1 /* 2 * Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "ssl_local.h" 11 12 #ifndef OPENSSL_NO_SSL_TRACE 13 14 /* Packet trace support for OpenSSL */ 15 16 typedef struct { 17 int num; 18 const char *name; 19 } ssl_trace_tbl; 20 21 # define ssl_trace_str(val, tbl) \ 22 do_ssl_trace_str(val, tbl, OSSL_NELEM(tbl)) 23 24 # define ssl_trace_list(bio, indent, msg, msglen, value, table) \ 25 do_ssl_trace_list(bio, indent, msg, msglen, value, \ 26 table, OSSL_NELEM(table)) 27 28 static const char *do_ssl_trace_str(int val, const ssl_trace_tbl *tbl, 29 size_t ntbl) 30 { 31 size_t i; 32 33 for (i = 0; i < ntbl; i++, tbl++) { 34 if (tbl->num == val) 35 return tbl->name; 36 } 37 return "UNKNOWN"; 38 } 39 40 static int do_ssl_trace_list(BIO *bio, int indent, 41 const unsigned char *msg, size_t msglen, 42 size_t vlen, const ssl_trace_tbl *tbl, size_t ntbl) 43 { 44 int val; 45 46 if (msglen % vlen) 47 return 0; 48 while (msglen) { 49 val = msg[0]; 50 if (vlen == 2) 51 val = (val << 8) | msg[1]; 52 BIO_indent(bio, indent, 80); 53 BIO_printf(bio, "%s (%d)\n", do_ssl_trace_str(val, tbl, ntbl), val); 54 msg += vlen; 55 msglen -= vlen; 56 } 57 return 1; 58 } 59 60 /* Version number */ 61 62 static const ssl_trace_tbl ssl_version_tbl[] = { 63 {SSL3_VERSION, "SSL 3.0"}, 64 {TLS1_VERSION, "TLS 1.0"}, 65 {TLS1_1_VERSION, "TLS 1.1"}, 66 {TLS1_2_VERSION, "TLS 1.2"}, 67 {TLS1_3_VERSION, "TLS 1.3"}, 68 {DTLS1_VERSION, "DTLS 1.0"}, 69 {DTLS1_2_VERSION, "DTLS 1.2"}, 70 {DTLS1_BAD_VER, "DTLS 1.0 (bad)"} 71 }; 72 73 static const ssl_trace_tbl ssl_content_tbl[] = { 74 {SSL3_RT_CHANGE_CIPHER_SPEC, "ChangeCipherSpec"}, 75 {SSL3_RT_ALERT, "Alert"}, 76 {SSL3_RT_HANDSHAKE, "Handshake"}, 77 {SSL3_RT_APPLICATION_DATA, "ApplicationData"}, 78 }; 79 80 /* Handshake types, sorted by ascending id */ 81 static const ssl_trace_tbl ssl_handshake_tbl[] = { 82 {SSL3_MT_HELLO_REQUEST, "HelloRequest"}, 83 {SSL3_MT_CLIENT_HELLO, "ClientHello"}, 84 {SSL3_MT_SERVER_HELLO, "ServerHello"}, 85 {DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"}, 86 {SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"}, 87 {SSL3_MT_END_OF_EARLY_DATA, "EndOfEarlyData"}, 88 {SSL3_MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions"}, 89 {SSL3_MT_CERTIFICATE, "Certificate"}, 90 {SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"}, 91 {SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"}, 92 {SSL3_MT_SERVER_DONE, "ServerHelloDone"}, 93 {SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"}, 94 {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"}, 95 {SSL3_MT_FINISHED, "Finished"}, 96 {SSL3_MT_CERTIFICATE_URL, "CertificateUrl"}, 97 {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}, 98 {SSL3_MT_SUPPLEMENTAL_DATA, "SupplementalData"}, 99 {SSL3_MT_KEY_UPDATE, "KeyUpdate"}, 100 # ifndef OPENSSL_NO_NEXTPROTONEG 101 {SSL3_MT_NEXT_PROTO, "NextProto"}, 102 # endif 103 {SSL3_MT_MESSAGE_HASH, "MessageHash"} 104 }; 105 106 /* Cipher suites */ 107 static const ssl_trace_tbl ssl_ciphers_tbl[] = { 108 {0x0000, "TLS_NULL_WITH_NULL_NULL"}, 109 {0x0001, "TLS_RSA_WITH_NULL_MD5"}, 110 {0x0002, "TLS_RSA_WITH_NULL_SHA"}, 111 {0x0003, "TLS_RSA_EXPORT_WITH_RC4_40_MD5"}, 112 {0x0004, "TLS_RSA_WITH_RC4_128_MD5"}, 113 {0x0005, "TLS_RSA_WITH_RC4_128_SHA"}, 114 {0x0006, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, 115 {0x0007, "TLS_RSA_WITH_IDEA_CBC_SHA"}, 116 {0x0008, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 117 {0x0009, "TLS_RSA_WITH_DES_CBC_SHA"}, 118 {0x000A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, 119 {0x000B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 120 {0x000C, "TLS_DH_DSS_WITH_DES_CBC_SHA"}, 121 {0x000D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, 122 {0x000E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 123 {0x000F, "TLS_DH_RSA_WITH_DES_CBC_SHA"}, 124 {0x0010, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, 125 {0x0011, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 126 {0x0012, "TLS_DHE_DSS_WITH_DES_CBC_SHA"}, 127 {0x0013, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, 128 {0x0014, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 129 {0x0015, "TLS_DHE_RSA_WITH_DES_CBC_SHA"}, 130 {0x0016, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 131 {0x0017, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"}, 132 {0x0018, "TLS_DH_anon_WITH_RC4_128_MD5"}, 133 {0x0019, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}, 134 {0x001A, "TLS_DH_anon_WITH_DES_CBC_SHA"}, 135 {0x001B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"}, 136 {0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"}, 137 {0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"}, 138 {0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"}, 139 {0x0020, "TLS_KRB5_WITH_RC4_128_SHA"}, 140 {0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA"}, 141 {0x0022, "TLS_KRB5_WITH_DES_CBC_MD5"}, 142 {0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"}, 143 {0x0024, "TLS_KRB5_WITH_RC4_128_MD5"}, 144 {0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5"}, 145 {0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"}, 146 {0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"}, 147 {0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"}, 148 {0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"}, 149 {0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"}, 150 {0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"}, 151 {0x002C, "TLS_PSK_WITH_NULL_SHA"}, 152 {0x002D, "TLS_DHE_PSK_WITH_NULL_SHA"}, 153 {0x002E, "TLS_RSA_PSK_WITH_NULL_SHA"}, 154 {0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA"}, 155 {0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, 156 {0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, 157 {0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, 158 {0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 159 {0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, 160 {0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA"}, 161 {0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, 162 {0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, 163 {0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, 164 {0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 165 {0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, 166 {0x003B, "TLS_RSA_WITH_NULL_SHA256"}, 167 {0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 168 {0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 169 {0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, 170 {0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, 171 {0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, 172 {0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 173 {0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 174 {0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 175 {0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 176 {0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 177 {0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"}, 178 {0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 179 {0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, 180 {0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, 181 {0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, 182 {0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 183 {0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, 184 {0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, 185 {0x0081, "TLS_GOSTR341001_WITH_28147_CNT_IMIT"}, 186 {0x0083, "TLS_GOSTR341001_WITH_NULL_GOSTR3411"}, 187 {0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 188 {0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 189 {0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 190 {0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 191 {0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 192 {0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"}, 193 {0x008A, "TLS_PSK_WITH_RC4_128_SHA"}, 194 {0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA"}, 195 {0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA"}, 196 {0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA"}, 197 {0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA"}, 198 {0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"}, 199 {0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"}, 200 {0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"}, 201 {0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA"}, 202 {0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"}, 203 {0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"}, 204 {0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"}, 205 {0x0096, "TLS_RSA_WITH_SEED_CBC_SHA"}, 206 {0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA"}, 207 {0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA"}, 208 {0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA"}, 209 {0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA"}, 210 {0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA"}, 211 {0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256"}, 212 {0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384"}, 213 {0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"}, 214 {0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"}, 215 {0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"}, 216 {0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"}, 217 {0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"}, 218 {0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"}, 219 {0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"}, 220 {0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"}, 221 {0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256"}, 222 {0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384"}, 223 {0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256"}, 224 {0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384"}, 225 {0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"}, 226 {0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"}, 227 {0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"}, 228 {0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"}, 229 {0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256"}, 230 {0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384"}, 231 {0x00B0, "TLS_PSK_WITH_NULL_SHA256"}, 232 {0x00B1, "TLS_PSK_WITH_NULL_SHA384"}, 233 {0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"}, 234 {0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"}, 235 {0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256"}, 236 {0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384"}, 237 {0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"}, 238 {0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"}, 239 {0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256"}, 240 {0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384"}, 241 {0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 242 {0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 243 {0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 244 {0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 245 {0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 246 {0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"}, 247 {0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 248 {0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 249 {0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 250 {0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 251 {0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 252 {0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"}, 253 {0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}, 254 {0x5600, "TLS_FALLBACK_SCSV"}, 255 {0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA"}, 256 {0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"}, 257 {0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 258 {0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"}, 259 {0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"}, 260 {0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA"}, 261 {0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"}, 262 {0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 263 {0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"}, 264 {0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"}, 265 {0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA"}, 266 {0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA"}, 267 {0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"}, 268 {0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"}, 269 {0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"}, 270 {0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA"}, 271 {0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA"}, 272 {0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 273 {0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, 274 {0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, 275 {0xC015, "TLS_ECDH_anon_WITH_NULL_SHA"}, 276 {0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA"}, 277 {0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"}, 278 {0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"}, 279 {0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"}, 280 {0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"}, 281 {0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"}, 282 {0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"}, 283 {0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"}, 284 {0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"}, 285 {0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"}, 286 {0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"}, 287 {0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"}, 288 {0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"}, 289 {0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"}, 290 {0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"}, 291 {0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"}, 292 {0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"}, 293 {0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, 294 {0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"}, 295 {0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"}, 296 {0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"}, 297 {0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"}, 298 {0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}, 299 {0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"}, 300 {0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"}, 301 {0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, 302 {0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, 303 {0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"}, 304 {0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"}, 305 {0xC033, "TLS_ECDHE_PSK_WITH_RC4_128_SHA"}, 306 {0xC034, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"}, 307 {0xC035, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"}, 308 {0xC036, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"}, 309 {0xC037, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"}, 310 {0xC038, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"}, 311 {0xC039, "TLS_ECDHE_PSK_WITH_NULL_SHA"}, 312 {0xC03A, "TLS_ECDHE_PSK_WITH_NULL_SHA256"}, 313 {0xC03B, "TLS_ECDHE_PSK_WITH_NULL_SHA384"}, 314 {0xC03C, "TLS_RSA_WITH_ARIA_128_CBC_SHA256"}, 315 {0xC03D, "TLS_RSA_WITH_ARIA_256_CBC_SHA384"}, 316 {0xC03E, "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"}, 317 {0xC03F, "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"}, 318 {0xC040, "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"}, 319 {0xC041, "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"}, 320 {0xC042, "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"}, 321 {0xC043, "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"}, 322 {0xC044, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"}, 323 {0xC045, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"}, 324 {0xC046, "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"}, 325 {0xC047, "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"}, 326 {0xC048, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"}, 327 {0xC049, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"}, 328 {0xC04A, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"}, 329 {0xC04B, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"}, 330 {0xC04C, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"}, 331 {0xC04D, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"}, 332 {0xC04E, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"}, 333 {0xC04F, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"}, 334 {0xC050, "TLS_RSA_WITH_ARIA_128_GCM_SHA256"}, 335 {0xC051, "TLS_RSA_WITH_ARIA_256_GCM_SHA384"}, 336 {0xC052, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256"}, 337 {0xC053, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384"}, 338 {0xC054, "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"}, 339 {0xC055, "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"}, 340 {0xC056, "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256"}, 341 {0xC057, "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384"}, 342 {0xC058, "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"}, 343 {0xC059, "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"}, 344 {0xC05A, "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"}, 345 {0xC05B, "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"}, 346 {0xC05C, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256"}, 347 {0xC05D, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384"}, 348 {0xC05E, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"}, 349 {0xC05F, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"}, 350 {0xC060, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256"}, 351 {0xC061, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384"}, 352 {0xC062, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"}, 353 {0xC063, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"}, 354 {0xC064, "TLS_PSK_WITH_ARIA_128_CBC_SHA256"}, 355 {0xC065, "TLS_PSK_WITH_ARIA_256_CBC_SHA384"}, 356 {0xC066, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"}, 357 {0xC067, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"}, 358 {0xC068, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"}, 359 {0xC069, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"}, 360 {0xC06A, "TLS_PSK_WITH_ARIA_128_GCM_SHA256"}, 361 {0xC06B, "TLS_PSK_WITH_ARIA_256_GCM_SHA384"}, 362 {0xC06C, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256"}, 363 {0xC06D, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384"}, 364 {0xC06E, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"}, 365 {0xC06F, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"}, 366 {0xC070, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"}, 367 {0xC071, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"}, 368 {0xC072, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"}, 369 {0xC073, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"}, 370 {0xC074, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"}, 371 {0xC075, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"}, 372 {0xC076, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 373 {0xC077, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"}, 374 {0xC078, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 375 {0xC079, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"}, 376 {0xC07A, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, 377 {0xC07B, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, 378 {0xC07C, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, 379 {0xC07D, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, 380 {0xC07E, "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, 381 {0xC07F, "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, 382 {0xC080, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256"}, 383 {0xC081, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384"}, 384 {0xC082, "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"}, 385 {0xC083, "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"}, 386 {0xC084, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"}, 387 {0xC085, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"}, 388 {0xC086, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"}, 389 {0xC087, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"}, 390 {0xC088, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"}, 391 {0xC089, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"}, 392 {0xC08A, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, 393 {0xC08B, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, 394 {0xC08C, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"}, 395 {0xC08D, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"}, 396 {0xC08E, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, 397 {0xC08F, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, 398 {0xC090, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, 399 {0xC091, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, 400 {0xC092, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"}, 401 {0xC093, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"}, 402 {0xC094, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, 403 {0xC095, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, 404 {0xC096, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, 405 {0xC097, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, 406 {0xC098, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, 407 {0xC099, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, 408 {0xC09A, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"}, 409 {0xC09B, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"}, 410 {0xC09C, "TLS_RSA_WITH_AES_128_CCM"}, 411 {0xC09D, "TLS_RSA_WITH_AES_256_CCM"}, 412 {0xC09E, "TLS_DHE_RSA_WITH_AES_128_CCM"}, 413 {0xC09F, "TLS_DHE_RSA_WITH_AES_256_CCM"}, 414 {0xC0A0, "TLS_RSA_WITH_AES_128_CCM_8"}, 415 {0xC0A1, "TLS_RSA_WITH_AES_256_CCM_8"}, 416 {0xC0A2, "TLS_DHE_RSA_WITH_AES_128_CCM_8"}, 417 {0xC0A3, "TLS_DHE_RSA_WITH_AES_256_CCM_8"}, 418 {0xC0A4, "TLS_PSK_WITH_AES_128_CCM"}, 419 {0xC0A5, "TLS_PSK_WITH_AES_256_CCM"}, 420 {0xC0A6, "TLS_DHE_PSK_WITH_AES_128_CCM"}, 421 {0xC0A7, "TLS_DHE_PSK_WITH_AES_256_CCM"}, 422 {0xC0A8, "TLS_PSK_WITH_AES_128_CCM_8"}, 423 {0xC0A9, "TLS_PSK_WITH_AES_256_CCM_8"}, 424 {0xC0AA, "TLS_PSK_DHE_WITH_AES_128_CCM_8"}, 425 {0xC0AB, "TLS_PSK_DHE_WITH_AES_256_CCM_8"}, 426 {0xC0AC, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"}, 427 {0xC0AD, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM"}, 428 {0xC0AE, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"}, 429 {0xC0AF, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"}, 430 {0xC102, "IANA-GOST2012-GOST8912-GOST8912"}, 431 {0xCCA8, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"}, 432 {0xCCA9, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"}, 433 {0xCCAA, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"}, 434 {0xCCAB, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"}, 435 {0xCCAC, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256"}, 436 {0xCCAD, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256"}, 437 {0xCCAE, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"}, 438 {0x1301, "TLS_AES_128_GCM_SHA256"}, 439 {0x1302, "TLS_AES_256_GCM_SHA384"}, 440 {0x1303, "TLS_CHACHA20_POLY1305_SHA256"}, 441 {0x1304, "TLS_AES_128_CCM_SHA256"}, 442 {0x1305, "TLS_AES_128_CCM_8_SHA256"}, 443 {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, 444 {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, 445 {0xFF85, "LEGACY-GOST2012-GOST8912-GOST8912"}, 446 {0xFF87, "GOST2012-NULL-GOST12"}, 447 {0xC100, "GOST2012-KUZNYECHIK-KUZNYECHIKOMAC"}, 448 {0xC101, "GOST2012-MAGMA-MAGMAOMAC"}, 449 {0xC102, "GOST2012-GOST8912-IANA"}, 450 }; 451 452 /* Compression methods */ 453 static const ssl_trace_tbl ssl_comp_tbl[] = { 454 {0x0000, "No Compression"}, 455 {0x0001, "Zlib Compression"} 456 }; 457 458 /* Extensions sorted by ascending id */ 459 static const ssl_trace_tbl ssl_exts_tbl[] = { 460 {TLSEXT_TYPE_server_name, "server_name"}, 461 {TLSEXT_TYPE_max_fragment_length, "max_fragment_length"}, 462 {TLSEXT_TYPE_client_certificate_url, "client_certificate_url"}, 463 {TLSEXT_TYPE_trusted_ca_keys, "trusted_ca_keys"}, 464 {TLSEXT_TYPE_truncated_hmac, "truncated_hmac"}, 465 {TLSEXT_TYPE_status_request, "status_request"}, 466 {TLSEXT_TYPE_user_mapping, "user_mapping"}, 467 {TLSEXT_TYPE_client_authz, "client_authz"}, 468 {TLSEXT_TYPE_server_authz, "server_authz"}, 469 {TLSEXT_TYPE_cert_type, "cert_type"}, 470 {TLSEXT_TYPE_supported_groups, "supported_groups"}, 471 {TLSEXT_TYPE_ec_point_formats, "ec_point_formats"}, 472 {TLSEXT_TYPE_srp, "srp"}, 473 {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"}, 474 {TLSEXT_TYPE_use_srtp, "use_srtp"}, 475 {TLSEXT_TYPE_application_layer_protocol_negotiation, 476 "application_layer_protocol_negotiation"}, 477 {TLSEXT_TYPE_signed_certificate_timestamp, "signed_certificate_timestamps"}, 478 {TLSEXT_TYPE_padding, "padding"}, 479 {TLSEXT_TYPE_encrypt_then_mac, "encrypt_then_mac"}, 480 {TLSEXT_TYPE_extended_master_secret, "extended_master_secret"}, 481 {TLSEXT_TYPE_session_ticket, "session_ticket"}, 482 {TLSEXT_TYPE_psk, "psk"}, 483 {TLSEXT_TYPE_early_data, "early_data"}, 484 {TLSEXT_TYPE_supported_versions, "supported_versions"}, 485 {TLSEXT_TYPE_cookie, "cookie_ext"}, 486 {TLSEXT_TYPE_psk_kex_modes, "psk_key_exchange_modes"}, 487 {TLSEXT_TYPE_certificate_authorities, "certificate_authorities"}, 488 {TLSEXT_TYPE_post_handshake_auth, "post_handshake_auth"}, 489 {TLSEXT_TYPE_signature_algorithms_cert, "signature_algorithms_cert"}, 490 {TLSEXT_TYPE_key_share, "key_share"}, 491 {TLSEXT_TYPE_renegotiate, "renegotiate"}, 492 # ifndef OPENSSL_NO_NEXTPROTONEG 493 {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"}, 494 # endif 495 }; 496 497 static const ssl_trace_tbl ssl_groups_tbl[] = { 498 {1, "sect163k1 (K-163)"}, 499 {2, "sect163r1"}, 500 {3, "sect163r2 (B-163)"}, 501 {4, "sect193r1"}, 502 {5, "sect193r2"}, 503 {6, "sect233k1 (K-233)"}, 504 {7, "sect233r1 (B-233)"}, 505 {8, "sect239k1"}, 506 {9, "sect283k1 (K-283)"}, 507 {10, "sect283r1 (B-283)"}, 508 {11, "sect409k1 (K-409)"}, 509 {12, "sect409r1 (B-409)"}, 510 {13, "sect571k1 (K-571)"}, 511 {14, "sect571r1 (B-571)"}, 512 {15, "secp160k1"}, 513 {16, "secp160r1"}, 514 {17, "secp160r2"}, 515 {18, "secp192k1"}, 516 {19, "secp192r1 (P-192)"}, 517 {20, "secp224k1"}, 518 {21, "secp224r1 (P-224)"}, 519 {22, "secp256k1"}, 520 {23, "secp256r1 (P-256)"}, 521 {24, "secp384r1 (P-384)"}, 522 {25, "secp521r1 (P-521)"}, 523 {26, "brainpoolP256r1"}, 524 {27, "brainpoolP384r1"}, 525 {28, "brainpoolP512r1"}, 526 {29, "ecdh_x25519"}, 527 {30, "ecdh_x448"}, 528 {34, "GC256A"}, 529 {35, "GC256B"}, 530 {36, "GC256C"}, 531 {37, "GC256D"}, 532 {38, "GC512A"}, 533 {39, "GC512B"}, 534 {40, "GC512C"}, 535 {256, "ffdhe2048"}, 536 {257, "ffdhe3072"}, 537 {258, "ffdhe4096"}, 538 {259, "ffdhe6144"}, 539 {260, "ffdhe8192"}, 540 {0xFF01, "arbitrary_explicit_prime_curves"}, 541 {0xFF02, "arbitrary_explicit_char2_curves"} 542 }; 543 544 static const ssl_trace_tbl ssl_point_tbl[] = { 545 {0, "uncompressed"}, 546 {1, "ansiX962_compressed_prime"}, 547 {2, "ansiX962_compressed_char2"} 548 }; 549 550 static const ssl_trace_tbl ssl_mfl_tbl[] = { 551 {0, "disabled"}, 552 {1, "max_fragment_length := 2^9 (512 bytes)"}, 553 {2, "max_fragment_length := 2^10 (1024 bytes)"}, 554 {3, "max_fragment_length := 2^11 (2048 bytes)"}, 555 {4, "max_fragment_length := 2^12 (4096 bytes)"} 556 }; 557 558 static const ssl_trace_tbl ssl_sigalg_tbl[] = { 559 {TLSEXT_SIGALG_ecdsa_secp256r1_sha256, "ecdsa_secp256r1_sha256"}, 560 {TLSEXT_SIGALG_ecdsa_secp384r1_sha384, "ecdsa_secp384r1_sha384"}, 561 {TLSEXT_SIGALG_ecdsa_secp521r1_sha512, "ecdsa_secp521r1_sha512"}, 562 {TLSEXT_SIGALG_ecdsa_sha224, "ecdsa_sha224"}, 563 {TLSEXT_SIGALG_ed25519, "ed25519"}, 564 {TLSEXT_SIGALG_ed448, "ed448"}, 565 {TLSEXT_SIGALG_ecdsa_sha1, "ecdsa_sha1"}, 566 {TLSEXT_SIGALG_rsa_pss_rsae_sha256, "rsa_pss_rsae_sha256"}, 567 {TLSEXT_SIGALG_rsa_pss_rsae_sha384, "rsa_pss_rsae_sha384"}, 568 {TLSEXT_SIGALG_rsa_pss_rsae_sha512, "rsa_pss_rsae_sha512"}, 569 {TLSEXT_SIGALG_rsa_pss_pss_sha256, "rsa_pss_pss_sha256"}, 570 {TLSEXT_SIGALG_rsa_pss_pss_sha384, "rsa_pss_pss_sha384"}, 571 {TLSEXT_SIGALG_rsa_pss_pss_sha512, "rsa_pss_pss_sha512"}, 572 {TLSEXT_SIGALG_rsa_pkcs1_sha256, "rsa_pkcs1_sha256"}, 573 {TLSEXT_SIGALG_rsa_pkcs1_sha384, "rsa_pkcs1_sha384"}, 574 {TLSEXT_SIGALG_rsa_pkcs1_sha512, "rsa_pkcs1_sha512"}, 575 {TLSEXT_SIGALG_rsa_pkcs1_sha224, "rsa_pkcs1_sha224"}, 576 {TLSEXT_SIGALG_rsa_pkcs1_sha1, "rsa_pkcs1_sha1"}, 577 {TLSEXT_SIGALG_dsa_sha256, "dsa_sha256"}, 578 {TLSEXT_SIGALG_dsa_sha384, "dsa_sha384"}, 579 {TLSEXT_SIGALG_dsa_sha512, "dsa_sha512"}, 580 {TLSEXT_SIGALG_dsa_sha224, "dsa_sha224"}, 581 {TLSEXT_SIGALG_dsa_sha1, "dsa_sha1"}, 582 {TLSEXT_SIGALG_gostr34102012_256_intrinsic, "gost2012_256"}, 583 {TLSEXT_SIGALG_gostr34102012_512_intrinsic, "gost2012_512"}, 584 {TLSEXT_SIGALG_gostr34102012_256_gostr34112012_256, "gost2012_256"}, 585 {TLSEXT_SIGALG_gostr34102012_512_gostr34112012_512, "gost2012_512"}, 586 {TLSEXT_SIGALG_gostr34102001_gostr3411, "gost2001_gost94"}, 587 }; 588 589 static const ssl_trace_tbl ssl_ctype_tbl[] = { 590 {1, "rsa_sign"}, 591 {2, "dss_sign"}, 592 {3, "rsa_fixed_dh"}, 593 {4, "dss_fixed_dh"}, 594 {5, "rsa_ephemeral_dh"}, 595 {6, "dss_ephemeral_dh"}, 596 {20, "fortezza_dms"}, 597 {64, "ecdsa_sign"}, 598 {65, "rsa_fixed_ecdh"}, 599 {66, "ecdsa_fixed_ecdh"}, 600 {67, "gost_sign256"}, 601 {68, "gost_sign512"}, 602 }; 603 604 static const ssl_trace_tbl ssl_psk_kex_modes_tbl[] = { 605 {TLSEXT_KEX_MODE_KE, "psk_ke"}, 606 {TLSEXT_KEX_MODE_KE_DHE, "psk_dhe_ke"} 607 }; 608 609 static const ssl_trace_tbl ssl_key_update_tbl[] = { 610 {SSL_KEY_UPDATE_NOT_REQUESTED, "update_not_requested"}, 611 {SSL_KEY_UPDATE_REQUESTED, "update_requested"} 612 }; 613 614 static void ssl_print_hex(BIO *bio, int indent, const char *name, 615 const unsigned char *msg, size_t msglen) 616 { 617 size_t i; 618 619 BIO_indent(bio, indent, 80); 620 BIO_printf(bio, "%s (len=%d): ", name, (int)msglen); 621 for (i = 0; i < msglen; i++) 622 BIO_printf(bio, "%02X", msg[i]); 623 BIO_puts(bio, "\n"); 624 } 625 626 static int ssl_print_hexbuf(BIO *bio, int indent, const char *name, size_t nlen, 627 const unsigned char **pmsg, size_t *pmsglen) 628 { 629 size_t blen; 630 const unsigned char *p = *pmsg; 631 632 if (*pmsglen < nlen) 633 return 0; 634 blen = p[0]; 635 if (nlen > 1) 636 blen = (blen << 8) | p[1]; 637 if (*pmsglen < nlen + blen) 638 return 0; 639 p += nlen; 640 ssl_print_hex(bio, indent, name, p, blen); 641 *pmsg += blen + nlen; 642 *pmsglen -= blen + nlen; 643 return 1; 644 } 645 646 static int ssl_print_version(BIO *bio, int indent, const char *name, 647 const unsigned char **pmsg, size_t *pmsglen, 648 unsigned int *version) 649 { 650 int vers; 651 652 if (*pmsglen < 2) 653 return 0; 654 vers = ((*pmsg)[0] << 8) | (*pmsg)[1]; 655 if (version != NULL) 656 *version = vers; 657 BIO_indent(bio, indent, 80); 658 BIO_printf(bio, "%s=0x%x (%s)\n", 659 name, vers, ssl_trace_str(vers, ssl_version_tbl)); 660 *pmsg += 2; 661 *pmsglen -= 2; 662 return 1; 663 } 664 665 static int ssl_print_random(BIO *bio, int indent, 666 const unsigned char **pmsg, size_t *pmsglen) 667 { 668 unsigned int tm; 669 const unsigned char *p = *pmsg; 670 671 if (*pmsglen < 32) 672 return 0; 673 tm = ((unsigned int)p[0] << 24) 674 | ((unsigned int)p[1] << 16) 675 | ((unsigned int)p[2] << 8) 676 | (unsigned int)p[3]; 677 p += 4; 678 BIO_indent(bio, indent, 80); 679 BIO_puts(bio, "Random:\n"); 680 BIO_indent(bio, indent + 2, 80); 681 BIO_printf(bio, "gmt_unix_time=0x%08X\n", tm); 682 ssl_print_hex(bio, indent + 2, "random_bytes", p, 28); 683 *pmsg += 32; 684 *pmsglen -= 32; 685 return 1; 686 } 687 688 static int ssl_print_signature(BIO *bio, int indent, const SSL *ssl, 689 const unsigned char **pmsg, size_t *pmsglen) 690 { 691 if (*pmsglen < 2) 692 return 0; 693 if (SSL_USE_SIGALGS(ssl)) { 694 const unsigned char *p = *pmsg; 695 unsigned int sigalg = (p[0] << 8) | p[1]; 696 697 BIO_indent(bio, indent, 80); 698 BIO_printf(bio, "Signature Algorithm: %s (0x%04x)\n", 699 ssl_trace_str(sigalg, ssl_sigalg_tbl), sigalg); 700 *pmsg += 2; 701 *pmsglen -= 2; 702 } 703 return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen); 704 } 705 706 static int ssl_print_extension(BIO *bio, int indent, int server, 707 unsigned char mt, int extype, 708 const unsigned char *ext, size_t extlen) 709 { 710 size_t xlen, share_len; 711 unsigned int sigalg; 712 uint32_t max_early_data; 713 714 BIO_indent(bio, indent, 80); 715 BIO_printf(bio, "extension_type=%s(%d), length=%d\n", 716 ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen); 717 switch (extype) { 718 case TLSEXT_TYPE_max_fragment_length: 719 if (extlen < 1) 720 return 0; 721 xlen = extlen; 722 return ssl_trace_list(bio, indent + 2, ext, xlen, 1, ssl_mfl_tbl); 723 724 case TLSEXT_TYPE_ec_point_formats: 725 if (extlen < 1) 726 return 0; 727 xlen = ext[0]; 728 if (extlen != xlen + 1) 729 return 0; 730 return ssl_trace_list(bio, indent + 2, ext + 1, xlen, 1, ssl_point_tbl); 731 732 case TLSEXT_TYPE_supported_groups: 733 if (extlen < 2) 734 return 0; 735 xlen = (ext[0] << 8) | ext[1]; 736 if (extlen != xlen + 2) 737 return 0; 738 return ssl_trace_list(bio, indent + 2, ext + 2, xlen, 2, ssl_groups_tbl); 739 case TLSEXT_TYPE_application_layer_protocol_negotiation: 740 if (extlen < 2) 741 return 0; 742 xlen = (ext[0] << 8) | ext[1]; 743 if (extlen != xlen + 2) 744 return 0; 745 ext += 2; 746 while (xlen > 0) { 747 size_t plen = *ext++; 748 749 if (plen + 1 > xlen) 750 return 0; 751 BIO_indent(bio, indent + 2, 80); 752 BIO_write(bio, ext, plen); 753 BIO_puts(bio, "\n"); 754 ext += plen; 755 xlen -= plen + 1; 756 } 757 return 1; 758 759 case TLSEXT_TYPE_signature_algorithms: 760 761 if (extlen < 2) 762 return 0; 763 xlen = (ext[0] << 8) | ext[1]; 764 if (extlen != xlen + 2) 765 return 0; 766 if (xlen & 1) 767 return 0; 768 ext += 2; 769 while (xlen > 0) { 770 BIO_indent(bio, indent + 2, 80); 771 sigalg = (ext[0] << 8) | ext[1]; 772 BIO_printf(bio, "%s (0x%04x)\n", 773 ssl_trace_str(sigalg, ssl_sigalg_tbl), sigalg); 774 xlen -= 2; 775 ext += 2; 776 } 777 break; 778 779 case TLSEXT_TYPE_renegotiate: 780 if (extlen < 1) 781 return 0; 782 xlen = ext[0]; 783 if (xlen + 1 != extlen) 784 return 0; 785 ext++; 786 if (xlen) { 787 if (server) { 788 if (xlen & 1) 789 return 0; 790 xlen >>= 1; 791 } 792 ssl_print_hex(bio, indent + 4, "client_verify_data", ext, xlen); 793 if (server) { 794 ext += xlen; 795 ssl_print_hex(bio, indent + 4, "server_verify_data", ext, xlen); 796 } 797 } else { 798 BIO_indent(bio, indent + 4, 80); 799 BIO_puts(bio, "<EMPTY>\n"); 800 } 801 break; 802 803 case TLSEXT_TYPE_session_ticket: 804 if (extlen != 0) 805 ssl_print_hex(bio, indent + 4, "ticket", ext, extlen); 806 break; 807 808 case TLSEXT_TYPE_key_share: 809 if (server && extlen == 2) { 810 int group_id; 811 812 /* We assume this is an HRR, otherwise this is an invalid key_share */ 813 group_id = (ext[0] << 8) | ext[1]; 814 BIO_indent(bio, indent + 4, 80); 815 BIO_printf(bio, "NamedGroup: %s (%d)\n", 816 ssl_trace_str(group_id, ssl_groups_tbl), group_id); 817 break; 818 } 819 if (extlen < 2) 820 return 0; 821 if (server) { 822 xlen = extlen; 823 } else { 824 xlen = (ext[0] << 8) | ext[1]; 825 if (extlen != xlen + 2) 826 return 0; 827 ext += 2; 828 } 829 for (; xlen > 0; ext += share_len, xlen -= share_len) { 830 int group_id; 831 832 if (xlen < 4) 833 return 0; 834 group_id = (ext[0] << 8) | ext[1]; 835 share_len = (ext[2] << 8) | ext[3]; 836 ext += 4; 837 xlen -= 4; 838 if (xlen < share_len) 839 return 0; 840 BIO_indent(bio, indent + 4, 80); 841 BIO_printf(bio, "NamedGroup: %s (%d)\n", 842 ssl_trace_str(group_id, ssl_groups_tbl), group_id); 843 ssl_print_hex(bio, indent + 4, "key_exchange: ", ext, share_len); 844 } 845 break; 846 847 case TLSEXT_TYPE_supported_versions: 848 if (server) { 849 int version; 850 851 if (extlen != 2) 852 return 0; 853 version = (ext[0] << 8) | ext[1]; 854 BIO_indent(bio, indent + 4, 80); 855 BIO_printf(bio, "%s (%d)\n", 856 ssl_trace_str(version, ssl_version_tbl), version); 857 break; 858 } 859 if (extlen < 1) 860 return 0; 861 xlen = ext[0]; 862 if (extlen != xlen + 1) 863 return 0; 864 return ssl_trace_list(bio, indent + 2, ext + 1, xlen, 2, 865 ssl_version_tbl); 866 867 case TLSEXT_TYPE_psk_kex_modes: 868 if (extlen < 1) 869 return 0; 870 xlen = ext[0]; 871 if (extlen != xlen + 1) 872 return 0; 873 return ssl_trace_list(bio, indent + 2, ext + 1, xlen, 1, 874 ssl_psk_kex_modes_tbl); 875 876 case TLSEXT_TYPE_early_data: 877 if (mt != SSL3_MT_NEWSESSION_TICKET) 878 break; 879 if (extlen != 4) 880 return 0; 881 max_early_data = ((unsigned int)ext[0] << 24) 882 | ((unsigned int)ext[1] << 16) 883 | ((unsigned int)ext[2] << 8) 884 | (unsigned int)ext[3]; 885 BIO_indent(bio, indent + 2, 80); 886 BIO_printf(bio, "max_early_data=%u\n", max_early_data); 887 break; 888 889 default: 890 BIO_dump_indent(bio, (const char *)ext, extlen, indent + 2); 891 } 892 return 1; 893 } 894 895 static int ssl_print_extensions(BIO *bio, int indent, int server, 896 unsigned char mt, const unsigned char **msgin, 897 size_t *msginlen) 898 { 899 size_t extslen, msglen = *msginlen; 900 const unsigned char *msg = *msgin; 901 902 BIO_indent(bio, indent, 80); 903 if (msglen == 0) { 904 BIO_puts(bio, "No extensions\n"); 905 return 1; 906 } 907 if (msglen < 2) 908 return 0; 909 extslen = (msg[0] << 8) | msg[1]; 910 msglen -= 2; 911 msg += 2; 912 if (extslen == 0) { 913 BIO_puts(bio, "No extensions\n"); 914 *msgin = msg; 915 *msginlen = msglen; 916 return 1; 917 } 918 if (extslen > msglen) 919 return 0; 920 BIO_printf(bio, "extensions, length = %d\n", (int)extslen); 921 msglen -= extslen; 922 while (extslen > 0) { 923 int extype; 924 size_t extlen; 925 if (extslen < 4) 926 return 0; 927 extype = (msg[0] << 8) | msg[1]; 928 extlen = (msg[2] << 8) | msg[3]; 929 if (extslen < extlen + 4) { 930 BIO_printf(bio, "extensions, extype = %d, extlen = %d\n", extype, 931 (int)extlen); 932 BIO_dump_indent(bio, (const char *)msg, extslen, indent + 2); 933 return 0; 934 } 935 msg += 4; 936 if (!ssl_print_extension(bio, indent + 2, server, mt, extype, msg, 937 extlen)) 938 return 0; 939 msg += extlen; 940 extslen -= extlen + 4; 941 } 942 943 *msgin = msg; 944 *msginlen = msglen; 945 return 1; 946 } 947 948 static int ssl_print_client_hello(BIO *bio, const SSL *ssl, int indent, 949 const unsigned char *msg, size_t msglen) 950 { 951 size_t len; 952 unsigned int cs; 953 954 if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen, NULL)) 955 return 0; 956 if (!ssl_print_random(bio, indent, &msg, &msglen)) 957 return 0; 958 if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 959 return 0; 960 if (SSL_IS_DTLS(ssl)) { 961 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 962 return 0; 963 } 964 if (msglen < 2) 965 return 0; 966 len = (msg[0] << 8) | msg[1]; 967 msg += 2; 968 msglen -= 2; 969 BIO_indent(bio, indent, 80); 970 BIO_printf(bio, "cipher_suites (len=%d)\n", (int)len); 971 if (msglen < len || len & 1) 972 return 0; 973 while (len > 0) { 974 cs = (msg[0] << 8) | msg[1]; 975 BIO_indent(bio, indent + 2, 80); 976 BIO_printf(bio, "{0x%02X, 0x%02X} %s\n", 977 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 978 msg += 2; 979 msglen -= 2; 980 len -= 2; 981 } 982 if (msglen < 1) 983 return 0; 984 len = msg[0]; 985 msg++; 986 msglen--; 987 if (msglen < len) 988 return 0; 989 BIO_indent(bio, indent, 80); 990 BIO_printf(bio, "compression_methods (len=%d)\n", (int)len); 991 while (len > 0) { 992 BIO_indent(bio, indent + 2, 80); 993 BIO_printf(bio, "%s (0x%02X)\n", 994 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 995 msg++; 996 msglen--; 997 len--; 998 } 999 if (!ssl_print_extensions(bio, indent, 0, SSL3_MT_CLIENT_HELLO, &msg, 1000 &msglen)) 1001 return 0; 1002 return 1; 1003 } 1004 1005 static int dtls_print_hello_vfyrequest(BIO *bio, int indent, 1006 const unsigned char *msg, size_t msglen) 1007 { 1008 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen, NULL)) 1009 return 0; 1010 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 1011 return 0; 1012 return 1; 1013 } 1014 1015 static int ssl_print_server_hello(BIO *bio, int indent, 1016 const unsigned char *msg, size_t msglen) 1017 { 1018 unsigned int cs; 1019 unsigned int vers; 1020 1021 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen, &vers)) 1022 return 0; 1023 if (!ssl_print_random(bio, indent, &msg, &msglen)) 1024 return 0; 1025 if (vers != TLS1_3_VERSION 1026 && !ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 1027 return 0; 1028 if (msglen < 2) 1029 return 0; 1030 cs = (msg[0] << 8) | msg[1]; 1031 BIO_indent(bio, indent, 80); 1032 BIO_printf(bio, "cipher_suite {0x%02X, 0x%02X} %s\n", 1033 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 1034 msg += 2; 1035 msglen -= 2; 1036 if (vers != TLS1_3_VERSION) { 1037 if (msglen < 1) 1038 return 0; 1039 BIO_indent(bio, indent, 80); 1040 BIO_printf(bio, "compression_method: %s (0x%02X)\n", 1041 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 1042 msg++; 1043 msglen--; 1044 } 1045 if (!ssl_print_extensions(bio, indent, 1, SSL3_MT_SERVER_HELLO, &msg, 1046 &msglen)) 1047 return 0; 1048 return 1; 1049 } 1050 1051 static int ssl_get_keyex(const char **pname, const SSL *ssl) 1052 { 1053 unsigned long alg_k = ssl->s3.tmp.new_cipher->algorithm_mkey; 1054 1055 if (alg_k & SSL_kRSA) { 1056 *pname = "rsa"; 1057 return SSL_kRSA; 1058 } 1059 if (alg_k & SSL_kDHE) { 1060 *pname = "DHE"; 1061 return SSL_kDHE; 1062 } 1063 if (alg_k & SSL_kECDHE) { 1064 *pname = "ECDHE"; 1065 return SSL_kECDHE; 1066 } 1067 if (alg_k & SSL_kPSK) { 1068 *pname = "PSK"; 1069 return SSL_kPSK; 1070 } 1071 if (alg_k & SSL_kRSAPSK) { 1072 *pname = "RSAPSK"; 1073 return SSL_kRSAPSK; 1074 } 1075 if (alg_k & SSL_kDHEPSK) { 1076 *pname = "DHEPSK"; 1077 return SSL_kDHEPSK; 1078 } 1079 if (alg_k & SSL_kECDHEPSK) { 1080 *pname = "ECDHEPSK"; 1081 return SSL_kECDHEPSK; 1082 } 1083 if (alg_k & SSL_kSRP) { 1084 *pname = "SRP"; 1085 return SSL_kSRP; 1086 } 1087 if (alg_k & SSL_kGOST) { 1088 *pname = "GOST"; 1089 return SSL_kGOST; 1090 } 1091 if (alg_k & SSL_kGOST18) { 1092 *pname = "GOST18"; 1093 return SSL_kGOST18; 1094 } 1095 *pname = "UNKNOWN"; 1096 return 0; 1097 } 1098 1099 static int ssl_print_client_keyex(BIO *bio, int indent, const SSL *ssl, 1100 const unsigned char *msg, size_t msglen) 1101 { 1102 const char *algname; 1103 int id = ssl_get_keyex(&algname, ssl); 1104 1105 BIO_indent(bio, indent, 80); 1106 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 1107 if (id & SSL_PSK) { 1108 if (!ssl_print_hexbuf(bio, indent + 2, 1109 "psk_identity", 2, &msg, &msglen)) 1110 return 0; 1111 } 1112 switch (id) { 1113 1114 case SSL_kRSA: 1115 case SSL_kRSAPSK: 1116 if (TLS1_get_version(ssl) == SSL3_VERSION) { 1117 ssl_print_hex(bio, indent + 2, 1118 "EncryptedPreMasterSecret", msg, msglen); 1119 } else { 1120 if (!ssl_print_hexbuf(bio, indent + 2, 1121 "EncryptedPreMasterSecret", 2, &msg, &msglen)) 1122 return 0; 1123 } 1124 break; 1125 1126 case SSL_kDHE: 1127 case SSL_kDHEPSK: 1128 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Yc", 2, &msg, &msglen)) 1129 return 0; 1130 break; 1131 1132 case SSL_kECDHE: 1133 case SSL_kECDHEPSK: 1134 if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1, &msg, &msglen)) 1135 return 0; 1136 break; 1137 case SSL_kGOST: 1138 ssl_print_hex(bio, indent + 2, "GostKeyTransportBlob", msg, msglen); 1139 msglen = 0; 1140 break; 1141 case SSL_kGOST18: 1142 ssl_print_hex(bio, indent + 2, 1143 "GOST-wrapped PreMasterSecret", msg, msglen); 1144 msglen = 0; 1145 break; 1146 } 1147 1148 return !msglen; 1149 } 1150 1151 static int ssl_print_server_keyex(BIO *bio, int indent, const SSL *ssl, 1152 const unsigned char *msg, size_t msglen) 1153 { 1154 const char *algname; 1155 int id = ssl_get_keyex(&algname, ssl); 1156 1157 BIO_indent(bio, indent, 80); 1158 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 1159 if (id & SSL_PSK) { 1160 if (!ssl_print_hexbuf(bio, indent + 2, 1161 "psk_identity_hint", 2, &msg, &msglen)) 1162 return 0; 1163 } 1164 switch (id) { 1165 case SSL_kRSA: 1166 1167 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_modulus", 2, &msg, &msglen)) 1168 return 0; 1169 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_exponent", 2, 1170 &msg, &msglen)) 1171 return 0; 1172 break; 1173 1174 case SSL_kDHE: 1175 case SSL_kDHEPSK: 1176 if (!ssl_print_hexbuf(bio, indent + 2, "dh_p", 2, &msg, &msglen)) 1177 return 0; 1178 if (!ssl_print_hexbuf(bio, indent + 2, "dh_g", 2, &msg, &msglen)) 1179 return 0; 1180 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Ys", 2, &msg, &msglen)) 1181 return 0; 1182 break; 1183 1184 case SSL_kECDHE: 1185 case SSL_kECDHEPSK: 1186 if (msglen < 1) 1187 return 0; 1188 BIO_indent(bio, indent + 2, 80); 1189 if (msg[0] == EXPLICIT_PRIME_CURVE_TYPE) 1190 BIO_puts(bio, "explicit_prime\n"); 1191 else if (msg[0] == EXPLICIT_CHAR2_CURVE_TYPE) 1192 BIO_puts(bio, "explicit_char2\n"); 1193 else if (msg[0] == NAMED_CURVE_TYPE) { 1194 int curve; 1195 if (msglen < 3) 1196 return 0; 1197 curve = (msg[1] << 8) | msg[2]; 1198 BIO_printf(bio, "named_curve: %s (%d)\n", 1199 ssl_trace_str(curve, ssl_groups_tbl), curve); 1200 msg += 3; 1201 msglen -= 3; 1202 if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen)) 1203 return 0; 1204 } else { 1205 BIO_printf(bio, "UNKNOWN CURVE PARAMETER TYPE %d\n", msg[0]); 1206 return 0; 1207 } 1208 break; 1209 1210 case SSL_kPSK: 1211 case SSL_kRSAPSK: 1212 break; 1213 } 1214 if (!(id & SSL_PSK)) 1215 ssl_print_signature(bio, indent, ssl, &msg, &msglen); 1216 return !msglen; 1217 } 1218 1219 static int ssl_print_certificate(BIO *bio, int indent, 1220 const unsigned char **pmsg, size_t *pmsglen) 1221 { 1222 size_t msglen = *pmsglen; 1223 size_t clen; 1224 X509 *x; 1225 const unsigned char *p = *pmsg, *q; 1226 1227 if (msglen < 3) 1228 return 0; 1229 clen = (p[0] << 16) | (p[1] << 8) | p[2]; 1230 if (msglen < clen + 3) 1231 return 0; 1232 q = p + 3; 1233 BIO_indent(bio, indent, 80); 1234 BIO_printf(bio, "ASN.1Cert, length=%d", (int)clen); 1235 x = d2i_X509(NULL, &q, clen); 1236 if (!x) 1237 BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n"); 1238 else { 1239 BIO_puts(bio, "\n------details-----\n"); 1240 X509_print_ex(bio, x, XN_FLAG_ONELINE, 0); 1241 PEM_write_bio_X509(bio, x); 1242 /* Print certificate stuff */ 1243 BIO_puts(bio, "------------------\n"); 1244 X509_free(x); 1245 } 1246 if (q != p + 3 + clen) { 1247 BIO_puts(bio, "<TRAILING GARBAGE AFTER CERTIFICATE>\n"); 1248 } 1249 *pmsg += clen + 3; 1250 *pmsglen -= clen + 3; 1251 return 1; 1252 } 1253 1254 static int ssl_print_certificates(BIO *bio, const SSL *ssl, int server, 1255 int indent, const unsigned char *msg, 1256 size_t msglen) 1257 { 1258 size_t clen; 1259 1260 if (SSL_IS_TLS13(ssl) 1261 && !ssl_print_hexbuf(bio, indent, "context", 1, &msg, &msglen)) 1262 return 0; 1263 1264 if (msglen < 3) 1265 return 0; 1266 clen = (msg[0] << 16) | (msg[1] << 8) | msg[2]; 1267 if (msglen != clen + 3) 1268 return 0; 1269 msg += 3; 1270 BIO_indent(bio, indent, 80); 1271 BIO_printf(bio, "certificate_list, length=%d\n", (int)clen); 1272 while (clen > 0) { 1273 if (!ssl_print_certificate(bio, indent + 2, &msg, &clen)) 1274 return 0; 1275 if (SSL_IS_TLS13(ssl) 1276 && !ssl_print_extensions(bio, indent + 2, server, 1277 SSL3_MT_CERTIFICATE, &msg, &clen)) 1278 return 0; 1279 1280 } 1281 return 1; 1282 } 1283 1284 static int ssl_print_cert_request(BIO *bio, int indent, const SSL *ssl, 1285 const unsigned char *msg, size_t msglen) 1286 { 1287 size_t xlen; 1288 unsigned int sigalg; 1289 1290 if (SSL_IS_TLS13(ssl)) { 1291 if (!ssl_print_hexbuf(bio, indent, "request_context", 1, &msg, &msglen)) 1292 return 0; 1293 if (!ssl_print_extensions(bio, indent, 1, 1294 SSL3_MT_CERTIFICATE_REQUEST, &msg, &msglen)) 1295 return 0; 1296 return 1; 1297 } else { 1298 if (msglen < 1) 1299 return 0; 1300 xlen = msg[0]; 1301 if (msglen < xlen + 1) 1302 return 0; 1303 msg++; 1304 BIO_indent(bio, indent, 80); 1305 BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen); 1306 if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl)) 1307 return 0; 1308 msg += xlen; 1309 msglen -= xlen + 1; 1310 } 1311 if (SSL_USE_SIGALGS(ssl)) { 1312 if (msglen < 2) 1313 return 0; 1314 xlen = (msg[0] << 8) | msg[1]; 1315 if (msglen < xlen + 2 || (xlen & 1)) 1316 return 0; 1317 msg += 2; 1318 msglen -= xlen + 2; 1319 BIO_indent(bio, indent, 80); 1320 BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen); 1321 while (xlen > 0) { 1322 BIO_indent(bio, indent + 2, 80); 1323 sigalg = (msg[0] << 8) | msg[1]; 1324 BIO_printf(bio, "%s (0x%04x)\n", 1325 ssl_trace_str(sigalg, ssl_sigalg_tbl), sigalg); 1326 xlen -= 2; 1327 msg += 2; 1328 } 1329 msg += xlen; 1330 } 1331 1332 if (msglen < 2) 1333 return 0; 1334 xlen = (msg[0] << 8) | msg[1]; 1335 BIO_indent(bio, indent, 80); 1336 if (msglen < xlen + 2) 1337 return 0; 1338 msg += 2; 1339 msglen -= 2 + xlen; 1340 BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen); 1341 while (xlen > 0) { 1342 size_t dlen; 1343 X509_NAME *nm; 1344 const unsigned char *p; 1345 if (xlen < 2) 1346 return 0; 1347 dlen = (msg[0] << 8) | msg[1]; 1348 if (xlen < dlen + 2) 1349 return 0; 1350 msg += 2; 1351 BIO_indent(bio, indent + 2, 80); 1352 BIO_printf(bio, "DistinguishedName (len=%d): ", (int)dlen); 1353 p = msg; 1354 nm = d2i_X509_NAME(NULL, &p, dlen); 1355 if (!nm) { 1356 BIO_puts(bio, "<UNPARSEABLE DN>\n"); 1357 } else { 1358 X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE); 1359 BIO_puts(bio, "\n"); 1360 X509_NAME_free(nm); 1361 } 1362 xlen -= dlen + 2; 1363 msg += dlen; 1364 } 1365 if (SSL_IS_TLS13(ssl)) { 1366 if (!ssl_print_hexbuf(bio, indent, "request_extensions", 2, 1367 &msg, &msglen)) 1368 return 0; 1369 } 1370 return msglen == 0; 1371 } 1372 1373 static int ssl_print_ticket(BIO *bio, int indent, const SSL *ssl, 1374 const unsigned char *msg, size_t msglen) 1375 { 1376 unsigned int tick_life; 1377 1378 if (msglen == 0) { 1379 BIO_indent(bio, indent + 2, 80); 1380 BIO_puts(bio, "No Ticket\n"); 1381 return 1; 1382 } 1383 if (msglen < 4) 1384 return 0; 1385 tick_life = ((unsigned int)msg[0] << 24) 1386 | ((unsigned int)msg[1] << 16) 1387 | ((unsigned int)msg[2] << 8) 1388 | (unsigned int)msg[3]; 1389 msglen -= 4; 1390 msg += 4; 1391 BIO_indent(bio, indent + 2, 80); 1392 BIO_printf(bio, "ticket_lifetime_hint=%u\n", tick_life); 1393 if (SSL_IS_TLS13(ssl)) { 1394 unsigned int ticket_age_add; 1395 1396 if (msglen < 4) 1397 return 0; 1398 ticket_age_add = 1399 ((unsigned int)msg[0] << 24) 1400 | ((unsigned int)msg[1] << 16) 1401 | ((unsigned int)msg[2] << 8) 1402 | (unsigned int)msg[3]; 1403 msglen -= 4; 1404 msg += 4; 1405 BIO_indent(bio, indent + 2, 80); 1406 BIO_printf(bio, "ticket_age_add=%u\n", ticket_age_add); 1407 if (!ssl_print_hexbuf(bio, indent + 2, "ticket_nonce", 1, &msg, 1408 &msglen)) 1409 return 0; 1410 } 1411 if (!ssl_print_hexbuf(bio, indent + 2, "ticket", 2, &msg, &msglen)) 1412 return 0; 1413 if (SSL_IS_TLS13(ssl) 1414 && !ssl_print_extensions(bio, indent + 2, 0, 1415 SSL3_MT_NEWSESSION_TICKET, &msg, &msglen)) 1416 return 0; 1417 if (msglen) 1418 return 0; 1419 return 1; 1420 } 1421 1422 static int ssl_print_handshake(BIO *bio, const SSL *ssl, int server, 1423 const unsigned char *msg, size_t msglen, 1424 int indent) 1425 { 1426 size_t hlen; 1427 unsigned char htype; 1428 1429 if (msglen < 4) 1430 return 0; 1431 htype = msg[0]; 1432 hlen = (msg[1] << 16) | (msg[2] << 8) | msg[3]; 1433 BIO_indent(bio, indent, 80); 1434 BIO_printf(bio, "%s, Length=%d\n", 1435 ssl_trace_str(htype, ssl_handshake_tbl), (int)hlen); 1436 msg += 4; 1437 msglen -= 4; 1438 if (SSL_IS_DTLS(ssl)) { 1439 if (msglen < 8) 1440 return 0; 1441 BIO_indent(bio, indent, 80); 1442 BIO_printf(bio, "message_seq=%d, fragment_offset=%d, " 1443 "fragment_length=%d\n", 1444 (msg[0] << 8) | msg[1], 1445 (msg[2] << 16) | (msg[3] << 8) | msg[4], 1446 (msg[5] << 16) | (msg[6] << 8) | msg[7]); 1447 msg += 8; 1448 msglen -= 8; 1449 } 1450 if (msglen < hlen) 1451 return 0; 1452 switch (htype) { 1453 case SSL3_MT_CLIENT_HELLO: 1454 if (!ssl_print_client_hello(bio, ssl, indent + 2, msg, msglen)) 1455 return 0; 1456 break; 1457 1458 case DTLS1_MT_HELLO_VERIFY_REQUEST: 1459 if (!dtls_print_hello_vfyrequest(bio, indent + 2, msg, msglen)) 1460 return 0; 1461 break; 1462 1463 case SSL3_MT_SERVER_HELLO: 1464 if (!ssl_print_server_hello(bio, indent + 2, msg, msglen)) 1465 return 0; 1466 break; 1467 1468 case SSL3_MT_SERVER_KEY_EXCHANGE: 1469 if (!ssl_print_server_keyex(bio, indent + 2, ssl, msg, msglen)) 1470 return 0; 1471 break; 1472 1473 case SSL3_MT_CLIENT_KEY_EXCHANGE: 1474 if (!ssl_print_client_keyex(bio, indent + 2, ssl, msg, msglen)) 1475 return 0; 1476 break; 1477 1478 case SSL3_MT_CERTIFICATE: 1479 if (!ssl_print_certificates(bio, ssl, server, indent + 2, msg, msglen)) 1480 return 0; 1481 break; 1482 1483 case SSL3_MT_CERTIFICATE_VERIFY: 1484 if (!ssl_print_signature(bio, indent + 2, ssl, &msg, &msglen)) 1485 return 0; 1486 break; 1487 1488 case SSL3_MT_CERTIFICATE_REQUEST: 1489 if (!ssl_print_cert_request(bio, indent + 2, ssl, msg, msglen)) 1490 return 0; 1491 break; 1492 1493 case SSL3_MT_FINISHED: 1494 ssl_print_hex(bio, indent + 2, "verify_data", msg, msglen); 1495 break; 1496 1497 case SSL3_MT_SERVER_DONE: 1498 if (msglen != 0) 1499 ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen); 1500 break; 1501 1502 case SSL3_MT_NEWSESSION_TICKET: 1503 if (!ssl_print_ticket(bio, indent + 2, ssl, msg, msglen)) 1504 return 0; 1505 break; 1506 1507 case SSL3_MT_ENCRYPTED_EXTENSIONS: 1508 if (!ssl_print_extensions(bio, indent + 2, 1, 1509 SSL3_MT_ENCRYPTED_EXTENSIONS, &msg, &msglen)) 1510 return 0; 1511 break; 1512 1513 case SSL3_MT_KEY_UPDATE: 1514 if (msglen != 1) { 1515 ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen); 1516 return 0; 1517 } 1518 if (!ssl_trace_list(bio, indent + 2, msg, msglen, 1, 1519 ssl_key_update_tbl)) 1520 return 0; 1521 break; 1522 1523 default: 1524 BIO_indent(bio, indent + 2, 80); 1525 BIO_puts(bio, "Unsupported, hex dump follows:\n"); 1526 BIO_dump_indent(bio, (const char *)msg, msglen, indent + 4); 1527 } 1528 return 1; 1529 } 1530 1531 void SSL_trace(int write_p, int version, int content_type, 1532 const void *buf, size_t msglen, SSL *ssl, void *arg) 1533 { 1534 const unsigned char *msg = buf; 1535 BIO *bio = arg; 1536 1537 switch (content_type) { 1538 case SSL3_RT_HEADER: 1539 { 1540 int hvers; 1541 1542 /* avoid overlapping with length at the end of buffer */ 1543 if (msglen < (size_t)(SSL_IS_DTLS(ssl) ? 1544 DTLS1_RT_HEADER_LENGTH : SSL3_RT_HEADER_LENGTH)) { 1545 BIO_puts(bio, write_p ? "Sent" : "Received"); 1546 ssl_print_hex(bio, 0, " too short message", msg, msglen); 1547 break; 1548 } 1549 hvers = msg[1] << 8 | msg[2]; 1550 BIO_puts(bio, write_p ? "Sent" : "Received"); 1551 BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", 1552 ssl_trace_str(hvers, ssl_version_tbl), hvers); 1553 if (SSL_IS_DTLS(ssl)) { 1554 BIO_printf(bio, 1555 " epoch=%d, sequence_number=%04x%04x%04x\n", 1556 (msg[3] << 8 | msg[4]), 1557 (msg[5] << 8 | msg[6]), 1558 (msg[7] << 8 | msg[8]), (msg[9] << 8 | msg[10])); 1559 } 1560 1561 BIO_printf(bio, " Content Type = %s (%d)\n Length = %d", 1562 ssl_trace_str(msg[0], ssl_content_tbl), msg[0], 1563 msg[msglen - 2] << 8 | msg[msglen - 1]); 1564 } 1565 break; 1566 1567 case SSL3_RT_INNER_CONTENT_TYPE: 1568 BIO_printf(bio, " Inner Content Type = %s (%d)", 1569 ssl_trace_str(msg[0], ssl_content_tbl), msg[0]); 1570 break; 1571 1572 case SSL3_RT_HANDSHAKE: 1573 if (!ssl_print_handshake(bio, ssl, ssl->server ? write_p : !write_p, 1574 msg, msglen, 4)) 1575 BIO_printf(bio, "Message length parse error!\n"); 1576 break; 1577 1578 case SSL3_RT_CHANGE_CIPHER_SPEC: 1579 if (msglen == 1 && msg[0] == 1) 1580 BIO_puts(bio, " change_cipher_spec (1)\n"); 1581 else 1582 ssl_print_hex(bio, 4, "unknown value", msg, msglen); 1583 break; 1584 1585 case SSL3_RT_ALERT: 1586 if (msglen != 2) 1587 BIO_puts(bio, " Illegal Alert Length\n"); 1588 else { 1589 BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n", 1590 SSL_alert_type_string_long(msg[0] << 8), 1591 msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]); 1592 } 1593 1594 } 1595 1596 BIO_puts(bio, "\n"); 1597 } 1598 1599 #endif 1600