1 /* 2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 2005 Nokia. All rights reserved. 4 * 5 * Licensed under the OpenSSL license (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #include <stdio.h> 12 #include "ssl_local.h" 13 14 const char *SSL_state_string_long(const SSL *s) 15 { 16 if (ossl_statem_in_error(s)) 17 return "error"; 18 19 switch (SSL_get_state(s)) { 20 case TLS_ST_CR_CERT_STATUS: 21 return "SSLv3/TLS read certificate status"; 22 case TLS_ST_CW_NEXT_PROTO: 23 return "SSLv3/TLS write next proto"; 24 case TLS_ST_SR_NEXT_PROTO: 25 return "SSLv3/TLS read next proto"; 26 case TLS_ST_SW_CERT_STATUS: 27 return "SSLv3/TLS write certificate status"; 28 case TLS_ST_BEFORE: 29 return "before SSL initialization"; 30 case TLS_ST_OK: 31 return "SSL negotiation finished successfully"; 32 case TLS_ST_CW_CLNT_HELLO: 33 return "SSLv3/TLS write client hello"; 34 case TLS_ST_CR_SRVR_HELLO: 35 return "SSLv3/TLS read server hello"; 36 case TLS_ST_CR_CERT: 37 return "SSLv3/TLS read server certificate"; 38 case TLS_ST_CR_KEY_EXCH: 39 return "SSLv3/TLS read server key exchange"; 40 case TLS_ST_CR_CERT_REQ: 41 return "SSLv3/TLS read server certificate request"; 42 case TLS_ST_CR_SESSION_TICKET: 43 return "SSLv3/TLS read server session ticket"; 44 case TLS_ST_CR_SRVR_DONE: 45 return "SSLv3/TLS read server done"; 46 case TLS_ST_CW_CERT: 47 return "SSLv3/TLS write client certificate"; 48 case TLS_ST_CW_KEY_EXCH: 49 return "SSLv3/TLS write client key exchange"; 50 case TLS_ST_CW_CERT_VRFY: 51 return "SSLv3/TLS write certificate verify"; 52 case TLS_ST_CW_CHANGE: 53 case TLS_ST_SW_CHANGE: 54 return "SSLv3/TLS write change cipher spec"; 55 case TLS_ST_CW_FINISHED: 56 case TLS_ST_SW_FINISHED: 57 return "SSLv3/TLS write finished"; 58 case TLS_ST_CR_CHANGE: 59 case TLS_ST_SR_CHANGE: 60 return "SSLv3/TLS read change cipher spec"; 61 case TLS_ST_CR_FINISHED: 62 case TLS_ST_SR_FINISHED: 63 return "SSLv3/TLS read finished"; 64 case TLS_ST_SR_CLNT_HELLO: 65 return "SSLv3/TLS read client hello"; 66 case TLS_ST_SW_HELLO_REQ: 67 return "SSLv3/TLS write hello request"; 68 case TLS_ST_SW_SRVR_HELLO: 69 return "SSLv3/TLS write server hello"; 70 case TLS_ST_SW_CERT: 71 return "SSLv3/TLS write certificate"; 72 case TLS_ST_SW_KEY_EXCH: 73 return "SSLv3/TLS write key exchange"; 74 case TLS_ST_SW_CERT_REQ: 75 return "SSLv3/TLS write certificate request"; 76 case TLS_ST_SW_SESSION_TICKET: 77 return "SSLv3/TLS write session ticket"; 78 case TLS_ST_SW_SRVR_DONE: 79 return "SSLv3/TLS write server done"; 80 case TLS_ST_SR_CERT: 81 return "SSLv3/TLS read client certificate"; 82 case TLS_ST_SR_KEY_EXCH: 83 return "SSLv3/TLS read client key exchange"; 84 case TLS_ST_SR_CERT_VRFY: 85 return "SSLv3/TLS read certificate verify"; 86 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 87 return "DTLS1 read hello verify request"; 88 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 89 return "DTLS1 write hello verify request"; 90 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 91 return "TLSv1.3 write encrypted extensions"; 92 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 93 return "TLSv1.3 read encrypted extensions"; 94 case TLS_ST_CR_CERT_VRFY: 95 return "TLSv1.3 read server certificate verify"; 96 case TLS_ST_SW_CERT_VRFY: 97 return "TLSv1.3 write server certificate verify"; 98 case TLS_ST_CR_HELLO_REQ: 99 return "SSLv3/TLS read hello request"; 100 case TLS_ST_SW_KEY_UPDATE: 101 return "TLSv1.3 write server key update"; 102 case TLS_ST_CW_KEY_UPDATE: 103 return "TLSv1.3 write client key update"; 104 case TLS_ST_SR_KEY_UPDATE: 105 return "TLSv1.3 read client key update"; 106 case TLS_ST_CR_KEY_UPDATE: 107 return "TLSv1.3 read server key update"; 108 case TLS_ST_EARLY_DATA: 109 return "TLSv1.3 early data"; 110 case TLS_ST_PENDING_EARLY_DATA_END: 111 return "TLSv1.3 pending early data end"; 112 case TLS_ST_CW_END_OF_EARLY_DATA: 113 return "TLSv1.3 write end of early data"; 114 case TLS_ST_SR_END_OF_EARLY_DATA: 115 return "TLSv1.3 read end of early data"; 116 default: 117 return "unknown state"; 118 } 119 } 120 121 const char *SSL_state_string(const SSL *s) 122 { 123 if (ossl_statem_in_error(s)) 124 return "SSLERR"; 125 126 switch (SSL_get_state(s)) { 127 case TLS_ST_SR_NEXT_PROTO: 128 return "TRNP"; 129 case TLS_ST_SW_SESSION_TICKET: 130 return "TWST"; 131 case TLS_ST_SW_CERT_STATUS: 132 return "TWCS"; 133 case TLS_ST_CR_CERT_STATUS: 134 return "TRCS"; 135 case TLS_ST_CR_SESSION_TICKET: 136 return "TRST"; 137 case TLS_ST_CW_NEXT_PROTO: 138 return "TWNP"; 139 case TLS_ST_BEFORE: 140 return "PINIT "; 141 case TLS_ST_OK: 142 return "SSLOK "; 143 case TLS_ST_CW_CLNT_HELLO: 144 return "TWCH"; 145 case TLS_ST_CR_SRVR_HELLO: 146 return "TRSH"; 147 case TLS_ST_CR_CERT: 148 return "TRSC"; 149 case TLS_ST_CR_KEY_EXCH: 150 return "TRSKE"; 151 case TLS_ST_CR_CERT_REQ: 152 return "TRCR"; 153 case TLS_ST_CR_SRVR_DONE: 154 return "TRSD"; 155 case TLS_ST_CW_CERT: 156 return "TWCC"; 157 case TLS_ST_CW_KEY_EXCH: 158 return "TWCKE"; 159 case TLS_ST_CW_CERT_VRFY: 160 return "TWCV"; 161 case TLS_ST_SW_CHANGE: 162 case TLS_ST_CW_CHANGE: 163 return "TWCCS"; 164 case TLS_ST_SW_FINISHED: 165 case TLS_ST_CW_FINISHED: 166 return "TWFIN"; 167 case TLS_ST_SR_CHANGE: 168 case TLS_ST_CR_CHANGE: 169 return "TRCCS"; 170 case TLS_ST_SR_FINISHED: 171 case TLS_ST_CR_FINISHED: 172 return "TRFIN"; 173 case TLS_ST_SW_HELLO_REQ: 174 return "TWHR"; 175 case TLS_ST_SR_CLNT_HELLO: 176 return "TRCH"; 177 case TLS_ST_SW_SRVR_HELLO: 178 return "TWSH"; 179 case TLS_ST_SW_CERT: 180 return "TWSC"; 181 case TLS_ST_SW_KEY_EXCH: 182 return "TWSKE"; 183 case TLS_ST_SW_CERT_REQ: 184 return "TWCR"; 185 case TLS_ST_SW_SRVR_DONE: 186 return "TWSD"; 187 case TLS_ST_SR_CERT: 188 return "TRCC"; 189 case TLS_ST_SR_KEY_EXCH: 190 return "TRCKE"; 191 case TLS_ST_SR_CERT_VRFY: 192 return "TRCV"; 193 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 194 return "DRCHV"; 195 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 196 return "DWCHV"; 197 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 198 return "TWEE"; 199 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 200 return "TREE"; 201 case TLS_ST_CR_CERT_VRFY: 202 return "TRSCV"; 203 case TLS_ST_SW_CERT_VRFY: 204 return "TRSCV"; 205 case TLS_ST_CR_HELLO_REQ: 206 return "TRHR"; 207 case TLS_ST_SW_KEY_UPDATE: 208 return "TWSKU"; 209 case TLS_ST_CW_KEY_UPDATE: 210 return "TWCKU"; 211 case TLS_ST_SR_KEY_UPDATE: 212 return "TRCKU"; 213 case TLS_ST_CR_KEY_UPDATE: 214 return "TRSKU"; 215 case TLS_ST_EARLY_DATA: 216 return "TED"; 217 case TLS_ST_PENDING_EARLY_DATA_END: 218 return "TPEDE"; 219 case TLS_ST_CW_END_OF_EARLY_DATA: 220 return "TWEOED"; 221 case TLS_ST_SR_END_OF_EARLY_DATA: 222 return "TWEOED"; 223 default: 224 return "UNKWN "; 225 } 226 } 227 228 const char *SSL_alert_type_string_long(int value) 229 { 230 switch (value >> 8) { 231 case SSL3_AL_WARNING: 232 return "warning"; 233 case SSL3_AL_FATAL: 234 return "fatal"; 235 default: 236 return "unknown"; 237 } 238 } 239 240 const char *SSL_alert_type_string(int value) 241 { 242 switch (value >> 8) { 243 case SSL3_AL_WARNING: 244 return "W"; 245 case SSL3_AL_FATAL: 246 return "F"; 247 default: 248 return "U"; 249 } 250 } 251 252 const char *SSL_alert_desc_string(int value) 253 { 254 switch (value & 0xff) { 255 case SSL3_AD_CLOSE_NOTIFY: 256 return "CN"; 257 case SSL3_AD_UNEXPECTED_MESSAGE: 258 return "UM"; 259 case SSL3_AD_BAD_RECORD_MAC: 260 return "BM"; 261 case SSL3_AD_DECOMPRESSION_FAILURE: 262 return "DF"; 263 case SSL3_AD_HANDSHAKE_FAILURE: 264 return "HF"; 265 case SSL3_AD_NO_CERTIFICATE: 266 return "NC"; 267 case SSL3_AD_BAD_CERTIFICATE: 268 return "BC"; 269 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 270 return "UC"; 271 case SSL3_AD_CERTIFICATE_REVOKED: 272 return "CR"; 273 case SSL3_AD_CERTIFICATE_EXPIRED: 274 return "CE"; 275 case SSL3_AD_CERTIFICATE_UNKNOWN: 276 return "CU"; 277 case SSL3_AD_ILLEGAL_PARAMETER: 278 return "IP"; 279 case TLS1_AD_DECRYPTION_FAILED: 280 return "DC"; 281 case TLS1_AD_RECORD_OVERFLOW: 282 return "RO"; 283 case TLS1_AD_UNKNOWN_CA: 284 return "CA"; 285 case TLS1_AD_ACCESS_DENIED: 286 return "AD"; 287 case TLS1_AD_DECODE_ERROR: 288 return "DE"; 289 case TLS1_AD_DECRYPT_ERROR: 290 return "CY"; 291 case TLS1_AD_EXPORT_RESTRICTION: 292 return "ER"; 293 case TLS1_AD_PROTOCOL_VERSION: 294 return "PV"; 295 case TLS1_AD_INSUFFICIENT_SECURITY: 296 return "IS"; 297 case TLS1_AD_INTERNAL_ERROR: 298 return "IE"; 299 case TLS1_AD_USER_CANCELLED: 300 return "US"; 301 case TLS1_AD_NO_RENEGOTIATION: 302 return "NR"; 303 case TLS1_AD_UNSUPPORTED_EXTENSION: 304 return "UE"; 305 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 306 return "CO"; 307 case TLS1_AD_UNRECOGNIZED_NAME: 308 return "UN"; 309 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 310 return "BR"; 311 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 312 return "BH"; 313 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 314 return "UP"; 315 default: 316 return "UK"; 317 } 318 } 319 320 const char *SSL_alert_desc_string_long(int value) 321 { 322 switch (value & 0xff) { 323 case SSL3_AD_CLOSE_NOTIFY: 324 return "close notify"; 325 case SSL3_AD_UNEXPECTED_MESSAGE: 326 return "unexpected_message"; 327 case SSL3_AD_BAD_RECORD_MAC: 328 return "bad record mac"; 329 case SSL3_AD_DECOMPRESSION_FAILURE: 330 return "decompression failure"; 331 case SSL3_AD_HANDSHAKE_FAILURE: 332 return "handshake failure"; 333 case SSL3_AD_NO_CERTIFICATE: 334 return "no certificate"; 335 case SSL3_AD_BAD_CERTIFICATE: 336 return "bad certificate"; 337 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 338 return "unsupported certificate"; 339 case SSL3_AD_CERTIFICATE_REVOKED: 340 return "certificate revoked"; 341 case SSL3_AD_CERTIFICATE_EXPIRED: 342 return "certificate expired"; 343 case SSL3_AD_CERTIFICATE_UNKNOWN: 344 return "certificate unknown"; 345 case SSL3_AD_ILLEGAL_PARAMETER: 346 return "illegal parameter"; 347 case TLS1_AD_DECRYPTION_FAILED: 348 return "decryption failed"; 349 case TLS1_AD_RECORD_OVERFLOW: 350 return "record overflow"; 351 case TLS1_AD_UNKNOWN_CA: 352 return "unknown CA"; 353 case TLS1_AD_ACCESS_DENIED: 354 return "access denied"; 355 case TLS1_AD_DECODE_ERROR: 356 return "decode error"; 357 case TLS1_AD_DECRYPT_ERROR: 358 return "decrypt error"; 359 case TLS1_AD_EXPORT_RESTRICTION: 360 return "export restriction"; 361 case TLS1_AD_PROTOCOL_VERSION: 362 return "protocol version"; 363 case TLS1_AD_INSUFFICIENT_SECURITY: 364 return "insufficient security"; 365 case TLS1_AD_INTERNAL_ERROR: 366 return "internal error"; 367 case TLS1_AD_USER_CANCELLED: 368 return "user canceled"; 369 case TLS1_AD_NO_RENEGOTIATION: 370 return "no renegotiation"; 371 case TLS1_AD_UNSUPPORTED_EXTENSION: 372 return "unsupported extension"; 373 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 374 return "certificate unobtainable"; 375 case TLS1_AD_UNRECOGNIZED_NAME: 376 return "unrecognized name"; 377 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 378 return "bad certificate status response"; 379 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 380 return "bad certificate hash value"; 381 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 382 return "unknown PSK identity"; 383 case TLS1_AD_NO_APPLICATION_PROTOCOL: 384 return "no application protocol"; 385 default: 386 return "unknown"; 387 } 388 } 389