ssl_stat.c 10.4 KB
Newer Older
R
Rich Salz 已提交
1 2
/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3
 *
R
Rich Salz 已提交
4 5 6 7
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
8
 */
R
Rich Salz 已提交
9

10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */
36 37 38 39

#include <stdio.h>
#include "ssl_locl.h"

B
Ben Laurie 已提交
40
const char *SSL_state_string_long(const SSL *s)
41
{
42
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
43 44
        return "error";

M
Matt Caswell 已提交
45
    switch (SSL_get_state(s)) {
M
Matt Caswell 已提交
46
    case TLS_ST_BEFORE:
47
        return "before SSL initialization";
M
Matt Caswell 已提交
48
    case TLS_ST_OK:
49
        return "SSL negotiation finished successfully";
M
Matt Caswell 已提交
50
    case TLS_ST_CW_CLNT_HELLO:
51
        return "SSLv3/TLS write client hello";
M
Matt Caswell 已提交
52
    case TLS_ST_CR_SRVR_HELLO:
53
        return "SSLv3/TLS read server hello";
M
Matt Caswell 已提交
54
    case TLS_ST_CR_CERT:
55
        return "SSLv3/TLS read server certificate";
M
Matt Caswell 已提交
56
    case TLS_ST_CR_KEY_EXCH:
57
        return "SSLv3/TLS read server key exchange";
M
Matt Caswell 已提交
58
    case TLS_ST_CR_CERT_REQ:
59
        return "SSLv3/TLS read server certificate request";
M
Matt Caswell 已提交
60
    case TLS_ST_CR_SESSION_TICKET:
61
        return "SSLv3/TLS read server session ticket";
M
Matt Caswell 已提交
62
    case TLS_ST_CR_SRVR_DONE:
63
        return "SSLv3/TLS read server done";
M
Matt Caswell 已提交
64
    case TLS_ST_CW_CERT:
65
        return "SSLv3/TLS write client certificate";
M
Matt Caswell 已提交
66
    case TLS_ST_CW_KEY_EXCH:
67
        return "SSLv3/TLS write client key exchange";
M
Matt Caswell 已提交
68
    case TLS_ST_CW_CERT_VRFY:
69
        return "SSLv3/TLS write certificate verify";
M
Matt Caswell 已提交
70 71
    case TLS_ST_CW_CHANGE:
    case TLS_ST_SW_CHANGE:
72
        return "SSLv3/TLS write change cipher spec";
M
Matt Caswell 已提交
73 74
    case TLS_ST_CW_FINISHED:
    case TLS_ST_SW_FINISHED:
75
        return "SSLv3/TLS write finished";
M
Matt Caswell 已提交
76 77
    case TLS_ST_CR_CHANGE:
    case TLS_ST_SR_CHANGE:
78
        return "SSLv3/TLS read change cipher spec";
M
Matt Caswell 已提交
79 80
    case TLS_ST_CR_FINISHED:
    case TLS_ST_SR_FINISHED:
81
        return "SSLv3/TLS read finished";
M
Matt Caswell 已提交
82
    case TLS_ST_SR_CLNT_HELLO:
83
        return "SSLv3/TLS read client hello";
M
Matt Caswell 已提交
84
    case TLS_ST_SW_HELLO_REQ:
85
        return "SSLv3/TLS write hello request";
M
Matt Caswell 已提交
86
    case TLS_ST_SW_SRVR_HELLO:
87
        return "SSLv3/TLS write server hello";
M
Matt Caswell 已提交
88
    case TLS_ST_SW_CERT:
89
        return "SSLv3/TLS write certificate";
M
Matt Caswell 已提交
90
    case TLS_ST_SW_KEY_EXCH:
91
        return "SSLv3/TLS write key exchange";
M
Matt Caswell 已提交
92
    case TLS_ST_SW_CERT_REQ:
93
        return "SSLv3/TLS write certificate request";
M
Matt Caswell 已提交
94
    case TLS_ST_SW_SESSION_TICKET:
95
        return "SSLv3/TLS write session ticket";
M
Matt Caswell 已提交
96
    case TLS_ST_SW_SRVR_DONE:
97
        return "SSLv3/TLS write server done";
M
Matt Caswell 已提交
98
    case TLS_ST_SR_CERT:
99
        return "SSLv3/TLS read client certificate";
M
Matt Caswell 已提交
100
    case TLS_ST_SR_KEY_EXCH:
101
        return "SSLv3/TLS read client key exchange";
M
Matt Caswell 已提交
102
    case TLS_ST_SR_CERT_VRFY:
103
        return "SSLv3/TLS read certificate verify";
M
Matt Caswell 已提交
104
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
105
        return "DTLS1 read hello verify request";
M
Matt Caswell 已提交
106
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
107
        return "DTLS1 write hello verify request";
108
    default:
109
        return "unknown state";
110 111
    }
}
112

B
Ben Laurie 已提交
113
const char *SSL_state_string(const SSL *s)
114
{
115
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
116 117
        return "SSLERR";

M
Matt Caswell 已提交
118
    switch (SSL_get_state(s)) {
M
Matt Caswell 已提交
119
    case TLS_ST_BEFORE:
120
        return "PINIT ";
M
Matt Caswell 已提交
121
    case TLS_ST_OK:
122
        return "SSLOK ";
M
Matt Caswell 已提交
123
    case TLS_ST_CW_CLNT_HELLO:
124
        return "TWCH";
M
Matt Caswell 已提交
125
    case TLS_ST_CR_SRVR_HELLO:
126
        return "TRSH";
M
Matt Caswell 已提交
127
    case TLS_ST_CR_CERT:
128
        return "TRSC";
M
Matt Caswell 已提交
129
    case TLS_ST_CR_KEY_EXCH:
130
        return "TRSKE";
M
Matt Caswell 已提交
131
    case TLS_ST_CR_CERT_REQ:
132
        return "TRCR";
M
Matt Caswell 已提交
133
    case TLS_ST_CR_SRVR_DONE:
134
        return "TRSD";
M
Matt Caswell 已提交
135
    case TLS_ST_CW_CERT:
136
        return "TWCC";
M
Matt Caswell 已提交
137
    case TLS_ST_CW_KEY_EXCH:
138
        return "TWCKE";
M
Matt Caswell 已提交
139
    case TLS_ST_CW_CERT_VRFY:
140
        return "TWCV";
M
Matt Caswell 已提交
141 142
    case TLS_ST_SW_CHANGE:
    case TLS_ST_CW_CHANGE:
143
        return "TWCCS";
M
Matt Caswell 已提交
144 145
    case TLS_ST_SW_FINISHED:
    case TLS_ST_CW_FINISHED:
146
        return "TWFIN";
M
Matt Caswell 已提交
147 148
    case TLS_ST_SR_CHANGE:
    case TLS_ST_CR_CHANGE:
149
        return "TRCCS";
M
Matt Caswell 已提交
150 151
    case TLS_ST_SR_FINISHED:
    case TLS_ST_CR_FINISHED:
152
        return "TRFIN";
M
Matt Caswell 已提交
153
    case TLS_ST_SW_HELLO_REQ:
154
        return "TWHR";
M
Matt Caswell 已提交
155
    case TLS_ST_SR_CLNT_HELLO:
156
        return "TRCH";
M
Matt Caswell 已提交
157
    case TLS_ST_SW_SRVR_HELLO:
158
        return "TWSH";
M
Matt Caswell 已提交
159
    case TLS_ST_SW_CERT:
160
        return "TWSC";
M
Matt Caswell 已提交
161
    case TLS_ST_SW_KEY_EXCH:
162
        return "TWSKE";
M
Matt Caswell 已提交
163
    case TLS_ST_SW_CERT_REQ:
164
        return "TWCR";
M
Matt Caswell 已提交
165
    case TLS_ST_SW_SRVR_DONE:
166
        return "TWSD";
M
Matt Caswell 已提交
167
    case TLS_ST_SR_CERT:
168
        return "TRCC";
M
Matt Caswell 已提交
169
    case TLS_ST_SR_KEY_EXCH:
170
        return "TRCKE";
M
Matt Caswell 已提交
171
    case TLS_ST_SR_CERT_VRFY:
172
        return "TRCV";
M
Matt Caswell 已提交
173
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
174
        return "DRCHV";
M
Matt Caswell 已提交
175
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
176
        return "DWCHV";
177
    default:
178
        return "UNKWN ";
179 180
    }
}
181

L
Lutz Jänicke 已提交
182
const char *SSL_alert_type_string_long(int value)
183
{
184 185 186 187 188 189 190 191
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "warning";
    case SSL3_AL_FATAL:
        return "fatal";
    default:
        return "unknown";
    }
192
}
193

L
Lutz Jänicke 已提交
194
const char *SSL_alert_type_string(int value)
195
{
196 197 198 199 200 201 202 203
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "W";
    case SSL3_AL_FATAL:
        return "F";
    default:
        return "U";
    }
204
}
205

L
Lutz Jänicke 已提交
206
const char *SSL_alert_desc_string(int value)
207 208 209
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
210
        return "CN";
211
    case SSL3_AD_UNEXPECTED_MESSAGE:
212
        return "UM";
213
    case SSL3_AD_BAD_RECORD_MAC:
214
        return "BM";
215
    case SSL3_AD_DECOMPRESSION_FAILURE:
216
        return "DF";
217
    case SSL3_AD_HANDSHAKE_FAILURE:
218
        return "HF";
219
    case SSL3_AD_NO_CERTIFICATE:
220
        return "NC";
221
    case SSL3_AD_BAD_CERTIFICATE:
222
        return "BC";
223
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
224
        return "UC";
225
    case SSL3_AD_CERTIFICATE_REVOKED:
226
        return "CR";
227
    case SSL3_AD_CERTIFICATE_EXPIRED:
228
        return "CE";
229
    case SSL3_AD_CERTIFICATE_UNKNOWN:
230
        return "CU";
231
    case SSL3_AD_ILLEGAL_PARAMETER:
232
        return "IP";
233
    case TLS1_AD_DECRYPTION_FAILED:
234
        return "DC";
235
    case TLS1_AD_RECORD_OVERFLOW:
236
        return "RO";
237
    case TLS1_AD_UNKNOWN_CA:
238
        return "CA";
239
    case TLS1_AD_ACCESS_DENIED:
240
        return "AD";
241
    case TLS1_AD_DECODE_ERROR:
242
        return "DE";
243
    case TLS1_AD_DECRYPT_ERROR:
244
        return "CY";
245
    case TLS1_AD_EXPORT_RESTRICTION:
246
        return "ER";
247
    case TLS1_AD_PROTOCOL_VERSION:
248
        return "PV";
249
    case TLS1_AD_INSUFFICIENT_SECURITY:
250
        return "IS";
251
    case TLS1_AD_INTERNAL_ERROR:
252
        return "IE";
253
    case TLS1_AD_USER_CANCELLED:
254
        return "US";
255
    case TLS1_AD_NO_RENEGOTIATION:
256
        return "NR";
257
    case TLS1_AD_UNSUPPORTED_EXTENSION:
258
        return "UE";
259
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
260
        return "CO";
261
    case TLS1_AD_UNRECOGNIZED_NAME:
262
        return "UN";
263
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
264
        return "BR";
265
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
266
        return "BH";
267
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
268
        return "UP";
269
    default:
270
        return "UK";
271 272
    }
}
273

L
Lutz Jänicke 已提交
274
const char *SSL_alert_desc_string_long(int value)
275 276 277
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
278
        return "close notify";
279
    case SSL3_AD_UNEXPECTED_MESSAGE:
280
        return "unexpected_message";
281
    case SSL3_AD_BAD_RECORD_MAC:
282
        return "bad record mac";
283
    case SSL3_AD_DECOMPRESSION_FAILURE:
284
        return "decompression failure";
285
    case SSL3_AD_HANDSHAKE_FAILURE:
286
        return "handshake failure";
287
    case SSL3_AD_NO_CERTIFICATE:
288
        return "no certificate";
289
    case SSL3_AD_BAD_CERTIFICATE:
290
        return "bad certificate";
291
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
292
        return "unsupported certificate";
293
    case SSL3_AD_CERTIFICATE_REVOKED:
294
        return "certificate revoked";
295
    case SSL3_AD_CERTIFICATE_EXPIRED:
296
        return "certificate expired";
297
    case SSL3_AD_CERTIFICATE_UNKNOWN:
298
        return "certificate unknown";
299
    case SSL3_AD_ILLEGAL_PARAMETER:
300
        return "illegal parameter";
301
    case TLS1_AD_DECRYPTION_FAILED:
302
        return "decryption failed";
303
    case TLS1_AD_RECORD_OVERFLOW:
304
        return "record overflow";
305
    case TLS1_AD_UNKNOWN_CA:
306
        return "unknown CA";
307
    case TLS1_AD_ACCESS_DENIED:
308
        return "access denied";
309
    case TLS1_AD_DECODE_ERROR:
310
        return "decode error";
311
    case TLS1_AD_DECRYPT_ERROR:
312
        return "decrypt error";
313
    case TLS1_AD_EXPORT_RESTRICTION:
314
        return "export restriction";
315
    case TLS1_AD_PROTOCOL_VERSION:
316
        return "protocol version";
317
    case TLS1_AD_INSUFFICIENT_SECURITY:
318
        return "insufficient security";
319
    case TLS1_AD_INTERNAL_ERROR:
320
        return "internal error";
321
    case TLS1_AD_USER_CANCELLED:
322
        return "user canceled";
323
    case TLS1_AD_NO_RENEGOTIATION:
324
        return "no renegotiation";
325
    case TLS1_AD_UNSUPPORTED_EXTENSION:
326
        return "unsupported extension";
327
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
328
        return "certificate unobtainable";
329
    case TLS1_AD_UNRECOGNIZED_NAME:
330
        return "unrecognized name";
331
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
332
        return "bad certificate status response";
333
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
334
        return "bad certificate hash value";
335
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
336
        return "unknown PSK identity";
E
Emilia Kasper 已提交
337
    case TLS1_AD_NO_APPLICATION_PROTOCOL:
338
        return "no application protocol";
339
    default:
340
        return "unknown";
341 342
    }
}