{66, "ecdsa_fixed_ecdh"}
};
+static ssl_trace_tbl ssl_crypto_tbl[] = {
+ {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
+ {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
+ {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
+ {TLS1_RT_CRYPTO_MASTER, "Master Secret"},
+ {TLS1_RT_CRYPTO_MAC|TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
+ {TLS1_RT_CRYPTO_MAC|TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
+ {TLS1_RT_CRYPTO_KEY|TLS1_RT_CRYPTO_WRITE, "Write Key"},
+ {TLS1_RT_CRYPTO_KEY|TLS1_RT_CRYPTO_READ, "Read Key"},
+ {TLS1_RT_CRYPTO_IV|TLS1_RT_CRYPTO_WRITE, "Write IV"},
+ {TLS1_RT_CRYPTO_IV|TLS1_RT_CRYPTO_READ, "Read IV"},
+ {TLS1_RT_CRYPTO_FIXED_IV|TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
+ {TLS1_RT_CRYPTO_FIXED_IV|TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
+};
+
static void ssl_print_hex(BIO *bio, int indent, const char *name,
const unsigned char *msg, size_t msglen)
{
*pname = "dh_rsa";
return SSL_kDHr;
}
- if (alg_k & SSL_kDHr)
+ if (alg_k & SSL_kDHd)
{
*pname = "dh_dss";
return SSL_kDHd;
*pname = "krb5";
return SSL_kKRB5;
}
- if (alg_k & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ if (alg_k & SSL_kEDH)
{
*pname = "edh";
return SSL_kEDH;
}
- if (alg_k & (SSL_kEECDH|SSL_kECDHr|SSL_kECDHe))
+ if (alg_k & SSL_kEECDH)
{
- *pname = "ECDH";
+ *pname = "EECDH";
return SSL_kEECDH;
}
+ if (alg_k & SSL_kECDHr)
+ {
+ *pname = "ECDH RSA";
+ return SSL_kECDHr;
+ }
+ if (alg_k & SSL_kECDHe)
+ {
+ *pname = "ECDH ECDSA";
+ return SSL_kECDHe;
+ }
if (alg_k & SSL_kPSK)
{
*pname = "PSK";
{
case SSL_kRSA:
- if (!ssl_print_hexbuf(bio, indent + 2,
+ if (TLS1_get_version(ssl) == SSL3_VERSION)
+ {
+ ssl_print_hex(bio, indent + 2,
+ "EncyptedPreMasterSecret",
+ msg, msglen);
+ }
+ else
+ {
+ if (!ssl_print_hexbuf(bio, indent + 2,
"EncyptedPreMasterSecret", 2,
&msg, &msglen))
return 0;
+ }
break;
/* Implicit parameters only allowed for static DH */
return 0;
break;
+ case SSL_kECDHr:
+ case SSL_kECDHe:
+ if (msglen == 0)
+ {
+ BIO_indent(bio, indent + 2, 80);
+ BIO_puts(bio, "implicit\n");
+ break;
+ }
case SSL_kEECDH:
if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1,
&msg, &msglen))
/* Should never happen */
case SSL_kDHd:
case SSL_kDHr:
+ case SSL_kECDHr:
+ case SSL_kECDHe:
BIO_indent(bio, indent + 2, 80);
BIO_printf(bio, "Unexpected Message\n");
break;
nm = d2i_X509_NAME(NULL, &p, dlen);
if (!nm)
{
- BIO_puts(bio, "<UNPARESABLE DN>\n");
+ BIO_puts(bio, "<UNPARSEABLE DN>\n");
}
else
{
return 1;
}
+const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c)
+ {
+ if (c->algorithm_ssl & SSL_SSLV2)
+ return NULL;
+ return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl);
+ }
+
void SSL_trace(int write_p, int version, int content_type,
const void *buf, size_t msglen, SSL *ssl, void *arg)
{
const unsigned char *msg = buf;
BIO *bio = arg;
-
- BIO_printf(bio, "%s Record: Version = %s (0x%x)",
- write_p ? "Sent" : "Received",
- ssl_trace_str(version, ssl_version_tbl),
- version);
- BIO_printf(bio, " Length=%d\n", (int)msglen);
- BIO_printf(bio, " Content Type = %s (%d)\n",
- ssl_trace_str(content_type, ssl_content_tbl),
- content_type);
+ if (write_p == 2)
+ {
+ BIO_puts(bio, "Session ");
+ ssl_print_hex(bio, 0,
+ ssl_trace_str(content_type, ssl_crypto_tbl),
+ msg, msglen);
+ return;
+ }
switch (content_type)
{
+ case SSL3_RT_HEADER:
+ {
+ int hvers = msg[1] << 8 | msg[2];
+ BIO_puts(bio, write_p ? "Sent" : "Received");
+ BIO_printf(bio, " Record\nHeader:\n Version = %s (0x%x)\n",
+ ssl_trace_str(hvers, ssl_version_tbl), hvers);
+ BIO_printf(bio, " Content Type = %s (%d)\n Length = %d",
+ ssl_trace_str(msg[0], ssl_content_tbl), msg[0],
+ msg[3] << 8 | msg[4]);
+ }
+ break;
case SSL3_RT_HANDSHAKE:
if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
BIO_printf(bio, "Message length parse error!\n");
projects / openssl.git / blobdiff