2
0

ssl_txt.c 6.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206
  1. /*
  2. * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright 2005 Nokia. All rights reserved.
  4. *
  5. * Licensed under the Apache License 2.0 (the "License"). You may not use
  6. * this file except in compliance with the License. You can obtain a copy
  7. * in the file LICENSE in the source distribution or at
  8. * https://www.openssl.org/source/license.html
  9. */
  10. #include <stdio.h>
  11. #include <openssl/buffer.h>
  12. #include "ssl_local.h"
  13. #include "internal/comp.h"
  14. #ifndef OPENSSL_NO_STDIO
  15. int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
  16. {
  17. BIO *b;
  18. int ret;
  19. if ((b = BIO_new(BIO_s_file())) == NULL) {
  20. ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
  21. return 0;
  22. }
  23. BIO_set_fp(b, fp, BIO_NOCLOSE);
  24. ret = SSL_SESSION_print(b, x);
  25. BIO_free(b);
  26. return ret;
  27. }
  28. #endif
  29. int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
  30. {
  31. size_t i;
  32. const char *s;
  33. int istls13;
  34. if (x == NULL)
  35. goto err;
  36. istls13 = (x->ssl_version == TLS1_3_VERSION);
  37. if (BIO_puts(bp, "SSL-Session:\n") <= 0)
  38. goto err;
  39. s = ssl_protocol_to_string(x->ssl_version);
  40. if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
  41. goto err;
  42. if (x->cipher == NULL) {
  43. if (((x->cipher_id) & 0xff000000) == 0x02000000) {
  44. if (BIO_printf(bp, " Cipher : %06lX\n",
  45. x->cipher_id & 0xffffff) <= 0)
  46. goto err;
  47. } else {
  48. if (BIO_printf(bp, " Cipher : %04lX\n",
  49. x->cipher_id & 0xffff) <= 0)
  50. goto err;
  51. }
  52. } else {
  53. if (BIO_printf(bp, " Cipher : %s\n",
  54. ((x->cipher->name == NULL) ? "unknown"
  55. : x->cipher->name)) <= 0)
  56. goto err;
  57. }
  58. if (BIO_puts(bp, " Session-ID: ") <= 0)
  59. goto err;
  60. for (i = 0; i < x->session_id_length; i++) {
  61. if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
  62. goto err;
  63. }
  64. if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
  65. goto err;
  66. for (i = 0; i < x->sid_ctx_length; i++) {
  67. if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
  68. goto err;
  69. }
  70. if (istls13) {
  71. if (BIO_puts(bp, "\n Resumption PSK: ") <= 0)
  72. goto err;
  73. } else if (BIO_puts(bp, "\n Master-Key: ") <= 0)
  74. goto err;
  75. for (i = 0; i < x->master_key_length; i++) {
  76. if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
  77. goto err;
  78. }
  79. #ifndef OPENSSL_NO_PSK
  80. if (BIO_puts(bp, "\n PSK identity: ") <= 0)
  81. goto err;
  82. if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
  83. goto err;
  84. if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
  85. goto err;
  86. if (BIO_printf
  87. (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
  88. goto err;
  89. #endif
  90. #ifndef OPENSSL_NO_SRP
  91. if (BIO_puts(bp, "\n SRP username: ") <= 0)
  92. goto err;
  93. if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
  94. goto err;
  95. #endif
  96. if (x->ext.tick_lifetime_hint) {
  97. if (BIO_printf(bp,
  98. "\n TLS session ticket lifetime hint: %ld (seconds)",
  99. x->ext.tick_lifetime_hint) <= 0)
  100. goto err;
  101. }
  102. if (x->ext.tick) {
  103. if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
  104. goto err;
  105. if (BIO_dump_indent
  106. (bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
  107. <= 0)
  108. goto err;
  109. }
  110. #ifndef OPENSSL_NO_COMP
  111. if (x->compress_meth != 0) {
  112. SSL_COMP *comp = NULL;
  113. if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
  114. goto err;
  115. if (comp == NULL) {
  116. if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0)
  117. goto err;
  118. } else {
  119. if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
  120. comp->name) <= 0)
  121. goto err;
  122. }
  123. }
  124. #endif
  125. if (!ossl_time_is_zero(x->time)) {
  126. if (BIO_printf(bp, "\n Start Time: %lld",
  127. (long long)ossl_time_to_time_t(x->time)) <= 0)
  128. goto err;
  129. }
  130. if (!ossl_time_is_zero(x->timeout)) {
  131. if (BIO_printf(bp, "\n Timeout : %lld (sec)",
  132. (long long)ossl_time2seconds(x->timeout)) <= 0)
  133. goto err;
  134. }
  135. if (BIO_puts(bp, "\n") <= 0)
  136. goto err;
  137. if (BIO_puts(bp, " Verify return code: ") <= 0)
  138. goto err;
  139. if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
  140. X509_verify_cert_error_string(x->verify_result)) <= 0)
  141. goto err;
  142. if (BIO_printf(bp, " Extended master secret: %s\n",
  143. x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
  144. goto err;
  145. if (istls13) {
  146. if (BIO_printf(bp, " Max Early Data: %u\n",
  147. (unsigned int)x->ext.max_early_data) <= 0)
  148. goto err;
  149. }
  150. return 1;
  151. err:
  152. return 0;
  153. }
  154. /*
  155. * print session id and master key in NSS keylog format (RSA
  156. * Session-ID:<session id> Master-Key:<master key>)
  157. */
  158. int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
  159. {
  160. size_t i;
  161. if (x == NULL)
  162. goto err;
  163. if (x->session_id_length == 0 || x->master_key_length == 0)
  164. goto err;
  165. /*
  166. * the RSA prefix is required by the format's definition although there's
  167. * nothing RSA-specific in the output, therefore, we don't have to check if
  168. * the cipher suite is based on RSA
  169. */
  170. if (BIO_puts(bp, "RSA ") <= 0)
  171. goto err;
  172. if (BIO_puts(bp, "Session-ID:") <= 0)
  173. goto err;
  174. for (i = 0; i < x->session_id_length; i++) {
  175. if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
  176. goto err;
  177. }
  178. if (BIO_puts(bp, " Master-Key:") <= 0)
  179. goto err;
  180. for (i = 0; i < x->master_key_length; i++) {
  181. if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
  182. goto err;
  183. }
  184. if (BIO_puts(bp, "\n") <= 0)
  185. goto err;
  186. return 1;
  187. err:
  188. return 0;
  189. }