION_PROTOCOL: |
384 | return "no application protocol"; |
385 | default: |
386 | return "unknown"; |
387 | } |
388 | } |
389 |