1 1.1 christos /* 2 1.1 christos * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * Copyright 2005 Nokia. All rights reserved. 4 1.1 christos * 5 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 6 1.1 christos * this file except in compliance with the License. You can obtain a copy 7 1.1 christos * in the file LICENSE in the source distribution or at 8 1.1 christos * https://www.openssl.org/source/license.html 9 1.1 christos */ 10 1.1 christos 11 1.1 christos #include <stdio.h> 12 1.1 christos #include <openssl/buffer.h> 13 1.1 christos #include "ssl_local.h" 14 1.1 christos 15 1.1 christos #include "internal/comp.h" 16 1.1 christos 17 1.1 christos #ifndef OPENSSL_NO_STDIO 18 1.1 christos int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x) 19 1.1 christos { 20 1.1 christos BIO *b; 21 1.1 christos int ret; 22 1.1 christos 23 1.1 christos if ((b = BIO_new(BIO_s_file())) == NULL) { 24 1.1 christos ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB); 25 1.1 christos return 0; 26 1.1 christos } 27 1.1 christos BIO_set_fp(b, fp, BIO_NOCLOSE); 28 1.1 christos ret = SSL_SESSION_print(b, x); 29 1.1 christos BIO_free(b); 30 1.1 christos return ret; 31 1.1 christos } 32 1.1 christos #endif 33 1.1 christos 34 1.1 christos int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) 35 1.1 christos { 36 1.1 christos size_t i; 37 1.1 christos const char *s; 38 1.1 christos int istls13; 39 1.1 christos 40 1.1 christos if (x == NULL) 41 1.1 christos goto err; 42 1.1 christos istls13 = (x->ssl_version == TLS1_3_VERSION); 43 1.1 christos if (BIO_puts(bp, "SSL-Session:\n") <= 0) 44 1.1 christos goto err; 45 1.1 christos s = ssl_protocol_to_string(x->ssl_version); 46 1.1 christos if (BIO_printf(bp, " Protocol : %s\n", s) <= 0) 47 1.1 christos goto err; 48 1.1 christos 49 1.1 christos if (x->cipher == NULL) { 50 1.1 christos if (((x->cipher_id) & 0xff000000) == 0x02000000) { 51 1.1 christos if (BIO_printf(bp, " Cipher : %06lX\n", 52 1.1.1.2 christos x->cipher_id & 0xffffff) 53 1.1.1.2 christos <= 0) 54 1.1 christos goto err; 55 1.1 christos } else { 56 1.1 christos if (BIO_printf(bp, " Cipher : %04lX\n", 57 1.1.1.2 christos x->cipher_id & 0xffff) 58 1.1.1.2 christos <= 0) 59 1.1 christos goto err; 60 1.1 christos } 61 1.1 christos } else { 62 1.1 christos if (BIO_printf(bp, " Cipher : %s\n", 63 1.1.1.2 christos ((x->cipher->name == NULL) ? "unknown" 64 1.1.1.2 christos : x->cipher->name)) 65 1.1.1.2 christos <= 0) 66 1.1 christos goto err; 67 1.1 christos } 68 1.1 christos if (BIO_puts(bp, " Session-ID: ") <= 0) 69 1.1 christos goto err; 70 1.1 christos for (i = 0; i < x->session_id_length; i++) { 71 1.1 christos if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) 72 1.1 christos goto err; 73 1.1 christos } 74 1.1 christos if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0) 75 1.1 christos goto err; 76 1.1 christos for (i = 0; i < x->sid_ctx_length; i++) { 77 1.1 christos if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0) 78 1.1 christos goto err; 79 1.1 christos } 80 1.1 christos if (istls13) { 81 1.1 christos if (BIO_puts(bp, "\n Resumption PSK: ") <= 0) 82 1.1 christos goto err; 83 1.1 christos } else if (BIO_puts(bp, "\n Master-Key: ") <= 0) 84 1.1 christos goto err; 85 1.1 christos for (i = 0; i < x->master_key_length; i++) { 86 1.1 christos if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0) 87 1.1 christos goto err; 88 1.1 christos } 89 1.1 christos #ifndef OPENSSL_NO_PSK 90 1.1 christos if (BIO_puts(bp, "\n PSK identity: ") <= 0) 91 1.1 christos goto err; 92 1.1 christos if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0) 93 1.1 christos goto err; 94 1.1 christos if (BIO_puts(bp, "\n PSK identity hint: ") <= 0) 95 1.1 christos goto err; 96 1.1.1.2 christos if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) 97 1.1 christos goto err; 98 1.1 christos #endif 99 1.1 christos #ifndef OPENSSL_NO_SRP 100 1.1 christos if (BIO_puts(bp, "\n SRP username: ") <= 0) 101 1.1 christos goto err; 102 1.1 christos if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) 103 1.1 christos goto err; 104 1.1 christos #endif 105 1.1 christos if (x->ext.tick_lifetime_hint) { 106 1.1 christos if (BIO_printf(bp, 107 1.1.1.2 christos "\n TLS session ticket lifetime hint: %ld (seconds)", 108 1.1.1.2 christos x->ext.tick_lifetime_hint) 109 1.1.1.2 christos <= 0) 110 1.1 christos goto err; 111 1.1 christos } 112 1.1 christos if (x->ext.tick) { 113 1.1 christos if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0) 114 1.1 christos goto err; 115 1.1.1.2 christos if (BIO_dump_indent(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4) 116 1.1 christos <= 0) 117 1.1 christos goto err; 118 1.1 christos } 119 1.1 christos #ifndef OPENSSL_NO_COMP 120 1.1 christos if (x->compress_meth != 0) { 121 1.1 christos SSL_COMP *comp = NULL; 122 1.1 christos 123 1.1 christos if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0)) 124 1.1 christos goto err; 125 1.1 christos if (comp == NULL) { 126 1.1 christos if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0) 127 1.1 christos goto err; 128 1.1 christos } else { 129 1.1 christos if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id, 130 1.1.1.2 christos comp->name) 131 1.1.1.2 christos <= 0) 132 1.1 christos goto err; 133 1.1 christos } 134 1.1 christos } 135 1.1 christos #endif 136 1.1 christos if (!ossl_time_is_zero(x->time)) { 137 1.1 christos if (BIO_printf(bp, "\n Start Time: %lld", 138 1.1.1.2 christos (long long)ossl_time_to_time_t(x->time)) 139 1.1.1.2 christos <= 0) 140 1.1 christos goto err; 141 1.1 christos } 142 1.1 christos if (!ossl_time_is_zero(x->timeout)) { 143 1.1 christos if (BIO_printf(bp, "\n Timeout : %lld (sec)", 144 1.1.1.2 christos (long long)ossl_time2seconds(x->timeout)) 145 1.1.1.2 christos <= 0) 146 1.1 christos goto err; 147 1.1 christos } 148 1.1 christos if (BIO_puts(bp, "\n") <= 0) 149 1.1 christos goto err; 150 1.1 christos 151 1.1 christos if (BIO_puts(bp, " Verify return code: ") <= 0) 152 1.1 christos goto err; 153 1.1 christos if (BIO_printf(bp, "%ld (%s)\n", x->verify_result, 154 1.1.1.2 christos X509_verify_cert_error_string(x->verify_result)) 155 1.1.1.2 christos <= 0) 156 1.1 christos goto err; 157 1.1 christos 158 1.1 christos if (BIO_printf(bp, " Extended master secret: %s\n", 159 1.1.1.2 christos x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") 160 1.1.1.2 christos <= 0) 161 1.1 christos goto err; 162 1.1 christos 163 1.1 christos if (istls13) { 164 1.1 christos if (BIO_printf(bp, " Max Early Data: %u\n", 165 1.1.1.2 christos (unsigned int)x->ext.max_early_data) 166 1.1.1.2 christos <= 0) 167 1.1 christos goto err; 168 1.1 christos } 169 1.1 christos 170 1.1 christos return 1; 171 1.1.1.2 christos err: 172 1.1 christos return 0; 173 1.1 christos } 174 1.1 christos 175 1.1 christos /* 176 1.1 christos * print session id and master key in NSS keylog format (RSA 177 1.1 christos * Session-ID:<session id> Master-Key:<master key>) 178 1.1 christos */ 179 1.1 christos int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x) 180 1.1 christos { 181 1.1 christos size_t i; 182 1.1 christos 183 1.1 christos if (x == NULL) 184 1.1 christos goto err; 185 1.1 christos if (x->session_id_length == 0 || x->master_key_length == 0) 186 1.1 christos goto err; 187 1.1 christos 188 1.1 christos /* 189 1.1 christos * the RSA prefix is required by the format's definition although there's 190 1.1 christos * nothing RSA-specific in the output, therefore, we don't have to check if 191 1.1 christos * the cipher suite is based on RSA 192 1.1 christos */ 193 1.1 christos if (BIO_puts(bp, "RSA ") <= 0) 194 1.1 christos goto err; 195 1.1 christos 196 1.1 christos if (BIO_puts(bp, "Session-ID:") <= 0) 197 1.1 christos goto err; 198 1.1 christos for (i = 0; i < x->session_id_length; i++) { 199 1.1 christos if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) 200 1.1 christos goto err; 201 1.1 christos } 202 1.1 christos if (BIO_puts(bp, " Master-Key:") <= 0) 203 1.1 christos goto err; 204 1.1 christos for (i = 0; i < x->master_key_length; i++) { 205 1.1 christos if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0) 206 1.1 christos goto err; 207 1.1 christos } 208 1.1 christos if (BIO_puts(bp, "\n") <= 0) 209 1.1 christos goto err; 210 1.1 christos 211 1.1 christos return 1; 212 1.1.1.2 christos err: 213 1.1 christos return 0; 214 1.1 christos } 215
Indexes created Sat Feb 28 05:31:39 UTC 2026