1 /* ssl/t1_trce.c */ 2 /* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 4 * project. 5 */ 6 /* ==================================================================== 7 * Copyright (c) 2012 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 */ 55 56 #include "ssl_locl.h" 57 58 #ifndef OPENSSL_NO_SSL_TRACE 59 60 /* Packet trace support for OpenSSL */ 61 62 typedef struct { 63 int num; 64 const char *name; 65 } ssl_trace_tbl; 66 67 # define ssl_trace_str(val, tbl) \ 68 do_ssl_trace_str(val, tbl, sizeof(tbl)/sizeof(ssl_trace_tbl)) 69 70 # define ssl_trace_list(bio, indent, msg, msglen, value, table) \ 71 do_ssl_trace_list(bio, indent, msg, msglen, value, \ 72 table, sizeof(table)/sizeof(ssl_trace_tbl)) 73 74 static const char *do_ssl_trace_str(int val, ssl_trace_tbl *tbl, size_t ntbl) 75 { 76 size_t i; 77 for (i = 0; i < ntbl; i++, tbl++) { 78 if (tbl->num == val) 79 return tbl->name; 80 } 81 return "UNKNOWN"; 82 } 83 84 static int do_ssl_trace_list(BIO *bio, int indent, 85 const unsigned char *msg, size_t msglen, 86 size_t vlen, ssl_trace_tbl *tbl, size_t ntbl) 87 { 88 int val; 89 if (msglen % vlen) 90 return 0; 91 while (msglen) { 92 val = msg[0]; 93 if (vlen == 2) 94 val = (val << 8) | msg[1]; 95 BIO_indent(bio, indent, 80); 96 BIO_printf(bio, "%s (%d)\n", do_ssl_trace_str(val, tbl, ntbl), val); 97 msg += vlen; 98 msglen -= vlen; 99 } 100 return 1; 101 } 102 103 /* Version number */ 104 105 static ssl_trace_tbl ssl_version_tbl[] = { 106 {SSL2_VERSION, "SSL 2.0"}, 107 {SSL3_VERSION, "SSL 3.0"}, 108 {TLS1_VERSION, "TLS 1.0"}, 109 {TLS1_1_VERSION, "TLS 1.1"}, 110 {TLS1_2_VERSION, "TLS 1.2"}, 111 {DTLS1_VERSION, "DTLS 1.0"}, 112 {DTLS1_2_VERSION, "DTLS 1.2"}, 113 {DTLS1_BAD_VER, "DTLS 1.0 (bad)"} 114 }; 115 116 static ssl_trace_tbl ssl_content_tbl[] = { 117 {SSL3_RT_CHANGE_CIPHER_SPEC, "ChangeCipherSpec"}, 118 {SSL3_RT_ALERT, "Alert"}, 119 {SSL3_RT_HANDSHAKE, "Handshake"}, 120 {SSL3_RT_APPLICATION_DATA, "ApplicationData"}, 121 {TLS1_RT_HEARTBEAT, "HeartBeat"} 122 }; 123 124 /* Handshake types */ 125 static ssl_trace_tbl ssl_handshake_tbl[] = { 126 {SSL3_MT_HELLO_REQUEST, "HelloRequest"}, 127 {SSL3_MT_CLIENT_HELLO, "ClientHello"}, 128 {SSL3_MT_SERVER_HELLO, "ServerHello"}, 129 {DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"}, 130 {SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"}, 131 {SSL3_MT_CERTIFICATE, "Certificate"}, 132 {SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"}, 133 {SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"}, 134 {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"}, 135 {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}, 136 {SSL3_MT_SERVER_DONE, "ServerHelloDone"}, 137 {SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"}, 138 {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"}, 139 {SSL3_MT_FINISHED, "Finished"}, 140 {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"} 141 }; 142 143 /* Cipher suites */ 144 static ssl_trace_tbl ssl_ciphers_tbl[] = { 145 {0x0000, "SSL_NULL_WITH_NULL_NULL"}, 146 {0x0001, "SSL_RSA_WITH_NULL_MD5"}, 147 {0x0002, "SSL_RSA_WITH_NULL_SHA"}, 148 {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"}, 149 {0x0004, "SSL_RSA_WITH_RC4_128_MD5"}, 150 {0x0005, "SSL_RSA_WITH_RC4_128_SHA"}, 151 {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, 152 {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"}, 153 {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 154 {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"}, 155 {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"}, 156 {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 157 {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"}, 158 {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, 159 {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 160 {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"}, 161 {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, 162 {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 163 {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"}, 164 {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, 165 {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 166 {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"}, 167 {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 168 {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"}, 169 {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"}, 170 {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}, 171 {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"}, 172 {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"}, 173 {0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"}, 174 {0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"}, 175 {0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"}, 176 {0x0020, "TLS_KRB5_WITH_RC4_128_SHA"}, 177 {0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA"}, 178 {0x0022, "TLS_KRB5_WITH_DES_CBC_MD5"}, 179 {0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"}, 180 {0x0024, "TLS_KRB5_WITH_RC4_128_MD5"}, 181 {0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5"}, 182 {0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"}, 183 {0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"}, 184 {0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"}, 185 {0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"}, 186 {0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"}, 187 {0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"}, 188 {0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA"}, 189 {0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, 190 {0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, 191 {0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, 192 {0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 193 {0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, 194 {0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA"}, 195 {0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, 196 {0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, 197 {0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, 198 {0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 199 {0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, 200 {0x003B, "TLS_RSA_WITH_NULL_SHA256"}, 201 {0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 202 {0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 203 {0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, 204 {0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, 205 {0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, 206 {0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 207 {0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 208 {0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 209 {0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"}, 210 {0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"}, 211 {0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"}, 212 {0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 213 {0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, 214 {0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, 215 {0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, 216 {0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 217 {0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, 218 {0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, 219 {0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 220 {0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 221 {0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 222 {0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"}, 223 {0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"}, 224 {0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"}, 225 {0x008A, "TLS_PSK_WITH_RC4_128_SHA"}, 226 {0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA"}, 227 {0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA"}, 228 {0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA"}, 229 {0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA"}, 230 {0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"}, 231 {0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"}, 232 {0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"}, 233 {0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA"}, 234 {0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"}, 235 {0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"}, 236 {0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"}, 237 {0x0096, "TLS_RSA_WITH_SEED_CBC_SHA"}, 238 {0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA"}, 239 {0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA"}, 240 {0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA"}, 241 {0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA"}, 242 {0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA"}, 243 {0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256"}, 244 {0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384"}, 245 {0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"}, 246 {0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"}, 247 {0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"}, 248 {0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"}, 249 {0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"}, 250 {0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"}, 251 {0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"}, 252 {0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"}, 253 {0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256"}, 254 {0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384"}, 255 {0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256"}, 256 {0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384"}, 257 {0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"}, 258 {0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"}, 259 {0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"}, 260 {0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"}, 261 {0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256"}, 262 {0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384"}, 263 {0x00B0, "TLS_PSK_WITH_NULL_SHA256"}, 264 {0x00B1, "TLS_PSK_WITH_NULL_SHA384"}, 265 {0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"}, 266 {0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"}, 267 {0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256"}, 268 {0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384"}, 269 {0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"}, 270 {0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"}, 271 {0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256"}, 272 {0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384"}, 273 {0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 274 {0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 275 {0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 276 {0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"}, 277 {0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"}, 278 {0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"}, 279 {0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 280 {0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 281 {0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 282 {0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"}, 283 {0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"}, 284 {0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"}, 285 {0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"}, 286 {0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA"}, 287 {0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"}, 288 {0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 289 {0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"}, 290 {0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"}, 291 {0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA"}, 292 {0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"}, 293 {0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"}, 294 {0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"}, 295 {0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"}, 296 {0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA"}, 297 {0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA"}, 298 {0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"}, 299 {0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"}, 300 {0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"}, 301 {0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA"}, 302 {0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA"}, 303 {0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 304 {0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, 305 {0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, 306 {0xC015, "TLS_ECDH_anon_WITH_NULL_SHA"}, 307 {0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA"}, 308 {0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"}, 309 {0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"}, 310 {0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"}, 311 {0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"}, 312 {0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"}, 313 {0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"}, 314 {0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"}, 315 {0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"}, 316 {0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"}, 317 {0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"}, 318 {0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"}, 319 {0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"}, 320 {0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"}, 321 {0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"}, 322 {0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"}, 323 {0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"}, 324 {0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, 325 {0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"}, 326 {0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"}, 327 {0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"}, 328 {0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"}, 329 {0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}, 330 {0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"}, 331 {0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"}, 332 {0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, 333 {0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, 334 {0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"}, 335 {0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"}, 336 {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"}, 337 {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"}, 338 }; 339 340 /* Compression methods */ 341 static ssl_trace_tbl ssl_comp_tbl[] = { 342 {0x0000, "No Compression"}, 343 {0x0001, "Zlib Compression"} 344 }; 345 346 /* Extensions */ 347 static ssl_trace_tbl ssl_exts_tbl[] = { 348 {TLSEXT_TYPE_server_name, "server_name"}, 349 {TLSEXT_TYPE_max_fragment_length, "max_fragment_length"}, 350 {TLSEXT_TYPE_client_certificate_url, "client_certificate_url"}, 351 {TLSEXT_TYPE_trusted_ca_keys, "trusted_ca_keys"}, 352 {TLSEXT_TYPE_truncated_hmac, "truncated_hmac"}, 353 {TLSEXT_TYPE_status_request, "status_request"}, 354 {TLSEXT_TYPE_user_mapping, "user_mapping"}, 355 {TLSEXT_TYPE_client_authz, "client_authz"}, 356 {TLSEXT_TYPE_server_authz, "server_authz"}, 357 {TLSEXT_TYPE_cert_type, "cert_type"}, 358 {TLSEXT_TYPE_elliptic_curves, "elliptic_curves"}, 359 {TLSEXT_TYPE_ec_point_formats, "ec_point_formats"}, 360 {TLSEXT_TYPE_srp, "srp"}, 361 {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"}, 362 {TLSEXT_TYPE_use_srtp, "use_srtp"}, 363 {TLSEXT_TYPE_heartbeat, "heartbeat"}, 364 {TLSEXT_TYPE_session_ticket, "session_ticket"}, 365 # ifdef TLSEXT_TYPE_opaque_prf_input 366 {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"}, 367 # endif 368 {TLSEXT_TYPE_renegotiate, "renegotiate"}, 369 {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"}, 370 {TLSEXT_TYPE_padding, "padding"} 371 }; 372 373 static ssl_trace_tbl ssl_curve_tbl[] = { 374 {1, "sect163k1 (K-163)"}, 375 {2, "sect163r1"}, 376 {3, "sect163r2 (B-163)"}, 377 {4, "sect193r1"}, 378 {5, "sect193r2"}, 379 {6, "sect233k1 (K-233)"}, 380 {7, "sect233r1 (B-233)"}, 381 {8, "sect239k1"}, 382 {9, "sect283k1 (K-283)"}, 383 {10, "sect283r1 (B-283)"}, 384 {11, "sect409k1 (K-409)"}, 385 {12, "sect409r1 (B-409)"}, 386 {13, "sect571k1 (K-571)"}, 387 {14, "sect571r1 (B-571)"}, 388 {15, "secp160k1"}, 389 {16, "secp160r1"}, 390 {17, "secp160r2"}, 391 {18, "secp192k1"}, 392 {19, "secp192r1 (P-192)"}, 393 {20, "secp224k1"}, 394 {21, "secp224r1 (P-224)"}, 395 {22, "secp256k1"}, 396 {23, "secp256r1 (P-256)"}, 397 {24, "secp384r1 (P-384)"}, 398 {25, "secp521r1 (P-521)"}, 399 {26, "brainpoolP256r1"}, 400 {27, "brainpoolP384r1"}, 401 {28, "brainpoolP512r1"}, 402 {0xFF01, "arbitrary_explicit_prime_curves"}, 403 {0xFF02, "arbitrary_explicit_char2_curves"} 404 }; 405 406 static ssl_trace_tbl ssl_point_tbl[] = { 407 {0, "uncompressed"}, 408 {1, "ansiX962_compressed_prime"}, 409 {2, "ansiX962_compressed_char2"} 410 }; 411 412 static ssl_trace_tbl ssl_md_tbl[] = { 413 {0, "none"}, 414 {1, "md5"}, 415 {2, "sha1"}, 416 {3, "sha224"}, 417 {4, "sha256"}, 418 {5, "sha384"}, 419 {6, "sha512"} 420 }; 421 422 static ssl_trace_tbl ssl_sig_tbl[] = { 423 {0, "anonymous"}, 424 {1, "rsa"}, 425 {2, "dsa"}, 426 {3, "ecdsa"} 427 }; 428 429 static ssl_trace_tbl ssl_hb_tbl[] = { 430 {1, "peer_allowed_to_send"}, 431 {2, "peer_not_allowed_to_send"} 432 }; 433 434 static ssl_trace_tbl ssl_hb_type_tbl[] = { 435 {1, "heartbeat_request"}, 436 {2, "heartbeat_response"} 437 }; 438 439 static ssl_trace_tbl ssl_ctype_tbl[] = { 440 {1, "rsa_sign"}, 441 {2, "dss_sign"}, 442 {3, "rsa_fixed_dh"}, 443 {4, "dss_fixed_dh"}, 444 {5, "rsa_ephemeral_dh"}, 445 {6, "dss_ephemeral_dh"}, 446 {20, "fortezza_dms"}, 447 {64, "ecdsa_sign"}, 448 {65, "rsa_fixed_ecdh"}, 449 {66, "ecdsa_fixed_ecdh"} 450 }; 451 452 static ssl_trace_tbl ssl_crypto_tbl[] = { 453 {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"}, 454 {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"}, 455 {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"}, 456 {TLS1_RT_CRYPTO_MASTER, "Master Secret"}, 457 {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"}, 458 {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_READ, "Read Mac Secret"}, 459 {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_WRITE, "Write Key"}, 460 {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_READ, "Read Key"}, 461 {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_WRITE, "Write IV"}, 462 {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_READ, "Read IV"}, 463 {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"}, 464 {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"} 465 }; 466 467 static void ssl_print_hex(BIO *bio, int indent, const char *name, 468 const unsigned char *msg, size_t msglen) 469 { 470 size_t i; 471 BIO_indent(bio, indent, 80); 472 BIO_printf(bio, "%s (len=%d): ", name, (int)msglen); 473 for (i = 0; i < msglen; i++) 474 BIO_printf(bio, "%02X", msg[i]); 475 BIO_puts(bio, "\n"); 476 } 477 478 static int ssl_print_hexbuf(BIO *bio, int indent, 479 const char *name, size_t nlen, 480 const unsigned char **pmsg, size_t *pmsglen) 481 { 482 size_t blen; 483 const unsigned char *p = *pmsg; 484 if (*pmsglen < nlen) 485 return 0; 486 blen = p[0]; 487 if (nlen > 1) 488 blen = (blen << 8) | p[1]; 489 if (*pmsglen < nlen + blen) 490 return 0; 491 p += nlen; 492 ssl_print_hex(bio, indent, name, p, blen); 493 *pmsg += blen + nlen; 494 *pmsglen -= blen + nlen; 495 return 1; 496 } 497 498 static int ssl_print_version(BIO *bio, int indent, const char *name, 499 const unsigned char **pmsg, size_t *pmsglen) 500 { 501 int vers; 502 if (*pmsglen < 2) 503 return 0; 504 vers = ((*pmsg)[0] << 8) | (*pmsg)[1]; 505 BIO_indent(bio, indent, 80); 506 BIO_printf(bio, "%s=0x%x (%s)\n", 507 name, vers, ssl_trace_str(vers, ssl_version_tbl)); 508 *pmsg += 2; 509 *pmsglen -= 2; 510 return 1; 511 } 512 513 static int ssl_print_random(BIO *bio, int indent, 514 const unsigned char **pmsg, size_t *pmsglen) 515 { 516 unsigned int tm; 517 const unsigned char *p = *pmsg; 518 if (*pmsglen < 32) 519 return 0; 520 tm = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; 521 p += 4; 522 BIO_indent(bio, indent, 80); 523 BIO_puts(bio, "Random:\n"); 524 BIO_indent(bio, indent + 2, 80); 525 BIO_printf(bio, "gmt_unix_time=0x%08X\n", tm); 526 ssl_print_hex(bio, indent + 2, "random_bytes", p, 28); 527 *pmsg += 32; 528 *pmsglen -= 32; 529 return 1; 530 } 531 532 static int ssl_print_signature(BIO *bio, int indent, SSL *s, 533 const unsigned char **pmsg, size_t *pmsglen) 534 { 535 if (*pmsglen < 2) 536 return 0; 537 if (SSL_USE_SIGALGS(s)) { 538 const unsigned char *p = *pmsg; 539 BIO_indent(bio, indent, 80); 540 BIO_printf(bio, "Signature Algorithm %s+%s (%d+%d)\n", 541 ssl_trace_str(p[0], ssl_md_tbl), 542 ssl_trace_str(p[1], ssl_sig_tbl), p[0], p[1]); 543 *pmsg += 2; 544 *pmsglen -= 2; 545 } 546 return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen); 547 } 548 549 static int ssl_print_extension(BIO *bio, int indent, int server, int extype, 550 const unsigned char *ext, size_t extlen) 551 { 552 size_t xlen; 553 BIO_indent(bio, indent, 80); 554 BIO_printf(bio, "extension_type=%s(%d), length=%d\n", 555 ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen); 556 switch (extype) { 557 case TLSEXT_TYPE_ec_point_formats: 558 if (extlen < 1) 559 return 0; 560 xlen = ext[0]; 561 if (extlen != xlen + 1) 562 return 0; 563 return ssl_trace_list(bio, indent + 2, 564 ext + 1, xlen, 1, ssl_point_tbl); 565 566 case TLSEXT_TYPE_elliptic_curves: 567 if (extlen < 2) 568 return 0; 569 xlen = (ext[0] << 8) | ext[1]; 570 if (extlen != xlen + 2) 571 return 0; 572 return ssl_trace_list(bio, indent + 2, 573 ext + 2, xlen, 2, ssl_curve_tbl); 574 575 case TLSEXT_TYPE_signature_algorithms: 576 577 if (extlen < 2) 578 return 0; 579 xlen = (ext[0] << 8) | ext[1]; 580 if (extlen != xlen + 2) 581 return 0; 582 if (xlen & 1) 583 return 0; 584 ext += 2; 585 while (xlen > 0) { 586 BIO_indent(bio, indent + 2, 80); 587 BIO_printf(bio, "%s+%s (%d+%d)\n", 588 ssl_trace_str(ext[0], ssl_md_tbl), 589 ssl_trace_str(ext[1], ssl_sig_tbl), ext[0], ext[1]); 590 xlen -= 2; 591 ext += 2; 592 } 593 break; 594 595 case TLSEXT_TYPE_renegotiate: 596 if (extlen < 1) 597 return 0; 598 xlen = ext[0]; 599 if (xlen + 1 != extlen) 600 return 0; 601 ext++; 602 if (xlen) { 603 if (server) { 604 if (xlen & 1) 605 return 0; 606 xlen >>= 1; 607 } 608 ssl_print_hex(bio, indent + 4, "client_verify_data", ext, xlen); 609 if (server) { 610 ext += xlen; 611 ssl_print_hex(bio, indent + 4, 612 "server_verify_data", ext, xlen); 613 } 614 } else { 615 BIO_indent(bio, indent + 4, 80); 616 BIO_puts(bio, "<EMPTY>\n"); 617 } 618 break; 619 620 case TLSEXT_TYPE_heartbeat: 621 if (extlen != 1) 622 return 0; 623 BIO_indent(bio, indent + 2, 80); 624 BIO_printf(bio, "HeartbeatMode: %s\n", 625 ssl_trace_str(ext[0], ssl_hb_tbl)); 626 break; 627 628 case TLSEXT_TYPE_session_ticket: 629 if (extlen != 0) 630 ssl_print_hex(bio, indent + 4, "ticket", ext, extlen); 631 break; 632 633 default: 634 BIO_dump_indent(bio, (char *)ext, extlen, indent + 2); 635 } 636 return 1; 637 } 638 639 static int ssl_print_extensions(BIO *bio, int indent, int server, 640 const unsigned char *msg, size_t msglen) 641 { 642 size_t extslen; 643 BIO_indent(bio, indent, 80); 644 if (msglen == 0) { 645 BIO_puts(bio, "No Extensions\n"); 646 return 1; 647 } 648 extslen = (msg[0] << 8) | msg[1]; 649 if (extslen != msglen - 2) 650 return 0; 651 msg += 2; 652 msglen = extslen; 653 BIO_printf(bio, "extensions, length = %d\n", (int)msglen); 654 while (msglen > 0) { 655 int extype; 656 size_t extlen; 657 if (msglen < 4) 658 return 0; 659 extype = (msg[0] << 8) | msg[1]; 660 extlen = (msg[2] << 8) | msg[3]; 661 if (msglen < extlen + 4) 662 return 0; 663 msg += 4; 664 if (!ssl_print_extension(bio, indent + 2, server, 665 extype, msg, extlen)) 666 return 0; 667 msg += extlen; 668 msglen -= extlen + 4; 669 } 670 return 1; 671 } 672 673 static int ssl_print_client_hello(BIO *bio, SSL *ssl, int indent, 674 const unsigned char *msg, size_t msglen) 675 { 676 size_t len; 677 unsigned int cs; 678 if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen)) 679 return 0; 680 if (!ssl_print_random(bio, indent, &msg, &msglen)) 681 return 0; 682 if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 683 return 0; 684 if (SSL_IS_DTLS(ssl)) { 685 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 686 return 0; 687 } 688 if (msglen < 2) 689 return 0; 690 len = (msg[0] << 8) | msg[1]; 691 msg += 2; 692 msglen -= 2; 693 BIO_indent(bio, indent, 80); 694 BIO_printf(bio, "cipher_suites (len=%d)\n", (int)len); 695 if (msglen < len || len & 1) 696 return 0; 697 while (len > 0) { 698 cs = (msg[0] << 8) | msg[1]; 699 BIO_indent(bio, indent + 2, 80); 700 BIO_printf(bio, "{0x%02X, 0x%02X} %s\n", 701 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 702 msg += 2; 703 msglen -= 2; 704 len -= 2; 705 } 706 if (msglen < 1) 707 return 0; 708 len = msg[0]; 709 msg++; 710 msglen--; 711 if (msglen < len) 712 return 0; 713 BIO_indent(bio, indent, 80); 714 BIO_printf(bio, "compression_methods (len=%d)\n", (int)len); 715 while (len > 0) { 716 BIO_indent(bio, indent + 2, 80); 717 BIO_printf(bio, "%s (0x%02X)\n", 718 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 719 msg++; 720 msglen--; 721 len--; 722 } 723 if (!ssl_print_extensions(bio, indent, 0, msg, msglen)) 724 return 0; 725 return 1; 726 } 727 728 static int dtls_print_hello_vfyrequest(BIO *bio, int indent, 729 const unsigned char *msg, 730 size_t msglen) 731 { 732 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen)) 733 return 0; 734 if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen)) 735 return 0; 736 return 1; 737 } 738 739 static int ssl_print_server_hello(BIO *bio, int indent, 740 const unsigned char *msg, size_t msglen) 741 { 742 unsigned int cs; 743 if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen)) 744 return 0; 745 if (!ssl_print_random(bio, indent, &msg, &msglen)) 746 return 0; 747 if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen)) 748 return 0; 749 if (msglen < 2) 750 return 0; 751 cs = (msg[0] << 8) | msg[1]; 752 BIO_indent(bio, indent, 80); 753 BIO_printf(bio, "cipher_suite {0x%02X, 0x%02X} %s\n", 754 msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl)); 755 msg += 2; 756 msglen -= 2; 757 if (msglen < 1) 758 return 0; 759 BIO_indent(bio, indent, 80); 760 BIO_printf(bio, "compression_method: %s (0x%02X)\n", 761 ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]); 762 msg++; 763 msglen--; 764 if (!ssl_print_extensions(bio, indent, 1, msg, msglen)) 765 return 0; 766 return 1; 767 } 768 769 static int ssl_get_keyex(const char **pname, SSL *ssl) 770 { 771 unsigned long alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey; 772 if (alg_k & SSL_kRSA) { 773 *pname = "rsa"; 774 return SSL_kRSA; 775 } 776 if (alg_k & SSL_kDHr) { 777 *pname = "dh_rsa"; 778 return SSL_kDHr; 779 } 780 if (alg_k & SSL_kDHd) { 781 *pname = "dh_dss"; 782 return SSL_kDHd; 783 } 784 if (alg_k & SSL_kKRB5) { 785 *pname = "krb5"; 786 return SSL_kKRB5; 787 } 788 if (alg_k & SSL_kEDH) { 789 *pname = "edh"; 790 return SSL_kEDH; 791 } 792 if (alg_k & SSL_kEECDH) { 793 *pname = "EECDH"; 794 return SSL_kEECDH; 795 } 796 if (alg_k & SSL_kECDHr) { 797 *pname = "ECDH RSA"; 798 return SSL_kECDHr; 799 } 800 if (alg_k & SSL_kECDHe) { 801 *pname = "ECDH ECDSA"; 802 return SSL_kECDHe; 803 } 804 if (alg_k & SSL_kPSK) { 805 *pname = "PSK"; 806 return SSL_kPSK; 807 } 808 if (alg_k & SSL_kSRP) { 809 *pname = "SRP"; 810 return SSL_kSRP; 811 } 812 if (alg_k & SSL_kGOST) { 813 *pname = "GOST"; 814 return SSL_kGOST; 815 } 816 *pname = "UNKNOWN"; 817 return 0; 818 } 819 820 static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl, 821 const unsigned char *msg, size_t msglen) 822 { 823 const char *algname; 824 int id; 825 id = ssl_get_keyex(&algname, ssl); 826 BIO_indent(bio, indent, 80); 827 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 828 switch (id) { 829 830 case SSL_kRSA: 831 if (TLS1_get_version(ssl) == SSL3_VERSION) { 832 ssl_print_hex(bio, indent + 2, 833 "EncyptedPreMasterSecret", msg, msglen); 834 } else { 835 if (!ssl_print_hexbuf(bio, indent + 2, 836 "EncyptedPreMasterSecret", 2, 837 &msg, &msglen)) 838 return 0; 839 } 840 break; 841 842 /* Implicit parameters only allowed for static DH */ 843 case SSL_kDHd: 844 case SSL_kDHr: 845 if (msglen == 0) { 846 BIO_indent(bio, indent + 2, 80); 847 BIO_puts(bio, "implicit\n"); 848 break; 849 } 850 case SSL_kEDH: 851 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Yc", 2, &msg, &msglen)) 852 return 0; 853 break; 854 855 case SSL_kECDHr: 856 case SSL_kECDHe: 857 if (msglen == 0) { 858 BIO_indent(bio, indent + 2, 80); 859 BIO_puts(bio, "implicit\n"); 860 break; 861 } 862 case SSL_kEECDH: 863 if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1, &msg, &msglen)) 864 return 0; 865 break; 866 } 867 868 return 1; 869 } 870 871 static int ssl_print_server_keyex(BIO *bio, int indent, SSL *ssl, 872 const unsigned char *msg, size_t msglen) 873 { 874 const char *algname; 875 int id; 876 id = ssl_get_keyex(&algname, ssl); 877 BIO_indent(bio, indent, 80); 878 BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname); 879 switch (id) { 880 /* Should never happen */ 881 case SSL_kDHd: 882 case SSL_kDHr: 883 case SSL_kECDHr: 884 case SSL_kECDHe: 885 BIO_indent(bio, indent + 2, 80); 886 BIO_printf(bio, "Unexpected Message\n"); 887 break; 888 889 case SSL_kRSA: 890 891 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_modulus", 2, 892 &msg, &msglen)) 893 return 0; 894 if (!ssl_print_hexbuf(bio, indent + 2, "rsa_exponent", 2, 895 &msg, &msglen)) 896 return 0; 897 break; 898 899 case SSL_kEDH: 900 if (!ssl_print_hexbuf(bio, indent + 2, "dh_p", 2, &msg, &msglen)) 901 return 0; 902 if (!ssl_print_hexbuf(bio, indent + 2, "dh_g", 2, &msg, &msglen)) 903 return 0; 904 if (!ssl_print_hexbuf(bio, indent + 2, "dh_Ys", 2, &msg, &msglen)) 905 return 0; 906 break; 907 908 case SSL_kEECDH: 909 if (msglen < 1) 910 return 0; 911 BIO_indent(bio, indent + 2, 80); 912 if (msg[0] == EXPLICIT_PRIME_CURVE_TYPE) 913 BIO_puts(bio, "explicit_prime\n"); 914 else if (msg[0] == EXPLICIT_CHAR2_CURVE_TYPE) 915 BIO_puts(bio, "explicit_char2\n"); 916 else if (msg[0] == NAMED_CURVE_TYPE) { 917 int curve; 918 if (msglen < 3) 919 return 0; 920 curve = (msg[1] << 8) | msg[2]; 921 BIO_printf(bio, "named_curve: %s (%d)\n", 922 ssl_trace_str(curve, ssl_curve_tbl), curve); 923 msg += 3; 924 msglen -= 3; 925 if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen)) 926 return 0; 927 } 928 break; 929 } 930 return ssl_print_signature(bio, indent, ssl, &msg, &msglen); 931 } 932 933 static int ssl_print_certificate(BIO *bio, int indent, 934 const unsigned char **pmsg, size_t *pmsglen) 935 { 936 size_t msglen = *pmsglen; 937 size_t clen; 938 X509 *x; 939 const unsigned char *p = *pmsg, *q; 940 if (msglen < 3) 941 return 0; 942 clen = (p[0] << 16) | (p[1] << 8) | p[2]; 943 if (msglen < clen + 3) 944 return 0; 945 q = p + 3; 946 BIO_indent(bio, indent, 80); 947 BIO_printf(bio, "ASN.1Cert, length=%d", (int)clen); 948 x = d2i_X509(NULL, &q, clen); 949 if (!x) 950 BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n"); 951 else { 952 BIO_puts(bio, "\n------details-----\n"); 953 X509_print_ex(bio, x, XN_FLAG_ONELINE, 0); 954 PEM_write_bio_X509(bio, x); 955 /* Print certificate stuff */ 956 BIO_puts(bio, "------------------\n"); 957 X509_free(x); 958 } 959 if (q != p + 3 + clen) { 960 BIO_puts(bio, "<TRAILING GARBAGE AFTER CERTIFICATE>\n"); 961 } 962 *pmsg += clen + 3; 963 *pmsglen -= clen + 3; 964 return 1; 965 } 966 967 static int ssl_print_certificates(BIO *bio, int indent, 968 const unsigned char *msg, size_t msglen) 969 { 970 size_t clen; 971 if (msglen < 3) 972 return 0; 973 clen = (msg[0] << 16) | (msg[1] << 8) | msg[2]; 974 if (msglen != clen + 3) 975 return 0; 976 msg += 3; 977 BIO_indent(bio, indent, 80); 978 BIO_printf(bio, "certificate_list, length=%d\n", (int)clen); 979 while (clen > 0) { 980 if (!ssl_print_certificate(bio, indent + 2, &msg, &clen)) 981 return 0; 982 } 983 return 1; 984 } 985 986 static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, 987 const unsigned char *msg, size_t msglen) 988 { 989 size_t xlen; 990 if (msglen < 1) 991 return 0; 992 xlen = msg[0]; 993 if (msglen < xlen + 1) 994 return 0; 995 msg++; 996 BIO_indent(bio, indent, 80); 997 BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen); 998 if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl)) 999 return 0; 1000 msg += xlen; 1001 msglen -= xlen + 1; 1002 if (!SSL_USE_SIGALGS(s)) 1003 goto skip_sig; 1004 if (msglen < 2) 1005 return 0; 1006 xlen = (msg[0] << 8) | msg[1]; 1007 if (msglen < xlen + 2 || (xlen & 1)) 1008 return 0; 1009 msg += 2; 1010 BIO_indent(bio, indent, 80); 1011 BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen); 1012 while (xlen > 0) { 1013 BIO_indent(bio, indent + 2, 80); 1014 BIO_printf(bio, "%s+%s (%d+%d)\n", 1015 ssl_trace_str(msg[0], ssl_md_tbl), 1016 ssl_trace_str(msg[1], ssl_sig_tbl), msg[0], msg[1]); 1017 xlen -= 2; 1018 msg += 2; 1019 } 1020 msg += xlen; 1021 msglen -= xlen + 2; 1022 1023 skip_sig: 1024 xlen = (msg[0] << 8) | msg[1]; 1025 BIO_indent(bio, indent, 80); 1026 if (msglen < xlen + 2) 1027 return 0; 1028 msg += 2; 1029 msglen -= 2; 1030 BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen); 1031 while (xlen > 0) { 1032 size_t dlen; 1033 X509_NAME *nm; 1034 const unsigned char *p; 1035 if (xlen < 2) 1036 return 0; 1037 dlen = (msg[0] << 8) | msg[1]; 1038 if (xlen < dlen + 2) 1039 return 0; 1040 msg += 2; 1041 BIO_indent(bio, indent + 2, 80); 1042 BIO_printf(bio, "DistinguishedName (len=%d): ", (int)dlen); 1043 p = msg; 1044 nm = d2i_X509_NAME(NULL, &p, dlen); 1045 if (!nm) { 1046 BIO_puts(bio, "<UNPARSEABLE DN>\n"); 1047 } else { 1048 X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE); 1049 BIO_puts(bio, "\n"); 1050 X509_NAME_free(nm); 1051 } 1052 xlen -= dlen + 2; 1053 msg += dlen; 1054 } 1055 return 1; 1056 } 1057 1058 static int ssl_print_ticket(BIO *bio, int indent, 1059 const unsigned char *msg, size_t msglen) 1060 { 1061 unsigned int tick_life; 1062 if (msglen == 0) { 1063 BIO_indent(bio, indent + 2, 80); 1064 BIO_puts(bio, "No Ticket\n"); 1065 return 1; 1066 } 1067 if (msglen < 4) 1068 return 0; 1069 tick_life = (msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8) | msg[3]; 1070 msglen -= 4; 1071 msg += 4; 1072 BIO_indent(bio, indent + 2, 80); 1073 BIO_printf(bio, "ticket_lifetime_hint=%u\n", tick_life); 1074 if (!ssl_print_hexbuf(bio, indent + 2, "ticket", 2, &msg, &msglen)) 1075 return 0; 1076 if (msglen) 1077 return 0; 1078 return 1; 1079 } 1080 1081 static int ssl_print_handshake(BIO *bio, SSL *ssl, 1082 const unsigned char *msg, size_t msglen, 1083 int indent) 1084 { 1085 size_t hlen; 1086 unsigned char htype; 1087 if (msglen < 4) 1088 return 0; 1089 htype = msg[0]; 1090 hlen = (msg[1] << 16) | (msg[2] << 8) | msg[3]; 1091 BIO_indent(bio, indent, 80); 1092 BIO_printf(bio, "%s, Length=%d\n", 1093 ssl_trace_str(htype, ssl_handshake_tbl), (int)hlen); 1094 msg += 4; 1095 msglen -= 4; 1096 if (SSL_IS_DTLS(ssl)) { 1097 if (msglen < 8) 1098 return 0; 1099 BIO_indent(bio, indent, 80); 1100 BIO_printf(bio, "message_seq=%d, fragment_offset=%d, " 1101 "fragment_length=%d\n", 1102 (msg[0] << 8) | msg[1], 1103 (msg[2] << 16) | (msg[3] << 8) | msg[4], 1104 (msg[5] << 16) | (msg[6] << 8) | msg[7]); 1105 msg += 8; 1106 msglen -= 8; 1107 } 1108 if (msglen < hlen) 1109 return 0; 1110 switch (htype) { 1111 case SSL3_MT_CLIENT_HELLO: 1112 if (!ssl_print_client_hello(bio, ssl, indent + 2, msg, msglen)) 1113 return 0; 1114 break; 1115 1116 case DTLS1_MT_HELLO_VERIFY_REQUEST: 1117 if (!dtls_print_hello_vfyrequest(bio, indent + 2, msg, msglen)) 1118 return 0; 1119 break; 1120 1121 case SSL3_MT_SERVER_HELLO: 1122 if (!ssl_print_server_hello(bio, indent + 2, msg, msglen)) 1123 return 0; 1124 break; 1125 1126 case SSL3_MT_SERVER_KEY_EXCHANGE: 1127 if (!ssl_print_server_keyex(bio, indent + 2, ssl, msg, msglen)) 1128 return 0; 1129 break; 1130 1131 case SSL3_MT_CLIENT_KEY_EXCHANGE: 1132 if (!ssl_print_client_keyex(bio, indent + 2, ssl, msg, msglen)) 1133 return 0; 1134 break; 1135 1136 case SSL3_MT_CERTIFICATE: 1137 if (!ssl_print_certificates(bio, indent + 2, msg, msglen)) 1138 return 0; 1139 break; 1140 1141 case SSL3_MT_CERTIFICATE_VERIFY: 1142 if (!ssl_print_signature(bio, indent + 2, ssl, &msg, &msglen)) 1143 return 0; 1144 break; 1145 1146 case SSL3_MT_CERTIFICATE_REQUEST: 1147 if (!ssl_print_cert_request(bio, indent + 2, ssl, msg, msglen)) 1148 return 0; 1149 break; 1150 1151 case SSL3_MT_FINISHED: 1152 ssl_print_hex(bio, indent + 2, "verify_data", msg, msglen); 1153 break; 1154 1155 case SSL3_MT_SERVER_DONE: 1156 if (msglen != 0) 1157 ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen); 1158 break; 1159 1160 case SSL3_MT_NEWSESSION_TICKET: 1161 if (!ssl_print_ticket(bio, indent + 2, msg, msglen)) 1162 return 0; 1163 break; 1164 1165 default: 1166 BIO_indent(bio, indent + 2, 80); 1167 BIO_puts(bio, "Unsupported, hex dump follows:\n"); 1168 BIO_dump_indent(bio, (char *)msg, msglen, indent + 4); 1169 } 1170 return 1; 1171 } 1172 1173 static int ssl_print_heartbeat(BIO *bio, int indent, 1174 const unsigned char *msg, size_t msglen) 1175 { 1176 if (msglen < 3) 1177 return 0; 1178 BIO_indent(bio, indent, 80); 1179 BIO_printf(bio, "HeartBeatMessageType: %s\n", 1180 ssl_trace_str(msg[0], ssl_hb_type_tbl)); 1181 msg++; 1182 msglen--; 1183 if (!ssl_print_hexbuf(bio, indent, "payload", 2, &msg, &msglen)) 1184 return 0; 1185 ssl_print_hex(bio, indent, "padding", msg, msglen); 1186 return 1; 1187 } 1188 1189 const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c) 1190 { 1191 if (c->algorithm_ssl & SSL_SSLV2) 1192 return NULL; 1193 return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl); 1194 } 1195 1196 void SSL_trace(int write_p, int version, int content_type, 1197 const void *buf, size_t msglen, SSL *ssl, void *arg) 1198 { 1199 const unsigned char *msg = buf; 1200 BIO *bio = arg; 1201 1202 if (write_p == 2) { 1203 BIO_puts(bio, "Session "); 1204 ssl_print_hex(bio, 0, 1205 ssl_trace_str(content_type, ssl_crypto_tbl), 1206 msg, msglen); 1207 return; 1208 } 1209 switch (content_type) { 1210 case SSL3_RT_HEADER: 1211 { 1212 int hvers = msg[1] << 8 | msg[2]; 1213 BIO_puts(bio, write_p ? "Sent" : "Received"); 1214 BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n", 1215 ssl_trace_str(hvers, ssl_version_tbl), hvers); 1216 if (SSL_IS_DTLS(ssl)) { 1217 BIO_printf(bio, 1218 " epoch=%d, sequence_number=%04x%04x%04x\n", 1219 (msg[3] << 8 | msg[4]), 1220 (msg[5] << 8 | msg[6]), 1221 (msg[7] << 8 | msg[8]), (msg[9] << 8 | msg[10])); 1222 # if 0 1223 /* 1224 * Just print handshake type so we can see what is going on 1225 * during fragmentation. 1226 */ 1227 BIO_printf(bio, "(%s)\n", 1228 ssl_trace_str(msg[msglen], ssl_handshake_tbl)); 1229 # endif 1230 } 1231 1232 BIO_printf(bio, " Content Type = %s (%d)\n Length = %d", 1233 ssl_trace_str(msg[0], ssl_content_tbl), msg[0], 1234 msg[msglen - 2] << 8 | msg[msglen - 1]); 1235 } 1236 break; 1237 case SSL3_RT_HANDSHAKE: 1238 if (!ssl_print_handshake(bio, ssl, msg, msglen, 4)) 1239 BIO_printf(bio, "Message length parse error!\n"); 1240 break; 1241 1242 case SSL3_RT_CHANGE_CIPHER_SPEC: 1243 if (msglen == 1 && msg[0] == 1) 1244 BIO_puts(bio, " change_cipher_spec (1)\n"); 1245 else 1246 ssl_print_hex(bio, 4, "unknown value", msg, msglen); 1247 break; 1248 1249 case SSL3_RT_ALERT: 1250 if (msglen != 2) 1251 BIO_puts(bio, " Illegal Alert Length\n"); 1252 else { 1253 BIO_printf(bio, " Level=%s(%d), description=%s(%d)\n", 1254 SSL_alert_type_string_long(msg[0] << 8), 1255 msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]); 1256 } 1257 case TLS1_RT_HEARTBEAT: 1258 ssl_print_heartbeat(bio, 4, msg, msglen); 1259 break; 1260 1261 } 1262 1263 BIO_puts(bio, "\n"); 1264 } 1265 1266 #endif 1267