ssl_stat.c 11.0 KB
Newer Older
R
Rich Salz 已提交
1 2
/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3
 *
R
Rich Salz 已提交
4 5 6 7
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
8
 */
R
Rich Salz 已提交
9

10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */
36 37 38 39

#include <stdio.h>
#include "ssl_locl.h"

B
Ben Laurie 已提交
40
const char *SSL_state_string_long(const SSL *s)
41
{
42
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
43 44
        return "error";

M
Matt Caswell 已提交
45
    switch (SSL_get_state(s)) {
R
Rich Salz 已提交
46 47 48 49 50 51 52 53
    case TLS_ST_CR_CERT_STATUS:
        return "SSLv3/TLS read certificate status";
    case TLS_ST_CW_NEXT_PROTO:
        return "SSLv3/TLS write next proto";
    case TLS_ST_SR_NEXT_PROTO:
        return "SSLv3/TLS write next proto";
    case TLS_ST_SW_CERT_STATUS:
        return "SSLv3/TLS write next proto";
M
Matt Caswell 已提交
54
    case TLS_ST_BEFORE:
55
        return "before SSL initialization";
M
Matt Caswell 已提交
56
    case TLS_ST_OK:
57
        return "SSL negotiation finished successfully";
M
Matt Caswell 已提交
58
    case TLS_ST_CW_CLNT_HELLO:
59
        return "SSLv3/TLS write client hello";
M
Matt Caswell 已提交
60
    case TLS_ST_CR_SRVR_HELLO:
61
        return "SSLv3/TLS read server hello";
M
Matt Caswell 已提交
62
    case TLS_ST_CR_CERT:
63
        return "SSLv3/TLS read server certificate";
M
Matt Caswell 已提交
64
    case TLS_ST_CR_KEY_EXCH:
65
        return "SSLv3/TLS read server key exchange";
M
Matt Caswell 已提交
66
    case TLS_ST_CR_CERT_REQ:
67
        return "SSLv3/TLS read server certificate request";
M
Matt Caswell 已提交
68
    case TLS_ST_CR_SESSION_TICKET:
69
        return "SSLv3/TLS read server session ticket";
M
Matt Caswell 已提交
70
    case TLS_ST_CR_SRVR_DONE:
71
        return "SSLv3/TLS read server done";
M
Matt Caswell 已提交
72
    case TLS_ST_CW_CERT:
73
        return "SSLv3/TLS write client certificate";
M
Matt Caswell 已提交
74
    case TLS_ST_CW_KEY_EXCH:
75
        return "SSLv3/TLS write client key exchange";
M
Matt Caswell 已提交
76
    case TLS_ST_CW_CERT_VRFY:
77
        return "SSLv3/TLS write certificate verify";
M
Matt Caswell 已提交
78 79
    case TLS_ST_CW_CHANGE:
    case TLS_ST_SW_CHANGE:
80
        return "SSLv3/TLS write change cipher spec";
M
Matt Caswell 已提交
81 82
    case TLS_ST_CW_FINISHED:
    case TLS_ST_SW_FINISHED:
83
        return "SSLv3/TLS write finished";
M
Matt Caswell 已提交
84 85
    case TLS_ST_CR_CHANGE:
    case TLS_ST_SR_CHANGE:
86
        return "SSLv3/TLS read change cipher spec";
M
Matt Caswell 已提交
87 88
    case TLS_ST_CR_FINISHED:
    case TLS_ST_SR_FINISHED:
89
        return "SSLv3/TLS read finished";
M
Matt Caswell 已提交
90
    case TLS_ST_SR_CLNT_HELLO:
91
        return "SSLv3/TLS read client hello";
M
Matt Caswell 已提交
92
    case TLS_ST_SW_HELLO_REQ:
93
        return "SSLv3/TLS write hello request";
M
Matt Caswell 已提交
94
    case TLS_ST_SW_SRVR_HELLO:
95
        return "SSLv3/TLS write server hello";
M
Matt Caswell 已提交
96
    case TLS_ST_SW_CERT:
97
        return "SSLv3/TLS write certificate";
M
Matt Caswell 已提交
98
    case TLS_ST_SW_KEY_EXCH:
99
        return "SSLv3/TLS write key exchange";
M
Matt Caswell 已提交
100
    case TLS_ST_SW_CERT_REQ:
101
        return "SSLv3/TLS write certificate request";
M
Matt Caswell 已提交
102
    case TLS_ST_SW_SESSION_TICKET:
103
        return "SSLv3/TLS write session ticket";
M
Matt Caswell 已提交
104
    case TLS_ST_SW_SRVR_DONE:
105
        return "SSLv3/TLS write server done";
M
Matt Caswell 已提交
106
    case TLS_ST_SR_CERT:
107
        return "SSLv3/TLS read client certificate";
M
Matt Caswell 已提交
108
    case TLS_ST_SR_KEY_EXCH:
109
        return "SSLv3/TLS read client key exchange";
M
Matt Caswell 已提交
110
    case TLS_ST_SR_CERT_VRFY:
111
        return "SSLv3/TLS read certificate verify";
M
Matt Caswell 已提交
112
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
113
        return "DTLS1 read hello verify request";
M
Matt Caswell 已提交
114
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
115
        return "DTLS1 write hello verify request";
116
    default:
117
        return "unknown state";
118 119
    }
}
120

B
Ben Laurie 已提交
121
const char *SSL_state_string(const SSL *s)
122
{
123
    if (ossl_statem_in_error(s))
M
Matt Caswell 已提交
124 125
        return "SSLERR";

M
Matt Caswell 已提交
126
    switch (SSL_get_state(s)) {
R
Rich Salz 已提交
127 128 129 130 131 132 133 134 135 136 137 138
    case TLS_ST_SR_NEXT_PROTO:
        return "TRNP";
    case TLS_ST_SW_SESSION_TICKET:
        return "TWST";
    case TLS_ST_SW_CERT_STATUS:
        return "TWCS";
    case TLS_ST_CR_CERT_STATUS:
        return "TRCS";
    case TLS_ST_CR_SESSION_TICKET:
        return "TRST";
    case TLS_ST_CW_NEXT_PROTO:
        return "TWNP";
M
Matt Caswell 已提交
139
    case TLS_ST_BEFORE:
140
        return "PINIT ";
M
Matt Caswell 已提交
141
    case TLS_ST_OK:
142
        return "SSLOK ";
M
Matt Caswell 已提交
143
    case TLS_ST_CW_CLNT_HELLO:
144
        return "TWCH";
M
Matt Caswell 已提交
145
    case TLS_ST_CR_SRVR_HELLO:
146
        return "TRSH";
M
Matt Caswell 已提交
147
    case TLS_ST_CR_CERT:
148
        return "TRSC";
M
Matt Caswell 已提交
149
    case TLS_ST_CR_KEY_EXCH:
150
        return "TRSKE";
M
Matt Caswell 已提交
151
    case TLS_ST_CR_CERT_REQ:
152
        return "TRCR";
M
Matt Caswell 已提交
153
    case TLS_ST_CR_SRVR_DONE:
154
        return "TRSD";
M
Matt Caswell 已提交
155
    case TLS_ST_CW_CERT:
156
        return "TWCC";
M
Matt Caswell 已提交
157
    case TLS_ST_CW_KEY_EXCH:
158
        return "TWCKE";
M
Matt Caswell 已提交
159
    case TLS_ST_CW_CERT_VRFY:
160
        return "TWCV";
M
Matt Caswell 已提交
161 162
    case TLS_ST_SW_CHANGE:
    case TLS_ST_CW_CHANGE:
163
        return "TWCCS";
M
Matt Caswell 已提交
164 165
    case TLS_ST_SW_FINISHED:
    case TLS_ST_CW_FINISHED:
166
        return "TWFIN";
M
Matt Caswell 已提交
167 168
    case TLS_ST_SR_CHANGE:
    case TLS_ST_CR_CHANGE:
169
        return "TRCCS";
M
Matt Caswell 已提交
170 171
    case TLS_ST_SR_FINISHED:
    case TLS_ST_CR_FINISHED:
172
        return "TRFIN";
M
Matt Caswell 已提交
173
    case TLS_ST_SW_HELLO_REQ:
174
        return "TWHR";
M
Matt Caswell 已提交
175
    case TLS_ST_SR_CLNT_HELLO:
176
        return "TRCH";
M
Matt Caswell 已提交
177
    case TLS_ST_SW_SRVR_HELLO:
178
        return "TWSH";
M
Matt Caswell 已提交
179
    case TLS_ST_SW_CERT:
180
        return "TWSC";
M
Matt Caswell 已提交
181
    case TLS_ST_SW_KEY_EXCH:
182
        return "TWSKE";
M
Matt Caswell 已提交
183
    case TLS_ST_SW_CERT_REQ:
184
        return "TWCR";
M
Matt Caswell 已提交
185
    case TLS_ST_SW_SRVR_DONE:
186
        return "TWSD";
M
Matt Caswell 已提交
187
    case TLS_ST_SR_CERT:
188
        return "TRCC";
M
Matt Caswell 已提交
189
    case TLS_ST_SR_KEY_EXCH:
190
        return "TRCKE";
M
Matt Caswell 已提交
191
    case TLS_ST_SR_CERT_VRFY:
192
        return "TRCV";
M
Matt Caswell 已提交
193
    case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
194
        return "DRCHV";
M
Matt Caswell 已提交
195
    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
196
        return "DWCHV";
197
    default:
198
        return "UNKWN ";
199 200
    }
}
201

L
Lutz Jänicke 已提交
202
const char *SSL_alert_type_string_long(int value)
203
{
204 205 206 207 208 209 210 211
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "warning";
    case SSL3_AL_FATAL:
        return "fatal";
    default:
        return "unknown";
    }
212
}
213

L
Lutz Jänicke 已提交
214
const char *SSL_alert_type_string(int value)
215
{
216 217 218 219 220 221 222 223
    switch (value >> 8) {
    case SSL3_AL_WARNING:
        return "W";
    case SSL3_AL_FATAL:
        return "F";
    default:
        return "U";
    }
224
}
225

L
Lutz Jänicke 已提交
226
const char *SSL_alert_desc_string(int value)
227 228 229
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
230
        return "CN";
231
    case SSL3_AD_UNEXPECTED_MESSAGE:
232
        return "UM";
233
    case SSL3_AD_BAD_RECORD_MAC:
234
        return "BM";
235
    case SSL3_AD_DECOMPRESSION_FAILURE:
236
        return "DF";
237
    case SSL3_AD_HANDSHAKE_FAILURE:
238
        return "HF";
239
    case SSL3_AD_NO_CERTIFICATE:
240
        return "NC";
241
    case SSL3_AD_BAD_CERTIFICATE:
242
        return "BC";
243
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
244
        return "UC";
245
    case SSL3_AD_CERTIFICATE_REVOKED:
246
        return "CR";
247
    case SSL3_AD_CERTIFICATE_EXPIRED:
248
        return "CE";
249
    case SSL3_AD_CERTIFICATE_UNKNOWN:
250
        return "CU";
251
    case SSL3_AD_ILLEGAL_PARAMETER:
252
        return "IP";
253
    case TLS1_AD_DECRYPTION_FAILED:
254
        return "DC";
255
    case TLS1_AD_RECORD_OVERFLOW:
256
        return "RO";
257
    case TLS1_AD_UNKNOWN_CA:
258
        return "CA";
259
    case TLS1_AD_ACCESS_DENIED:
260
        return "AD";
261
    case TLS1_AD_DECODE_ERROR:
262
        return "DE";
263
    case TLS1_AD_DECRYPT_ERROR:
264
        return "CY";
265
    case TLS1_AD_EXPORT_RESTRICTION:
266
        return "ER";
267
    case TLS1_AD_PROTOCOL_VERSION:
268
        return "PV";
269
    case TLS1_AD_INSUFFICIENT_SECURITY:
270
        return "IS";
271
    case TLS1_AD_INTERNAL_ERROR:
272
        return "IE";
273
    case TLS1_AD_USER_CANCELLED:
274
        return "US";
275
    case TLS1_AD_NO_RENEGOTIATION:
276
        return "NR";
277
    case TLS1_AD_UNSUPPORTED_EXTENSION:
278
        return "UE";
279
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
280
        return "CO";
281
    case TLS1_AD_UNRECOGNIZED_NAME:
282
        return "UN";
283
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
284
        return "BR";
285
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
286
        return "BH";
287
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
288
        return "UP";
289
    default:
290
        return "UK";
291 292
    }
}
293

L
Lutz Jänicke 已提交
294
const char *SSL_alert_desc_string_long(int value)
295 296 297
{
    switch (value & 0xff) {
    case SSL3_AD_CLOSE_NOTIFY:
298
        return "close notify";
299
    case SSL3_AD_UNEXPECTED_MESSAGE:
300
        return "unexpected_message";
301
    case SSL3_AD_BAD_RECORD_MAC:
302
        return "bad record mac";
303
    case SSL3_AD_DECOMPRESSION_FAILURE:
304
        return "decompression failure";
305
    case SSL3_AD_HANDSHAKE_FAILURE:
306
        return "handshake failure";
307
    case SSL3_AD_NO_CERTIFICATE:
308
        return "no certificate";
309
    case SSL3_AD_BAD_CERTIFICATE:
310
        return "bad certificate";
311
    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
312
        return "unsupported certificate";
313
    case SSL3_AD_CERTIFICATE_REVOKED:
314
        return "certificate revoked";
315
    case SSL3_AD_CERTIFICATE_EXPIRED:
316
        return "certificate expired";
317
    case SSL3_AD_CERTIFICATE_UNKNOWN:
318
        return "certificate unknown";
319
    case SSL3_AD_ILLEGAL_PARAMETER:
320
        return "illegal parameter";
321
    case TLS1_AD_DECRYPTION_FAILED:
322
        return "decryption failed";
323
    case TLS1_AD_RECORD_OVERFLOW:
324
        return "record overflow";
325
    case TLS1_AD_UNKNOWN_CA:
326
        return "unknown CA";
327
    case TLS1_AD_ACCESS_DENIED:
328
        return "access denied";
329
    case TLS1_AD_DECODE_ERROR:
330
        return "decode error";
331
    case TLS1_AD_DECRYPT_ERROR:
332
        return "decrypt error";
333
    case TLS1_AD_EXPORT_RESTRICTION:
334
        return "export restriction";
335
    case TLS1_AD_PROTOCOL_VERSION:
336
        return "protocol version";
337
    case TLS1_AD_INSUFFICIENT_SECURITY:
338
        return "insufficient security";
339
    case TLS1_AD_INTERNAL_ERROR:
340
        return "internal error";
341
    case TLS1_AD_USER_CANCELLED:
342
        return "user canceled";
343
    case TLS1_AD_NO_RENEGOTIATION:
344
        return "no renegotiation";
345
    case TLS1_AD_UNSUPPORTED_EXTENSION:
346
        return "unsupported extension";
347
    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
348
        return "certificate unobtainable";
349
    case TLS1_AD_UNRECOGNIZED_NAME:
350
        return "unrecognized name";
351
    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
352
        return "bad certificate status response";
353
    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
354
        return "bad certificate hash value";
355
    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
356
        return "unknown PSK identity";
E
Emilia Kasper 已提交
357
    case TLS1_AD_NO_APPLICATION_PROTOCOL:
358
        return "no application protocol";
359
    default:
360
        return "unknown";
361 362
    }
}