ssl_stat.c 10.4 KB
Newer Older
R
Rich Salz 已提交
1 2
/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3
 *
R
Rich Salz 已提交
4 5 6 7
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
8
 */
R
Rich Salz 已提交
9

10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */
36 37 38 39

#include <stdio.h>
#include "ssl_locl.h"

B
Ben Laurie 已提交
40
const char *SSL_state_string_long(const SSL *s)
41
{
42
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
43 44
        return "error";

M
Matt Caswell 已提交
45
    switch (SSL_get_state(s)) {
M
Matt Caswell 已提交
46
    case TLS_ST_BEFORE:
47
        return "before SSL initialization";
M
Matt Caswell 已提交
48
    case TLS_ST_OK:
49
        return "SSL negotiation finished successfully";
M
Matt Caswell 已提交
50
    case TLS_ST_CW_CLNT_HELLO:
51
        return "SSLv3/TLS write client hello";
M
Matt Caswell 已提交
52
    case TLS_ST_CR_SRVR_HELLO:
53
        return "SSLv3/TLS read server hello";
M
Matt Caswell 已提交
54
    case TLS_ST_CR_CERT:
55
        return "SSLv3/TLS read server certificate";
M
Matt Caswell 已提交
56
    case TLS_ST_CR_KEY_EXCH:
57
        return "SSLv3/TLS read server key exchange";
M
Matt Caswell 已提交
58
    case TLS_ST_CR_CERT_REQ:
59
        return "SSLv3/TLS read server certificate request";
M
Matt Caswell 已提交
60
    case TLS_ST_CR_SESSION_TICKET:
61
        return "SSLv3/TLS read server session ticket";
M
Matt Caswell 已提交
62
    case TLS_ST_CR_SRVR_DONE:
63
        return "SSLv3/TLS read server done";
M
Matt Caswell 已提交
64
    case TLS_ST_CW_CERT:
65
        return "SSLv3/TLS write client certificate";
M
Matt Caswell 已提交
66
    case TLS_ST_CW_KEY_EXCH:
67
        return "SSLv3/TLS write client key exchange";
M
Matt Caswell 已提交
68
    case TLS_ST_CW_CERT_VRFY:
69
        return "SSLv3/TLS write certificate verify";
M
Matt Caswell 已提交
70 71
    case TLS_ST_CW_CHANGE:
    case TLS_ST_SW_CHANGE:
72
        return "SSLv3/TLS write change cipher spec";
M
Matt Caswell 已提交
73 74
    case TLS_ST_CW_FINISHED:
    case TLS_ST_SW_FINISHED:
75
        return "SSLv3/TLS write finished";
M
Matt Caswell 已提交
76 77
    case TLS_ST_CR_CHANGE:
    case TLS_ST_SR_CHANGE:
78
        return "SSLv3/TLS read change cipher spec";
M
Matt Caswell 已提交
79 80
    case TLS_ST_CR_FINISHED:
    case TLS_ST_SR_FINISHED:
81
        return "SSLv3/TLS read finished";
M
Matt Caswell 已提交
82
    case TLS_ST_SR_CLNT_HELLO:
83
        return "SSLv3/TLS read client hello";
M
Matt Caswell 已提交
84
    case TLS_ST_SW_HELLO_REQ:
85
        return "SSLv3/TLS write hello request";
M
Matt Caswell 已提交
86
    case TLS_ST_SW_SRVR_HELLO:
87
        return "SSLv3/TLS write server hello";
M
Matt Caswell 已提交
88
    case TLS_ST_SW_CERT:
89
        return "SSLv3/TLS write certificate";
M
Matt Caswell 已提交
90
    case TLS_ST_SW_KEY_EXCH:
91
        return "SSLv3/TLS write key exchange";
M
Matt Caswell 已提交
92
    case TLS_ST_SW_CERT_REQ:
93
        return "SSLv3/TLS write certificate request";
M
Matt Caswell 已提交
94
    case TLS_ST_SW_SESSION_TICKET:
95
        return "SSLv3/TLS write session ticket";
M
Matt Caswell 已提交
96
    case TLS_ST_SW_SRVR_DONE:
97
        return "SSLv3/TLS write server done";
M
Matt Caswell 已提交
98
    case TLS_ST_SR_CERT:
99
        return "SSLv3/TLS read client certificate";
M
Matt Caswell 已提交
100
    case TLS_ST_SR_KEY_EXCH:
101
        return "SSLv3/TLS read client key exchange";
M
Matt Caswell 已提交
102
    case TLS_ST_SR_CERT_VRFY:
103
        return "SSLv3/TLS read certificate verify";
M
Matt Caswell 已提交
104
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
105
        return "DTLS1 read hello verify request";
M
Matt Caswell 已提交
106
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
107
        return "DTLS1 write hello verify request";
108
    default:
109
        return "unknown state";
110 111
    }
}
112 113


B
Ben Laurie 已提交
114
const char *SSL_state_string(const SSL *s)
115
{
116
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
117 118
        return "SSLERR";

M
Matt Caswell 已提交
119
    switch (SSL_get_state(s)) {
M
Matt Caswell 已提交
120
    case TLS_ST_BEFORE:
121
        return "PINIT ";
M
Matt Caswell 已提交
122
    case TLS_ST_OK:
123
        return "SSLOK ";
M
Matt Caswell 已提交
124
    case TLS_ST_CW_CLNT_HELLO:
125
        return "TWCH";
M
Matt Caswell 已提交
126
    case TLS_ST_CR_SRVR_HELLO:
127
        return "TRSH";
M
Matt Caswell 已提交
128
    case TLS_ST_CR_CERT:
129
        return "TRSC";
M
Matt Caswell 已提交
130
    case TLS_ST_CR_KEY_EXCH:
131
        return "TRSKE";
M
Matt Caswell 已提交
132
    case TLS_ST_CR_CERT_REQ:
133
        return "TRCR";
M
Matt Caswell 已提交
134
    case TLS_ST_CR_SRVR_DONE:
135
        return "TRSD";
M
Matt Caswell 已提交
136
    case TLS_ST_CW_CERT:
137
        return "TWCC";
M
Matt Caswell 已提交
138
    case TLS_ST_CW_KEY_EXCH:
139
        return "TWCKE";
M
Matt Caswell 已提交
140
    case TLS_ST_CW_CERT_VRFY:
141
        return "TWCV";
M
Matt Caswell 已提交
142 143
    case TLS_ST_SW_CHANGE:
    case TLS_ST_CW_CHANGE:
144
        return "TWCCS";
M
Matt Caswell 已提交
145 146
    case TLS_ST_SW_FINISHED:
    case TLS_ST_CW_FINISHED:
147
        return "TWFIN";
M
Matt Caswell 已提交
148 149
    case TLS_ST_SR_CHANGE:
    case TLS_ST_CR_CHANGE:
150
        return "TRCCS";
M
Matt Caswell 已提交
151 152
    case TLS_ST_SR_FINISHED:
    case TLS_ST_CR_FINISHED:
153
        return "TRFIN";
M
Matt Caswell 已提交
154
    case TLS_ST_SW_HELLO_REQ:
155
        return "TWHR";
M
Matt Caswell 已提交
156
    case TLS_ST_SR_CLNT_HELLO:
157
        return "TRCH";
M
Matt Caswell 已提交
158
    case TLS_ST_SW_SRVR_HELLO:
159
        return "TWSH";
M
Matt Caswell 已提交
160
    case TLS_ST_SW_CERT:
161
        return "TWSC";
M
Matt Caswell 已提交
162
    case TLS_ST_SW_KEY_EXCH:
163
        return "TWSKE";
M
Matt Caswell 已提交
164
    case TLS_ST_SW_CERT_REQ:
165
        return "TWCR";
M
Matt Caswell 已提交
166
    case TLS_ST_SW_SRVR_DONE:
167
        return "TWSD";
M
Matt Caswell 已提交
168
    case TLS_ST_SR_CERT:
169
        return "TRCC";
M
Matt Caswell 已提交
170
    case TLS_ST_SR_KEY_EXCH:
171
        return "TRCKE";
M
Matt Caswell 已提交
172
    case TLS_ST_SR_CERT_VRFY:
173
        return "TRCV";
M
Matt Caswell 已提交
174
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
175
        return "DRCHV";
M
Matt Caswell 已提交
176
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
177
        return "DWCHV";
178
    default:
179
        return "UNKWN ";
180 181
    }
}
182

L
Lutz Jänicke 已提交
183
const char *SSL_alert_type_string_long(int value)
184
{
185 186 187 188 189 190 191 192
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "warning";
    case SSL3_AL_FATAL:
        return "fatal";
    default:
        return "unknown";
    }
193
}
194

L
Lutz Jänicke 已提交
195
const char *SSL_alert_type_string(int value)
196
{
197 198 199 200 201 202 203 204
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "W";
    case SSL3_AL_FATAL:
        return "F";
    default:
        return "U";
    }
205
}
206

L
Lutz Jänicke 已提交
207
const char *SSL_alert_desc_string(int value)
208 209 210
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
211
        return "CN";
212
    case SSL3_AD_UNEXPECTED_MESSAGE:
213
        return "UM";
214
    case SSL3_AD_BAD_RECORD_MAC:
215
        return "BM";
216
    case SSL3_AD_DECOMPRESSION_FAILURE:
217
        return "DF";
218
    case SSL3_AD_HANDSHAKE_FAILURE:
219
        return "HF";
220
    case SSL3_AD_NO_CERTIFICATE:
221
        return "NC";
222
    case SSL3_AD_BAD_CERTIFICATE:
223
        return "BC";
224
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
225
        return "UC";
226
    case SSL3_AD_CERTIFICATE_REVOKED:
227
        return "CR";
228
    case SSL3_AD_CERTIFICATE_EXPIRED:
229
        return "CE";
230
    case SSL3_AD_CERTIFICATE_UNKNOWN:
231
        return "CU";
232
    case SSL3_AD_ILLEGAL_PARAMETER:
233
        return "IP";
234
    case TLS1_AD_DECRYPTION_FAILED:
235
        return "DC";
236
    case TLS1_AD_RECORD_OVERFLOW:
237
        return "RO";
238
    case TLS1_AD_UNKNOWN_CA:
239
        return "CA";
240
    case TLS1_AD_ACCESS_DENIED:
241
        return "AD";
242
    case TLS1_AD_DECODE_ERROR:
243
        return "DE";
244
    case TLS1_AD_DECRYPT_ERROR:
245
        return "CY";
246
    case TLS1_AD_EXPORT_RESTRICTION:
247
        return "ER";
248
    case TLS1_AD_PROTOCOL_VERSION:
249
        return "PV";
250
    case TLS1_AD_INSUFFICIENT_SECURITY:
251
        return "IS";
252
    case TLS1_AD_INTERNAL_ERROR:
253
        return "IE";
254
    case TLS1_AD_USER_CANCELLED:
255
        return "US";
256
    case TLS1_AD_NO_RENEGOTIATION:
257
        return "NR";
258
    case TLS1_AD_UNSUPPORTED_EXTENSION:
259
        return "UE";
260
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
261
        return "CO";
262
    case TLS1_AD_UNRECOGNIZED_NAME:
263
        return "UN";
264
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
265
        return "BR";
266
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
267
        return "BH";
268
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
269
        return "UP";
270
    default:
271
        return "UK";
272 273
    }
}
274

L
Lutz Jänicke 已提交
275
const char *SSL_alert_desc_string_long(int value)
276 277 278
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
279
        return "close notify";
280
    case SSL3_AD_UNEXPECTED_MESSAGE:
281
        return "unexpected_message";
282
    case SSL3_AD_BAD_RECORD_MAC:
283
        return "bad record mac";
284
    case SSL3_AD_DECOMPRESSION_FAILURE:
285
        return "decompression failure";
286
    case SSL3_AD_HANDSHAKE_FAILURE:
287
        return "handshake failure";
288
    case SSL3_AD_NO_CERTIFICATE:
289
        return "no certificate";
290
    case SSL3_AD_BAD_CERTIFICATE:
291
        return "bad certificate";
292
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
293
        return "unsupported certificate";
294
    case SSL3_AD_CERTIFICATE_REVOKED:
295
        return "certificate revoked";
296
    case SSL3_AD_CERTIFICATE_EXPIRED:
297
        return "certificate expired";
298
    case SSL3_AD_CERTIFICATE_UNKNOWN:
299
        return "certificate unknown";
300
    case SSL3_AD_ILLEGAL_PARAMETER:
301
        return "illegal parameter";
302
    case TLS1_AD_DECRYPTION_FAILED:
303
        return "decryption failed";
304
    case TLS1_AD_RECORD_OVERFLOW:
305
        return "record overflow";
306
    case TLS1_AD_UNKNOWN_CA:
307
        return "unknown CA";
308
    case TLS1_AD_ACCESS_DENIED:
309
        return "access denied";
310
    case TLS1_AD_DECODE_ERROR:
311
        return "decode error";
312
    case TLS1_AD_DECRYPT_ERROR:
313
        return "decrypt error";
314
    case TLS1_AD_EXPORT_RESTRICTION:
315
        return "export restriction";
316
    case TLS1_AD_PROTOCOL_VERSION:
317
        return "protocol version";
318
    case TLS1_AD_INSUFFICIENT_SECURITY:
319
        return "insufficient security";
320
    case TLS1_AD_INTERNAL_ERROR:
321
        return "internal error";
322
    case TLS1_AD_USER_CANCELLED:
323
        return "user canceled";
324
    case TLS1_AD_NO_RENEGOTIATION:
325
        return "no renegotiation";
326
    case TLS1_AD_UNSUPPORTED_EXTENSION:
327
        return "unsupported extension";
328
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
329
        return "certificate unobtainable";
330
    case TLS1_AD_UNRECOGNIZED_NAME:
331
        return "unrecognized name";
332
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
333
        return "bad certificate status response";
334
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
335
        return "bad certificate hash value";
336
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
337
        return "unknown PSK identity";
338 339
      case TLS1_AD_NO_APPLICATION_PROTOCOL:
        return "no application protocol";
340
    default:
341
        return "unknown";
342 343
    }
}