]> git.ipfire.org Git - thirdparty/openssl.git/blob - ssl/ssl_txt.c
projects / thirdparty / openssl.git / blob
? search:


d9d6f397c77d7cb37b4197a24b575e19b637a685
[thirdparty/openssl.git] / ssl / ssl_txt.c
1 /* ssl/ssl_txt.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
60 *
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
63 * license.
64 *
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
68 *
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
72 *
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
77 *
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
82 * OTHERWISE.
83 */
84
85 #include <stdio.h>
86 #include <openssl/buffer.h>
87 #include "ssl_locl.h"
88
89 #ifndef OPENSSL_NO_STDIO
90 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
91 {
92 BIO *b;
93 int ret;
94
95 if ((b = BIO_new(BIO_s_file())) == NULL) {
96 SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
97 return (0);
98 }
99 BIO_set_fp(b, fp, BIO_NOCLOSE);
100 ret = SSL_SESSION_print(b, x);
101 BIO_free(b);
102 return (ret);
103 }
104 #endif
105
106 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
107 {
108 unsigned int i;
109 const char *s;
110
111 if (x == NULL)
112 goto err;
113 if (BIO_puts(bp, "SSL-Session:\n") <= 0)
114 goto err;
115 if (x->ssl_version == SSL3_VERSION)
116 s = "SSLv3";
117 else if (x->ssl_version == TLS1_2_VERSION)
118 s = "TLSv1.2";
119 else if (x->ssl_version == TLS1_1_VERSION)
120 s = "TLSv1.1";
121 else if (x->ssl_version == TLS1_VERSION)
122 s = "TLSv1";
123 else if (x->ssl_version == DTLS1_VERSION)
124 s = "DTLSv1";
125 else if (x->ssl_version == DTLS1_2_VERSION)
126 s = "DTLSv1.2";
127 else if (x->ssl_version == DTLS1_BAD_VER)
128 s = "DTLSv1-bad";
129 else
130 s = "unknown";
131 if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
132 goto err;
133
134 if (x->cipher == NULL) {
135 if (((x->cipher_id) & 0xff000000) == 0x02000000) {
136 if (BIO_printf
137 (bp, " Cipher : %06lX\n", x->cipher_id & 0xffffff) <= 0)
138 goto err;
139 } else {
140 if (BIO_printf
141 (bp, " Cipher : %04lX\n", x->cipher_id & 0xffff) <= 0)
142 goto err;
143 }
144 } else {
145 if (BIO_printf
146 (bp, " Cipher : %s\n",
147 ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
148 goto err;
149 }
150 if (BIO_puts(bp, " Session-ID: ") <= 0)
151 goto err;
152 for (i = 0; i < x->session_id_length; i++) {
153 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
154 goto err;
155 }
156 if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
157 goto err;
158 for (i = 0; i < x->sid_ctx_length; i++) {
159 if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
160 goto err;
161 }
162 if (BIO_puts(bp, "\n Master-Key: ") <= 0)
163 goto err;
164 for (i = 0; i < (unsigned int)x->master_key_length; i++) {
165 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
166 goto err;
167 }
168 #ifndef OPENSSL_NO_PSK
169 if (BIO_puts(bp, "\n PSK identity: ") <= 0)
170 goto err;
171 if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
172 goto err;
173 if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
174 goto err;
175 if (BIO_printf
176 (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
177 goto err;
178 #endif
179 #ifndef OPENSSL_NO_SRP
180 if (BIO_puts(bp, "\n SRP username: ") <= 0)
181 goto err;
182 if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
183 goto err;
184 #endif
185 if (x->tlsext_tick_lifetime_hint) {
186 if (BIO_printf(bp,
187 "\n TLS session ticket lifetime hint: %ld (seconds)",
188 x->tlsext_tick_lifetime_hint) <= 0)
189 goto err;
190 }
191 if (x->tlsext_tick) {
192 if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
193 goto err;
194 if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
195 <= 0)
196 goto err;
197 }
198
199 #ifndef OPENSSL_NO_COMP
200 if (x->compress_meth != 0) {
201 SSL_COMP *comp = NULL;
202
203 if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
204 goto err;
205 if (comp == NULL) {
206 if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <=
207 0)
208 goto err;
209 } else {
210 if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
211 comp->name) <= 0)
212 goto err;
213 }
214 }
215 #endif
216 if (x->time != 0L) {
217 if (BIO_printf(bp, "\n Start Time: %ld", x->time) <= 0)
218 goto err;
219 }
220 if (x->timeout != 0L) {
221 if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
222 goto err;
223 }
224 if (BIO_puts(bp, "\n") <= 0)
225 goto err;
226
227 if (BIO_puts(bp, " Verify return code: ") <= 0)
228 goto err;
229 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
230 X509_verify_cert_error_string(x->verify_result)) <= 0)
231 goto err;
232
233 if (BIO_printf(bp, " Extended master secret: %s\n",
234 x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
235 goto err;
236
237 return (1);
238 err:
239 return (0);
240 }
241
242 /*
243 * print session id and master key in NSS keylog format (RSA
244 * Session-ID:<session id> Master-Key:<master key>)
245 */
246 int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
247 {
248 unsigned int i;
249
250 if (x == NULL)
251 goto err;
252 if (x->session_id_length == 0 || x->master_key_length == 0)
253 goto err;
254
255 /*
256 * the RSA prefix is required by the format's definition although there's
257 * nothing RSA-specifc in the output, therefore, we don't have to check if
258 * the cipher suite is based on RSA
259 */
260 if (BIO_puts(bp, "RSA ") <= 0)
261 goto err;
262
263 if (BIO_puts(bp, "Session-ID:") <= 0)
264 goto err;
265 for (i = 0; i < x->session_id_length; i++) {
266 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
267 goto err;
268 }
269 if (BIO_puts(bp, " Master-Key:") <= 0)
270 goto err;
271 for (i = 0; i < (unsigned int)x->master_key_length; i++) {
272 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
273 goto err;
274 }
275 if (BIO_puts(bp, "\n") <= 0)
276 goto err;
277
278 return (1);
279 err:
280 return (0);
281 }
A mirror of the official openssl repository