1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef CONSCRYPT_TRACE_H_ 18 #define CONSCRYPT_TRACE_H_ 19 20 #include <cstddef> 21 #include <conscrypt/macros.h> 22 23 namespace conscrypt { 24 namespace trace { 25 26 extern const bool kWithJniTrace; 27 extern const bool kWithJniTraceMd; 28 extern const bool kWithJniTraceData; 29 30 /* 31 * To print create a pcap-style dump you can take the log output and 32 * pipe it through text2pcap. 33 * 34 * For example, if you were interested in ssl=0x12345678, you would do: 35 * 36 * address=0x12345678 37 * awk "match(\$0,/ssl=$address SSL_DATA: (.*)\$/,a){print a[1]}" | text2pcap -T 443,1337 -t 38 * '%s.' -n -D - $address.pcapng 39 */ 40 extern const bool kWithJniTracePackets; 41 42 /* 43 * How to use this for debugging with Wireshark: 44 * 45 * 1. Pull lines from logcat to a file that have "KEY_LINE:" and remove the 46 * prefix up to and including "KEY_LINE: " so they look like this 47 * (without the quotes): 48 * "RSA 3b8...184 1c5...aa0" <CR> 49 * "CLIENT_RANDOM 82e...f18b 1c5...aa0" <CR> 50 * <etc> 51 * Follows the format defined at 52 * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format 53 * 2. Start Wireshark 54 * 3. Go to Edit -> Preferences -> SSL -> (Pre-)Master-Key log and fill in 55 * the file you put the lines in above. 56 * 4. Follow the stream that corresponds to the desired "Session-ID" in 57 * the Server Hello. 58 */ 59 extern const bool kWithJniTraceKeys; 60 61 // don't overwhelm logcat 62 extern const std::size_t kWithJniTraceDataChunkSize; 63 64 } // namespace trace 65 } // namespace conscrypt 66 67 #define JNI_TRACE(...) \ 68 if (conscrypt::trace::kWithJniTrace) { \ 69 ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \ 70 } 71 #define JNI_TRACE_MD(...) \ 72 if (conscrypt::trace::kWithJniTraceMd) { \ 73 ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \ 74 } 75 #define JNI_TRACE_KEYS(...) \ 76 if (conscrypt::trace::kWithJniTraceKeys) { \ 77 ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \ 78 } 79 #define JNI_TRACE_PACKET_DATA(ssl, dir, data, len) \ 80 if (conscrypt::trace::kWithJniTracePackets) { \ 81 debug_print_packet_data(ssl, dir, data, len); \ 82 } 83 84 #endif // CONSCRYPT_TRACE_H_ 85