1 | /*
|
---|
2 | * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
|
---|
3 | * Copyright 2005 Nokia. All rights reserved.
|
---|
4 | *
|
---|
5 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
6 | * this file except in compliance with the License. You can obtain a copy
|
---|
7 | * in the file LICENSE in the source distribution or at
|
---|
8 | * https://www.openssl.org/source/license.html
|
---|
9 | */
|
---|
10 |
|
---|
11 | #include <stdio.h>
|
---|
12 | #include "ssl_local.h"
|
---|
13 |
|
---|
14 | const char *SSL_state_string_long(const SSL *s)
|
---|
15 | {
|
---|
16 | if (ossl_statem_in_error(s))
|
---|
17 | return "error";
|
---|
18 |
|
---|
19 | switch (SSL_get_state(s)) {
|
---|
20 | case TLS_ST_CR_CERT_STATUS:
|
---|
21 | return "SSLv3/TLS read certificate status";
|
---|
22 | case TLS_ST_CW_NEXT_PROTO:
|
---|
23 | return "SSLv3/TLS write next proto";
|
---|
24 | case TLS_ST_SR_NEXT_PROTO:
|
---|
25 | return "SSLv3/TLS read next proto";
|
---|
26 | case TLS_ST_SW_CERT_STATUS:
|
---|
27 | return "SSLv3/TLS write certificate status";
|
---|
28 | case TLS_ST_BEFORE:
|
---|
29 | return "before SSL initialization";
|
---|
30 | case TLS_ST_OK:
|
---|
31 | return "SSL negotiation finished successfully";
|
---|
32 | case TLS_ST_CW_CLNT_HELLO:
|
---|
33 | return "SSLv3/TLS write client hello";
|
---|
34 | case TLS_ST_CR_SRVR_HELLO:
|
---|
35 | return "SSLv3/TLS read server hello";
|
---|
36 | case TLS_ST_CR_CERT:
|
---|
37 | return "SSLv3/TLS read server certificate";
|
---|
38 | case TLS_ST_CR_KEY_EXCH:
|
---|
39 | return "SSLv3/TLS read server key exchange";
|
---|
40 | case TLS_ST_CR_CERT_REQ:
|
---|
41 | return "SSLv3/TLS read server certificate request";
|
---|
42 | case TLS_ST_CR_SESSION_TICKET:
|
---|
43 | return "SSLv3/TLS read server session ticket";
|
---|
44 | case TLS_ST_CR_SRVR_DONE:
|
---|
45 | return "SSLv3/TLS read server done";
|
---|
46 | case TLS_ST_CW_CERT:
|
---|
47 | return "SSLv3/TLS write client certificate";
|
---|
48 | case TLS_ST_CW_KEY_EXCH:
|
---|
49 | return "SSLv3/TLS write client key exchange";
|
---|
50 | case TLS_ST_CW_CERT_VRFY:
|
---|
51 | return "SSLv3/TLS write certificate verify";
|
---|
52 | case TLS_ST_CW_CHANGE:
|
---|
53 | case TLS_ST_SW_CHANGE:
|
---|
54 | return "SSLv3/TLS write change cipher spec";
|
---|
55 | case TLS_ST_CW_FINISHED:
|
---|
56 | case TLS_ST_SW_FINISHED:
|
---|
57 | return "SSLv3/TLS write finished";
|
---|
58 | case TLS_ST_CR_CHANGE:
|
---|
59 | case TLS_ST_SR_CHANGE:
|
---|
60 | return "SSLv3/TLS read change cipher spec";
|
---|
61 | case TLS_ST_CR_FINISHED:
|
---|
62 | case TLS_ST_SR_FINISHED:
|
---|
63 | return "SSLv3/TLS read finished";
|
---|
64 | case TLS_ST_SR_CLNT_HELLO:
|
---|
65 | return "SSLv3/TLS read client hello";
|
---|
66 | case TLS_ST_SW_HELLO_REQ:
|
---|
67 | return "SSLv3/TLS write hello request";
|
---|
68 | case TLS_ST_SW_SRVR_HELLO:
|
---|
69 | return "SSLv3/TLS write server hello";
|
---|
70 | case TLS_ST_SW_CERT:
|
---|
71 | return "SSLv3/TLS write certificate";
|
---|
72 | case TLS_ST_SW_KEY_EXCH:
|
---|
73 | return "SSLv3/TLS write key exchange";
|
---|
74 | case TLS_ST_SW_CERT_REQ:
|
---|
75 | return "SSLv3/TLS write certificate request";
|
---|
76 | case TLS_ST_SW_SESSION_TICKET:
|
---|
77 | return "SSLv3/TLS write session ticket";
|
---|
78 | case TLS_ST_SW_SRVR_DONE:
|
---|
79 | return "SSLv3/TLS write server done";
|
---|
80 | case TLS_ST_SR_CERT:
|
---|
81 | return "SSLv3/TLS read client certificate";
|
---|
82 | case TLS_ST_SR_KEY_EXCH:
|
---|
83 | return "SSLv3/TLS read client key exchange";
|
---|
84 | case TLS_ST_SR_CERT_VRFY:
|
---|
85 | return "SSLv3/TLS read certificate verify";
|
---|
86 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
|
---|
87 | return "DTLS1 read hello verify request";
|
---|
88 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
|
---|
89 | return "DTLS1 write hello verify request";
|
---|
90 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
|
---|
91 | return "TLSv1.3 write encrypted extensions";
|
---|
92 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
|
---|
93 | return "TLSv1.3 read encrypted extensions";
|
---|
94 | case TLS_ST_CR_CERT_VRFY:
|
---|
95 | return "TLSv1.3 read server certificate verify";
|
---|
96 | case TLS_ST_SW_CERT_VRFY:
|
---|
97 | return "TLSv1.3 write server certificate verify";
|
---|
98 | case TLS_ST_CR_HELLO_REQ:
|
---|
99 | return "SSLv3/TLS read hello request";
|
---|
100 | case TLS_ST_SW_KEY_UPDATE:
|
---|
101 | return "TLSv1.3 write server key update";
|
---|
102 | case TLS_ST_CW_KEY_UPDATE:
|
---|
103 | return "TLSv1.3 write client key update";
|
---|
104 | case TLS_ST_SR_KEY_UPDATE:
|
---|
105 | return "TLSv1.3 read client key update";
|
---|
106 | case TLS_ST_CR_KEY_UPDATE:
|
---|
107 | return "TLSv1.3 read server key update";
|
---|
108 | case TLS_ST_EARLY_DATA:
|
---|
109 | return "TLSv1.3 early data";
|
---|
110 | case TLS_ST_PENDING_EARLY_DATA_END:
|
---|
111 | return "TLSv1.3 pending early data end";
|
---|
112 | case TLS_ST_CW_END_OF_EARLY_DATA:
|
---|
113 | return "TLSv1.3 write end of early data";
|
---|
114 | case TLS_ST_SR_END_OF_EARLY_DATA:
|
---|
115 | return "TLSv1.3 read end of early data";
|
---|
116 | default:
|
---|
117 | return "unknown state";
|
---|
118 | }
|
---|
119 | }
|
---|
120 |
|
---|
121 | const char *SSL_state_string(const SSL *s)
|
---|
122 | {
|
---|
123 | if (ossl_statem_in_error(s))
|
---|
124 | return "SSLERR";
|
---|
125 |
|
---|
126 | switch (SSL_get_state(s)) {
|
---|
127 | case TLS_ST_SR_NEXT_PROTO:
|
---|
128 | return "TRNP";
|
---|
129 | case TLS_ST_SW_SESSION_TICKET:
|
---|
130 | return "TWST";
|
---|
131 | case TLS_ST_SW_CERT_STATUS:
|
---|
132 | return "TWCS";
|
---|
133 | case TLS_ST_CR_CERT_STATUS:
|
---|
134 | return "TRCS";
|
---|
135 | case TLS_ST_CR_SESSION_TICKET:
|
---|
136 | return "TRST";
|
---|
137 | case TLS_ST_CW_NEXT_PROTO:
|
---|
138 | return "TWNP";
|
---|
139 | case TLS_ST_BEFORE:
|
---|
140 | return "PINIT ";
|
---|
141 | case TLS_ST_OK:
|
---|
142 | return "SSLOK ";
|
---|
143 | case TLS_ST_CW_CLNT_HELLO:
|
---|
144 | return "TWCH";
|
---|
145 | case TLS_ST_CR_SRVR_HELLO:
|
---|
146 | return "TRSH";
|
---|
147 | case TLS_ST_CR_CERT:
|
---|
148 | return "TRSC";
|
---|
149 | case TLS_ST_CR_KEY_EXCH:
|
---|
150 | return "TRSKE";
|
---|
151 | case TLS_ST_CR_CERT_REQ:
|
---|
152 | return "TRCR";
|
---|
153 | case TLS_ST_CR_SRVR_DONE:
|
---|
154 | return "TRSD";
|
---|
155 | case TLS_ST_CW_CERT:
|
---|
156 | return "TWCC";
|
---|
157 | case TLS_ST_CW_KEY_EXCH:
|
---|
158 | return "TWCKE";
|
---|
159 | case TLS_ST_CW_CERT_VRFY:
|
---|
160 | return "TWCV";
|
---|
161 | case TLS_ST_SW_CHANGE:
|
---|
162 | case TLS_ST_CW_CHANGE:
|
---|
163 | return "TWCCS";
|
---|
164 | case TLS_ST_SW_FINISHED:
|
---|
165 | case TLS_ST_CW_FINISHED:
|
---|
166 | return "TWFIN";
|
---|
167 | case TLS_ST_SR_CHANGE:
|
---|
168 | case TLS_ST_CR_CHANGE:
|
---|
169 | return "TRCCS";
|
---|
170 | case TLS_ST_SR_FINISHED:
|
---|
171 | case TLS_ST_CR_FINISHED:
|
---|
172 | return "TRFIN";
|
---|
173 | case TLS_ST_SW_HELLO_REQ:
|
---|
174 | return "TWHR";
|
---|
175 | case TLS_ST_SR_CLNT_HELLO:
|
---|
176 | return "TRCH";
|
---|
177 | case TLS_ST_SW_SRVR_HELLO:
|
---|
178 | return "TWSH";
|
---|
179 | case TLS_ST_SW_CERT:
|
---|
180 | return "TWSC";
|
---|
181 | case TLS_ST_SW_KEY_EXCH:
|
---|
182 | return "TWSKE";
|
---|
183 | case TLS_ST_SW_CERT_REQ:
|
---|
184 | return "TWCR";
|
---|
185 | case TLS_ST_SW_SRVR_DONE:
|
---|
186 | return "TWSD";
|
---|
187 | case TLS_ST_SR_CERT:
|
---|
188 | return "TRCC";
|
---|
189 | case TLS_ST_SR_KEY_EXCH:
|
---|
190 | return "TRCKE";
|
---|
191 | case TLS_ST_SR_CERT_VRFY:
|
---|
192 | return "TRCV";
|
---|
193 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
|
---|
194 | return "DRCHV";
|
---|
195 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
|
---|
196 | return "DWCHV";
|
---|
197 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
|
---|
198 | return "TWEE";
|
---|
199 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
|
---|
200 | return "TREE";
|
---|
201 | case TLS_ST_CR_CERT_VRFY:
|
---|
202 | return "TRSCV";
|
---|
203 | case TLS_ST_SW_CERT_VRFY:
|
---|
204 | return "TRSCV";
|
---|
205 | case TLS_ST_CR_HELLO_REQ:
|
---|
206 | return "TRHR";
|
---|
207 | case TLS_ST_SW_KEY_UPDATE:
|
---|
208 | return "TWSKU";
|
---|
209 | case TLS_ST_CW_KEY_UPDATE:
|
---|
210 | return "TWCKU";
|
---|
211 | case TLS_ST_SR_KEY_UPDATE:
|
---|
212 | return "TRCKU";
|
---|
213 | case TLS_ST_CR_KEY_UPDATE:
|
---|
214 | return "TRSKU";
|
---|
215 | case TLS_ST_EARLY_DATA:
|
---|
216 | return "TED";
|
---|
217 | case TLS_ST_PENDING_EARLY_DATA_END:
|
---|
218 | return "TPEDE";
|
---|
219 | case TLS_ST_CW_END_OF_EARLY_DATA:
|
---|
220 | return "TWEOED";
|
---|
221 | case TLS_ST_SR_END_OF_EARLY_DATA:
|
---|
222 | return "TWEOED";
|
---|
223 | default:
|
---|
224 | return "UNKWN ";
|
---|
225 | }
|
---|
226 | }
|
---|
227 |
|
---|
228 | const char *SSL_alert_type_string_long(int value)
|
---|
229 | {
|
---|
230 | switch (value >> 8) {
|
---|
231 | case SSL3_AL_WARNING:
|
---|
232 | return "warning";
|
---|
233 | case SSL3_AL_FATAL:
|
---|
234 | return "fatal";
|
---|
235 | default:
|
---|
236 | return "unknown";
|
---|
237 | }
|
---|
238 | }
|
---|
239 |
|
---|
240 | const char *SSL_alert_type_string(int value)
|
---|
241 | {
|
---|
242 | switch (value >> 8) {
|
---|
243 | case SSL3_AL_WARNING:
|
---|
244 | return "W";
|
---|
245 | case SSL3_AL_FATAL:
|
---|
246 | return "F";
|
---|
247 | default:
|
---|
248 | return "U";
|
---|
249 | }
|
---|
250 | }
|
---|
251 |
|
---|
252 | const char *SSL_alert_desc_string(int value)
|
---|
253 | {
|
---|
254 | switch (value & 0xff) {
|
---|
255 | case SSL3_AD_CLOSE_NOTIFY:
|
---|
256 | return "CN";
|
---|
257 | case SSL3_AD_UNEXPECTED_MESSAGE:
|
---|
258 | return "UM";
|
---|
259 | case SSL3_AD_BAD_RECORD_MAC:
|
---|
260 | return "BM";
|
---|
261 | case SSL3_AD_DECOMPRESSION_FAILURE:
|
---|
262 | return "DF";
|
---|
263 | case SSL3_AD_HANDSHAKE_FAILURE:
|
---|
264 | return "HF";
|
---|
265 | case SSL3_AD_NO_CERTIFICATE:
|
---|
266 | return "NC";
|
---|
267 | case SSL3_AD_BAD_CERTIFICATE:
|
---|
268 | return "BC";
|
---|
269 | case SSL3_AD_UNSUPPORTED_CERTIFICATE:
|
---|
270 | return "UC";
|
---|
271 | case SSL3_AD_CERTIFICATE_REVOKED:
|
---|
272 | return "CR";
|
---|
273 | case SSL3_AD_CERTIFICATE_EXPIRED:
|
---|
274 | return "CE";
|
---|
275 | case SSL3_AD_CERTIFICATE_UNKNOWN:
|
---|
276 | return "CU";
|
---|
277 | case SSL3_AD_ILLEGAL_PARAMETER:
|
---|
278 | return "IP";
|
---|
279 | case TLS1_AD_DECRYPTION_FAILED:
|
---|
280 | return "DC";
|
---|
281 | case TLS1_AD_RECORD_OVERFLOW:
|
---|
282 | return "RO";
|
---|
283 | case TLS1_AD_UNKNOWN_CA:
|
---|
284 | return "CA";
|
---|
285 | case TLS1_AD_ACCESS_DENIED:
|
---|
286 | return "AD";
|
---|
287 | case TLS1_AD_DECODE_ERROR:
|
---|
288 | return "DE";
|
---|
289 | case TLS1_AD_DECRYPT_ERROR:
|
---|
290 | return "CY";
|
---|
291 | case TLS1_AD_EXPORT_RESTRICTION:
|
---|
292 | return "ER";
|
---|
293 | case TLS1_AD_PROTOCOL_VERSION:
|
---|
294 | return "PV";
|
---|
295 | case TLS1_AD_INSUFFICIENT_SECURITY:
|
---|
296 | return "IS";
|
---|
297 | case TLS1_AD_INTERNAL_ERROR:
|
---|
298 | return "IE";
|
---|
299 | case TLS1_AD_USER_CANCELLED:
|
---|
300 | return "US";
|
---|
301 | case TLS1_AD_NO_RENEGOTIATION:
|
---|
302 | return "NR";
|
---|
303 | case TLS1_AD_UNSUPPORTED_EXTENSION:
|
---|
304 | return "UE";
|
---|
305 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
|
---|
306 | return "CO";
|
---|
307 | case TLS1_AD_UNRECOGNIZED_NAME:
|
---|
308 | return "UN";
|
---|
309 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
|
---|
310 | return "BR";
|
---|
311 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
|
---|
312 | return "BH";
|
---|
313 | case TLS1_AD_UNKNOWN_PSK_IDENTITY:
|
---|
314 | return "UP";
|
---|
315 | default:
|
---|
316 | return "UK";
|
---|
317 | }
|
---|
318 | }
|
---|
319 |
|
---|
320 | const char *SSL_alert_desc_string_long(int value)
|
---|
321 | {
|
---|
322 | switch (value & 0xff) {
|
---|
323 | case SSL3_AD_CLOSE_NOTIFY:
|
---|
324 | return "close notify";
|
---|
325 | case SSL3_AD_UNEXPECTED_MESSAGE:
|
---|
326 | return "unexpected_message";
|
---|
327 | case SSL3_AD_BAD_RECORD_MAC:
|
---|
328 | return "bad record mac";
|
---|
329 | case SSL3_AD_DECOMPRESSION_FAILURE:
|
---|
330 | return "decompression failure";
|
---|
331 | case SSL3_AD_HANDSHAKE_FAILURE:
|
---|
332 | return "handshake failure";
|
---|
333 | case SSL3_AD_NO_CERTIFICATE:
|
---|
334 | return "no certificate";
|
---|
335 | case SSL3_AD_BAD_CERTIFICATE:
|
---|
336 | return "bad certificate";
|
---|
337 | case SSL3_AD_UNSUPPORTED_CERTIFICATE:
|
---|
338 | return "unsupported certificate";
|
---|
339 | case SSL3_AD_CERTIFICATE_REVOKED:
|
---|
340 | return "certificate revoked";
|
---|
341 | case SSL3_AD_CERTIFICATE_EXPIRED:
|
---|
342 | return "certificate expired";
|
---|
343 | case SSL3_AD_CERTIFICATE_UNKNOWN:
|
---|
344 | return "certificate unknown";
|
---|
345 | case SSL3_AD_ILLEGAL_PARAMETER:
|
---|
346 | return "illegal parameter";
|
---|
347 | case TLS1_AD_DECRYPTION_FAILED:
|
---|
348 | return "decryption failed";
|
---|
349 | case TLS1_AD_RECORD_OVERFLOW:
|
---|
350 | return "record overflow";
|
---|
351 | case TLS1_AD_UNKNOWN_CA:
|
---|
352 | return "unknown CA";
|
---|
353 | case TLS1_AD_ACCESS_DENIED:
|
---|
354 | return "access denied";
|
---|
355 | case TLS1_AD_DECODE_ERROR:
|
---|
356 | return "decode error";
|
---|
357 | case TLS1_AD_DECRYPT_ERROR:
|
---|
358 | return "decrypt error";
|
---|
359 | case TLS1_AD_EXPORT_RESTRICTION:
|
---|
360 | return "export restriction";
|
---|
361 | case TLS1_AD_PROTOCOL_VERSION:
|
---|
362 | return "protocol version";
|
---|
363 | case TLS1_AD_INSUFFICIENT_SECURITY:
|
---|
364 | return "insufficient security";
|
---|
365 | case TLS1_AD_INTERNAL_ERROR:
|
---|
366 | return "internal error";
|
---|
367 | case TLS1_AD_USER_CANCELLED:
|
---|
368 | return "user canceled";
|
---|
369 | case TLS1_AD_NO_RENEGOTIATION:
|
---|
370 | return "no renegotiation";
|
---|
371 | case TLS1_AD_UNSUPPORTED_EXTENSION:
|
---|
372 | return "unsupported extension";
|
---|
373 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
|
---|
374 | return "certificate unobtainable";
|
---|
375 | case TLS1_AD_UNRECOGNIZED_NAME:
|
---|
376 | return "unrecognized name";
|
---|
377 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
|
---|
378 | return "bad certificate status response";
|
---|
379 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
|
---|
380 | return "bad certificate hash value";
|
---|
381 | case TLS1_AD_UNKNOWN_PSK_IDENTITY:
|
---|
382 | return "unknown PSK identity";
|
---|
383 | case TLS1_AD_NO_APPLICATION_PROTOCOL:
|
---|
384 | return "no application protocol";
|
---|
385 | default:
|
---|
386 | return "unknown";
|
---|
387 | }
|
---|
388 | }
|
---|