]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * Copyright 2005 Nokia. All rights reserved. | |
4 | * | |
5 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
6 | * this file except in compliance with the License. You can obtain a copy | |
7 | * in the file LICENSE in the source distribution or at | |
8 | * https://www.openssl.org/source/license.html | |
9 | */ | |
10 | ||
11 | #include <stdio.h> | |
12 | #include "ssl_locl.h" | |
13 | ||
14 | const char *SSL_state_string_long(const SSL *s) | |
15 | { | |
16 | if (ossl_statem_in_error(s)) | |
17 | return "error"; | |
18 | ||
19 | switch (SSL_get_state(s)) { | |
20 | case TLS_ST_CR_CERT_STATUS: | |
21 | return "SSLv3/TLS read certificate status"; | |
22 | case TLS_ST_CW_NEXT_PROTO: | |
23 | return "SSLv3/TLS write next proto"; | |
24 | case TLS_ST_SR_NEXT_PROTO: | |
25 | return "SSLv3/TLS read next proto"; | |
26 | case TLS_ST_SW_CERT_STATUS: | |
27 | return "SSLv3/TLS write certificate status"; | |
28 | case TLS_ST_BEFORE: | |
29 | return "before SSL initialization"; | |
30 | case TLS_ST_OK: | |
31 | return "SSL negotiation finished successfully"; | |
32 | case TLS_ST_CW_CLNT_HELLO: | |
33 | return "SSLv3/TLS write client hello"; | |
34 | case TLS_ST_CR_SRVR_HELLO: | |
35 | return "SSLv3/TLS read server hello"; | |
36 | case TLS_ST_CR_CERT: | |
37 | return "SSLv3/TLS read server certificate"; | |
38 | case TLS_ST_CR_KEY_EXCH: | |
39 | return "SSLv3/TLS read server key exchange"; | |
40 | case TLS_ST_CR_CERT_REQ: | |
41 | return "SSLv3/TLS read server certificate request"; | |
42 | case TLS_ST_CR_SESSION_TICKET: | |
43 | return "SSLv3/TLS read server session ticket"; | |
44 | case TLS_ST_CR_SRVR_DONE: | |
45 | return "SSLv3/TLS read server done"; | |
46 | case TLS_ST_CW_CERT: | |
47 | return "SSLv3/TLS write client certificate"; | |
48 | case TLS_ST_CW_KEY_EXCH: | |
49 | return "SSLv3/TLS write client key exchange"; | |
50 | case TLS_ST_CW_CERT_VRFY: | |
51 | return "SSLv3/TLS write certificate verify"; | |
52 | case TLS_ST_CW_CHANGE: | |
53 | case TLS_ST_SW_CHANGE: | |
54 | return "SSLv3/TLS write change cipher spec"; | |
55 | case TLS_ST_CW_FINISHED: | |
56 | case TLS_ST_SW_FINISHED: | |
57 | return "SSLv3/TLS write finished"; | |
58 | case TLS_ST_CR_CHANGE: | |
59 | case TLS_ST_SR_CHANGE: | |
60 | return "SSLv3/TLS read change cipher spec"; | |
61 | case TLS_ST_CR_FINISHED: | |
62 | case TLS_ST_SR_FINISHED: | |
63 | return "SSLv3/TLS read finished"; | |
64 | case TLS_ST_SR_CLNT_HELLO: | |
65 | return "SSLv3/TLS read client hello"; | |
66 | case TLS_ST_SW_HELLO_REQ: | |
67 | return "SSLv3/TLS write hello request"; | |
68 | case TLS_ST_SW_SRVR_HELLO: | |
69 | return "SSLv3/TLS write server hello"; | |
70 | case TLS_ST_SW_CERT: | |
71 | return "SSLv3/TLS write certificate"; | |
72 | case TLS_ST_SW_KEY_EXCH: | |
73 | return "SSLv3/TLS write key exchange"; | |
74 | case TLS_ST_SW_CERT_REQ: | |
75 | return "SSLv3/TLS write certificate request"; | |
76 | case TLS_ST_SW_SESSION_TICKET: | |
77 | return "SSLv3/TLS write session ticket"; | |
78 | case TLS_ST_SW_SRVR_DONE: | |
79 | return "SSLv3/TLS write server done"; | |
80 | case TLS_ST_SR_CERT: | |
81 | return "SSLv3/TLS read client certificate"; | |
82 | case TLS_ST_SR_KEY_EXCH: | |
83 | return "SSLv3/TLS read client key exchange"; | |
84 | case TLS_ST_SR_CERT_VRFY: | |
85 | return "SSLv3/TLS read certificate verify"; | |
86 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST: | |
87 | return "DTLS1 read hello verify request"; | |
88 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST: | |
89 | return "DTLS1 write hello verify request"; | |
90 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS: | |
91 | return "TLSv1.3 write encrypted extensions"; | |
92 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS: | |
93 | return "TLSv1.3 read encrypted extensions"; | |
94 | case TLS_ST_CR_CERT_VRFY: | |
95 | return "TLSv1.3 read server certificate verify"; | |
96 | case TLS_ST_SW_CERT_VRFY: | |
97 | return "TLSv1.3 write server certificate verify"; | |
98 | case TLS_ST_CR_HELLO_REQ: | |
99 | return "SSLv3/TLS read hello request"; | |
100 | case TLS_ST_SW_KEY_UPDATE: | |
101 | return "TLSv1.3 write server key update"; | |
102 | case TLS_ST_CW_KEY_UPDATE: | |
103 | return "TLSv1.3 write client key update"; | |
104 | case TLS_ST_SR_KEY_UPDATE: | |
105 | return "TLSv1.3 read client key update"; | |
106 | case TLS_ST_CR_KEY_UPDATE: | |
107 | return "TLSv1.3 read server key update"; | |
108 | case TLS_ST_EARLY_DATA: | |
109 | return "TLSv1.3 early data"; | |
110 | case TLS_ST_PENDING_EARLY_DATA_END: | |
111 | return "TLSv1.3 pending early data end"; | |
112 | case TLS_ST_CW_END_OF_EARLY_DATA: | |
113 | return "TLSv1.3 write end of early data"; | |
114 | case TLS_ST_SR_END_OF_EARLY_DATA: | |
115 | return "TLSv1.3 read end of early data"; | |
116 | default: | |
117 | return "unknown state"; | |
118 | } | |
119 | } | |
120 | ||
121 | const char *SSL_state_string(const SSL *s) | |
122 | { | |
123 | if (ossl_statem_in_error(s)) | |
124 | return "SSLERR"; | |
125 | ||
126 | switch (SSL_get_state(s)) { | |
127 | case TLS_ST_SR_NEXT_PROTO: | |
128 | return "TRNP"; | |
129 | case TLS_ST_SW_SESSION_TICKET: | |
130 | return "TWST"; | |
131 | case TLS_ST_SW_CERT_STATUS: | |
132 | return "TWCS"; | |
133 | case TLS_ST_CR_CERT_STATUS: | |
134 | return "TRCS"; | |
135 | case TLS_ST_CR_SESSION_TICKET: | |
136 | return "TRST"; | |
137 | case TLS_ST_CW_NEXT_PROTO: | |
138 | return "TWNP"; | |
139 | case TLS_ST_BEFORE: | |
140 | return "PINIT "; | |
141 | case TLS_ST_OK: | |
142 | return "SSLOK "; | |
143 | case TLS_ST_CW_CLNT_HELLO: | |
144 | return "TWCH"; | |
145 | case TLS_ST_CR_SRVR_HELLO: | |
146 | return "TRSH"; | |
147 | case TLS_ST_CR_CERT: | |
148 | return "TRSC"; | |
149 | case TLS_ST_CR_KEY_EXCH: | |
150 | return "TRSKE"; | |
151 | case TLS_ST_CR_CERT_REQ: | |
152 | return "TRCR"; | |
153 | case TLS_ST_CR_SRVR_DONE: | |
154 | return "TRSD"; | |
155 | case TLS_ST_CW_CERT: | |
156 | return "TWCC"; | |
157 | case TLS_ST_CW_KEY_EXCH: | |
158 | return "TWCKE"; | |
159 | case TLS_ST_CW_CERT_VRFY: | |
160 | return "TWCV"; | |
161 | case TLS_ST_SW_CHANGE: | |
162 | case TLS_ST_CW_CHANGE: | |
163 | return "TWCCS"; | |
164 | case TLS_ST_SW_FINISHED: | |
165 | case TLS_ST_CW_FINISHED: | |
166 | return "TWFIN"; | |
167 | case TLS_ST_SR_CHANGE: | |
168 | case TLS_ST_CR_CHANGE: | |
169 | return "TRCCS"; | |
170 | case TLS_ST_SR_FINISHED: | |
171 | case TLS_ST_CR_FINISHED: | |
172 | return "TRFIN"; | |
173 | case TLS_ST_SW_HELLO_REQ: | |
174 | return "TWHR"; | |
175 | case TLS_ST_SR_CLNT_HELLO: | |
176 | return "TRCH"; | |
177 | case TLS_ST_SW_SRVR_HELLO: | |
178 | return "TWSH"; | |
179 | case TLS_ST_SW_CERT: | |
180 | return "TWSC"; | |
181 | case TLS_ST_SW_KEY_EXCH: | |
182 | return "TWSKE"; | |
183 | case TLS_ST_SW_CERT_REQ: | |
184 | return "TWCR"; | |
185 | case TLS_ST_SW_SRVR_DONE: | |
186 | return "TWSD"; | |
187 | case TLS_ST_SR_CERT: | |
188 | return "TRCC"; | |
189 | case TLS_ST_SR_KEY_EXCH: | |
190 | return "TRCKE"; | |
191 | case TLS_ST_SR_CERT_VRFY: | |
192 | return "TRCV"; | |
193 | case DTLS_ST_CR_HELLO_VERIFY_REQUEST: | |
194 | return "DRCHV"; | |
195 | case DTLS_ST_SW_HELLO_VERIFY_REQUEST: | |
196 | return "DWCHV"; | |
197 | case TLS_ST_SW_ENCRYPTED_EXTENSIONS: | |
198 | return "TWEE"; | |
199 | case TLS_ST_CR_ENCRYPTED_EXTENSIONS: | |
200 | return "TREE"; | |
201 | case TLS_ST_CR_CERT_VRFY: | |
202 | return "TRSCV"; | |
203 | case TLS_ST_SW_CERT_VRFY: | |
204 | return "TRSCV"; | |
205 | case TLS_ST_CR_HELLO_REQ: | |
206 | return "TRHR"; | |
207 | case TLS_ST_SW_KEY_UPDATE: | |
208 | return "TWSKU"; | |
209 | case TLS_ST_CW_KEY_UPDATE: | |
210 | return "TWCKU"; | |
211 | case TLS_ST_SR_KEY_UPDATE: | |
212 | return "TRCKU"; | |
213 | case TLS_ST_CR_KEY_UPDATE: | |
214 | return "TRSKU"; | |
215 | case TLS_ST_EARLY_DATA: | |
216 | return "TED"; | |
217 | case TLS_ST_PENDING_EARLY_DATA_END: | |
218 | return "TPEDE"; | |
219 | case TLS_ST_CW_END_OF_EARLY_DATA: | |
220 | return "TWEOED"; | |
221 | case TLS_ST_SR_END_OF_EARLY_DATA: | |
222 | return "TWEOED"; | |
223 | default: | |
224 | return "UNKWN "; | |
225 | } | |
226 | } | |
227 | ||
228 | const char *SSL_alert_type_string_long(int value) | |
229 | { | |
230 | switch (value >> 8) { | |
231 | case SSL3_AL_WARNING: | |
232 | return "warning"; | |
233 | case SSL3_AL_FATAL: | |
234 | return "fatal"; | |
235 | default: | |
236 | return "unknown"; | |
237 | } | |
238 | } | |
239 | ||
240 | const char *SSL_alert_type_string(int value) | |
241 | { | |
242 | switch (value >> 8) { | |
243 | case SSL3_AL_WARNING: | |
244 | return "W"; | |
245 | case SSL3_AL_FATAL: | |
246 | return "F"; | |
247 | default: | |
248 | return "U"; | |
249 | } | |
250 | } | |
251 | ||
252 | const char *SSL_alert_desc_string(int value) | |
253 | { | |
254 | switch (value & 0xff) { | |
255 | case SSL3_AD_CLOSE_NOTIFY: | |
256 | return "CN"; | |
257 | case SSL3_AD_UNEXPECTED_MESSAGE: | |
258 | return "UM"; | |
259 | case SSL3_AD_BAD_RECORD_MAC: | |
260 | return "BM"; | |
261 | case SSL3_AD_DECOMPRESSION_FAILURE: | |
262 | return "DF"; | |
263 | case SSL3_AD_HANDSHAKE_FAILURE: | |
264 | return "HF"; | |
265 | case SSL3_AD_NO_CERTIFICATE: | |
266 | return "NC"; | |
267 | case SSL3_AD_BAD_CERTIFICATE: | |
268 | return "BC"; | |
269 | case SSL3_AD_UNSUPPORTED_CERTIFICATE: | |
270 | return "UC"; | |
271 | case SSL3_AD_CERTIFICATE_REVOKED: | |
272 | return "CR"; | |
273 | case SSL3_AD_CERTIFICATE_EXPIRED: | |
274 | return "CE"; | |
275 | case SSL3_AD_CERTIFICATE_UNKNOWN: | |
276 | return "CU"; | |
277 | case SSL3_AD_ILLEGAL_PARAMETER: | |
278 | return "IP"; | |
279 | case TLS1_AD_DECRYPTION_FAILED: | |
280 | return "DC"; | |
281 | case TLS1_AD_RECORD_OVERFLOW: | |
282 | return "RO"; | |
283 | case TLS1_AD_UNKNOWN_CA: | |
284 | return "CA"; | |
285 | case TLS1_AD_ACCESS_DENIED: | |
286 | return "AD"; | |
287 | case TLS1_AD_DECODE_ERROR: | |
288 | return "DE"; | |
289 | case TLS1_AD_DECRYPT_ERROR: | |
290 | return "CY"; | |
291 | case TLS1_AD_EXPORT_RESTRICTION: | |
292 | return "ER"; | |
293 | case TLS1_AD_PROTOCOL_VERSION: | |
294 | return "PV"; | |
295 | case TLS1_AD_INSUFFICIENT_SECURITY: | |
296 | return "IS"; | |
297 | case TLS1_AD_INTERNAL_ERROR: | |
298 | return "IE"; | |
299 | case TLS1_AD_USER_CANCELLED: | |
300 | return "US"; | |
301 | case TLS1_AD_NO_RENEGOTIATION: | |
302 | return "NR"; | |
303 | case TLS1_AD_UNSUPPORTED_EXTENSION: | |
304 | return "UE"; | |
305 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE: | |
306 | return "CO"; | |
307 | case TLS1_AD_UNRECOGNIZED_NAME: | |
308 | return "UN"; | |
309 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: | |
310 | return "BR"; | |
311 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: | |
312 | return "BH"; | |
313 | case TLS1_AD_UNKNOWN_PSK_IDENTITY: | |
314 | return "UP"; | |
315 | default: | |
316 | return "UK"; | |
317 | } | |
318 | } | |
319 | ||
320 | const char *SSL_alert_desc_string_long(int value) | |
321 | { | |
322 | switch (value & 0xff) { | |
323 | case SSL3_AD_CLOSE_NOTIFY: | |
324 | return "close notify"; | |
325 | case SSL3_AD_UNEXPECTED_MESSAGE: | |
326 | return "unexpected_message"; | |
327 | case SSL3_AD_BAD_RECORD_MAC: | |
328 | return "bad record mac"; | |
329 | case SSL3_AD_DECOMPRESSION_FAILURE: | |
330 | return "decompression failure"; | |
331 | case SSL3_AD_HANDSHAKE_FAILURE: | |
332 | return "handshake failure"; | |
333 | case SSL3_AD_NO_CERTIFICATE: | |
334 | return "no certificate"; | |
335 | case SSL3_AD_BAD_CERTIFICATE: | |
336 | return "bad certificate"; | |
337 | case SSL3_AD_UNSUPPORTED_CERTIFICATE: | |
338 | return "unsupported certificate"; | |
339 | case SSL3_AD_CERTIFICATE_REVOKED: | |
340 | return "certificate revoked"; | |
341 | case SSL3_AD_CERTIFICATE_EXPIRED: | |
342 | return "certificate expired"; | |
343 | case SSL3_AD_CERTIFICATE_UNKNOWN: | |
344 | return "certificate unknown"; | |
345 | case SSL3_AD_ILLEGAL_PARAMETER: | |
346 | return "illegal parameter"; | |
347 | case TLS1_AD_DECRYPTION_FAILED: | |
348 | return "decryption failed"; | |
349 | case TLS1_AD_RECORD_OVERFLOW: | |
350 | return "record overflow"; | |
351 | case TLS1_AD_UNKNOWN_CA: | |
352 | return "unknown CA"; | |
353 | case TLS1_AD_ACCESS_DENIED: | |
354 | return "access denied"; | |
355 | case TLS1_AD_DECODE_ERROR: | |
356 | return "decode error"; | |
357 | case TLS1_AD_DECRYPT_ERROR: | |
358 | return "decrypt error"; | |
359 | case TLS1_AD_EXPORT_RESTRICTION: | |
360 | return "export restriction"; | |
361 | case TLS1_AD_PROTOCOL_VERSION: | |
362 | return "protocol version"; | |
363 | case TLS1_AD_INSUFFICIENT_SECURITY: | |
364 | return "insufficient security"; | |
365 | case TLS1_AD_INTERNAL_ERROR: | |
366 | return "internal error"; | |
367 | case TLS1_AD_USER_CANCELLED: | |
368 | return "user canceled"; | |
369 | case TLS1_AD_NO_RENEGOTIATION: | |
370 | return "no renegotiation"; | |
371 | case TLS1_AD_UNSUPPORTED_EXTENSION: | |
372 | return "unsupported extension"; | |
373 | case TLS1_AD_CERTIFICATE_UNOBTAINABLE: | |
374 | return "certificate unobtainable"; | |
375 | case TLS1_AD_UNRECOGNIZED_NAME: | |
376 | return "unrecognized name"; | |
377 | case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: | |
378 | return "bad certificate status response"; | |
379 | case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: | |
380 | return "bad certificate hash value"; | |
381 | case TLS1_AD_UNKNOWN_PSK_IDENTITY: | |
382 | return "unknown PSK identity"; | |
383 | case TLS1_AD_NO_APPLICATION_PROTOCOL: | |
384 | return "no application protocol"; | |
385 | default: | |
386 | return "unknown"; | |
387 | } | |
388 | } |