/src/openssl30/ssl/ssl_txt.c

Source (jump to first uncovered line)
/*
 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright 2005 Nokia. All rights reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/buffer.h>
#include "ssl_local.h"

#ifndef OPENSSL_NO_STDIO
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
{
    BIO *b;
    int ret;

    if ((b = BIO_new(BIO_s_file())) == NULL) {
        ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
        return 0;
    }
    BIO_set_fp(b, fp, BIO_NOCLOSE);
    ret = SSL_SESSION_print(b, x);
    BIO_free(b);
    return ret;
}
#endif

int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
    size_t i;
    const char *s;
    int istls13;

    if (x == NULL)
        goto err;
    istls13 = (x->ssl_version == TLS1_3_VERSION);
    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
        goto err;
    s = ssl_protocol_to_string(x->ssl_version);
    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
        goto err;

    if (x->cipher == NULL) {
        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
            if (BIO_printf(bp, "    Cipher    : %06lX\n",
                           x->cipher_id & 0xffffff) <= 0)
                goto err;
        } else {
            if (BIO_printf(bp, "    Cipher    : %04lX\n",
                           x->cipher_id & 0xffff) <= 0)
                goto err;
        }
    } else {
        if (BIO_printf(bp, "    Cipher    : %s\n",
                       ((x->cipher->name == NULL) ? "unknown"
                                                  : x->cipher->name)) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "    Session-ID: ") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
        goto err;
    for (i = 0; i < x->sid_ctx_length; i++) {
        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
            goto err;
    }
    if (istls13) {
        if (BIO_puts(bp, "\n    Resumption PSK: ") <= 0)
            goto err;
    } else if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_PSK
    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
        goto err;
    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
        goto err;
    if (BIO_printf
        (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
        goto err;
#endif
#ifndef OPENSSL_NO_SRP
    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
        goto err;
#endif
    if (x->ext.tick_lifetime_hint) {
        if (BIO_printf(bp,
                       "\n    TLS session ticket lifetime hint: %ld (seconds)",
                       x->ext.tick_lifetime_hint) <= 0)
            goto err;
    }
    if (x->ext.tick) {
        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
            goto err;
        if (BIO_dump_indent
            (bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
            <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_COMP
    if (x->compress_meth != 0) {
        SSL_COMP *comp = NULL;

        if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
            goto err;
        if (comp == NULL) {
            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <= 0)
                goto err;
        } else {
            if (BIO_printf(bp, "\n    Compression: %d (%s)", comp->id,
                           comp->name) <= 0)
                goto err;
        }
    }
#endif
    if (x->time != 0L) {
        if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
            goto err;
    }
    if (x->timeout != 0L) {
        if (BIO_printf(bp, "\n    Timeout   : %lld (sec)", (long long)x->timeout) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    if (BIO_puts(bp, "    Verify return code: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
                   X509_verify_cert_error_string(x->verify_result)) <= 0)
        goto err;

    if (BIO_printf(bp, "    Extended master secret: %s\n",
                   x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
        goto err;

    if (istls13) {
        if (BIO_printf(bp, "    Max Early Data: %u\n",
                       x->ext.max_early_data) <= 0)
            goto err;
    }

    return 1;
 err:
    return 0;
}

/*
 * print session id and master key in NSS keylog format (RSA
 * Session-ID:<session id> Master-Key:<master key>)
 */
int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
{
    size_t i;

    if (x == NULL)
        goto err;
    if (x->session_id_length == 0 || x->master_key_length == 0)
        goto err;

    /*
     * the RSA prefix is required by the format's definition although there's
     * nothing RSA-specific in the output, therefore, we don't have to check if
     * the cipher suite is based on RSA
     */
    if (BIO_puts(bp, "RSA ") <= 0)
        goto err;

    if (BIO_puts(bp, "Session-ID:") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, " Master-Key:") <= 0)
        goto err;
    for (i = 0; i < x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    return 1;
 err:
    return 0;
}

Coverage Report

Created: 2025-06-13 06:58

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3		* Copyright 2005 Nokia. All rights reserved.
4		*
5		* Licensed under the Apache License 2.0 (the "License"). You may not use
6		* this file except in compliance with the License. You can obtain a copy
7		* in the file LICENSE in the source distribution or at
8		* https://www.openssl.org/source/license.html
9		*/
10
11		#include <stdio.h>
12		#include <openssl/buffer.h>
13		#include "ssl_local.h"
14
15		#ifndef OPENSSL_NO_STDIO
16		int SSL_SESSION_print_fp(FILE fp, const SSL_SESSION x)
17	0	{
18	0	BIO *b;
19	0	int ret;
20
21	0	if ((b = BIO_new(BIO_s_file())) == NULL) {
22	0	ERR_raise(ERR_LIB_SSL, ERR_R_BUF_LIB);
23	0	return 0;
24	0	}
25	0	BIO_set_fp(b, fp, BIO_NOCLOSE);
26	0	ret = SSL_SESSION_print(b, x);
27	0	BIO_free(b);
28	0	return ret;
29	0	}
30		#endif
31
32		int SSL_SESSION_print(BIO bp, const SSL_SESSION x)
33	866	{
34	866	size_t i;
35	866	const char *s;
36	866	int istls13;
37
38	866	if (x == NULL)
39	0	goto err;
40	866	istls13 = (x->ssl_version == TLS1_3_VERSION);
41	866	if (BIO_puts(bp, "SSL-Session:\n") <= 0)
42	0	goto err;
43	866	s = ssl_protocol_to_string(x->ssl_version);
44	866	if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
45	0	goto err;
46
47	866	if (x->cipher == NULL) {
48	0	if (((x->cipher_id) & 0xff000000) == 0x02000000) {
49	0	if (BIO_printf(bp, " Cipher : %06lX\n",
50	0	x->cipher_id & 0xffffff) <= 0)
51	0	goto err;
52	0	} else {
53	0	if (BIO_printf(bp, " Cipher : %04lX\n",
54	0	x->cipher_id & 0xffff) <= 0)
55	0	goto err;
56	0	}
57	866	} else {
58	866	if (BIO_printf(bp, " Cipher : %s\n",
59	866	((x->cipher->name == NULL) ? "unknown"
60	866	: x->cipher->name)) <= 0)
61	0	goto err;
62	866	}
63	866	if (BIO_puts(bp, " Session-ID: ") <= 0)
64	0	goto err;
65	1.64k	for (i = 0; i < x->session_id_length; i++) {
66	779	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
67	0	goto err;
68	779	}
69	866	if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
70	0	goto err;
71	1.03k	for (i = 0; i < x->sid_ctx_length; i++) {
72	170	if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
73	0	goto err;
74	170	}
75	866	if (istls13) {
76	6	if (BIO_puts(bp, "\n Resumption PSK: ") <= 0)
77	0	goto err;
78	860	} else if (BIO_puts(bp, "\n Master-Key: ") <= 0)
79	0	goto err;
80	6.08k	for (i = 0; i < x->master_key_length; i++) {
81	5.21k	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
82	0	goto err;
83	5.21k	}
84	866	#ifndef OPENSSL_NO_PSK
85	866	if (BIO_puts(bp, "\n PSK identity: ") <= 0)
86	0	goto err;
87	866	if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
88	2	goto err;
89	864	if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
90	0	goto err;
91	864	if (BIO_printf
92	864	(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
93	2	goto err;
94	862	#endif
95	862	#ifndef OPENSSL_NO_SRP
96	862	if (BIO_puts(bp, "\n SRP username: ") <= 0)
97	0	goto err;
98	862	if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
99	2	goto err;
100	860	#endif
101	860	if (x->ext.tick_lifetime_hint) {
102	207	if (BIO_printf(bp,
103	207	"\n TLS session ticket lifetime hint: %ld (seconds)",
104	207	x->ext.tick_lifetime_hint) <= 0)
105	0	goto err;
106	207	}
107	860	if (x->ext.tick) {
108	6	if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
109	0	goto err;
110	6	if (BIO_dump_indent
111	6	(bp, (const char *)x->ext.tick, (int)x->ext.ticklen, 4)
112	6	<= 0)
113	2	goto err;
114	6	}
115	858	#ifndef OPENSSL_NO_COMP
116	858	if (x->compress_meth != 0) {
117	5	SSL_COMP *comp = NULL;
118
119	5	if (!ssl_cipher_get_evp(NULL, x, NULL, NULL, NULL, NULL, &comp, 0))
120	0	goto err;
121	5	if (comp == NULL) {
122	5	if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <= 0)
123	0	goto err;
124	5	} else {
125	0	if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
126	0	comp->name) <= 0)
127	0	goto err;
128	0	}
129	5	}
130	858	#endif
131	858	if (x->time != 0L) {
132	858	if (BIO_printf(bp, "\n Start Time: %lld", (long long)x->time) <= 0)
133	0	goto err;
134	858	}
135	858	if (x->timeout != 0L) {
136	858	if (BIO_printf(bp, "\n Timeout : %lld (sec)", (long long)x->timeout) <= 0)
137	0	goto err;
138	858	}
139	858	if (BIO_puts(bp, "\n") <= 0)
140	0	goto err;
141
142	858	if (BIO_puts(bp, " Verify return code: ") <= 0)
143	0	goto err;
144	858	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
145	858	X509_verify_cert_error_string(x->verify_result)) <= 0)
146	0	goto err;
147
148	858	if (BIO_printf(bp, " Extended master secret: %s\n",
149	858	x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
150	0	goto err;
151
152	858	if (istls13) {
153	6	if (BIO_printf(bp, " Max Early Data: %u\n",
154	6	x->ext.max_early_data) <= 0)
155	0	goto err;
156	6	}
157
158	858	return 1;
159	8	err:
160	8	return 0;
161	858	}
162
163		/*
164		* print session id and master key in NSS keylog format (RSA
165		* Session-ID:<session id> Master-Key:<master key>)
166		*/
167		int SSL_SESSION_print_keylog(BIO bp, const SSL_SESSION x)
168	0	{
169	0	size_t i;
170
171	0	if (x == NULL)
172	0	goto err;
173	0	if (x->session_id_length == 0 \|\| x->master_key_length == 0)
174	0	goto err;
175
176		/*
177		* the RSA prefix is required by the format's definition although there's
178		* nothing RSA-specific in the output, therefore, we don't have to check if
179		* the cipher suite is based on RSA
180		*/
181	0	if (BIO_puts(bp, "RSA ") <= 0)
182	0	goto err;
183
184	0	if (BIO_puts(bp, "Session-ID:") <= 0)
185	0	goto err;
186	0	for (i = 0; i < x->session_id_length; i++) {
187	0	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
188	0	goto err;
189	0	}
190	0	if (BIO_puts(bp, " Master-Key:") <= 0)
191	0	goto err;
192	0	for (i = 0; i < x->master_key_length; i++) {
193	0	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
194	0	goto err;
195	0	}
196	0	if (BIO_puts(bp, "\n") <= 0)
197	0	goto err;
198
199	0	return 1;
200	0	err:
201	0	return 0;
202	0	}