1 /* 2 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 2005 Nokia. All rights reserved. 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #include <stdio.h> 12 #include "ssl_local.h" 13 #include "internal/ssl_unwrap.h" 14 SSL_state_string_long(const SSL * s)15const char *SSL_state_string_long(const SSL *s) 16 { 17 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); 18 19 if (sc == NULL || ossl_statem_in_error(sc)) 20 return "error"; 21 22 switch (SSL_get_state(s)) { 23 case TLS_ST_CR_CERT_STATUS: 24 return "SSLv3/TLS read certificate status"; 25 case TLS_ST_CW_NEXT_PROTO: 26 return "SSLv3/TLS write next proto"; 27 case TLS_ST_SR_NEXT_PROTO: 28 return "SSLv3/TLS read next proto"; 29 case TLS_ST_SW_CERT_STATUS: 30 return "SSLv3/TLS write certificate status"; 31 case TLS_ST_BEFORE: 32 return "before SSL initialization"; 33 case TLS_ST_OK: 34 return "SSL negotiation finished successfully"; 35 case TLS_ST_CW_CLNT_HELLO: 36 return "SSLv3/TLS write client hello"; 37 case TLS_ST_CR_SRVR_HELLO: 38 return "SSLv3/TLS read server hello"; 39 case TLS_ST_CR_CERT: 40 return "SSLv3/TLS read server certificate"; 41 case TLS_ST_CR_COMP_CERT: 42 return "TLSv1.3 read server compressed certificate"; 43 case TLS_ST_CR_KEY_EXCH: 44 return "SSLv3/TLS read server key exchange"; 45 case TLS_ST_CR_CERT_REQ: 46 return "SSLv3/TLS read server certificate request"; 47 case TLS_ST_CR_SESSION_TICKET: 48 return "SSLv3/TLS read server session ticket"; 49 case TLS_ST_CR_SRVR_DONE: 50 return "SSLv3/TLS read server done"; 51 case TLS_ST_CW_CERT: 52 return "SSLv3/TLS write client certificate"; 53 case TLS_ST_CW_COMP_CERT: 54 return "TLSv1.3 write client compressed certificate"; 55 case TLS_ST_CW_KEY_EXCH: 56 return "SSLv3/TLS write client key exchange"; 57 case TLS_ST_CW_CERT_VRFY: 58 return "SSLv3/TLS write certificate verify"; 59 case TLS_ST_CW_CHANGE: 60 case TLS_ST_SW_CHANGE: 61 return "SSLv3/TLS write change cipher spec"; 62 case TLS_ST_CW_FINISHED: 63 case TLS_ST_SW_FINISHED: 64 return "SSLv3/TLS write finished"; 65 case TLS_ST_CR_CHANGE: 66 case TLS_ST_SR_CHANGE: 67 return "SSLv3/TLS read change cipher spec"; 68 case TLS_ST_CR_FINISHED: 69 case TLS_ST_SR_FINISHED: 70 return "SSLv3/TLS read finished"; 71 case TLS_ST_SR_CLNT_HELLO: 72 return "SSLv3/TLS read client hello"; 73 case TLS_ST_SW_HELLO_REQ: 74 return "SSLv3/TLS write hello request"; 75 case TLS_ST_SW_SRVR_HELLO: 76 return "SSLv3/TLS write server hello"; 77 case TLS_ST_SW_CERT: 78 return "SSLv3/TLS write certificate"; 79 case TLS_ST_SW_COMP_CERT: 80 return "TLSv1.3 write server compressed certificate"; 81 case TLS_ST_SW_KEY_EXCH: 82 return "SSLv3/TLS write key exchange"; 83 case TLS_ST_SW_CERT_REQ: 84 return "SSLv3/TLS write certificate request"; 85 case TLS_ST_SW_SESSION_TICKET: 86 return "SSLv3/TLS write session ticket"; 87 case TLS_ST_SW_SRVR_DONE: 88 return "SSLv3/TLS write server done"; 89 case TLS_ST_SR_CERT: 90 return "SSLv3/TLS read client certificate"; 91 case TLS_ST_SR_COMP_CERT: 92 return "TLSv1.3 read client compressed certificate"; 93 case TLS_ST_SR_KEY_EXCH: 94 return "SSLv3/TLS read client key exchange"; 95 case TLS_ST_SR_CERT_VRFY: 96 return "SSLv3/TLS read certificate verify"; 97 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 98 return "DTLS1 read hello verify request"; 99 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 100 return "DTLS1 write hello verify request"; 101 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 102 return "TLSv1.3 write encrypted extensions"; 103 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 104 return "TLSv1.3 read encrypted extensions"; 105 case TLS_ST_CR_CERT_VRFY: 106 return "TLSv1.3 read server certificate verify"; 107 case TLS_ST_SW_CERT_VRFY: 108 return "TLSv1.3 write server certificate verify"; 109 case TLS_ST_CR_HELLO_REQ: 110 return "SSLv3/TLS read hello request"; 111 case TLS_ST_SW_KEY_UPDATE: 112 return "TLSv1.3 write server key update"; 113 case TLS_ST_CW_KEY_UPDATE: 114 return "TLSv1.3 write client key update"; 115 case TLS_ST_SR_KEY_UPDATE: 116 return "TLSv1.3 read client key update"; 117 case TLS_ST_CR_KEY_UPDATE: 118 return "TLSv1.3 read server key update"; 119 case TLS_ST_EARLY_DATA: 120 return "TLSv1.3 early data"; 121 case TLS_ST_PENDING_EARLY_DATA_END: 122 return "TLSv1.3 pending early data end"; 123 case TLS_ST_CW_END_OF_EARLY_DATA: 124 return "TLSv1.3 write end of early data"; 125 case TLS_ST_SR_END_OF_EARLY_DATA: 126 return "TLSv1.3 read end of early data"; 127 default: 128 return "unknown state"; 129 } 130 } 131 SSL_state_string(const SSL * s)132const char *SSL_state_string(const SSL *s) 133 { 134 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); 135 136 if (sc == NULL || ossl_statem_in_error(sc)) 137 return "SSLERR"; 138 139 switch (SSL_get_state(s)) { 140 case TLS_ST_SR_NEXT_PROTO: 141 return "TRNP"; 142 case TLS_ST_SW_SESSION_TICKET: 143 return "TWST"; 144 case TLS_ST_SW_CERT_STATUS: 145 return "TWCS"; 146 case TLS_ST_CR_CERT_STATUS: 147 return "TRCS"; 148 case TLS_ST_CR_SESSION_TICKET: 149 return "TRST"; 150 case TLS_ST_CW_NEXT_PROTO: 151 return "TWNP"; 152 case TLS_ST_BEFORE: 153 return "PINIT"; 154 case TLS_ST_OK: 155 return "SSLOK"; 156 case TLS_ST_CW_CLNT_HELLO: 157 return "TWCH"; 158 case TLS_ST_CR_SRVR_HELLO: 159 return "TRSH"; 160 case TLS_ST_CR_CERT: 161 return "TRSC"; 162 case TLS_ST_CR_COMP_CERT: 163 return "TRSCC"; 164 case TLS_ST_CR_KEY_EXCH: 165 return "TRSKE"; 166 case TLS_ST_CR_CERT_REQ: 167 return "TRCR"; 168 case TLS_ST_CR_SRVR_DONE: 169 return "TRSD"; 170 case TLS_ST_CW_CERT: 171 return "TWCC"; 172 case TLS_ST_CW_COMP_CERT: 173 return "TWCCC"; 174 case TLS_ST_CW_KEY_EXCH: 175 return "TWCKE"; 176 case TLS_ST_CW_CERT_VRFY: 177 return "TWCV"; 178 case TLS_ST_SW_CHANGE: 179 case TLS_ST_CW_CHANGE: 180 return "TWCCS"; 181 case TLS_ST_SW_FINISHED: 182 case TLS_ST_CW_FINISHED: 183 return "TWFIN"; 184 case TLS_ST_SR_CHANGE: 185 case TLS_ST_CR_CHANGE: 186 return "TRCCS"; 187 case TLS_ST_SR_FINISHED: 188 case TLS_ST_CR_FINISHED: 189 return "TRFIN"; 190 case TLS_ST_SW_HELLO_REQ: 191 return "TWHR"; 192 case TLS_ST_SR_CLNT_HELLO: 193 return "TRCH"; 194 case TLS_ST_SW_SRVR_HELLO: 195 return "TWSH"; 196 case TLS_ST_SW_CERT: 197 return "TWSC"; 198 case TLS_ST_SW_COMP_CERT: 199 return "TWSCC"; 200 case TLS_ST_SW_KEY_EXCH: 201 return "TWSKE"; 202 case TLS_ST_SW_CERT_REQ: 203 return "TWCR"; 204 case TLS_ST_SW_SRVR_DONE: 205 return "TWSD"; 206 case TLS_ST_SR_CERT: 207 return "TRCC"; 208 case TLS_ST_SR_COMP_CERT: 209 return "TRCCC"; 210 case TLS_ST_SR_KEY_EXCH: 211 return "TRCKE"; 212 case TLS_ST_SR_CERT_VRFY: 213 return "TRCV"; 214 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 215 return "DRCHV"; 216 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 217 return "DWCHV"; 218 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 219 return "TWEE"; 220 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 221 return "TREE"; 222 case TLS_ST_CR_CERT_VRFY: 223 return "TRSCV"; 224 case TLS_ST_SW_CERT_VRFY: 225 return "TWSCV"; 226 case TLS_ST_CR_HELLO_REQ: 227 return "TRHR"; 228 case TLS_ST_SW_KEY_UPDATE: 229 return "TWSKU"; 230 case TLS_ST_CW_KEY_UPDATE: 231 return "TWCKU"; 232 case TLS_ST_SR_KEY_UPDATE: 233 return "TRCKU"; 234 case TLS_ST_CR_KEY_UPDATE: 235 return "TRSKU"; 236 case TLS_ST_EARLY_DATA: 237 return "TED"; 238 case TLS_ST_PENDING_EARLY_DATA_END: 239 return "TPEDE"; 240 case TLS_ST_CW_END_OF_EARLY_DATA: 241 return "TWEOED"; 242 case TLS_ST_SR_END_OF_EARLY_DATA: 243 return "TWEOED"; 244 default: 245 return "UNKWN"; 246 } 247 } 248 SSL_alert_type_string_long(int value)249const char *SSL_alert_type_string_long(int value) 250 { 251 switch (value >> 8) { 252 case SSL3_AL_WARNING: 253 return "warning"; 254 case SSL3_AL_FATAL: 255 return "fatal"; 256 default: 257 return "unknown"; 258 } 259 } 260 SSL_alert_type_string(int value)261const char *SSL_alert_type_string(int value) 262 { 263 switch (value >> 8) { 264 case SSL3_AL_WARNING: 265 return "W"; 266 case SSL3_AL_FATAL: 267 return "F"; 268 default: 269 return "U"; 270 } 271 } 272 SSL_alert_desc_string(int value)273const char *SSL_alert_desc_string(int value) 274 { 275 switch (value & 0xff) { 276 case SSL3_AD_CLOSE_NOTIFY: 277 return "CN"; 278 case SSL3_AD_UNEXPECTED_MESSAGE: 279 return "UM"; 280 case SSL3_AD_BAD_RECORD_MAC: 281 return "BM"; 282 case SSL3_AD_DECOMPRESSION_FAILURE: 283 return "DF"; 284 case SSL3_AD_HANDSHAKE_FAILURE: 285 return "HF"; 286 case SSL3_AD_NO_CERTIFICATE: 287 return "NC"; 288 case SSL3_AD_BAD_CERTIFICATE: 289 return "BC"; 290 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 291 return "UC"; 292 case SSL3_AD_CERTIFICATE_REVOKED: 293 return "CR"; 294 case SSL3_AD_CERTIFICATE_EXPIRED: 295 return "CE"; 296 case SSL3_AD_CERTIFICATE_UNKNOWN: 297 return "CU"; 298 case SSL3_AD_ILLEGAL_PARAMETER: 299 return "IP"; 300 case TLS1_AD_DECRYPTION_FAILED: 301 return "DC"; 302 case TLS1_AD_RECORD_OVERFLOW: 303 return "RO"; 304 case TLS1_AD_UNKNOWN_CA: 305 return "CA"; 306 case TLS1_AD_ACCESS_DENIED: 307 return "AD"; 308 case TLS1_AD_DECODE_ERROR: 309 return "DE"; 310 case TLS1_AD_DECRYPT_ERROR: 311 return "CY"; 312 case TLS1_AD_EXPORT_RESTRICTION: 313 return "ER"; 314 case TLS1_AD_PROTOCOL_VERSION: 315 return "PV"; 316 case TLS1_AD_INSUFFICIENT_SECURITY: 317 return "IS"; 318 case TLS1_AD_INTERNAL_ERROR: 319 return "IE"; 320 case TLS1_AD_USER_CANCELLED: 321 return "US"; 322 case TLS1_AD_NO_RENEGOTIATION: 323 return "NR"; 324 case TLS1_AD_UNSUPPORTED_EXTENSION: 325 return "UE"; 326 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 327 return "CO"; 328 case TLS1_AD_UNRECOGNIZED_NAME: 329 return "UN"; 330 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 331 return "BR"; 332 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 333 return "BH"; 334 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 335 return "UP"; 336 default: 337 return "UK"; 338 } 339 } 340 SSL_alert_desc_string_long(int value)341const char *SSL_alert_desc_string_long(int value) 342 { 343 switch (value & 0xff) { 344 case SSL3_AD_CLOSE_NOTIFY: 345 return "close notify"; 346 case SSL3_AD_UNEXPECTED_MESSAGE: 347 return "unexpected message"; 348 case SSL3_AD_BAD_RECORD_MAC: 349 return "bad record mac"; 350 case SSL3_AD_DECOMPRESSION_FAILURE: 351 return "decompression failure"; 352 case SSL3_AD_HANDSHAKE_FAILURE: 353 return "handshake failure"; 354 case SSL3_AD_NO_CERTIFICATE: 355 return "no certificate"; 356 case SSL3_AD_BAD_CERTIFICATE: 357 return "bad certificate"; 358 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 359 return "unsupported certificate"; 360 case SSL3_AD_CERTIFICATE_REVOKED: 361 return "certificate revoked"; 362 case SSL3_AD_CERTIFICATE_EXPIRED: 363 return "certificate expired"; 364 case SSL3_AD_CERTIFICATE_UNKNOWN: 365 return "certificate unknown"; 366 case SSL3_AD_ILLEGAL_PARAMETER: 367 return "illegal parameter"; 368 case TLS1_AD_DECRYPTION_FAILED: 369 return "decryption failed"; 370 case TLS1_AD_RECORD_OVERFLOW: 371 return "record overflow"; 372 case TLS1_AD_UNKNOWN_CA: 373 return "unknown CA"; 374 case TLS1_AD_ACCESS_DENIED: 375 return "access denied"; 376 case TLS1_AD_DECODE_ERROR: 377 return "decode error"; 378 case TLS1_AD_DECRYPT_ERROR: 379 return "decrypt error"; 380 case TLS1_AD_EXPORT_RESTRICTION: 381 return "export restriction"; 382 case TLS1_AD_PROTOCOL_VERSION: 383 return "protocol version"; 384 case TLS1_AD_INSUFFICIENT_SECURITY: 385 return "insufficient security"; 386 case TLS1_AD_INTERNAL_ERROR: 387 return "internal error"; 388 case TLS1_AD_USER_CANCELLED: 389 return "user canceled"; 390 case TLS1_AD_NO_RENEGOTIATION: 391 return "no renegotiation"; 392 case TLS1_AD_UNSUPPORTED_EXTENSION: 393 return "unsupported extension"; 394 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 395 return "certificate unobtainable"; 396 case TLS1_AD_UNRECOGNIZED_NAME: 397 return "unrecognized name"; 398 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 399 return "bad certificate status response"; 400 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 401 return "bad certificate hash value"; 402 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 403 return "unknown PSK identity"; 404 case TLS1_AD_NO_APPLICATION_PROTOCOL: 405 return "no application protocol"; 406 default: 407 return "unknown"; 408 } 409 } 410