2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright 2005 Nokia. All rights reserved.
5 * Licensed under the OpenSSL license (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
14 const char *SSL_state_string_long(const SSL *s)
16 if (ossl_statem_in_error(s))
19 switch (SSL_get_state(s)) {
20 case TLS_ST_CR_CERT_STATUS:
21 return "SSLv3/TLS read certificate status";
22 case TLS_ST_CW_NEXT_PROTO:
23 return "SSLv3/TLS write next proto";
24 case TLS_ST_SR_NEXT_PROTO:
25 return "SSLv3/TLS read next proto";
26 case TLS_ST_SW_CERT_STATUS:
27 return "SSLv3/TLS write certificate status";
29 return "before SSL initialization";
31 return "SSL negotiation finished successfully";
32 case TLS_ST_CW_CLNT_HELLO:
33 return "SSLv3/TLS write client hello";
34 case TLS_ST_CR_SRVR_HELLO:
35 return "SSLv3/TLS read server hello";
37 return "SSLv3/TLS read server certificate";
38 case TLS_ST_CR_KEY_EXCH:
39 return "SSLv3/TLS read server key exchange";
40 case TLS_ST_CR_CERT_REQ:
41 return "SSLv3/TLS read server certificate request";
42 case TLS_ST_CR_SESSION_TICKET:
43 return "SSLv3/TLS read server session ticket";
44 case TLS_ST_CR_SRVR_DONE:
45 return "SSLv3/TLS read server done";
47 return "SSLv3/TLS write client certificate";
48 case TLS_ST_CW_KEY_EXCH:
49 return "SSLv3/TLS write client key exchange";
50 case TLS_ST_CW_CERT_VRFY:
51 return "SSLv3/TLS write certificate verify";
52 case TLS_ST_CW_CHANGE:
53 case TLS_ST_SW_CHANGE:
54 return "SSLv3/TLS write change cipher spec";
55 case TLS_ST_CW_FINISHED:
56 case TLS_ST_SW_FINISHED:
57 return "SSLv3/TLS write finished";
58 case TLS_ST_CR_CHANGE:
59 case TLS_ST_SR_CHANGE:
60 return "SSLv3/TLS read change cipher spec";
61 case TLS_ST_CR_FINISHED:
62 case TLS_ST_SR_FINISHED:
63 return "SSLv3/TLS read finished";
64 case TLS_ST_SR_CLNT_HELLO:
65 return "SSLv3/TLS read client hello";
66 case TLS_ST_SW_HELLO_REQ:
67 return "SSLv3/TLS write hello request";
68 case TLS_ST_SW_SRVR_HELLO:
69 return "SSLv3/TLS write server hello";
71 return "SSLv3/TLS write certificate";
72 case TLS_ST_SW_KEY_EXCH:
73 return "SSLv3/TLS write key exchange";
74 case TLS_ST_SW_CERT_REQ:
75 return "SSLv3/TLS write certificate request";
76 case TLS_ST_SW_SESSION_TICKET:
77 return "SSLv3/TLS write session ticket";
78 case TLS_ST_SW_SRVR_DONE:
79 return "SSLv3/TLS write server done";
81 return "SSLv3/TLS read client certificate";
82 case TLS_ST_SR_KEY_EXCH:
83 return "SSLv3/TLS read client key exchange";
84 case TLS_ST_SR_CERT_VRFY:
85 return "SSLv3/TLS read certificate verify";
86 case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
87 return "DTLS1 read hello verify request";
88 case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
89 return "DTLS1 write hello verify request";
91 return "unknown state";
95 const char *SSL_state_string(const SSL *s)
97 if (ossl_statem_in_error(s))
100 switch (SSL_get_state(s)) {
101 case TLS_ST_SR_NEXT_PROTO:
103 case TLS_ST_SW_SESSION_TICKET:
105 case TLS_ST_SW_CERT_STATUS:
107 case TLS_ST_CR_CERT_STATUS:
109 case TLS_ST_CR_SESSION_TICKET:
111 case TLS_ST_CW_NEXT_PROTO:
117 case TLS_ST_CW_CLNT_HELLO:
119 case TLS_ST_CR_SRVR_HELLO:
123 case TLS_ST_CR_KEY_EXCH:
125 case TLS_ST_CR_CERT_REQ:
127 case TLS_ST_CR_SRVR_DONE:
131 case TLS_ST_CW_KEY_EXCH:
133 case TLS_ST_CW_CERT_VRFY:
135 case TLS_ST_SW_CHANGE:
136 case TLS_ST_CW_CHANGE:
138 case TLS_ST_SW_FINISHED:
139 case TLS_ST_CW_FINISHED:
141 case TLS_ST_SR_CHANGE:
142 case TLS_ST_CR_CHANGE:
144 case TLS_ST_SR_FINISHED:
145 case TLS_ST_CR_FINISHED:
147 case TLS_ST_SW_HELLO_REQ:
149 case TLS_ST_SR_CLNT_HELLO:
151 case TLS_ST_SW_SRVR_HELLO:
155 case TLS_ST_SW_KEY_EXCH:
157 case TLS_ST_SW_CERT_REQ:
159 case TLS_ST_SW_SRVR_DONE:
163 case TLS_ST_SR_KEY_EXCH:
165 case TLS_ST_SR_CERT_VRFY:
167 case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
169 case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
176 const char *SSL_alert_type_string_long(int value)
178 switch (value >> 8) {
179 case SSL3_AL_WARNING:
188 const char *SSL_alert_type_string(int value)
190 switch (value >> 8) {
191 case SSL3_AL_WARNING:
200 const char *SSL_alert_desc_string(int value)
202 switch (value & 0xff) {
203 case SSL3_AD_CLOSE_NOTIFY:
205 case SSL3_AD_UNEXPECTED_MESSAGE:
207 case SSL3_AD_BAD_RECORD_MAC:
209 case SSL3_AD_DECOMPRESSION_FAILURE:
211 case SSL3_AD_HANDSHAKE_FAILURE:
213 case SSL3_AD_NO_CERTIFICATE:
215 case SSL3_AD_BAD_CERTIFICATE:
217 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
219 case SSL3_AD_CERTIFICATE_REVOKED:
221 case SSL3_AD_CERTIFICATE_EXPIRED:
223 case SSL3_AD_CERTIFICATE_UNKNOWN:
225 case SSL3_AD_ILLEGAL_PARAMETER:
227 case TLS1_AD_DECRYPTION_FAILED:
229 case TLS1_AD_RECORD_OVERFLOW:
231 case TLS1_AD_UNKNOWN_CA:
233 case TLS1_AD_ACCESS_DENIED:
235 case TLS1_AD_DECODE_ERROR:
237 case TLS1_AD_DECRYPT_ERROR:
239 case TLS1_AD_EXPORT_RESTRICTION:
241 case TLS1_AD_PROTOCOL_VERSION:
243 case TLS1_AD_INSUFFICIENT_SECURITY:
245 case TLS1_AD_INTERNAL_ERROR:
247 case TLS1_AD_USER_CANCELLED:
249 case TLS1_AD_NO_RENEGOTIATION:
251 case TLS1_AD_UNSUPPORTED_EXTENSION:
253 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
255 case TLS1_AD_UNRECOGNIZED_NAME:
257 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
259 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
261 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
268 const char *SSL_alert_desc_string_long(int value)
270 switch (value & 0xff) {
271 case SSL3_AD_CLOSE_NOTIFY:
272 return "close notify";
273 case SSL3_AD_UNEXPECTED_MESSAGE:
274 return "unexpected_message";
275 case SSL3_AD_BAD_RECORD_MAC:
276 return "bad record mac";
277 case SSL3_AD_DECOMPRESSION_FAILURE:
278 return "decompression failure";
279 case SSL3_AD_HANDSHAKE_FAILURE:
280 return "handshake failure";
281 case SSL3_AD_NO_CERTIFICATE:
282 return "no certificate";
283 case SSL3_AD_BAD_CERTIFICATE:
284 return "bad certificate";
285 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
286 return "unsupported certificate";
287 case SSL3_AD_CERTIFICATE_REVOKED:
288 return "certificate revoked";
289 case SSL3_AD_CERTIFICATE_EXPIRED:
290 return "certificate expired";
291 case SSL3_AD_CERTIFICATE_UNKNOWN:
292 return "certificate unknown";
293 case SSL3_AD_ILLEGAL_PARAMETER:
294 return "illegal parameter";
295 case TLS1_AD_DECRYPTION_FAILED:
296 return "decryption failed";
297 case TLS1_AD_RECORD_OVERFLOW:
298 return "record overflow";
299 case TLS1_AD_UNKNOWN_CA:
301 case TLS1_AD_ACCESS_DENIED:
302 return "access denied";
303 case TLS1_AD_DECODE_ERROR:
304 return "decode error";
305 case TLS1_AD_DECRYPT_ERROR:
306 return "decrypt error";
307 case TLS1_AD_EXPORT_RESTRICTION:
308 return "export restriction";
309 case TLS1_AD_PROTOCOL_VERSION:
310 return "protocol version";
311 case TLS1_AD_INSUFFICIENT_SECURITY:
312 return "insufficient security";
313 case TLS1_AD_INTERNAL_ERROR:
314 return "internal error";
315 case TLS1_AD_USER_CANCELLED:
316 return "user canceled";
317 case TLS1_AD_NO_RENEGOTIATION:
318 return "no renegotiation";
319 case TLS1_AD_UNSUPPORTED_EXTENSION:
320 return "unsupported extension";
321 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
322 return "certificate unobtainable";
323 case TLS1_AD_UNRECOGNIZED_NAME:
324 return "unrecognized name";
325 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
326 return "bad certificate status response";
327 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
328 return "bad certificate hash value";
329 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
330 return "unknown PSK identity";
331 case TLS1_AD_NO_APPLICATION_PROTOCOL:
332 return "no application protocol";