xref: /freebsd/crypto/openssl/ssl/ssl_txt.c (revision 7ef62cebc2f965b0f640263e179276928885e33d)
1 /*
2  * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright 2005 Nokia. All rights reserved.
4  *
5  * Licensed under the Apache License 2.0 (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #include <stdio.h>
12 #include <openssl/buffer.h>
13 #include "ssl_local.h"
14 
15 #ifndef OPENSSL_NO_STDIO
16 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
17 {
18     BIO *b;
19     int ret;
20 
21     if ((b = BIO_new(BIO_s_file())) == NULL) {
22         ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
23         return 0;
24     }
25     BIO_set_fp(b, fp, BIO_NOCLOSE);
26     ret = SSL_SESSION_print(b, x);
27     BIO_free(b);
28     return ret;
29 }
30 #endif
31 
32 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
33 {
34     size_t i;
35     const char *s;
36     int istls13;
37 
38     if (x == NULL)
39         goto err;
40     istls13 = (x->ssl_version == TLS1_3_VERSION);
41     if (BIO_puts(bp, "SSL-Session:\n") <= 0)
42         goto err;
43     s = ssl_protocol_to_string(x->ssl_version);
44     if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
45         goto err;
46 
47     if (x->cipher == NULL) {
48         if (((x->cipher_id) & 0xff000000) == 0x02000000) {
49             if (BIO_printf(bp, "    Cipher    : %06lX\n",
50                            x->cipher_id & 0xffffff) <= 0)
51                 goto err;
52         } else {
53             if (BIO_printf(bp, "    Cipher    : %04lX\n",
54                            x->cipher_id & 0xffff) <= 0)
55                 goto err;
56         }
57     } else {
58         if (BIO_printf(bp, "    Cipher    : %s\n",
59                        ((x->cipher->name == NULL) ? "unknown"
60                                                   : x->cipher->name)) <= 0)
61             goto err;
62     }
63     if (BIO_puts(bp, "    Session-ID: ") <= 0)
64         goto err;
65     for (i = 0; i < x->session_id_length; i++) {
66         if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
67             goto err;
68     }
69     if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
70         goto err;
71     for (i = 0; i < x->sid_ctx_length; i++) {
72         if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
73             goto err;
74     }
75     if (istls13) {
76         if (BIO_puts(bp, "\n    Resumption PSK: ") <= 0)
77             goto err;
78     } else if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
79         goto err;
80     for (i = 0; i < x->master_key_length; i++) {
81         if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
82             goto err;
83     }
84 #ifndef OPENSSL_NO_PSK
85     if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
86         goto err;
87     if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
88         goto err;
89     if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
90         goto err;
91     if (BIO_printf
92         (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
93         goto err;
94 #endif
95 #ifndef OPENSSL_NO_SRP
96     if (BIO_puts(bp, "\n    SRP username: ") <= 0)
97         goto err;
98     if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
99         goto err;
100 #endif
101     if (x->ext.tick_lifetime_hint) {
102         if (BIO_printf(bp,
103                        "\n    TLS session ticket lifetime hint: %ld (seconds)",
104                        x->ext.tick_lifetime_hint) <= 0)
105             goto err;
106     }
107     if (x->ext.tick) {
108         if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
109             goto err;
110         if (BIO_dump_indent
111             (bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
112             <= 0)
113             goto err;
114     }
115 #ifndef OPENSSL_NO_COMP
116     if (x->compress_meth != 0) {
117         SSL_COMP *comp = NULL;
118 
119         if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
120             goto err;
121         if (comp == NULL) {
122             if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <= 0)
123                 goto err;
124         } else {
125             if (BIO_printf(bp, "\n    Compression: %d (%s)", comp->id,
126                            comp->name) <= 0)
127                 goto err;
128         }
129     }
130 #endif
131     if (x->time != 0L) {
132         if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
133             goto err;
134     }
135     if (x->timeout != 0L) {
136         if (BIO_printf(bp, "\n    Timeout   : %lld (sec)", (long long)x->timeout) <= 0)
137             goto err;
138     }
139     if (BIO_puts(bp, "\n") <= 0)
140         goto err;
141 
142     if (BIO_puts(bp, "    Verify return code: ") <= 0)
143         goto err;
144     if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
145                    X509_verify_cert_error_string(x->verify_result)) <= 0)
146         goto err;
147 
148     if (BIO_printf(bp, "    Extended master secret: %s\n",
149                    x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
150         goto err;
151 
152     if (istls13) {
153         if (BIO_printf(bp, "    Max Early Data: %u\n",
154                        x->ext.max_early_data) <= 0)
155             goto err;
156     }
157 
158     return 1;
159  err:
160     return 0;
161 }
162 
163 /*
164  * print session id and master key in NSS keylog format (RSA
165  * Session-ID:<session id> Master-Key:<master key>)
166  */
167 int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
168 {
169     size_t i;
170 
171     if (x == NULL)
172         goto err;
173     if (x->session_id_length == 0 || x->master_key_length == 0)
174         goto err;
175 
176     /*
177      * the RSA prefix is required by the format's definition although there's
178      * nothing RSA-specific in the output, therefore, we don't have to check if
179      * the cipher suite is based on RSA
180      */
181     if (BIO_puts(bp, "RSA ") <= 0)
182         goto err;
183 
184     if (BIO_puts(bp, "Session-ID:") <= 0)
185         goto err;
186     for (i = 0; i < x->session_id_length; i++) {
187         if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
188             goto err;
189     }
190     if (BIO_puts(bp, " Master-Key:") <= 0)
191         goto err;
192     for (i = 0; i < x->master_key_length; i++) {
193         if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
194             goto err;
195     }
196     if (BIO_puts(bp, "\n") <= 0)
197         goto err;
198 
199     return 1;
200  err:
201     return 0;
202 }
203