1 /* ssl/t1_trce.c */ 2 /* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 4 * project. 5 */ 6 /* ==================================================================== 7 * Copyright (c) 2012-2018 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 */ 55 56 #include "ssl_locl.h" 57 58 #ifndef OPENSSL_NO_SSL_TRACE 59 60 /* Packet trace support for OpenSSL */ 61 62 typedef struct { 63 int num; 64 const char *name; 65 } ssl_trace_tbl; 66 67 # define ssl_trace_str(val, tbl) \ 68 do_ssl_trace_str(val, tbl, sizeof(tbl)/sizeof(ssl_trace_tbl)) 69 70 # define ssl_trace_list(bio, indent, msg, msglen, value, table) \ 71 do_ssl_trace_list(bio, indent, msg, msglen, value, \ 72 table, sizeof(table)/sizeof(ssl_trace_tbl)) 73 74 static const char *do_ssl_trace_str(int val, ssl_trace_tbl *tbl, size_t ntbl) 75 { 76 size_t i; 77 for (i = 0; i < ntbl; i++, tbl++) { 78 if (tbl->num == val) 79 return tbl->name; 80 } 81 return "UNKNOWN"; 82 } 83 84 static int do_ssl_trace_list(BIO *bio, int indent, 85 const unsigned char *msg, size_t msglen, 86 size_t vlen, ssl_trace_tbl *tbl, size_t ntbl) 87 { 88 int val; 89 if (msglen % vlen) 90 return 0; 91 while (msglen) { 92 val = msg[0]; 93 if (vlen == 2) 94 val = (val << 8) | msg[1]; 95 BIO_indent(bio, indent, 80); 96 BIO_printf(bio, "%s (%d)\n", do_ssl_trace_str(val, tbl, ntbl), val); 97 msg += vlen; 98 msglen -= vlen; 99 } 100 return 1; 101 } 102 103 /* Version number */ 104 105 static ssl_trace_tbl ssl_version_tbl[] = { 106 {SSL2_VERSION, "SSL 2.0"}, 107 {SSL3_VERSION, "SSL 3.0"}, 108 {TLS1_VERSION, "TLS 1.0"}, 109 {TLS1_1_VERSION, "TLS 1.1"}, 110 {TLS1_2_VERSION, "TLS 1.2"}, 111 {DTLS1_VERSION, "DTLS 1.0"}, 112 {DTLS1_2_VERSION, "DTLS 1.2"}, 113 {DTLS1_BAD_VER, "DTLS 1.0 (bad)"} 114 }; 115 116 static ssl_trace_tbl ssl_content_tbl[] = { 117 {SSL3_RT_CHANGE_CIPHER_SPEC, "ChangeCipherSpec"}, 118 {SSL3_RT_ALERT, "Alert"}, 119 {SSL3_RT_HANDSHAKE, "Handshake"}, 120 {SSL3_RT_APPLICATION_DATA, "ApplicationData"}, 121 {TLS1_RT_HEARTBEAT, "HeartBeat"} 122 }; 123 124 /* Handshake types */ 125 static ssl_trace_tbl ssl_handshake_tbl[] = { 126 {SSL3_MT_HELLO_REQUEST, "HelloRequest"}, 127 {SSL3_MT_CLIENT_HELLO, "ClientHello"}, 128 {SSL3_MT_SERVER_HELLO, "ServerHello"}, 129 {DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"}, 130 {SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"}, 131 {SSL3_MT_CERTIFICATE, "Certificate"}, 132 {SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"}, 133 {SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"}, 134 {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"}, 135 {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}, 136 {SSL3_MT_SERVER_DONE, "ServerHelloDone"}, 137 {SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"}, 138 {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"}, 139 {SSL3_MT_FINISHED, "Finished"}, 140 {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"} 141 }; 142 143 /* Cipher suites */ 144 static ssl_trace_tbl ssl_ciphers_tbl[] = { 145 {0x0000, "SSL_NULL_WITH_NULL_NULL"}, 146 {0x0001, "SSL_RSA_WITH_NULL_MD5"}, 147 {0x0002, "SSL_RSA_WITH_NULL_SHA"}, 148 {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"}, 149 {0x0004, "SSL_RSA_WITH_RC4_128_MD5"}, 150 {0x0005, "SSL_RSA_WITH_RC4_128_SHA"}, 151 {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, 152 {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"}, 153 {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 154 {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"}, 155 {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"}, 156 {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 157 {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"}, 158 {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, 159 {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 160 {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"}, 161 {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, 162 {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 163 {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"}, 164 {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, 165 {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 166 {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"}, 167 {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 168 {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"}, 169 {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"}, 170 {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}, 171 {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"}, 172 {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"}, 173 {0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"}, 174 {0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"}, 175 {0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"}, 176 {0x0020, "TLS_KRB5_WITH_RC4_128_SHA"}, 177 {0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA"}, 178 {0x0022, "TLS_KRB5_WITH_DES_CBC_MD5"}, 179 {0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"}, 180 {0x0024, "TLS_KRB5_WITH_RC4_128_MD5"}, 181 {0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5"}, 182 {0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"}, 183 {0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"}, 184 {0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"}, 185 {0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"}, 186 {0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"}, 187 {0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"}, 188 {0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA"}, 189 {0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, 190 {0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, 191 {0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, 192 {0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 193 {0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, 194 {0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA"}, 195 {0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, 196 {0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, 197 {0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, 198 {0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 199 {0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, 200 {0x003B, "TLS_RSA_WITH_NULL_SHA256"}, 201 {0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 202 {0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 203 {0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, 204 {0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, 205 {0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, 206 {0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 207 {0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 208 {0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 209 {0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 210 {0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 211 {0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"}, 212 {0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 213 {0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, 214 {0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, 215 {0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, 216 {0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 217 {0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, 218 {0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, 219 {0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 220 {0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 221 {0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 222 {0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 223 {0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 224 {0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"}, 225 {0x008A, "TLS_PSK_WITH_RC4_128_SHA"}, 226 {0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA"}, 227 {0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA"}, 228 {0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA"}, 229 {0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA"}, 230 {0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"}, 231 {0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"}, 232 {0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"}, 233 {0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA"}, 234 {0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"}, 235 {0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"}, 236 {0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"}, 237 {0x0096, "TLS_RSA_WITH_SEED_CBC_SHA"}, 238 {0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA"}, 239 {0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA"}, 240 {0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA"}, 241 {0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA"}, 242 {0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA"}, 243 {0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256"}, 244 {0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384"}, 245 {0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"}, 246 {0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"}, 247 {0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"}, 248 {0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"}, 249 {0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"}, 250 {0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"}, 251 {0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"}, 252 {0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"}, 253 {0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256"}, 254 {0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384"}, 255 {0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256"}, 256 {0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384"}, 257 {0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"}, 258 {0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"}, 259 {0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"}, 260 {0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"}, 261 {0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256"}, 262 {0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384"}, 263 {0x00B0, "TLS_PSK_WITH_NULL_SHA256"}, 264 {0x00B1, "TLS_PSK_WITH_NULL_SHA384"}, 265 {0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"}, 266 {0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"}, 267 {0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256"}, 268 {0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384"}, 269 {0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"}, 270 {0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"}, 271 {0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256"}, 272 {0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384"}, 273 {0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 274 {0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 275 {0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 276 {0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 277 {0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 278 {0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"}, 279 {0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 280 {0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 281 {0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 282 {0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 283 {0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 284 {0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"}, 285 {0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}, 286 {0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA"}, 287 {0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"}, 288 {0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 289 {0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"}, 290 {0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"}, 291 {0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA"}, 292 {0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"}, 293 {0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 294 {0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"}, 295 {0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"}, 296 {0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA"}, 297 {0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA"}, 298 {0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"}, 299 {0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"}, 300 {0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"}, 301 {0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA"}, 302 {0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA"}, 303 {0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 304 {0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, 305 {0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, 306 {0xC015, "TLS_ECDH_anon_WITH_NULL_SHA"}, 307 {0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA"}, 308 {0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"}, 309 {0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"}, 310 {0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"}, 311 {0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"}, 312 {0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"}, 313 {0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"}, 314 {0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"}, 315 {0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"}, 316 {0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"}, 317 {0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"}, 318 {0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"}, 319 {0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"}, 320 {0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"}, 321 {0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"}, 322 {0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"}, 323 {0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"}, 324 {0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, 325 {0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"}, 326 {0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"}, 327 {0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"}, 328 {0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"}, 329 {0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}, 330 {0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"}, 331 {0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"}, 332 {0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, 333 {0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, 334 {0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"}, 335 {0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"}, 336 {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, 337 {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, 338 }; 339 340 /* Compression methods */ 341 static ssl_trace_tbl ssl_comp_tbl[] = { 342 {0x0000, "No Compression"}, 343 {0x0001, "Zlib Compression"} 344 }; 345 346 /* Extensions */ 347 static ssl_trace_tbl ssl_exts_tbl[] = { 348 {TLSEXT_TYPE_server_name, "server_name"}, 349 {TLSEXT_TYPE_max_fragment_length, "max_fragment_length"}, 350 {TLSEXT_TYPE_client_certificate_url, "client_certificate_url"}, 351 {TLSEXT_TYPE_trusted_ca_keys, "trusted_ca_keys"}, 352 {TLSEXT_TYPE_truncated_hmac, "truncated_hmac"}, 353 {TLSEXT_TYPE_status_request, "status_request"}, 354 {TLSEXT_TYPE_user_mapping, "user_mapping"}, 355 {TLSEXT_TYPE_client_authz, "client_authz"}, 356 {TLSEXT_TYPE_server_authz, "server_authz"}, 357 {TLSEXT_TYPE_cert_type, "cert_type"}, 358 {TLSEXT_TYPE_elliptic_curves, "elliptic_curves"}, 359 {TLSEXT_TYPE_ec_point_formats, "ec_point_formats"}, 360 {TLSEXT_TYPE_srp, "srp"}, 361 {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"}, 362 {TLSEXT_TYPE_use_srtp, "use_srtp"}, 363 {TLSEXT_TYPE_heartbeat, "heartbeat"}, 364 {TLSEXT_TYPE_session_ticket, "session_ticket"}, 365 # ifdef TLSEXT_TYPE_opaque_prf_input 366 {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"}, 367 # endif 368 {TLSEXT_TYPE_renegotiate, "renegotiate"}, 369 {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"}, 370 {TLSEXT_TYPE_padding, "padding"} 371 }; 372 373 static ssl_trace_tbl ssl_curve_tbl[] = { 374 {1, "sect163k1 (K-163)"}, 375 {2, "sect163r1"}, 376 {3, "sect163r2 (B-163)"}, 377 {4, "sect193r1"}, 378 {5, "sect193r2"}, 379 {6, "sect233k1 (K-233)"}, 380 {7, "sect233r1 (B-233)"}, 381 {8, "sect239k1"}, 382 {9, "sect283k1 (K-283)"}, 383 {10, "sect283r1 (B-283)"}, 384 {11, "sect409k1 (K-409)"}, 385 {12, "sect409r1 (B-409)"}, 386 {13, "sect571k1 (K-571)"}, 387 {14, "sect571r1 (B-571)"}, 388 {15, "secp160k1"}, 389 {16, "secp160r1"}, 390 {17, "secp160r2"}, 391 {18, "secp192k1"}, 392 {19, "secp192r1 (P-192)"}, 393 {20, "secp224k1"}, 394 {21, "secp224r1 (P-224)"}, 395 {22, "secp256k1"}, 396 {23, "secp256r1 (P-256)"}, 397 {24, "secp384r1 (P-384)"}, 398 {25, "secp521r1 (P-521)"}, 399 {26, "brainpoolP256r1"}, 400 {27, "brainpoolP384r1"}, 401 {28, "brainpoolP512r1"}, 402 {0xFF01, "arbitrary_explicit_prime_curves"}, 403 {0xFF02, "arbitrary_explicit_char2_curves"} 404 }; 405 406 static ssl_trace_tbl ssl_point_tbl[] = { 407 {0, "uncompressed"}, 408 {1, "ansiX962_compressed_prime"}, 409 {2, "ansiX962_compressed_char2"} 410 }; 411 412 static ssl_trace_tbl ssl_md_tbl[] = { 413 {0, "none"}, 414 {1, "md5"}, 415 {2, "sha1"}, 416 {3, "sha224"}, 417 {4, "sha256"}, 418 {5, "sha384"}, 419 {6, "sha512"} 420 }; 421 422 static ssl_trace_tbl ssl_sig_tbl[] = { 423 {0, "anonymous"}, 424 {1, "rsa"}, 425 {2, "dsa"}, 426 {3, "ecdsa"} 427 }; 428 429 static ssl_trace_tbl ssl_hb_tbl[] = { 430 {1, "peer_allowed_to_send"}, 431 {2, "peer_not_allowed_to_send"} 432 }; 433 434 static ssl_trace_tbl ssl_hb_type_tbl[] = { 435 {1, "heartbeat_request"}, 436 {2, "heartbeat_response"} 437 }; 438 439 static ssl_trace_tbl ssl_ctype_tbl[] = { 440 {1, "rsa_sign"}, 441 {2, "dss_sign"}, 442 {3, "rsa_fixed_dh"}, 443 {4, "dss_fixed_dh"}, 444 {5, "rsa_ephemeral_dh"}, 445 {6, "dss_ephemeral_dh"}, 446 {20, "fortezza_dms"}, 447 {64, "ecdsa_sign"}, 448 {65, "rsa_fixed_ecdh"}, 449 {66, "ecdsa_fixed_ecdh"} 450 }; 451 452 static ssl_trace_tbl ssl_crypto_tbl[] = { 453 {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"}, 454 {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"}, 455 {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"}, 456 {TLS1_RT_CRYPTO_MASTER, "Master Secret"}, 457 {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"}, 458 {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_READ, "Read Mac Secret"}, 459 {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_WRITE, "Write Key"}, 460 {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_READ, "Read Key"}, 461 {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_WRITE, "Write IV"}, 462 {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_READ, "Read IV"}, 463 {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"}, 464 {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"} 465 }; 466 467 static void ssl_print_hex(BIO *bio, int indent, const char *name, 468 const unsigned char *msg, size_t msglen) 469 { 470 size_t i; 471 BIO_indent(bio, indent, 80); 472 BIO_printf(bio, "%s (len=%d): ", name, (int)msglen); 473 for (i = 0; i < msglen; i++) 474 BIO_printf(bio, "%02X", msg[i]); 475 BIO_puts(bio, "\n"); 476 } 477 478 static int ssl_print_hexbuf(BIO *bio, int indent, 479 const char *name, size_t nlen, 480 const unsigned char **pmsg, size_t *pmsglen) 481 { 482 size_t blen; 483 const unsigned char *p = *pmsg; 484 if (*pmsglen < nlen) 485 return 0; 486 blen = p[0]; 487 if (nlen > 1) 488 blen = (blen << 8) | p[1]; 489 if (*pmsglen < nlen + blen) 490 return 0; 491 p += nlen; 492 ssl_print_hex(bio, indent, name, p, blen); 493 *pmsg += blen + nlen; 494 *pmsglen -= blen + nlen; 495 return 1; 496 } 497 498 static int ssl_print_version(BIO *bio, int indent, const char *name, 499 const unsigned char **pmsg, size_t *pmsglen) 500 { 501 int vers; 502 if (*pmsglen < 2) 503 return 0; 504 vers = ((*pmsg)[0] << 8) | (*pmsg)[1]; 505 BIO_indent(bio, indent, 80); 506 BIO_printf(bio, "%s=0x%x (%s)\n", 507 name, vers, ssl_trace_str(vers, ssl_version_tbl)); 508 *pmsg += 2; 509 *pmsglen -= 2; 510 return 1; 511 } 512 513 static int ssl_print_random(BIO *bio, int indent, 514 const unsigned char **pmsg, size_t *pmsglen) 515 { 516 unsigned int tm; 517 const unsigned char *p = *pmsg; 518 if (*pmsglen < 32) 519 return 0; 520 tm = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; 521 p += 4; 522 BIO_indent(bio, indent, 80); 523 BIO_puts(bio, "Random:\n"); 524 BIO_indent(bio, indent + 2, 80); 525 BIO_printf(bio, "gmt_unix_time=0x%08X\n", tm); 526 ssl_print_hex(bio, indent + 2, "random_bytes", p, 28); 527 *pmsg += 32; 528 *pmsglen -= 32; 529 return 1; 530 } 531 532 static int ssl_print_signature(BIO *bio, int indent, SSL *s, 533 const unsigned char **pmsg, size_t *pmsglen) 534 { 535 if (*pmsglen < 2) 536 return 0; 537 if (SSL_USE_SIGALGS(s)) { 538 const unsigned char *p = *pmsg; 539 BIO_indent(bio, indent, 80); 540 BIO_printf(bio, "Signature Algorithm %s+%s (%d+%d)\n", 541 ssl_trace_str(p[0], ssl_md_tbl), 542 ssl_trace_str(p[1], ssl_sig_tbl), p[0], p[1]); 543 *pmsg += 2; 544 *pmsglen -= 2; 545 } 546 return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen); 547 } 548 549 static int ssl_print_extension(BIO *bio, int indent, int server, int extype, 550 const unsigned char *ext, size_t extlen) 551 { 552 size_t xlen; 553 BIO_indent(bio, indent, 80); 554 BIO_printf(bio, "extension_type=%s(%d), length=%d\n", 555 ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen); 556 switch (extype) { 557 case TLSEXT_TYPE_ec_point_formats: 558 if (extlen < 1) 559 return 0; 560 xlen = ext[0]; 561 if (extlen != xlen + 1) 562 return 0; 563 return ssl_trace_list(bio, indent + 2, 564 ext + 1, xlen, 1, ssl_point_tbl); 565 566 case TLSEXT_TYPE_elliptic_curves: 567 if (extlen < 2) 568 return 0; 569 xlen = (ext[0] << 8) | ext[1]; 570 if (extlen != xlen + 2) 571 return 0; 572 return ssl_trace_list(bio, indent + 2, 573 ext + 2, xlen, 2, ssl_curve_tbl); 574 575 case TLSEXT_TYPE_signature_algorithms: 576 577 if (extlen < 2) 578 return 0; 579 xlen = (ext[0] << 8) | ext[1]; 580 if (extlen != xlen + 2) 581 return 0; 582 if (xlen & 1) 583 return 0; 584 ext += 2; 585 while (xlen > 0) { 586 BIO_indent(bio, indent + 2, 80); 587 BIO_printf(bio, "%s+%s (%d+%d)\n", 588 ssl_trace_str(ext[0], ssl_md_tbl), 589 ssl_trace_str(ext[1], ssl_sig_tbl), ext[0], ext[1]); 590 xlen -= 2; 591 ext += 2; 592 } 593 break; 594 595 case TLSEXT_TYPE_renegotiate: 596 if (extlen < 1) 597 return 0; 598 xlen = ext[0]; 599 if (xlen + 1 != extlen) 600 return 0; 601 ext++; 602 if (xlen) { 603 if (server) { 604 if (xlen & 1) 605 return 0; 606 xlen >>= 1; 607 } 608 ssl_print_hex(bio, indent + 4, "client_verify_data", ext, xlen); 609 if (server) { 610 ext += xlen; 611 ssl_print_hex(bio, indent + 4, 612 "server_verify_data", ext, xlen); 613 } 614 } else { 615 BIO_indent(bio, indent + 4, 80); 616 BIO_puts(bio, "<EMPTY>\n"); 617 } 618 break; 619 620 case TLSEXT_TYPE_heartbeat: 621 if (extlen != 1) 622 return 0; 623 BIO_indent(bio, indent + 2, 80); 624 BIO_printf(bio, "HeartbeatMode: %s\n", 625 ssl_trace_str(ext[0], ssl_hb_tbl)); 626 break; 627 628 case TLSEXT_TYPE_session_ticket: 629 if (extlen != 0) 630 ssl_print_hex(bio, indent + 4, "ticket", ext, extlen); 631 break; 632 633 default: 634 BIO_dump_indent(bio, (char *)ext, extlen, indent + 2); 635 } 636 return 1; 637 } 638 639 static int ssl_print_extensions(BIO *bio, int indent, int server, 640 const unsigned char *msg, size_t msglen) 641 { 642 size_t extslen; 643 BIO_indent(bio, indent, 80); 644 if (msglen == 0) { 645 BIO_puts(bio, "No Extensions\n"); 646 return 1; 647 } 648 if (msglen < 2) 649 return 0; 650 extslen = (msg[0] << 8) | msg[1]; 651 if (extslen != msglen - 2) 652 return 0; 653 msg += 2; 654 msglen = extslen; 655 BIO_printf(bio, "extensions, length = %d\n", (int)msglen); 656 while (msglen > 0) { 657 int extype; 658 size_t extlen; 659 if (msglen < 4) 660 return 0; 661 extype = (msg[0] << 8) | msg[1]; 662 extlen = (msg[2] << 8) | msg[3]; 663 if (msglen < extlen + 4) 664 return 0; 665 msg += 4; 666 if (!ssl_print_extension(bio, indent + 2, server, 667 extype, msg, extlen)) 668 return 0; 669 msg += extlen; 670 msglen -= extlen + 4; 671 } 672 return 1; 673 } 674 675 static int ssl_print_client_hello(BIO *bio, SSL *ssl, int indent, 676 const unsigned char *msg, size_t msglen) 677 { 678 size_t len; 679 unsigned int cs; 680 if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen)) 681 return 0; 682 if (!ssl_print_random(bio, indent, &msg, &msglen)) 683 return 0; 684 if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 685 return 0; 686 if (SSL_IS_DTLS(ssl)) { 687 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 688 return 0; 689 } 690 if (msglen < 2) 691 return 0; 692 len = (msg[0] << 8) | msg[1]; 693 msg += 2; 694 msglen -= 2; 695 BIO_indent(bio, indent, 80); 696 BIO_printf(bio, "cipher_suites (len=%d)\n", (int)len); 697 if (msglen < len || len & 1) 698 return 0; 699 while (len > 0) { 700 cs = (msg[0] << 8) | msg[1]; 701 BIO_indent(bio, indent + 2, 80); 702 BIO_printf(bio, "{0x%02X, 0x%02X} %s\n", 703 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 704 msg += 2; 705 msglen -= 2; 706 len -= 2; 707 } 708 if (msglen < 1) 709 return 0; 710 len = msg[0]; 711 msg++; 712 msglen--; 713 if (msglen < len) 714 return 0; 715 BIO_indent(bio, indent, 80); 716 BIO_printf(bio, "compression_methods (len=%d)\n", (int)len); 717 while (len > 0) { 718 BIO_indent(bio, indent + 2, 80); 719 BIO_printf(bio, "%s (0x%02X)\n", 720 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 721 msg++; 722 msglen--; 723 len--; 724 } 725 if (!ssl_print_extensions(bio, indent, 0, msg, msglen)) 726 return 0; 727 return 1; 728 } 729 730 static int dtls_print_hello_vfyrequest(BIO *bio, int indent, 731 const unsigned char *msg, 732 size_t msglen) 733 { 734 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen)) 735 return 0; 736 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 737 return 0; 738 return 1; 739 } 740 741 static int ssl_print_server_hello(BIO *bio, int indent, 742 const unsigned char *msg, size_t msglen) 743 { 744 unsigned int cs; 745 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen)) 746 return 0; 747 if (!ssl_print_random(bio, indent, &msg, &msglen)) 748 return 0; 749 if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 750 return 0; 751 if (msglen < 2) 752 return 0; 753 cs = (msg[0] << 8) | msg[1]; 754 BIO_indent(bio, indent, 80); 755 BIO_printf(bio, "cipher_suite {0x%02X, 0x%02X} %s\n", 756 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 757 msg += 2; 758 msglen -= 2; 759 if (msglen < 1) 760 return 0; 761 BIO_indent(bio, indent, 80); 762 BIO_printf(bio, "compression_method: %s (0x%02X)\n", 763 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 764 msg++; 765 msglen--; 766 if (!ssl_print_extensions(bio, indent, 1, msg, msglen)) 767 return 0; 768 return 1; 769 } 770 771 static int ssl_get_keyex(const char **pname, SSL *ssl) 772 { 773 unsigned long alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey; 774 if (alg_k & SSL_kRSA) { 775 *pname = "rsa"; 776 return SSL_kRSA; 777 } 778 if (alg_k & SSL_kDHr) { 779 *pname = "dh_rsa"; 780 return SSL_kDHr; 781 } 782 if (alg_k & SSL_kDHd) { 783 *pname = "dh_dss"; 784 return SSL_kDHd; 785 } 786 if (alg_k & SSL_kKRB5) { 787 *pname = "krb5"; 788 return SSL_kKRB5; 789 } 790 if (alg_k & SSL_kEDH) { 791 *pname = "edh"; 792 return SSL_kEDH; 793 } 794 if (alg_k & SSL_kEECDH) { 795 *pname = "EECDH"; 796 return SSL_kEECDH; 797 } 798 if (alg_k & SSL_kECDHr) { 799 *pname = "ECDH RSA"; 800 return SSL_kECDHr; 801 } 802 if (alg_k & SSL_kECDHe) { 803 *pname = "ECDH ECDSA"; 804 return SSL_kECDHe; 805 } 806 if (alg_k & SSL_kPSK) { 807 *pname = "PSK"; 808 return SSL_kPSK; 809 } 810 if (alg_k & SSL_kSRP) { 811 *pname = "SRP"; 812 return SSL_kSRP; 813 } 814 if (alg_k & SSL_kGOST) { 815 *pname = "GOST"; 816 return SSL_kGOST; 817 } 818 *pname = "UNKNOWN"; 819 return 0; 820 } 821 822 static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl, 823 const unsigned char *msg, size_t msglen) 824 { 825 const char *algname; 826 int id; 827 id = ssl_get_keyex(&algname, ssl); 828 BIO_indent(bio, indent, 80); 829 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 830 switch (id) { 831 832 case SSL_kRSA: 833 if (TLS1_get_version(ssl) == SSL3_VERSION) { 834 ssl_print_hex(bio, indent + 2, 835 "EncyptedPreMasterSecret", msg, msglen); 836 } else { 837 if (!ssl_print_hexbuf(bio, indent + 2, 838 "EncyptedPreMasterSecret", 2, 839 &msg, &msglen)) 840 return 0; 841 } 842 break; 843 844 /* Implicit parameters only allowed for static DH */ 845 case SSL_kDHd: 846 case SSL_kDHr: 847 if (msglen == 0) { 848 BIO_indent(bio, indent + 2, 80); 849 BIO_puts(bio, "implicit\n"); 850 break; 851 } 852 case SSL_kEDH: 853 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Yc", 2, &msg, &msglen)) 854 return 0; 855 break; 856 857 case SSL_kECDHr: 858 case SSL_kECDHe: 859 if (msglen == 0) { 860 BIO_indent(bio, indent + 2, 80); 861 BIO_puts(bio, "implicit\n"); 862 break; 863 } 864 case SSL_kEECDH: 865 if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1, &msg, &msglen)) 866 return 0; 867 break; 868 } 869 870 return 1; 871 } 872 873 static int ssl_print_server_keyex(BIO *bio, int indent, SSL *ssl, 874 const unsigned char *msg, size_t msglen) 875 { 876 const char *algname; 877 int id; 878 id = ssl_get_keyex(&algname, ssl); 879 BIO_indent(bio, indent, 80); 880 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 881 switch (id) { 882 /* Should never happen */ 883 case SSL_kDHd: 884 case SSL_kDHr: 885 case SSL_kECDHr: 886 case SSL_kECDHe: 887 BIO_indent(bio, indent + 2, 80); 888 BIO_printf(bio, "Unexpected Message\n"); 889 break; 890 891 case SSL_kRSA: 892 893 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_modulus", 2, 894 &msg, &msglen)) 895 return 0; 896 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_exponent", 2, 897 &msg, &msglen)) 898 return 0; 899 break; 900 901 case SSL_kEDH: 902 if (!ssl_print_hexbuf(bio, indent + 2, "dh_p", 2, &msg, &msglen)) 903 return 0; 904 if (!ssl_print_hexbuf(bio, indent + 2, "dh_g", 2, &msg, &msglen)) 905 return 0; 906 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Ys", 2, &msg, &msglen)) 907 return 0; 908 break; 909 910 case SSL_kEECDH: 911 if (msglen < 1) 912 return 0; 913 BIO_indent(bio, indent + 2, 80); 914 if (msg[0] == EXPLICIT_PRIME_CURVE_TYPE) 915 BIO_puts(bio, "explicit_prime\n"); 916 else if (msg[0] == EXPLICIT_CHAR2_CURVE_TYPE) 917 BIO_puts(bio, "explicit_char2\n"); 918 else if (msg[0] == NAMED_CURVE_TYPE) { 919 int curve; 920 if (msglen < 3) 921 return 0; 922 curve = (msg[1] << 8) | msg[2]; 923 BIO_printf(bio, "named_curve: %s (%d)\n", 924 ssl_trace_str(curve, ssl_curve_tbl), curve); 925 msg += 3; 926 msglen -= 3; 927 if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen)) 928 return 0; 929 } 930 break; 931 } 932 return ssl_print_signature(bio, indent, ssl, &msg, &msglen); 933 } 934 935 static int ssl_print_certificate(BIO *bio, int indent, 936 const unsigned char **pmsg, size_t *pmsglen) 937 { 938 size_t msglen = *pmsglen; 939 size_t clen; 940 X509 *x; 941 const unsigned char *p = *pmsg, *q; 942 if (msglen < 3) 943 return 0; 944 clen = (p[0] << 16) | (p[1] << 8) | p[2]; 945 if (msglen < clen + 3) 946 return 0; 947 q = p + 3; 948 BIO_indent(bio, indent, 80); 949 BIO_printf(bio, "ASN.1Cert, length=%d", (int)clen); 950 x = d2i_X509(NULL, &q, clen); 951 if (!x) 952 BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n"); 953 else { 954 BIO_puts(bio, "\n------details-----\n"); 955 X509_print_ex(bio, x, XN_FLAG_ONELINE, 0); 956 PEM_write_bio_X509(bio, x); 957 /* Print certificate stuff */ 958 BIO_puts(bio, "------------------\n"); 959 X509_free(x); 960 } 961 if (q != p + 3 + clen) { 962 BIO_puts(bio, "<TRAILING GARBAGE AFTER CERTIFICATE>\n"); 963 } 964 *pmsg += clen + 3; 965 *pmsglen -= clen + 3; 966 return 1; 967 } 968 969 static int ssl_print_certificates(BIO *bio, int indent, 970 const unsigned char *msg, size_t msglen) 971 { 972 size_t clen; 973 if (msglen < 3) 974 return 0; 975 clen = (msg[0] << 16) | (msg[1] << 8) | msg[2]; 976 if (msglen != clen + 3) 977 return 0; 978 msg += 3; 979 BIO_indent(bio, indent, 80); 980 BIO_printf(bio, "certificate_list, length=%d\n", (int)clen); 981 while (clen > 0) { 982 if (!ssl_print_certificate(bio, indent + 2, &msg, &clen)) 983 return 0; 984 } 985 return 1; 986 } 987 988 static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, 989 const unsigned char *msg, size_t msglen) 990 { 991 size_t xlen; 992 if (msglen < 1) 993 return 0; 994 xlen = msg[0]; 995 if (msglen < xlen + 1) 996 return 0; 997 msg++; 998 BIO_indent(bio, indent, 80); 999 BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen); 1000 if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl)) 1001 return 0; 1002 msg += xlen; 1003 msglen -= xlen + 1; 1004 if (!SSL_USE_SIGALGS(s)) 1005 goto skip_sig; 1006 if (msglen < 2) 1007 return 0; 1008 xlen = (msg[0] << 8) | msg[1]; 1009 if (msglen < xlen + 2 || (xlen & 1)) 1010 return 0; 1011 msg += 2; 1012 BIO_indent(bio, indent, 80); 1013 BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen); 1014 while (xlen > 0) { 1015 BIO_indent(bio, indent + 2, 80); 1016 BIO_printf(bio, "%s+%s (%d+%d)\n", 1017 ssl_trace_str(msg[0], ssl_md_tbl), 1018 ssl_trace_str(msg[1], ssl_sig_tbl), msg[0], msg[1]); 1019 xlen -= 2; 1020 msg += 2; 1021 } 1022 msg += xlen; 1023 msglen -= xlen + 2; 1024 1025 skip_sig: 1026 if (msglen < 2) 1027 return 0; 1028 xlen = (msg[0] << 8) | msg[1]; 1029 BIO_indent(bio, indent, 80); 1030 if (msglen < xlen + 2) 1031 return 0; 1032 msg += 2; 1033 msglen -= 2; 1034 BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen); 1035 while (xlen > 0) { 1036 size_t dlen; 1037 X509_NAME *nm; 1038 const unsigned char *p; 1039 if (xlen < 2) 1040 return 0; 1041 dlen = (msg[0] << 8) | msg[1]; 1042 if (xlen < dlen + 2) 1043 return 0; 1044 msg += 2; 1045 BIO_indent(bio, indent + 2, 80); 1046 BIO_printf(bio, "DistinguishedName (len=%d): ", (int)dlen); 1047 p = msg; 1048 nm = d2i_X509_NAME(NULL, &p, dlen); 1049 if (!nm) { 1050 BIO_puts(bio, "<UNPARSEABLE DN>\n"); 1051 } else { 1052 X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE); 1053 BIO_puts(bio, "\n"); 1054 X509_NAME_free(nm); 1055 } 1056 xlen -= dlen + 2; 1057 msg += dlen; 1058 } 1059 return 1; 1060 } 1061 1062 static int ssl_print_ticket(BIO *bio, int indent, 1063 const unsigned char *msg, size_t msglen) 1064 { 1065 unsigned int tick_life; 1066 if (msglen == 0) { 1067 BIO_indent(bio, indent + 2, 80); 1068 BIO_puts(bio, "No Ticket\n"); 1069 return 1; 1070 } 1071 if (msglen < 4) 1072 return 0; 1073 tick_life = (msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8) | msg[3]; 1074 msglen -= 4; 1075 msg += 4; 1076 BIO_indent(bio, indent + 2, 80); 1077 BIO_printf(bio, "ticket_lifetime_hint=%u\n", tick_life); 1078 if (!ssl_print_hexbuf(bio, indent + 2, "ticket", 2, &msg, &msglen)) 1079 return 0; 1080 if (msglen) 1081 return 0; 1082 return 1; 1083 } 1084 1085 static int ssl_print_handshake(BIO *bio, SSL *ssl, 1086 const unsigned char *msg, size_t msglen, 1087 int indent) 1088 { 1089 size_t hlen; 1090 unsigned char htype; 1091 if (msglen < 4) 1092 return 0; 1093 htype = msg[0]; 1094 hlen = (msg[1] << 16) | (msg[2] << 8) | msg[3]; 1095 BIO_indent(bio, indent, 80); 1096 BIO_printf(bio, "%s, Length=%d\n", 1097 ssl_trace_str(htype, ssl_handshake_tbl), (int)hlen); 1098 msg += 4; 1099 msglen -= 4; 1100 if (SSL_IS_DTLS(ssl)) { 1101 if (msglen < 8) 1102 return 0; 1103 BIO_indent(bio, indent, 80); 1104 BIO_printf(bio, "message_seq=%d, fragment_offset=%d, " 1105 "fragment_length=%d\n", 1106 (msg[0] << 8) | msg[1], 1107 (msg[2] << 16) | (msg[3] << 8) | msg[4], 1108 (msg[5] << 16) | (msg[6] << 8) | msg[7]); 1109 msg += 8; 1110 msglen -= 8; 1111 } 1112 if (msglen < hlen) 1113 return 0; 1114 switch (htype) { 1115 case SSL3_MT_CLIENT_HELLO: 1116 if (!ssl_print_client_hello(bio, ssl, indent + 2, msg, msglen)) 1117 return 0; 1118 break; 1119 1120 case DTLS1_MT_HELLO_VERIFY_REQUEST: 1121 if (!dtls_print_hello_vfyrequest(bio, indent + 2, msg, msglen)) 1122 return 0; 1123 break; 1124 1125 case SSL3_MT_SERVER_HELLO: 1126 if (!ssl_print_server_hello(bio, indent + 2, msg, msglen)) 1127 return 0; 1128 break; 1129 1130 case SSL3_MT_SERVER_KEY_EXCHANGE: 1131 if (!ssl_print_server_keyex(bio, indent + 2, ssl, msg, msglen)) 1132 return 0; 1133 break; 1134 1135 case SSL3_MT_CLIENT_KEY_EXCHANGE: 1136 if (!ssl_print_client_keyex(bio, indent + 2, ssl, msg, msglen)) 1137 return 0; 1138 break; 1139 1140 case SSL3_MT_CERTIFICATE: 1141 if (!ssl_print_certificates(bio, indent + 2, msg, msglen)) 1142 return 0; 1143 break; 1144 1145 case SSL3_MT_CERTIFICATE_VERIFY: 1146 if (!ssl_print_signature(bio, indent + 2, ssl, &msg, &msglen)) 1147 return 0; 1148 break; 1149 1150 case SSL3_MT_CERTIFICATE_REQUEST: 1151 if (!ssl_print_cert_request(bio, indent + 2, ssl, msg, msglen)) 1152 return 0; 1153 break; 1154 1155 case SSL3_MT_FINISHED: 1156 ssl_print_hex(bio, indent + 2, "verify_data", msg, msglen); 1157 break; 1158 1159 case SSL3_MT_SERVER_DONE: 1160 if (msglen != 0) 1161 ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen); 1162 break; 1163 1164 case SSL3_MT_NEWSESSION_TICKET: 1165 if (!ssl_print_ticket(bio, indent + 2, msg, msglen)) 1166 return 0; 1167 break; 1168 1169 default: 1170 BIO_indent(bio, indent + 2, 80); 1171 BIO_puts(bio, "Unsupported, hex dump follows:\n"); 1172 BIO_dump_indent(bio, (char *)msg, msglen, indent + 4); 1173 } 1174 return 1; 1175 } 1176 1177 static int ssl_print_heartbeat(BIO *bio, int indent, 1178 const unsigned char *msg, size_t msglen) 1179 { 1180 if (msglen < 3) 1181 return 0; 1182 BIO_indent(bio, indent, 80); 1183 BIO_printf(bio, "HeartBeatMessageType: %s\n", 1184 ssl_trace_str(msg[0], ssl_hb_type_tbl)); 1185 msg++; 1186 msglen--; 1187 if (!ssl_print_hexbuf(bio, indent, "payload", 2, &msg, &msglen)) 1188 return 0; 1189 ssl_print_hex(bio, indent, "padding", msg, msglen); 1190 return 1; 1191 } 1192 1193 const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c) 1194 { 1195 if (c->algorithm_ssl & SSL_SSLV2) 1196 return NULL; 1197 return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl); 1198 } 1199 1200 void SSL_trace(int write_p, int version, int content_type, 1201 const void *buf, size_t msglen, SSL *ssl, void *arg) 1202 { 1203 const unsigned char *msg = buf; 1204 BIO *bio = arg; 1205 1206 if (write_p == 2) { 1207 BIO_puts(bio, "Session "); 1208 ssl_print_hex(bio, 0, 1209 ssl_trace_str(content_type, ssl_crypto_tbl), 1210 msg, msglen); 1211 return; 1212 } 1213 switch (content_type) { 1214 case SSL3_RT_HEADER: 1215 { 1216 int hvers; 1217 1218 /* avoid overlapping with length at the end of buffer */ 1219 if (msglen < (SSL_IS_DTLS(ssl) ? 13 : 5)) { 1220 BIO_puts(bio, write_p ? "Sent" : "Received"); 1221 ssl_print_hex(bio, 0, " too short message", msg, msglen); 1222 break; 1223 } 1224 hvers = msg[1] << 8 | msg[2]; 1225 BIO_puts(bio, write_p ? "Sent" : "Received"); 1226 BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", 1227 ssl_trace_str(hvers, ssl_version_tbl), hvers); 1228 if (SSL_IS_DTLS(ssl)) { 1229 BIO_printf(bio, 1230 " epoch=%d, sequence_number=%04x%04x%04x\n", 1231 (msg[3] << 8 | msg[4]), 1232 (msg[5] << 8 | msg[6]), 1233 (msg[7] << 8 | msg[8]), (msg[9] << 8 | msg[10])); 1234 # if 0 1235 /* 1236 * Just print handshake type so we can see what is going on 1237 * during fragmentation. 1238 */ 1239 BIO_printf(bio, "(%s)\n", 1240 ssl_trace_str(msg[msglen], ssl_handshake_tbl)); 1241 # endif 1242 } 1243 1244 BIO_printf(bio, " Content Type = %s (%d)\n Length = %d", 1245 ssl_trace_str(msg[0], ssl_content_tbl), msg[0], 1246 msg[msglen - 2] << 8 | msg[msglen - 1]); 1247 } 1248 break; 1249 case SSL3_RT_HANDSHAKE: 1250 if (!ssl_print_handshake(bio, ssl, msg, msglen, 4)) 1251 BIO_printf(bio, "Message length parse error!\n"); 1252 break; 1253 1254 case SSL3_RT_CHANGE_CIPHER_SPEC: 1255 if (msglen == 1 && msg[0] == 1) 1256 BIO_puts(bio, " change_cipher_spec (1)\n"); 1257 else 1258 ssl_print_hex(bio, 4, "unknown value", msg, msglen); 1259 break; 1260 1261 case SSL3_RT_ALERT: 1262 if (msglen != 2) { 1263 BIO_puts(bio, " Illegal Alert Length\n"); 1264 } else { 1265 BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n", 1266 SSL_alert_type_string_long(msg[0] << 8), 1267 msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]); 1268 } 1269 break; 1270 1271 case TLS1_RT_HEARTBEAT: 1272 ssl_print_heartbeat(bio, 4, msg, msglen); 1273 break; 1274 1275 } 1276 1277 BIO_puts(bio, "\n"); 1278 } 1279 1280 #endif 1281