Initial revision of ECC extension handling.

[openssl.git] / apps / s_cb.c

diff --git a/apps/s_cb.c b/apps/s_cb.c
index c0f089c4b4b4eaa19e21a2b43bd41ced8be96369..141c222895206400b9880e6d1d75513094e59685 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -278,6 +278,88 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
        return 1;
        }
 
+int ssl_print_sigalgs(BIO *out, SSL *s)
+       {
+       int i, nsig;
+       nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
+       if (nsig == 0)
+               return 1;
+
+       BIO_puts(out, "Signature Algorithms: ");
+       for (i = 0; i < nsig; i++)
+               {
+               int hash_nid, sign_nid;
+               unsigned char rhash, rsign;
+               const char *sstr = NULL;
+               SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
+                                                       &rsign, &rhash);
+               if (i)
+                       BIO_puts(out, ":");
+               if (sign_nid == EVP_PKEY_RSA)
+                       sstr = "RSA";
+               else if(sign_nid == EVP_PKEY_DSA)
+                       sstr = "DSA";
+               else if(sign_nid == EVP_PKEY_EC)
+                       sstr = "ECDSA";
+               if (sstr)
+                       BIO_printf(out,"%s+", sstr);
+               else
+                       BIO_printf(out,"0x%02X+", (int)rsign);
+               if (hash_nid != NID_undef)
+                       BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
+               else
+                       BIO_printf(out,"0x%02X", (int)rhash);
+               }
+       BIO_puts(out, "\n");
+       return 1;
+       }
+
+int ssl_print_curves(BIO *out, SSL *s)
+       {
+       int i, ncurves, *curves, nid;
+       const char *cname;
+       ncurves = SSL_get1_curves(s, NULL);
+       if (ncurves <= 0)
+               return 1;
+       curves = OPENSSL_malloc(ncurves * sizeof(int));
+       SSL_get1_curves(s, curves);
+
+       BIO_puts(out, "Supported Elliptic Curves: ");
+       for (i = 0; i < ncurves; i++)
+               {
+               if (i)
+                       BIO_puts(out, ":");
+               nid = curves[i];
+               /* If unrecognised print out hex version */
+               if (nid & TLSEXT_nid_unknown)
+                       BIO_printf(out, "0x%04X", nid & 0xFFFF);
+               else
+                       {
+                       /* Use NIST name for curve if it exists */
+                       cname = EC_curve_nid2nist(nid);
+                       if (!cname)
+                               cname = OBJ_nid2sn(nid);
+                       BIO_printf(out, "%s", cname);
+                       }
+               }
+       BIO_puts(out, "\nShared Elliptic curves: ");
+       OPENSSL_free(curves);
+       ncurves = SSL_get_shared_curve(s, -1);
+       for (i = 0; i < ncurves; i++)
+               {
+               if (i)
+                       BIO_puts(out, ":");
+               nid = SSL_get_shared_curve(s, i);
+               cname = EC_curve_nid2nist(nid);
+               if (!cname)
+                       cname = OBJ_nid2sn(nid);
+               BIO_printf(out, "%s", cname);
+               }
+       BIO_puts(out, "\n");
+       return 1;
+       }
+
+
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
                                   int argi, long argl, long ret)
        {
@@ -360,6 +442,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
        case TLS1_1_VERSION:
                str_version = "TLS 1.1 ";
                break;
+       case TLS1_2_VERSION:
+               str_version = "TLS 1.2 ";
+               break;
        case DTLS1_VERSION:
                str_version = "DTLS 1.0 ";
                break;
@@ -683,6 +768,22 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
                extname = "status request";
                break;
 
+               case TLSEXT_TYPE_user_mapping:
+               extname = "user mapping";
+               break;
+
+               case TLSEXT_TYPE_client_authz:
+               extname = "client authz";
+               break;
+
+               case TLSEXT_TYPE_server_authz:
+               extname = "server authz";
+               break;
+
+               case TLSEXT_TYPE_cert_type:
+               extname = "cert type";
+               break;
+
                case TLSEXT_TYPE_elliptic_curves:
                extname = "elliptic curves";
                break;
@@ -691,23 +792,40 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
                extname = "EC point formats";
                break;
 
-               case TLSEXT_TYPE_session_ticket:
-               extname = "server ticket";
-               break;
-
-               case TLSEXT_TYPE_renegotiate:
-               extname = "renegotiate";
+               case TLSEXT_TYPE_srp:
+               extname = "SRP";
                break;
 
                case TLSEXT_TYPE_signature_algorithms:
                extname = "signature algorithms";
                break;
 
+               case TLSEXT_TYPE_use_srtp:
+               extname = "use SRTP";
+               break;
+
+               case TLSEXT_TYPE_heartbeat:
+               extname = "heartbeat";
+               break;
+
+               case TLSEXT_TYPE_session_ticket:
+               extname = "session ticket";
+               break;
+
+               case TLSEXT_TYPE_renegotiate: 
+               extname = "renegotiation info";
+               break;
+
 #ifdef TLSEXT_TYPE_opaque_prf_input
                case TLSEXT_TYPE_opaque_prf_input:
                extname = "opaque PRF input";
                break;
 #endif
+#ifdef TLSEXT_TYPE_next_proto_neg
+               case TLSEXT_TYPE_next_proto_neg:
+               extname = "next protocol";
+               break;
+#endif
 
                default:
                extname = "unknown";