1 /* 2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 2005 Nokia. All rights reserved. 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #include <stdio.h> 12 #include "ssl_local.h" 13 SSL_state_string_long(const SSL * s)14const char *SSL_state_string_long(const SSL *s) 15 { 16 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); 17 18 if (sc == NULL || ossl_statem_in_error(sc)) 19 return "error"; 20 21 switch (SSL_get_state(s)) { 22 case TLS_ST_CR_CERT_STATUS: 23 return "SSLv3/TLS read certificate status"; 24 case TLS_ST_CW_NEXT_PROTO: 25 return "SSLv3/TLS write next proto"; 26 case TLS_ST_SR_NEXT_PROTO: 27 return "SSLv3/TLS read next proto"; 28 case TLS_ST_SW_CERT_STATUS: 29 return "SSLv3/TLS write certificate status"; 30 case TLS_ST_BEFORE: 31 return "before SSL initialization"; 32 case TLS_ST_OK: 33 return "SSL negotiation finished successfully"; 34 case TLS_ST_CW_CLNT_HELLO: 35 return "SSLv3/TLS write client hello"; 36 case TLS_ST_CR_SRVR_HELLO: 37 return "SSLv3/TLS read server hello"; 38 case TLS_ST_CR_CERT: 39 return "SSLv3/TLS read server certificate"; 40 case TLS_ST_CR_KEY_EXCH: 41 return "SSLv3/TLS read server key exchange"; 42 case TLS_ST_CR_CERT_REQ: 43 return "SSLv3/TLS read server certificate request"; 44 case TLS_ST_CR_SESSION_TICKET: 45 return "SSLv3/TLS read server session ticket"; 46 case TLS_ST_CR_SRVR_DONE: 47 return "SSLv3/TLS read server done"; 48 case TLS_ST_CW_CERT: 49 return "SSLv3/TLS write client certificate"; 50 case TLS_ST_CW_KEY_EXCH: 51 return "SSLv3/TLS write client key exchange"; 52 case TLS_ST_CW_CERT_VRFY: 53 return "SSLv3/TLS write certificate verify"; 54 case TLS_ST_CW_CHANGE: 55 case TLS_ST_SW_CHANGE: 56 return "SSLv3/TLS write change cipher spec"; 57 case TLS_ST_CW_FINISHED: 58 case TLS_ST_SW_FINISHED: 59 return "SSLv3/TLS write finished"; 60 case TLS_ST_CR_CHANGE: 61 case TLS_ST_SR_CHANGE: 62 return "SSLv3/TLS read change cipher spec"; 63 case TLS_ST_CR_FINISHED: 64 case TLS_ST_SR_FINISHED: 65 return "SSLv3/TLS read finished"; 66 case TLS_ST_SR_CLNT_HELLO: 67 return "SSLv3/TLS read client hello"; 68 case TLS_ST_SW_HELLO_REQ: 69 return "SSLv3/TLS write hello request"; 70 case TLS_ST_SW_SRVR_HELLO: 71 return "SSLv3/TLS write server hello"; 72 case TLS_ST_SW_CERT: 73 return "SSLv3/TLS write certificate"; 74 case TLS_ST_SW_KEY_EXCH: 75 return "SSLv3/TLS write key exchange"; 76 case TLS_ST_SW_CERT_REQ: 77 return "SSLv3/TLS write certificate request"; 78 case TLS_ST_SW_SESSION_TICKET: 79 return "SSLv3/TLS write session ticket"; 80 case TLS_ST_SW_SRVR_DONE: 81 return "SSLv3/TLS write server done"; 82 case TLS_ST_SR_CERT: 83 return "SSLv3/TLS read client certificate"; 84 case TLS_ST_SR_KEY_EXCH: 85 return "SSLv3/TLS read client key exchange"; 86 case TLS_ST_SR_CERT_VRFY: 87 return "SSLv3/TLS read certificate verify"; 88 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 89 return "DTLS1 read hello verify request"; 90 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 91 return "DTLS1 write hello verify request"; 92 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 93 return "TLSv1.3 write encrypted extensions"; 94 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 95 return "TLSv1.3 read encrypted extensions"; 96 case TLS_ST_CR_CERT_VRFY: 97 return "TLSv1.3 read server certificate verify"; 98 case TLS_ST_SW_CERT_VRFY: 99 return "TLSv1.3 write server certificate verify"; 100 case TLS_ST_CR_HELLO_REQ: 101 return "SSLv3/TLS read hello request"; 102 case TLS_ST_SW_KEY_UPDATE: 103 return "TLSv1.3 write server key update"; 104 case TLS_ST_CW_KEY_UPDATE: 105 return "TLSv1.3 write client key update"; 106 case TLS_ST_SR_KEY_UPDATE: 107 return "TLSv1.3 read client key update"; 108 case TLS_ST_CR_KEY_UPDATE: 109 return "TLSv1.3 read server key update"; 110 case TLS_ST_EARLY_DATA: 111 return "TLSv1.3 early data"; 112 case TLS_ST_PENDING_EARLY_DATA_END: 113 return "TLSv1.3 pending early data end"; 114 case TLS_ST_CW_END_OF_EARLY_DATA: 115 return "TLSv1.3 write end of early data"; 116 case TLS_ST_SR_END_OF_EARLY_DATA: 117 return "TLSv1.3 read end of early data"; 118 default: 119 return "unknown state"; 120 } 121 } 122 SSL_state_string(const SSL * s)123const char *SSL_state_string(const SSL *s) 124 { 125 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); 126 127 if (sc == NULL || ossl_statem_in_error(sc)) 128 return "SSLERR"; 129 130 switch (SSL_get_state(s)) { 131 case TLS_ST_SR_NEXT_PROTO: 132 return "TRNP"; 133 case TLS_ST_SW_SESSION_TICKET: 134 return "TWST"; 135 case TLS_ST_SW_CERT_STATUS: 136 return "TWCS"; 137 case TLS_ST_CR_CERT_STATUS: 138 return "TRCS"; 139 case TLS_ST_CR_SESSION_TICKET: 140 return "TRST"; 141 case TLS_ST_CW_NEXT_PROTO: 142 return "TWNP"; 143 case TLS_ST_BEFORE: 144 return "PINIT"; 145 case TLS_ST_OK: 146 return "SSLOK"; 147 case TLS_ST_CW_CLNT_HELLO: 148 return "TWCH"; 149 case TLS_ST_CR_SRVR_HELLO: 150 return "TRSH"; 151 case TLS_ST_CR_CERT: 152 return "TRSC"; 153 case TLS_ST_CR_KEY_EXCH: 154 return "TRSKE"; 155 case TLS_ST_CR_CERT_REQ: 156 return "TRCR"; 157 case TLS_ST_CR_SRVR_DONE: 158 return "TRSD"; 159 case TLS_ST_CW_CERT: 160 return "TWCC"; 161 case TLS_ST_CW_KEY_EXCH: 162 return "TWCKE"; 163 case TLS_ST_CW_CERT_VRFY: 164 return "TWCV"; 165 case TLS_ST_SW_CHANGE: 166 case TLS_ST_CW_CHANGE: 167 return "TWCCS"; 168 case TLS_ST_SW_FINISHED: 169 case TLS_ST_CW_FINISHED: 170 return "TWFIN"; 171 case TLS_ST_SR_CHANGE: 172 case TLS_ST_CR_CHANGE: 173 return "TRCCS"; 174 case TLS_ST_SR_FINISHED: 175 case TLS_ST_CR_FINISHED: 176 return "TRFIN"; 177 case TLS_ST_SW_HELLO_REQ: 178 return "TWHR"; 179 case TLS_ST_SR_CLNT_HELLO: 180 return "TRCH"; 181 case TLS_ST_SW_SRVR_HELLO: 182 return "TWSH"; 183 case TLS_ST_SW_CERT: 184 return "TWSC"; 185 case TLS_ST_SW_KEY_EXCH: 186 return "TWSKE"; 187 case TLS_ST_SW_CERT_REQ: 188 return "TWCR"; 189 case TLS_ST_SW_SRVR_DONE: 190 return "TWSD"; 191 case TLS_ST_SR_CERT: 192 return "TRCC"; 193 case TLS_ST_SR_KEY_EXCH: 194 return "TRCKE"; 195 case TLS_ST_SR_CERT_VRFY: 196 return "TRCV"; 197 case DTLS_ST_CR_HELLO_VERIFY_REQUEST: 198 return "DRCHV"; 199 case DTLS_ST_SW_HELLO_VERIFY_REQUEST: 200 return "DWCHV"; 201 case TLS_ST_SW_ENCRYPTED_EXTENSIONS: 202 return "TWEE"; 203 case TLS_ST_CR_ENCRYPTED_EXTENSIONS: 204 return "TREE"; 205 case TLS_ST_CR_CERT_VRFY: 206 return "TRSCV"; 207 case TLS_ST_SW_CERT_VRFY: 208 return "TWSCV"; 209 case TLS_ST_CR_HELLO_REQ: 210 return "TRHR"; 211 case TLS_ST_SW_KEY_UPDATE: 212 return "TWSKU"; 213 case TLS_ST_CW_KEY_UPDATE: 214 return "TWCKU"; 215 case TLS_ST_SR_KEY_UPDATE: 216 return "TRCKU"; 217 case TLS_ST_CR_KEY_UPDATE: 218 return "TRSKU"; 219 case TLS_ST_EARLY_DATA: 220 return "TED"; 221 case TLS_ST_PENDING_EARLY_DATA_END: 222 return "TPEDE"; 223 case TLS_ST_CW_END_OF_EARLY_DATA: 224 return "TWEOED"; 225 case TLS_ST_SR_END_OF_EARLY_DATA: 226 return "TWEOED"; 227 default: 228 return "UNKWN"; 229 } 230 } 231 SSL_alert_type_string_long(int value)232const char *SSL_alert_type_string_long(int value) 233 { 234 switch (value >> 8) { 235 case SSL3_AL_WARNING: 236 return "warning"; 237 case SSL3_AL_FATAL: 238 return "fatal"; 239 default: 240 return "unknown"; 241 } 242 } 243 SSL_alert_type_string(int value)244const char *SSL_alert_type_string(int value) 245 { 246 switch (value >> 8) { 247 case SSL3_AL_WARNING: 248 return "W"; 249 case SSL3_AL_FATAL: 250 return "F"; 251 default: 252 return "U"; 253 } 254 } 255 SSL_alert_desc_string(int value)256const char *SSL_alert_desc_string(int value) 257 { 258 switch (value & 0xff) { 259 case SSL3_AD_CLOSE_NOTIFY: 260 return "CN"; 261 case SSL3_AD_UNEXPECTED_MESSAGE: 262 return "UM"; 263 case SSL3_AD_BAD_RECORD_MAC: 264 return "BM"; 265 case SSL3_AD_DECOMPRESSION_FAILURE: 266 return "DF"; 267 case SSL3_AD_HANDSHAKE_FAILURE: 268 return "HF"; 269 case SSL3_AD_NO_CERTIFICATE: 270 return "NC"; 271 case SSL3_AD_BAD_CERTIFICATE: 272 return "BC"; 273 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 274 return "UC"; 275 case SSL3_AD_CERTIFICATE_REVOKED: 276 return "CR"; 277 case SSL3_AD_CERTIFICATE_EXPIRED: 278 return "CE"; 279 case SSL3_AD_CERTIFICATE_UNKNOWN: 280 return "CU"; 281 case SSL3_AD_ILLEGAL_PARAMETER: 282 return "IP"; 283 case TLS1_AD_DECRYPTION_FAILED: 284 return "DC"; 285 case TLS1_AD_RECORD_OVERFLOW: 286 return "RO"; 287 case TLS1_AD_UNKNOWN_CA: 288 return "CA"; 289 case TLS1_AD_ACCESS_DENIED: 290 return "AD"; 291 case TLS1_AD_DECODE_ERROR: 292 return "DE"; 293 case TLS1_AD_DECRYPT_ERROR: 294 return "CY"; 295 case TLS1_AD_EXPORT_RESTRICTION: 296 return "ER"; 297 case TLS1_AD_PROTOCOL_VERSION: 298 return "PV"; 299 case TLS1_AD_INSUFFICIENT_SECURITY: 300 return "IS"; 301 case TLS1_AD_INTERNAL_ERROR: 302 return "IE"; 303 case TLS1_AD_USER_CANCELLED: 304 return "US"; 305 case TLS1_AD_NO_RENEGOTIATION: 306 return "NR"; 307 case TLS1_AD_UNSUPPORTED_EXTENSION: 308 return "UE"; 309 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 310 return "CO"; 311 case TLS1_AD_UNRECOGNIZED_NAME: 312 return "UN"; 313 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 314 return "BR"; 315 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 316 return "BH"; 317 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 318 return "UP"; 319 default: 320 return "UK"; 321 } 322 } 323 SSL_alert_desc_string_long(int value)324const char *SSL_alert_desc_string_long(int value) 325 { 326 switch (value & 0xff) { 327 case SSL3_AD_CLOSE_NOTIFY: 328 return "close notify"; 329 case SSL3_AD_UNEXPECTED_MESSAGE: 330 return "unexpected_message"; 331 case SSL3_AD_BAD_RECORD_MAC: 332 return "bad record mac"; 333 case SSL3_AD_DECOMPRESSION_FAILURE: 334 return "decompression failure"; 335 case SSL3_AD_HANDSHAKE_FAILURE: 336 return "handshake failure"; 337 case SSL3_AD_NO_CERTIFICATE: 338 return "no certificate"; 339 case SSL3_AD_BAD_CERTIFICATE: 340 return "bad certificate"; 341 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 342 return "unsupported certificate"; 343 case SSL3_AD_CERTIFICATE_REVOKED: 344 return "certificate revoked"; 345 case SSL3_AD_CERTIFICATE_EXPIRED: 346 return "certificate expired"; 347 case SSL3_AD_CERTIFICATE_UNKNOWN: 348 return "certificate unknown"; 349 case SSL3_AD_ILLEGAL_PARAMETER: 350 return "illegal parameter"; 351 case TLS1_AD_DECRYPTION_FAILED: 352 return "decryption failed"; 353 case TLS1_AD_RECORD_OVERFLOW: 354 return "record overflow"; 355 case TLS1_AD_UNKNOWN_CA: 356 return "unknown CA"; 357 case TLS1_AD_ACCESS_DENIED: 358 return "access denied"; 359 case TLS1_AD_DECODE_ERROR: 360 return "decode error"; 361 case TLS1_AD_DECRYPT_ERROR: 362 return "decrypt error"; 363 case TLS1_AD_EXPORT_RESTRICTION: 364 return "export restriction"; 365 case TLS1_AD_PROTOCOL_VERSION: 366 return "protocol version"; 367 case TLS1_AD_INSUFFICIENT_SECURITY: 368 return "insufficient security"; 369 case TLS1_AD_INTERNAL_ERROR: 370 return "internal error"; 371 case TLS1_AD_USER_CANCELLED: 372 return "user canceled"; 373 case TLS1_AD_NO_RENEGOTIATION: 374 return "no renegotiation"; 375 case TLS1_AD_UNSUPPORTED_EXTENSION: 376 return "unsupported extension"; 377 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 378 return "certificate unobtainable"; 379 case TLS1_AD_UNRECOGNIZED_NAME: 380 return "unrecognized name"; 381 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 382 return "bad certificate status response"; 383 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 384 return "bad certificate hash value"; 385 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 386 return "unknown PSK identity"; 387 case TLS1_AD_NO_APPLICATION_PROTOCOL: 388 return "no application protocol"; 389 default: 390 return "unknown"; 391 } 392 } 393