xref: /freebsd/crypto/openssl/ssl/ssl_stat.c (revision eda14cbc264d6969b02f2b1994cef11148e914f1)
1 /*
2  * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright 2005 Nokia. All rights reserved.
4  *
5  * Licensed under the OpenSSL license (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #include <stdio.h>
12 #include "ssl_local.h"
13 
14 const char *SSL_state_string_long(const SSL *s)
15 {
16     if (ossl_statem_in_error(s))
17         return "error";
18 
19     switch (SSL_get_state(s)) {
20     case TLS_ST_CR_CERT_STATUS:
21         return "SSLv3/TLS read certificate status";
22     case TLS_ST_CW_NEXT_PROTO:
23         return "SSLv3/TLS write next proto";
24     case TLS_ST_SR_NEXT_PROTO:
25         return "SSLv3/TLS read next proto";
26     case TLS_ST_SW_CERT_STATUS:
27         return "SSLv3/TLS write certificate status";
28     case TLS_ST_BEFORE:
29         return "before SSL initialization";
30     case TLS_ST_OK:
31         return "SSL negotiation finished successfully";
32     case TLS_ST_CW_CLNT_HELLO:
33         return "SSLv3/TLS write client hello";
34     case TLS_ST_CR_SRVR_HELLO:
35         return "SSLv3/TLS read server hello";
36     case TLS_ST_CR_CERT:
37         return "SSLv3/TLS read server certificate";
38     case TLS_ST_CR_KEY_EXCH:
39         return "SSLv3/TLS read server key exchange";
40     case TLS_ST_CR_CERT_REQ:
41         return "SSLv3/TLS read server certificate request";
42     case TLS_ST_CR_SESSION_TICKET:
43         return "SSLv3/TLS read server session ticket";
44     case TLS_ST_CR_SRVR_DONE:
45         return "SSLv3/TLS read server done";
46     case TLS_ST_CW_CERT:
47         return "SSLv3/TLS write client certificate";
48     case TLS_ST_CW_KEY_EXCH:
49         return "SSLv3/TLS write client key exchange";
50     case TLS_ST_CW_CERT_VRFY:
51         return "SSLv3/TLS write certificate verify";
52     case TLS_ST_CW_CHANGE:
53     case TLS_ST_SW_CHANGE:
54         return "SSLv3/TLS write change cipher spec";
55     case TLS_ST_CW_FINISHED:
56     case TLS_ST_SW_FINISHED:
57         return "SSLv3/TLS write finished";
58     case TLS_ST_CR_CHANGE:
59     case TLS_ST_SR_CHANGE:
60         return "SSLv3/TLS read change cipher spec";
61     case TLS_ST_CR_FINISHED:
62     case TLS_ST_SR_FINISHED:
63         return "SSLv3/TLS read finished";
64     case TLS_ST_SR_CLNT_HELLO:
65         return "SSLv3/TLS read client hello";
66     case TLS_ST_SW_HELLO_REQ:
67         return "SSLv3/TLS write hello request";
68     case TLS_ST_SW_SRVR_HELLO:
69         return "SSLv3/TLS write server hello";
70     case TLS_ST_SW_CERT:
71         return "SSLv3/TLS write certificate";
72     case TLS_ST_SW_KEY_EXCH:
73         return "SSLv3/TLS write key exchange";
74     case TLS_ST_SW_CERT_REQ:
75         return "SSLv3/TLS write certificate request";
76     case TLS_ST_SW_SESSION_TICKET:
77         return "SSLv3/TLS write session ticket";
78     case TLS_ST_SW_SRVR_DONE:
79         return "SSLv3/TLS write server done";
80     case TLS_ST_SR_CERT:
81         return "SSLv3/TLS read client certificate";
82     case TLS_ST_SR_KEY_EXCH:
83         return "SSLv3/TLS read client key exchange";
84     case TLS_ST_SR_CERT_VRFY:
85         return "SSLv3/TLS read certificate verify";
86     case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
87         return "DTLS1 read hello verify request";
88     case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
89         return "DTLS1 write hello verify request";
90     case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
91         return "TLSv1.3 write encrypted extensions";
92     case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
93         return "TLSv1.3 read encrypted extensions";
94     case TLS_ST_CR_CERT_VRFY:
95         return "TLSv1.3 read server certificate verify";
96     case TLS_ST_SW_CERT_VRFY:
97         return "TLSv1.3 write server certificate verify";
98     case TLS_ST_CR_HELLO_REQ:
99         return "SSLv3/TLS read hello request";
100     case TLS_ST_SW_KEY_UPDATE:
101         return "TLSv1.3 write server key update";
102     case TLS_ST_CW_KEY_UPDATE:
103         return "TLSv1.3 write client key update";
104     case TLS_ST_SR_KEY_UPDATE:
105         return "TLSv1.3 read client key update";
106     case TLS_ST_CR_KEY_UPDATE:
107         return "TLSv1.3 read server key update";
108     case TLS_ST_EARLY_DATA:
109         return "TLSv1.3 early data";
110     case TLS_ST_PENDING_EARLY_DATA_END:
111         return "TLSv1.3 pending early data end";
112     case TLS_ST_CW_END_OF_EARLY_DATA:
113         return "TLSv1.3 write end of early data";
114     case TLS_ST_SR_END_OF_EARLY_DATA:
115         return "TLSv1.3 read end of early data";
116     default:
117         return "unknown state";
118     }
119 }
120 
121 const char *SSL_state_string(const SSL *s)
122 {
123     if (ossl_statem_in_error(s))
124         return "SSLERR";
125 
126     switch (SSL_get_state(s)) {
127     case TLS_ST_SR_NEXT_PROTO:
128         return "TRNP";
129     case TLS_ST_SW_SESSION_TICKET:
130         return "TWST";
131     case TLS_ST_SW_CERT_STATUS:
132         return "TWCS";
133     case TLS_ST_CR_CERT_STATUS:
134         return "TRCS";
135     case TLS_ST_CR_SESSION_TICKET:
136         return "TRST";
137     case TLS_ST_CW_NEXT_PROTO:
138         return "TWNP";
139     case TLS_ST_BEFORE:
140         return "PINIT ";
141     case TLS_ST_OK:
142         return "SSLOK ";
143     case TLS_ST_CW_CLNT_HELLO:
144         return "TWCH";
145     case TLS_ST_CR_SRVR_HELLO:
146         return "TRSH";
147     case TLS_ST_CR_CERT:
148         return "TRSC";
149     case TLS_ST_CR_KEY_EXCH:
150         return "TRSKE";
151     case TLS_ST_CR_CERT_REQ:
152         return "TRCR";
153     case TLS_ST_CR_SRVR_DONE:
154         return "TRSD";
155     case TLS_ST_CW_CERT:
156         return "TWCC";
157     case TLS_ST_CW_KEY_EXCH:
158         return "TWCKE";
159     case TLS_ST_CW_CERT_VRFY:
160         return "TWCV";
161     case TLS_ST_SW_CHANGE:
162     case TLS_ST_CW_CHANGE:
163         return "TWCCS";
164     case TLS_ST_SW_FINISHED:
165     case TLS_ST_CW_FINISHED:
166         return "TWFIN";
167     case TLS_ST_SR_CHANGE:
168     case TLS_ST_CR_CHANGE:
169         return "TRCCS";
170     case TLS_ST_SR_FINISHED:
171     case TLS_ST_CR_FINISHED:
172         return "TRFIN";
173     case TLS_ST_SW_HELLO_REQ:
174         return "TWHR";
175     case TLS_ST_SR_CLNT_HELLO:
176         return "TRCH";
177     case TLS_ST_SW_SRVR_HELLO:
178         return "TWSH";
179     case TLS_ST_SW_CERT:
180         return "TWSC";
181     case TLS_ST_SW_KEY_EXCH:
182         return "TWSKE";
183     case TLS_ST_SW_CERT_REQ:
184         return "TWCR";
185     case TLS_ST_SW_SRVR_DONE:
186         return "TWSD";
187     case TLS_ST_SR_CERT:
188         return "TRCC";
189     case TLS_ST_SR_KEY_EXCH:
190         return "TRCKE";
191     case TLS_ST_SR_CERT_VRFY:
192         return "TRCV";
193     case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
194         return "DRCHV";
195     case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
196         return "DWCHV";
197     case TLS_ST_SW_ENCRYPTED_EXTENSIONS:
198         return "TWEE";
199     case TLS_ST_CR_ENCRYPTED_EXTENSIONS:
200         return "TREE";
201     case TLS_ST_CR_CERT_VRFY:
202         return "TRSCV";
203     case TLS_ST_SW_CERT_VRFY:
204         return "TRSCV";
205     case TLS_ST_CR_HELLO_REQ:
206         return "TRHR";
207     case TLS_ST_SW_KEY_UPDATE:
208         return "TWSKU";
209     case TLS_ST_CW_KEY_UPDATE:
210         return "TWCKU";
211     case TLS_ST_SR_KEY_UPDATE:
212         return "TRCKU";
213     case TLS_ST_CR_KEY_UPDATE:
214         return "TRSKU";
215     case TLS_ST_EARLY_DATA:
216         return "TED";
217     case TLS_ST_PENDING_EARLY_DATA_END:
218         return "TPEDE";
219     case TLS_ST_CW_END_OF_EARLY_DATA:
220         return "TWEOED";
221     case TLS_ST_SR_END_OF_EARLY_DATA:
222         return "TWEOED";
223     default:
224         return "UNKWN ";
225     }
226 }
227 
228 const char *SSL_alert_type_string_long(int value)
229 {
230     switch (value >> 8) {
231     case SSL3_AL_WARNING:
232         return "warning";
233     case SSL3_AL_FATAL:
234         return "fatal";
235     default:
236         return "unknown";
237     }
238 }
239 
240 const char *SSL_alert_type_string(int value)
241 {
242     switch (value >> 8) {
243     case SSL3_AL_WARNING:
244         return "W";
245     case SSL3_AL_FATAL:
246         return "F";
247     default:
248         return "U";
249     }
250 }
251 
252 const char *SSL_alert_desc_string(int value)
253 {
254     switch (value & 0xff) {
255     case SSL3_AD_CLOSE_NOTIFY:
256         return "CN";
257     case SSL3_AD_UNEXPECTED_MESSAGE:
258         return "UM";
259     case SSL3_AD_BAD_RECORD_MAC:
260         return "BM";
261     case SSL3_AD_DECOMPRESSION_FAILURE:
262         return "DF";
263     case SSL3_AD_HANDSHAKE_FAILURE:
264         return "HF";
265     case SSL3_AD_NO_CERTIFICATE:
266         return "NC";
267     case SSL3_AD_BAD_CERTIFICATE:
268         return "BC";
269     case SSL3_AD_UNSUPPORTED_CERTIFICATE:
270         return "UC";
271     case SSL3_AD_CERTIFICATE_REVOKED:
272         return "CR";
273     case SSL3_AD_CERTIFICATE_EXPIRED:
274         return "CE";
275     case SSL3_AD_CERTIFICATE_UNKNOWN:
276         return "CU";
277     case SSL3_AD_ILLEGAL_PARAMETER:
278         return "IP";
279     case TLS1_AD_DECRYPTION_FAILED:
280         return "DC";
281     case TLS1_AD_RECORD_OVERFLOW:
282         return "RO";
283     case TLS1_AD_UNKNOWN_CA:
284         return "CA";
285     case TLS1_AD_ACCESS_DENIED:
286         return "AD";
287     case TLS1_AD_DECODE_ERROR:
288         return "DE";
289     case TLS1_AD_DECRYPT_ERROR:
290         return "CY";
291     case TLS1_AD_EXPORT_RESTRICTION:
292         return "ER";
293     case TLS1_AD_PROTOCOL_VERSION:
294         return "PV";
295     case TLS1_AD_INSUFFICIENT_SECURITY:
296         return "IS";
297     case TLS1_AD_INTERNAL_ERROR:
298         return "IE";
299     case TLS1_AD_USER_CANCELLED:
300         return "US";
301     case TLS1_AD_NO_RENEGOTIATION:
302         return "NR";
303     case TLS1_AD_UNSUPPORTED_EXTENSION:
304         return "UE";
305     case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
306         return "CO";
307     case TLS1_AD_UNRECOGNIZED_NAME:
308         return "UN";
309     case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
310         return "BR";
311     case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
312         return "BH";
313     case TLS1_AD_UNKNOWN_PSK_IDENTITY:
314         return "UP";
315     default:
316         return "UK";
317     }
318 }
319 
320 const char *SSL_alert_desc_string_long(int value)
321 {
322     switch (value & 0xff) {
323     case SSL3_AD_CLOSE_NOTIFY:
324         return "close notify";
325     case SSL3_AD_UNEXPECTED_MESSAGE:
326         return "unexpected_message";
327     case SSL3_AD_BAD_RECORD_MAC:
328         return "bad record mac";
329     case SSL3_AD_DECOMPRESSION_FAILURE:
330         return "decompression failure";
331     case SSL3_AD_HANDSHAKE_FAILURE:
332         return "handshake failure";
333     case SSL3_AD_NO_CERTIFICATE:
334         return "no certificate";
335     case SSL3_AD_BAD_CERTIFICATE:
336         return "bad certificate";
337     case SSL3_AD_UNSUPPORTED_CERTIFICATE:
338         return "unsupported certificate";
339     case SSL3_AD_CERTIFICATE_REVOKED:
340         return "certificate revoked";
341     case SSL3_AD_CERTIFICATE_EXPIRED:
342         return "certificate expired";
343     case SSL3_AD_CERTIFICATE_UNKNOWN:
344         return "certificate unknown";
345     case SSL3_AD_ILLEGAL_PARAMETER:
346         return "illegal parameter";
347     case TLS1_AD_DECRYPTION_FAILED:
348         return "decryption failed";
349     case TLS1_AD_RECORD_OVERFLOW:
350         return "record overflow";
351     case TLS1_AD_UNKNOWN_CA:
352         return "unknown CA";
353     case TLS1_AD_ACCESS_DENIED:
354         return "access denied";
355     case TLS1_AD_DECODE_ERROR:
356         return "decode error";
357     case TLS1_AD_DECRYPT_ERROR:
358         return "decrypt error";
359     case TLS1_AD_EXPORT_RESTRICTION:
360         return "export restriction";
361     case TLS1_AD_PROTOCOL_VERSION:
362         return "protocol version";
363     case TLS1_AD_INSUFFICIENT_SECURITY:
364         return "insufficient security";
365     case TLS1_AD_INTERNAL_ERROR:
366         return "internal error";
367     case TLS1_AD_USER_CANCELLED:
368         return "user canceled";
369     case TLS1_AD_NO_RENEGOTIATION:
370         return "no renegotiation";
371     case TLS1_AD_UNSUPPORTED_EXTENSION:
372         return "unsupported extension";
373     case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
374         return "certificate unobtainable";
375     case TLS1_AD_UNRECOGNIZED_NAME:
376         return "unrecognized name";
377     case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
378         return "bad certificate status response";
379     case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
380         return "bad certificate hash value";
381     case TLS1_AD_UNKNOWN_PSK_IDENTITY:
382         return "unknown PSK identity";
383     case TLS1_AD_NO_APPLICATION_PROTOCOL:
384         return "no application protocol";
385     default:
386         return "unknown";
387     }
388 }
389