1 /* 2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 2005 Nokia. All rights reserved. 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #include <stdio.h> 12 #include <openssl/buffer.h> 13 #include "ssl_local.h" 14 15 #include "internal/comp.h" 16 17 #ifndef OPENSSL_NO_STDIO 18 int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x) 19 { 20 BIO *b; 21 int ret; 22 23 if ((b = BIO_new(BIO_s_file())) == NULL) { 24 ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 25 return 0; 26 } 27 BIO_set_fp(b, fp, BIO_NOCLOSE); 28 ret = SSL_SESSION_print(b, x); 29 BIO_free(b); 30 return ret; 31 } 32 #endif 33 34 int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) 35 { 36 size_t i; 37 const char *s; 38 int istls13; 39 40 if (x == NULL) 41 goto err; 42 istls13 = (x->ssl_version == TLS1_3_VERSION); 43 if (BIO_puts(bp, "SSL-Session:\n") <= 0) 44 goto err; 45 s = ssl_protocol_to_string(x->ssl_version); 46 if (BIO_printf(bp, " Protocol : %s\n", s) <= 0) 47 goto err; 48 49 if (x->cipher == NULL) { 50 if (((x->cipher_id) & 0xff000000) == 0x02000000) { 51 if (BIO_printf(bp, " Cipher : %06lX\n", 52 x->cipher_id & 0xffffff) 53 <= 0) 54 goto err; 55 } else { 56 if (BIO_printf(bp, " Cipher : %04lX\n", 57 x->cipher_id & 0xffff) 58 <= 0) 59 goto err; 60 } 61 } else { 62 if (BIO_printf(bp, " Cipher : %s\n", 63 ((x->cipher->name == NULL) ? "unknown" 64 : x->cipher->name)) 65 <= 0) 66 goto err; 67 } 68 if (BIO_puts(bp, " Session-ID: ") <= 0) 69 goto err; 70 for (i = 0; i < x->session_id_length; i++) { 71 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) 72 goto err; 73 } 74 if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0) 75 goto err; 76 for (i = 0; i < x->sid_ctx_length; i++) { 77 if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0) 78 goto err; 79 } 80 if (istls13) { 81 if (BIO_puts(bp, "\n Resumption PSK: ") <= 0) 82 goto err; 83 } else if (BIO_puts(bp, "\n Master-Key: ") <= 0) 84 goto err; 85 for (i = 0; i < x->master_key_length; i++) { 86 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0) 87 goto err; 88 } 89 #ifndef OPENSSL_NO_PSK 90 if (BIO_puts(bp, "\n PSK identity: ") <= 0) 91 goto err; 92 if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0) 93 goto err; 94 if (BIO_puts(bp, "\n PSK identity hint: ") <= 0) 95 goto err; 96 if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) 97 goto err; 98 #endif 99 #ifndef OPENSSL_NO_SRP 100 if (BIO_puts(bp, "\n SRP username: ") <= 0) 101 goto err; 102 if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) 103 goto err; 104 #endif 105 if (x->ext.tick_lifetime_hint) { 106 if (BIO_printf(bp, 107 "\n TLS session ticket lifetime hint: %ld (seconds)", 108 x->ext.tick_lifetime_hint) 109 <= 0) 110 goto err; 111 } 112 if (x->ext.tick) { 113 if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0) 114 goto err; 115 if (BIO_dump_indent(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4) 116 <= 0) 117 goto err; 118 } 119 #ifndef OPENSSL_NO_COMP 120 if (x->compress_meth != 0) { 121 SSL_COMP *comp = NULL; 122 123 if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0)) 124 goto err; 125 if (comp == NULL) { 126 if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0) 127 goto err; 128 } else { 129 if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id, 130 comp->name) 131 <= 0) 132 goto err; 133 } 134 } 135 #endif 136 if (!ossl_time_is_zero(x->time)) { 137 if (BIO_printf(bp, "\n Start Time: %lld", 138 (long long)ossl_time_to_time_t(x->time)) 139 <= 0) 140 goto err; 141 } 142 if (!ossl_time_is_zero(x->timeout)) { 143 if (BIO_printf(bp, "\n Timeout : %lld (sec)", 144 (long long)ossl_time2seconds(x->timeout)) 145 <= 0) 146 goto err; 147 } 148 if (BIO_puts(bp, "\n") <= 0) 149 goto err; 150 151 if (BIO_puts(bp, " Verify return code: ") <= 0) 152 goto err; 153 if (BIO_printf(bp, "%ld (%s)\n", x->verify_result, 154 X509_verify_cert_error_string(x->verify_result)) 155 <= 0) 156 goto err; 157 158 if (BIO_printf(bp, " Extended master secret: %s\n", 159 x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") 160 <= 0) 161 goto err; 162 163 if (istls13) { 164 if (BIO_printf(bp, " Max Early Data: %u\n", 165 (unsigned int)x->ext.max_early_data) 166 <= 0) 167 goto err; 168 } 169 170 return 1; 171 err: 172 return 0; 173 } 174 175 /* 176 * print session id and master key in NSS keylog format (RSA 177 * Session-ID:<session id> Master-Key:<master key>) 178 */ 179 int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x) 180 { 181 size_t i; 182 183 if (x == NULL) 184 goto err; 185 if (x->session_id_length == 0 || x->master_key_length == 0) 186 goto err; 187 188 /* 189 * the RSA prefix is required by the format's definition although there's 190 * nothing RSA-specific in the output, therefore, we don't have to check if 191 * the cipher suite is based on RSA 192 */ 193 if (BIO_puts(bp, "RSA ") <= 0) 194 goto err; 195 196 if (BIO_puts(bp, "Session-ID:") <= 0) 197 goto err; 198 for (i = 0; i < x->session_id_length; i++) { 199 if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) 200 goto err; 201 } 202 if (BIO_puts(bp, " Master-Key:") <= 0) 203 goto err; 204 for (i = 0; i < x->master_key_length; i++) { 205 if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0) 206 goto err; 207 } 208 if (BIO_puts(bp, "\n") <= 0) 209 goto err; 210 211 return 1; 212 err: 213 return 0; 214 } 215
Indexes created Sat Feb 28 05:31:39 UTC 2026