1/*
2 * Debugging routines
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20#include "common.h"
21
22#if defined(MBEDTLS_DEBUG_C)
23
24#include "mbedtls/platform.h"
25
26#include "mbedtls/debug.h"
27#include "mbedtls/error.h"
28
29#include <stdarg.h>
30#include <stdio.h>
31#include <string.h>
32
33/* DEBUG_BUF_SIZE must be at least 2 */
34#define DEBUG_BUF_SIZE 512
35
36static int debug_threshold = 0;
37
38void mbedtls_debug_set_threshold(int threshold)
39{
40 debug_threshold = threshold;
41}
42
43/*
44 * All calls to f_dbg must be made via this function
45 */
46static inline void debug_send_line(const mbedtls_ssl_context *ssl, int level,
47 const char *file, int line,
48 const char *str)
49{
50 /*
51 * If in a threaded environment, we need a thread identifier.
52 * Since there is no portable way to get one, use the address of the ssl
53 * context instead, as it shouldn't be shared between threads.
54 */
55#if defined(MBEDTLS_THREADING_C)
56 char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
57 mbedtls_snprintf(idstr, sizeof(idstr), "%p: %s", (void *) ssl, str);
58 ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, idstr);
59#else
60 ssl->conf->f_dbg(ssl->conf->p_dbg, level, file, line, str);
61#endif
62}
63
64MBEDTLS_PRINTF_ATTRIBUTE(5, 6)
65void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
66 const char *file, int line,
67 const char *format, ...)
68{
69 va_list argp;
70 char str[DEBUG_BUF_SIZE];
71 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
72
73 MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small");
74
75 if (NULL == ssl ||
76 NULL == ssl->conf ||
77 NULL == ssl->conf->f_dbg ||
78 level > debug_threshold) {
79 return;
80 }
81
82 va_start(argp, format);
83 ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp);
84 va_end(argp);
85
86 if (ret < 0) {
87 ret = 0;
88 } else {
89 if (ret >= DEBUG_BUF_SIZE - 1) {
90 ret = DEBUG_BUF_SIZE - 2;
91 }
92 }
93 str[ret] = '\n';
94 str[ret + 1] = '\0';
95
96 debug_send_line(ssl, level, file, line, str);
97}
98
99void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
100 const char *file, int line,
101 const char *text, int ret)
102{
103 char str[DEBUG_BUF_SIZE];
104
105 if (NULL == ssl ||
106 NULL == ssl->conf ||
107 NULL == ssl->conf->f_dbg ||
108 level > debug_threshold) {
109 return;
110 }
111
112 /*
113 * With non-blocking I/O and examples that just retry immediately,
114 * the logs would be quickly flooded with WANT_READ, so ignore that.
115 * Don't ignore WANT_WRITE however, since is is usually rare.
116 */
117 if (ret == MBEDTLS_ERR_SSL_WANT_READ) {
118 return;
119 }
120
121 mbedtls_snprintf(str, sizeof(str), "%s() returned %d (-0x%04x)\n",
122 text, ret, (unsigned int) -ret);
123
124 debug_send_line(ssl, level, file, line, str);
125}
126
127void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
128 const char *file, int line, const char *text,
129 const unsigned char *buf, size_t len)
130{
131 char str[DEBUG_BUF_SIZE];
132 char txt[17];
133 size_t i, idx = 0;
134
135 if (NULL == ssl ||
136 NULL == ssl->conf ||
137 NULL == ssl->conf->f_dbg ||
138 level > debug_threshold) {
139 return;
140 }
141
142 mbedtls_snprintf(str + idx, sizeof(str) - idx, "dumping '%s' (%u bytes)\n",
143 text, (unsigned int) len);
144
145 debug_send_line(ssl, level, file, line, str);
146
147 idx = 0;
148 memset(txt, 0, sizeof(txt));
149 for (i = 0; i < len; i++) {
150 if (i >= 4096) {
151 break;
152 }
153
154 if (i % 16 == 0) {
155 if (i > 0) {
156 mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt);
157 debug_send_line(ssl, level, file, line, str);
158
159 idx = 0;
160 memset(txt, 0, sizeof(txt));
161 }
162
163 idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, "%04x: ",
164 (unsigned int) i);
165
166 }
167
168 idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x",
169 (unsigned int) buf[i]);
170 txt[i % 16] = (buf[i] > 31 && buf[i] < 127) ? buf[i] : '.';
171 }
172
173 if (len > 0) {
174 for (/* i = i */; i % 16 != 0; i++) {
175 idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " ");
176 }
177
178 mbedtls_snprintf(str + idx, sizeof(str) - idx, " %s\n", txt);
179 debug_send_line(ssl, level, file, line, str);
180 }
181}
182
183#if defined(MBEDTLS_ECP_C)
184void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
185 const char *file, int line,
186 const char *text, const mbedtls_ecp_point *X)
187{
188 char str[DEBUG_BUF_SIZE];
189
190 if (NULL == ssl ||
191 NULL == ssl->conf ||
192 NULL == ssl->conf->f_dbg ||
193 level > debug_threshold) {
194 return;
195 }
196
197 mbedtls_snprintf(str, sizeof(str), "%s(X)", text);
198 mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->X);
199
200 mbedtls_snprintf(str, sizeof(str), "%s(Y)", text);
201 mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y);
202}
203#endif /* MBEDTLS_ECP_C */
204
205#if defined(MBEDTLS_BIGNUM_C)
206void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
207 const char *file, int line,
208 const char *text, const mbedtls_mpi *X)
209{
210 char str[DEBUG_BUF_SIZE];
211 size_t bitlen;
212 size_t idx = 0;
213
214 if (NULL == ssl ||
215 NULL == ssl->conf ||
216 NULL == ssl->conf->f_dbg ||
217 NULL == X ||
218 level > debug_threshold) {
219 return;
220 }
221
222 bitlen = mbedtls_mpi_bitlen(X);
223
224 mbedtls_snprintf(str, sizeof(str), "value of '%s' (%u bits) is:\n",
225 text, (unsigned) bitlen);
226 debug_send_line(ssl, level, file, line, str);
227
228 if (bitlen == 0) {
229 str[0] = ' '; str[1] = '0'; str[2] = '0';
230 idx = 3;
231 } else {
232 int n;
233 for (n = (int) ((bitlen - 1) / 8); n >= 0; n--) {
234 size_t limb_offset = n / sizeof(mbedtls_mpi_uint);
235 size_t offset_in_limb = n % sizeof(mbedtls_mpi_uint);
236 unsigned char octet =
237 (X->p[limb_offset] >> (offset_in_limb * 8)) & 0xff;
238 mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", octet);
239 idx += 3;
240 /* Wrap lines after 16 octets that each take 3 columns */
241 if (idx >= 3 * 16) {
242 mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
243 debug_send_line(ssl, level, file, line, str);
244 idx = 0;
245 }
246 }
247 }
248
249 if (idx != 0) {
250 mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n");
251 debug_send_line(ssl, level, file, line, str);
252 }
253}
254#endif /* MBEDTLS_BIGNUM_C */
255
256#if defined(MBEDTLS_X509_CRT_PARSE_C)
257static void debug_print_pk(const mbedtls_ssl_context *ssl, int level,
258 const char *file, int line,
259 const char *text, const mbedtls_pk_context *pk)
260{
261 size_t i;
262 mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
263 char name[16];
264
265 memset(items, 0, sizeof(items));
266
267 if (mbedtls_pk_debug(pk, items) != 0) {
268 debug_send_line(ssl, level, file, line,
269 "invalid PK context\n");
270 return;
271 }
272
273 for (i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++) {
274 if (items[i].type == MBEDTLS_PK_DEBUG_NONE) {
275 return;
276 }
277
278 mbedtls_snprintf(name, sizeof(name), "%s%s", text, items[i].name);
279 name[sizeof(name) - 1] = '\0';
280
281 if (items[i].type == MBEDTLS_PK_DEBUG_MPI) {
282 mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value);
283 } else
284#if defined(MBEDTLS_ECP_C)
285 if (items[i].type == MBEDTLS_PK_DEBUG_ECP) {
286 mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value);
287 } else
288#endif
289 { debug_send_line(ssl, level, file, line,
290 "should not happen\n"); }
291 }
292}
293
294static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level,
295 const char *file, int line, const char *text)
296{
297 char str[DEBUG_BUF_SIZE];
298 const char *start, *cur;
299
300 start = text;
301 for (cur = text; *cur != '\0'; cur++) {
302 if (*cur == '\n') {
303 size_t len = cur - start + 1;
304 if (len > DEBUG_BUF_SIZE - 1) {
305 len = DEBUG_BUF_SIZE - 1;
306 }
307
308 memcpy(str, start, len);
309 str[len] = '\0';
310
311 debug_send_line(ssl, level, file, line, str);
312
313 start = cur + 1;
314 }
315 }
316}
317
318void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
319 const char *file, int line,
320 const char *text, const mbedtls_x509_crt *crt)
321{
322 char str[DEBUG_BUF_SIZE];
323 int i = 0;
324
325 if (NULL == ssl ||
326 NULL == ssl->conf ||
327 NULL == ssl->conf->f_dbg ||
328 NULL == crt ||
329 level > debug_threshold) {
330 return;
331 }
332
333 while (crt != NULL) {
334 char buf[1024];
335
336 mbedtls_snprintf(str, sizeof(str), "%s #%d:\n", text, ++i);
337 debug_send_line(ssl, level, file, line, str);
338
339 mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
340 debug_print_line_by_line(ssl, level, file, line, buf);
341
342 debug_print_pk(ssl, level, file, line, "crt->", &crt->pk);
343
344 crt = crt->next;
345 }
346}
347#endif /* MBEDTLS_X509_CRT_PARSE_C */
348
349#if defined(MBEDTLS_ECDH_C)
350static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl,
351 int level, const char *file,
352 int line,
353 const mbedtls_ecdh_context *ecdh,
354 mbedtls_debug_ecdh_attr attr)
355{
356#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
357 const mbedtls_ecdh_context *ctx = ecdh;
358#else
359 const mbedtls_ecdh_context_mbed *ctx = &ecdh->ctx.mbed_ecdh;
360#endif
361
362 switch (attr) {
363 case MBEDTLS_DEBUG_ECDH_Q:
364 mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Q",
365 &ctx->Q);
366 break;
367 case MBEDTLS_DEBUG_ECDH_QP:
368 mbedtls_debug_print_ecp(ssl, level, file, line, "ECDH: Qp",
369 &ctx->Qp);
370 break;
371 case MBEDTLS_DEBUG_ECDH_Z:
372 mbedtls_debug_print_mpi(ssl, level, file, line, "ECDH: z",
373 &ctx->z);
374 break;
375 default:
376 break;
377 }
378}
379
380void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
381 const char *file, int line,
382 const mbedtls_ecdh_context *ecdh,
383 mbedtls_debug_ecdh_attr attr)
384{
385#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
386 mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh, attr);
387#else
388 switch (ecdh->var) {
389 default:
390 mbedtls_debug_printf_ecdh_internal(ssl, level, file, line, ecdh,
391 attr);
392 }
393#endif
394}
395#endif /* MBEDTLS_ECDH_C */
396
397#endif /* MBEDTLS_DEBUG_C */
398