1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57 /* ==================================================================== 58 * Copyright 2005 Nokia. All rights reserved. 59 * 60 * The portions of the attached software ("Contribution") is developed by 61 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 62 * license. 63 * 64 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 65 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 66 * support (see RFC 4279) to OpenSSL. 67 * 68 * No patent licenses or other rights except those expressly stated in 69 * the OpenSSL open source license shall be deemed granted or received 70 * expressly, by implication, estoppel, or otherwise. 71 * 72 * No assurances are provided by Nokia that the Contribution does not 73 * infringe the patent or other intellectual property rights of any third 74 * party or that the license provides you with all the necessary rights 75 * to make use of the Contribution. 76 * 77 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 78 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 79 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 80 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 81 * OTHERWISE. 82 */ 83 84 #include <openssl/ssl.h> 85 86 #include <assert.h> 87 88 #include "internal.h" 89 90 91 static int ssl_state(const SSL *ssl) { 92 if (ssl->s3->hs == NULL) { 93 assert(ssl->s3->initial_handshake_complete); 94 return SSL_ST_OK; 95 } 96 97 return ssl->s3->hs->state; 98 } 99 100 const char *SSL_state_string_long(const SSL *ssl) { 101 switch (ssl_state(ssl)) { 102 case SSL_ST_ACCEPT: 103 return "before accept initialization"; 104 105 case SSL_ST_CONNECT: 106 return "before connect initialization"; 107 108 case SSL_ST_OK: 109 return "SSL negotiation finished successfully"; 110 111 case SSL_ST_RENEGOTIATE: 112 return "SSL renegotiate ciphers"; 113 114 /* SSLv3 additions */ 115 case SSL3_ST_CW_CLNT_HELLO_A: 116 return "SSLv3 write client hello A"; 117 118 case SSL3_ST_CR_SRVR_HELLO_A: 119 return "SSLv3 read server hello A"; 120 121 case SSL3_ST_CR_CERT_A: 122 return "SSLv3 read server certificate A"; 123 124 case SSL3_ST_CR_KEY_EXCH_A: 125 return "SSLv3 read server key exchange A"; 126 127 case SSL3_ST_CR_CERT_REQ_A: 128 return "SSLv3 read server certificate request A"; 129 130 case SSL3_ST_CR_SESSION_TICKET_A: 131 return "SSLv3 read server session ticket A"; 132 133 case SSL3_ST_CR_SRVR_DONE_A: 134 return "SSLv3 read server done A"; 135 136 case SSL3_ST_CW_CERT_A: 137 return "SSLv3 write client certificate A"; 138 139 case SSL3_ST_CW_KEY_EXCH_A: 140 return "SSLv3 write client key exchange A"; 141 142 case SSL3_ST_CW_CERT_VRFY_A: 143 return "SSLv3 write certificate verify A"; 144 145 case SSL3_ST_CW_CHANGE: 146 return "SSLv3 write change cipher spec"; 147 148 case SSL3_ST_CW_FINISHED_A: 149 case SSL3_ST_SW_FINISHED_A: 150 return "SSLv3 write finished A"; 151 152 case SSL3_ST_CR_CHANGE: 153 case SSL3_ST_SR_CHANGE: 154 return "SSLv3 read change cipher spec"; 155 156 case SSL3_ST_CR_FINISHED_A: 157 case SSL3_ST_SR_FINISHED_A: 158 return "SSLv3 read finished A"; 159 160 case SSL3_ST_CW_FLUSH: 161 case SSL3_ST_SW_FLUSH: 162 return "SSLv3 flush data"; 163 164 case SSL3_ST_SR_CLNT_HELLO_A: 165 return "SSLv3 read client hello A"; 166 167 case SSL3_ST_SR_CLNT_HELLO_B: 168 return "SSLv3 read client hello B"; 169 170 case SSL3_ST_SR_CLNT_HELLO_C: 171 return "SSLv3 read client hello C"; 172 173 case SSL3_ST_SW_SRVR_HELLO_A: 174 return "SSLv3 write server hello A"; 175 176 case SSL3_ST_SW_CERT_A: 177 return "SSLv3 write certificate A"; 178 179 case SSL3_ST_SW_KEY_EXCH_A: 180 return "SSLv3 write key exchange A"; 181 182 case SSL3_ST_SW_SRVR_DONE_A: 183 return "SSLv3 write server done A"; 184 185 case SSL3_ST_SR_CERT_A: 186 return "SSLv3 read client certificate A"; 187 188 case SSL3_ST_SR_KEY_EXCH_A: 189 return "SSLv3 read client key exchange A"; 190 191 case SSL3_ST_SR_KEY_EXCH_B: 192 return "SSLv3 read client key exchange B"; 193 194 case SSL3_ST_SR_CERT_VRFY_A: 195 return "SSLv3 read certificate verify A"; 196 197 /* DTLS */ 198 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 199 return "DTLS1 read hello verify request A"; 200 201 default: 202 return "unknown state"; 203 } 204 } 205 206 const char *SSL_state_string(const SSL *ssl) { 207 switch (ssl_state(ssl)) { 208 case SSL_ST_ACCEPT: 209 return "AINIT "; 210 211 case SSL_ST_CONNECT: 212 return "CINIT "; 213 214 case SSL_ST_OK: 215 return "SSLOK "; 216 217 /* SSLv3 additions */ 218 case SSL3_ST_SW_FLUSH: 219 case SSL3_ST_CW_FLUSH: 220 return "3FLUSH"; 221 222 case SSL3_ST_CW_CLNT_HELLO_A: 223 return "3WCH_A"; 224 225 case SSL3_ST_CR_SRVR_HELLO_A: 226 return "3RSH_A"; 227 228 case SSL3_ST_CR_CERT_A: 229 return "3RSC_A"; 230 231 case SSL3_ST_CR_KEY_EXCH_A: 232 return "3RSKEA"; 233 234 case SSL3_ST_CR_CERT_REQ_A: 235 return "3RCR_A"; 236 237 case SSL3_ST_CR_SRVR_DONE_A: 238 return "3RSD_A"; 239 240 case SSL3_ST_CW_CERT_A: 241 return "3WCC_A"; 242 243 case SSL3_ST_CW_KEY_EXCH_A: 244 return "3WCKEA"; 245 246 case SSL3_ST_CW_CERT_VRFY_A: 247 return "3WCV_A"; 248 249 case SSL3_ST_CW_CHANGE: 250 return "3WCCS_"; 251 252 case SSL3_ST_SW_FINISHED_A: 253 case SSL3_ST_CW_FINISHED_A: 254 return "3WFINA"; 255 256 case SSL3_ST_CR_CHANGE: 257 case SSL3_ST_SR_CHANGE: 258 return "3RCCS_"; 259 260 case SSL3_ST_SR_FINISHED_A: 261 case SSL3_ST_CR_FINISHED_A: 262 return "3RFINA"; 263 264 case SSL3_ST_SR_CLNT_HELLO_A: 265 return "3RCH_A"; 266 267 case SSL3_ST_SR_CLNT_HELLO_B: 268 return "3RCH_B"; 269 270 case SSL3_ST_SR_CLNT_HELLO_C: 271 return "3RCH_C"; 272 273 case SSL3_ST_SW_SRVR_HELLO_A: 274 return "3WSH_A"; 275 276 case SSL3_ST_SW_CERT_A: 277 return "3WSC_A"; 278 279 case SSL3_ST_SW_KEY_EXCH_A: 280 return "3WSKEA"; 281 282 case SSL3_ST_SW_SRVR_DONE_A: 283 return "3WSD_A"; 284 285 case SSL3_ST_SR_CERT_A: 286 return "3RCC_A"; 287 288 case SSL3_ST_SR_KEY_EXCH_A: 289 return "3RCKEA"; 290 291 case SSL3_ST_SR_CERT_VRFY_A: 292 return "3RCV_A"; 293 294 /* DTLS */ 295 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: 296 return "DRCHVA"; 297 298 default: 299 return "UNKWN "; 300 } 301 } 302 303 const char *SSL_alert_type_string_long(int value) { 304 value >>= 8; 305 if (value == SSL3_AL_WARNING) { 306 return "warning"; 307 } else if (value == SSL3_AL_FATAL) { 308 return "fatal"; 309 } 310 311 return "unknown"; 312 } 313 314 const char *SSL_alert_type_string(int value) { 315 return "!"; 316 } 317 318 const char *SSL_alert_desc_string(int value) { 319 return "!!"; 320 } 321 322 const char *SSL_alert_desc_string_long(int value) { 323 switch (value & 0xff) { 324 case SSL3_AD_CLOSE_NOTIFY: 325 return "close notify"; 326 327 case SSL3_AD_UNEXPECTED_MESSAGE: 328 return "unexpected_message"; 329 330 case SSL3_AD_BAD_RECORD_MAC: 331 return "bad record mac"; 332 333 case SSL3_AD_DECOMPRESSION_FAILURE: 334 return "decompression failure"; 335 336 case SSL3_AD_HANDSHAKE_FAILURE: 337 return "handshake failure"; 338 339 case SSL3_AD_NO_CERTIFICATE: 340 return "no certificate"; 341 342 case SSL3_AD_BAD_CERTIFICATE: 343 return "bad certificate"; 344 345 case SSL3_AD_UNSUPPORTED_CERTIFICATE: 346 return "unsupported certificate"; 347 348 case SSL3_AD_CERTIFICATE_REVOKED: 349 return "certificate revoked"; 350 351 case SSL3_AD_CERTIFICATE_EXPIRED: 352 return "certificate expired"; 353 354 case SSL3_AD_CERTIFICATE_UNKNOWN: 355 return "certificate unknown"; 356 357 case SSL3_AD_ILLEGAL_PARAMETER: 358 return "illegal parameter"; 359 360 case TLS1_AD_DECRYPTION_FAILED: 361 return "decryption failed"; 362 363 case TLS1_AD_RECORD_OVERFLOW: 364 return "record overflow"; 365 366 case TLS1_AD_UNKNOWN_CA: 367 return "unknown CA"; 368 369 case TLS1_AD_ACCESS_DENIED: 370 return "access denied"; 371 372 case TLS1_AD_DECODE_ERROR: 373 return "decode error"; 374 375 case TLS1_AD_DECRYPT_ERROR: 376 return "decrypt error"; 377 378 case TLS1_AD_EXPORT_RESTRICTION: 379 return "export restriction"; 380 381 case TLS1_AD_PROTOCOL_VERSION: 382 return "protocol version"; 383 384 case TLS1_AD_INSUFFICIENT_SECURITY: 385 return "insufficient security"; 386 387 case TLS1_AD_INTERNAL_ERROR: 388 return "internal error"; 389 390 case SSL3_AD_INAPPROPRIATE_FALLBACK: 391 return "inappropriate fallback"; 392 393 case TLS1_AD_USER_CANCELLED: 394 return "user canceled"; 395 396 case TLS1_AD_NO_RENEGOTIATION: 397 return "no renegotiation"; 398 399 case TLS1_AD_UNSUPPORTED_EXTENSION: 400 return "unsupported extension"; 401 402 case TLS1_AD_CERTIFICATE_UNOBTAINABLE: 403 return "certificate unobtainable"; 404 405 case TLS1_AD_UNRECOGNIZED_NAME: 406 return "unrecognized name"; 407 408 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: 409 return "bad certificate status response"; 410 411 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: 412 return "bad certificate hash value"; 413 414 case TLS1_AD_UNKNOWN_PSK_IDENTITY: 415 return "unknown PSK identity"; 416 417 case TLS1_AD_CERTIFICATE_REQUIRED: 418 return "certificate required"; 419 420 default: 421 return "unknown"; 422 } 423 } 424