[thirdparty/openssl.git] / ssl / ssl_txt.c

/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */

#include <stdio.h>
#include <openssl/buffer.h>
#include "ssl_locl.h"

#ifndef OPENSSL_NO_STDIO
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
{
    BIO *b;
    int ret;

    if ((b = BIO_new(BIO_s_file())) == NULL) {
        SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
        return (0);
    }
    BIO_set_fp(b, fp, BIO_NOCLOSE);
    ret = SSL_SESSION_print(b, x);
    BIO_free(b);
    return (ret);
}
#endif

int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
    size_t i;
    const char *s;

    if (x == NULL)
        goto err;
    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
        goto err;
    s = ssl_protocol_to_string(x->ssl_version);
    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
        goto err;

    if (x->cipher == NULL) {
        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
            if (BIO_printf
                (bp, "    Cipher    : %06lX\n", x->cipher_id & 0xffffff) <= 0)
                goto err;
        } else {
            if (BIO_printf
                (bp, "    Cipher    : %04lX\n", x->cipher_id & 0xffff) <= 0)
                goto err;
        }
    } else {
        if (BIO_printf
            (bp, "    Cipher    : %s\n",
             ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "    Session-ID: ") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
        goto err;
    for (i = 0; i < x->sid_ctx_length; i++) {
        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_PSK
    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
        goto err;
    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
        goto err;
    if (BIO_printf
        (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
        goto err;
#endif
#ifndef OPENSSL_NO_SRP
    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
        goto err;
#endif
    if (x->tlsext_tick_lifetime_hint) {
        if (BIO_printf(bp,
                       "\n    TLS session ticket lifetime hint: %ld (seconds)",
                       x->tlsext_tick_lifetime_hint) <= 0)
            goto err;
    }
    if (x->tlsext_tick) {
        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
            goto err;
        /* TODO(size_t): Convert this call */
        if (BIO_dump_indent
            (bp, (const char *)x->tlsext_tick, (int)x->tlsext_ticklen, 4)
            <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_COMP
    if (x->compress_meth != 0) {
        SSL_COMP *comp = NULL;

        if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
            goto err;
        if (comp == NULL) {
            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <= 0)
                goto err;
        } else {
            if (BIO_printf(bp, "\n    Compression: %d (%s)", comp->id,
                           comp->name) <= 0)
                goto err;
        }
    }
#endif
    if (x->time != 0L) {
        if (BIO_printf(bp, "\n    Start Time: %ld", x->time) <= 0)
            goto err;
    }
    if (x->timeout != 0L) {
        if (BIO_printf(bp, "\n    Timeout   : %ld (sec)", x->timeout) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    if (BIO_puts(bp, "    Verify return code: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
                   X509_verify_cert_error_string(x->verify_result)) <= 0)
        goto err;

    if (BIO_printf(bp, "    Extended master secret: %s\n",
                   x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
        goto err;

    return (1);
 err:
    return (0);
}

/*
 * print session id and master key in NSS keylog format (RSA
 * Session-ID:<session id> Master-Key:<master key>)
 */
int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
{
    size_t i;

    if (x == NULL)
        goto err;
    if (x->session_id_length == 0 || x->master_key_length == 0)
        goto err;

    /*
     * the RSA prefix is required by the format's definition although there's
     * nothing RSA-specific in the output, therefore, we don't have to check if
     * the cipher suite is based on RSA
     */
    if (BIO_puts(bp, "RSA ") <= 0)
        goto err;

    if (BIO_puts(bp, "Session-ID:") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, " Master-Key:") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    return (1);
 err:
    return (0);
}
Commit	Line	Data
846e33c7 RS	1	/*
846e33c7 RS	2	* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
846e33c7 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6	8	*/
846e33c7	9
ddac1974 NL	10	/* ====================================================================
	11	* Copyright 2005 Nokia. All rights reserved.
	12	*
	13	* The portions of the attached software ("Contribution") is developed by
	14	* Nokia Corporation and is licensed pursuant to the OpenSSL open source
	15	* license.
	16	*
	17	* The Contribution, originally written by Mika Kousa and Pasi Eronen of
	18	* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
	19	* support (see RFC 4279) to OpenSSL.
	20	*
	21	* No patent licenses or other rights except those expressly stated in
	22	* the OpenSSL open source license shall be deemed granted or received
	23	* expressly, by implication, estoppel, or otherwise.
	24	*
	25	* No assurances are provided by Nokia that the Contribution does not
	26	* infringe the patent or other intellectual property rights of any third
	27	* party or that the license provides you with all the necessary rights
	28	* to make use of the Contribution.
	29	*
	30	* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
	31	* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
	32	* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
	33	* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
	34	* OTHERWISE.
	35	*/
d02b48c6 RE	36
d02b48c6 RE	37	#include <stdio.h>
ec577822	38	#include <openssl/buffer.h>
d02b48c6 RE	39	#include "ssl_locl.h"
d02b48c6 RE	40
4b618848	41	#ifndef OPENSSL_NO_STDIO
0821bcd4	42	int SSL_SESSION_print_fp(FILE fp, const SSL_SESSION x)
0f113f3e MC	43	{
	44	BIO *b;
	45	int ret;
d02b48c6	46
9982cbbb	47	if ((b = BIO_new(BIO_s_file())) == NULL) {
0f113f3e MC	48	SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
	49	return (0);
	50	}
	51	BIO_set_fp(b, fp, BIO_NOCLOSE);
	52	ret = SSL_SESSION_print(b, x);
	53	BIO_free(b);
	54	return (ret);
	55	}
d02b48c6 RE	56	#endif
d02b48c6 RE	57
0821bcd4	58	int SSL_SESSION_print(BIO bp, const SSL_SESSION x)
0f113f3e	59	{
ec60ccc1	60	size_t i;
0f113f3e	61	const char *s;
d02b48c6	62
0f113f3e MC	63	if (x == NULL)
	64	goto err;
	65	if (BIO_puts(bp, "SSL-Session:\n") <= 0)
	66	goto err;
3eb2aff4	67	s = ssl_protocol_to_string(x->ssl_version);
0f113f3e MC	68	if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
0f113f3e MC	69	goto err;
58964a49	70
0f113f3e MC	71	if (x->cipher == NULL) {
	72	if (((x->cipher_id) & 0xff000000) == 0x02000000) {
	73	if (BIO_printf
	74	(bp, " Cipher : %06lX\n", x->cipher_id & 0xffffff) <= 0)
	75	goto err;
	76	} else {
	77	if (BIO_printf
	78	(bp, " Cipher : %04lX\n", x->cipher_id & 0xffff) <= 0)
	79	goto err;
	80	}
	81	} else {
	82	if (BIO_printf
	83	(bp, " Cipher : %s\n",
	84	((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
	85	goto err;
	86	}
	87	if (BIO_puts(bp, " Session-ID: ") <= 0)
	88	goto err;
	89	for (i = 0; i < x->session_id_length; i++) {
	90	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
	91	goto err;
	92	}
	93	if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
	94	goto err;
	95	for (i = 0; i < x->sid_ctx_length; i++) {
	96	if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
	97	goto err;
	98	}
	99	if (BIO_puts(bp, "\n Master-Key: ") <= 0)
	100	goto err;
ec60ccc1	101	for (i = 0; i < x->master_key_length; i++) {
0f113f3e MC	102	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
	103	goto err;
	104	}
ddac1974	105	#ifndef OPENSSL_NO_PSK
0f113f3e MC	106	if (BIO_puts(bp, "\n PSK identity: ") <= 0)
	107	goto err;
	108	if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
	109	goto err;
	110	if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
	111	goto err;
	112	if (BIO_printf
	113	(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
	114	goto err;
ddac1974	115	#endif
edc032b5	116	#ifndef OPENSSL_NO_SRP
0f113f3e MC	117	if (BIO_puts(bp, "\n SRP username: ") <= 0)
	118	goto err;
	119	if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
	120	goto err;
edc032b5	121	#endif
0f113f3e MC	122	if (x->tlsext_tick_lifetime_hint) {
	123	if (BIO_printf(bp,
	124	"\n TLS session ticket lifetime hint: %ld (seconds)",
	125	x->tlsext_tick_lifetime_hint) <= 0)
	126	goto err;
	127	}
	128	if (x->tlsext_tick) {
	129	if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
	130	goto err;
348240c6	131	/* TODO(size_t): Convert this call */
a230b26e	132	if (BIO_dump_indent
348240c6	133	(bp, (const char *)x->tlsext_tick, (int)x->tlsext_ticklen, 4)
0f113f3e MC	134	<= 0)
	135	goto err;
	136	}
09b6c2ef	137	#ifndef OPENSSL_NO_COMP
0f113f3e MC	138	if (x->compress_meth != 0) {
0f113f3e MC	139	SSL_COMP *comp = NULL;
413c4f45	140
61986d32	141	if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
69f68237	142	goto err;
0f113f3e	143	if (comp == NULL) {
a230b26e	144	if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0)
0f113f3e MC	145	goto err;
0f113f3e MC	146	} else {
9a555706	147	if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
a230b26e	148	comp->name) <= 0)
0f113f3e MC	149	goto err;
	150	}
	151	}
09b6c2ef	152	#endif
0f113f3e MC	153	if (x->time != 0L) {
	154	if (BIO_printf(bp, "\n Start Time: %ld", x->time) <= 0)
	155	goto err;
	156	}
	157	if (x->timeout != 0L) {
	158	if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
	159	goto err;
	160	}
	161	if (BIO_puts(bp, "\n") <= 0)
	162	goto err;
	163
	164	if (BIO_puts(bp, " Verify return code: ") <= 0)
	165	goto err;
	166	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
	167	X509_verify_cert_error_string(x->verify_result)) <= 0)
	168	goto err;
25f923dd	169
ddc06b35 DSH	170	if (BIO_printf(bp, " Extended master secret: %s\n",
	171	x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
	172	goto err;
	173
0f113f3e MC	174	return (1);
	175	err:
	176	return (0);
	177	}
d02b48c6	178
0f113f3e MC	179	/*
	180	* print session id and master key in NSS keylog format (RSA
	181	* Session-ID:<session id> Master-Key:<master key>)
	182	*/
189ae368	183	int SSL_SESSION_print_keylog(BIO bp, const SSL_SESSION x)
0f113f3e	184	{
ec60ccc1	185	size_t i;
189ae368	186
0f113f3e MC	187	if (x == NULL)
	188	goto err;
	189	if (x->session_id_length == 0 \|\| x->master_key_length == 0)
	190	goto err;
189ae368	191
0f113f3e MC	192	/*
0f113f3e MC	193	* the RSA prefix is required by the format's definition although there's
8483a003	194	* nothing RSA-specific in the output, therefore, we don't have to check if
0f113f3e MC	195	* the cipher suite is based on RSA
	196	*/
	197	if (BIO_puts(bp, "RSA ") <= 0)
	198	goto err;
189ae368	199
0f113f3e MC	200	if (BIO_puts(bp, "Session-ID:") <= 0)
	201	goto err;
	202	for (i = 0; i < x->session_id_length; i++) {
	203	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
	204	goto err;
	205	}
	206	if (BIO_puts(bp, " Master-Key:") <= 0)
	207	goto err;
ec60ccc1	208	for (i = 0; i < x->master_key_length; i++) {
0f113f3e MC	209	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
	210	goto err;
	211	}
	212	if (BIO_puts(bp, "\n") <= 0)
	213	goto err;
189ae368	214
0f113f3e MC	215	return (1);
	216	err:
	217	return (0);
	218	}