2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright 2005 Nokia. All rights reserved.
61 * The portions of the attached software ("Contribution") is developed by
62 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
65 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
66 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
67 * support (see RFC 4279) to OpenSSL.
69 * No patent licenses or other rights except those expressly stated in
70 * the OpenSSL open source license shall be deemed granted or received
71 * expressly, by implication, estoppel, or otherwise.
73 * No assurances are provided by Nokia that the Contribution does not
74 * infringe the patent or other intellectual property rights of any third
75 * party or that the license provides you with all the necessary rights
76 * to make use of the Contribution.
78 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
79 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
80 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
81 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
88 const char *SSL_state_string_long(const SSL *s)
94 str = "before SSL initialization";
97 str = "before accept initialization";
100 str = "before connect initialization";
103 str = "SSL negotiation finished successfully";
105 case SSL_ST_RENEGOTIATE:
106 str = "SSL renegotiate ciphers";
108 case SSL_ST_BEFORE | SSL_ST_CONNECT:
109 str = "before/connect initialization";
111 case SSL_ST_OK | SSL_ST_CONNECT:
112 str = "ok/connect SSL initialization";
114 case SSL_ST_BEFORE | SSL_ST_ACCEPT:
115 str = "before/accept initialization";
117 case SSL_ST_OK | SSL_ST_ACCEPT:
118 str = "ok/accept SSL initialization";
121 #ifndef OPENSSL_NO_SSL3
122 /* SSLv3 additions */
123 case SSL3_ST_CW_CLNT_HELLO_A:
124 str = "SSLv3 write client hello A";
126 case SSL3_ST_CW_CLNT_HELLO_B:
127 str = "SSLv3 write client hello B";
129 case SSL3_ST_CR_SRVR_HELLO_A:
130 str = "SSLv3 read server hello A";
132 case SSL3_ST_CR_SRVR_HELLO_B:
133 str = "SSLv3 read server hello B";
135 case SSL3_ST_CR_CERT_A:
136 str = "SSLv3 read server certificate A";
138 case SSL3_ST_CR_CERT_B:
139 str = "SSLv3 read server certificate B";
141 case SSL3_ST_CR_KEY_EXCH_A:
142 str = "SSLv3 read server key exchange A";
144 case SSL3_ST_CR_KEY_EXCH_B:
145 str = "SSLv3 read server key exchange B";
147 case SSL3_ST_CR_CERT_REQ_A:
148 str = "SSLv3 read server certificate request A";
150 case SSL3_ST_CR_CERT_REQ_B:
151 str = "SSLv3 read server certificate request B";
153 case SSL3_ST_CR_SESSION_TICKET_A:
154 str = "SSLv3 read server session ticket A";
156 case SSL3_ST_CR_SESSION_TICKET_B:
157 str = "SSLv3 read server session ticket B";
159 case SSL3_ST_CR_SRVR_DONE_A:
160 str = "SSLv3 read server done A";
162 case SSL3_ST_CR_SRVR_DONE_B:
163 str = "SSLv3 read server done B";
165 case SSL3_ST_CW_CERT_A:
166 str = "SSLv3 write client certificate A";
168 case SSL3_ST_CW_CERT_B:
169 str = "SSLv3 write client certificate B";
171 case SSL3_ST_CW_CERT_C:
172 str = "SSLv3 write client certificate C";
174 case SSL3_ST_CW_CERT_D:
175 str = "SSLv3 write client certificate D";
177 case SSL3_ST_CW_KEY_EXCH_A:
178 str = "SSLv3 write client key exchange A";
180 case SSL3_ST_CW_KEY_EXCH_B:
181 str = "SSLv3 write client key exchange B";
183 case SSL3_ST_CW_CERT_VRFY_A:
184 str = "SSLv3 write certificate verify A";
186 case SSL3_ST_CW_CERT_VRFY_B:
187 str = "SSLv3 write certificate verify B";
190 case SSL3_ST_CW_CHANGE_A:
191 case SSL3_ST_SW_CHANGE_A:
192 str = "SSLv3 write change cipher spec A";
194 case SSL3_ST_CW_CHANGE_B:
195 case SSL3_ST_SW_CHANGE_B:
196 str = "SSLv3 write change cipher spec B";
198 case SSL3_ST_CW_FINISHED_A:
199 case SSL3_ST_SW_FINISHED_A:
200 str = "SSLv3 write finished A";
202 case SSL3_ST_CW_FINISHED_B:
203 case SSL3_ST_SW_FINISHED_B:
204 str = "SSLv3 write finished B";
206 case SSL3_ST_CR_CHANGE_A:
207 case SSL3_ST_SR_CHANGE_A:
208 str = "SSLv3 read change cipher spec A";
210 case SSL3_ST_CR_CHANGE_B:
211 case SSL3_ST_SR_CHANGE_B:
212 str = "SSLv3 read change cipher spec B";
214 case SSL3_ST_CR_FINISHED_A:
215 case SSL3_ST_SR_FINISHED_A:
216 str = "SSLv3 read finished A";
218 case SSL3_ST_CR_FINISHED_B:
219 case SSL3_ST_SR_FINISHED_B:
220 str = "SSLv3 read finished B";
223 case SSL3_ST_CW_FLUSH:
224 case SSL3_ST_SW_FLUSH:
225 str = "SSLv3 flush data";
228 case SSL3_ST_SR_CLNT_HELLO_A:
229 str = "SSLv3 read client hello A";
231 case SSL3_ST_SR_CLNT_HELLO_B:
232 str = "SSLv3 read client hello B";
234 case SSL3_ST_SR_CLNT_HELLO_C:
235 str = "SSLv3 read client hello C";
237 case SSL3_ST_SW_HELLO_REQ_A:
238 str = "SSLv3 write hello request A";
240 case SSL3_ST_SW_HELLO_REQ_B:
241 str = "SSLv3 write hello request B";
243 case SSL3_ST_SW_HELLO_REQ_C:
244 str = "SSLv3 write hello request C";
246 case SSL3_ST_SW_SRVR_HELLO_A:
247 str = "SSLv3 write server hello A";
249 case SSL3_ST_SW_SRVR_HELLO_B:
250 str = "SSLv3 write server hello B";
252 case SSL3_ST_SW_CERT_A:
253 str = "SSLv3 write certificate A";
255 case SSL3_ST_SW_CERT_B:
256 str = "SSLv3 write certificate B";
258 case SSL3_ST_SW_KEY_EXCH_A:
259 str = "SSLv3 write key exchange A";
261 case SSL3_ST_SW_KEY_EXCH_B:
262 str = "SSLv3 write key exchange B";
264 case SSL3_ST_SW_CERT_REQ_A:
265 str = "SSLv3 write certificate request A";
267 case SSL3_ST_SW_CERT_REQ_B:
268 str = "SSLv3 write certificate request B";
270 case SSL3_ST_SW_SESSION_TICKET_A:
271 str = "SSLv3 write session ticket A";
273 case SSL3_ST_SW_SESSION_TICKET_B:
274 str = "SSLv3 write session ticket B";
276 case SSL3_ST_SW_SRVR_DONE_A:
277 str = "SSLv3 write server done A";
279 case SSL3_ST_SW_SRVR_DONE_B:
280 str = "SSLv3 write server done B";
282 case SSL3_ST_SR_CERT_A:
283 str = "SSLv3 read client certificate A";
285 case SSL3_ST_SR_CERT_B:
286 str = "SSLv3 read client certificate B";
288 case SSL3_ST_SR_KEY_EXCH_A:
289 str = "SSLv3 read client key exchange A";
291 case SSL3_ST_SR_KEY_EXCH_B:
292 str = "SSLv3 read client key exchange B";
294 case SSL3_ST_SR_CERT_VRFY_A:
295 str = "SSLv3 read certificate verify A";
297 case SSL3_ST_SR_CERT_VRFY_B:
298 str = "SSLv3 read certificate verify B";
302 /* SSLv2/v3 compatibility states */
304 case SSL23_ST_CW_CLNT_HELLO_A:
305 str = "SSLv2/v3 write client hello A";
307 case SSL23_ST_CW_CLNT_HELLO_B:
308 str = "SSLv2/v3 write client hello B";
310 case SSL23_ST_CR_SRVR_HELLO_A:
311 str = "SSLv2/v3 read server hello A";
313 case SSL23_ST_CR_SRVR_HELLO_B:
314 str = "SSLv2/v3 read server hello B";
317 case SSL23_ST_SR_CLNT_HELLO_A:
318 str = "SSLv2/v3 read client hello A";
320 case SSL23_ST_SR_CLNT_HELLO_B:
321 str = "SSLv2/v3 read client hello B";
325 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
326 str = "DTLS1 read hello verify request A";
328 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
329 str = "DTLS1 read hello verify request B";
331 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
332 str = "DTLS1 write hello verify request A";
334 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
335 str = "DTLS1 write hello verify request B";
339 str = "unknown state";
345 const char *SSL_rstate_string_long(const SSL *s)
350 case SSL_ST_READ_HEADER:
353 case SSL_ST_READ_BODY:
356 case SSL_ST_READ_DONE:
366 const char *SSL_state_string(const SSL *s)
384 #ifndef OPENSSL_NO_SSL3
385 /* SSLv3 additions */
386 case SSL3_ST_SW_FLUSH:
387 case SSL3_ST_CW_FLUSH:
390 case SSL3_ST_CW_CLNT_HELLO_A:
393 case SSL3_ST_CW_CLNT_HELLO_B:
396 case SSL3_ST_CR_SRVR_HELLO_A:
399 case SSL3_ST_CR_SRVR_HELLO_B:
402 case SSL3_ST_CR_CERT_A:
405 case SSL3_ST_CR_CERT_B:
408 case SSL3_ST_CR_KEY_EXCH_A:
411 case SSL3_ST_CR_KEY_EXCH_B:
414 case SSL3_ST_CR_CERT_REQ_A:
417 case SSL3_ST_CR_CERT_REQ_B:
420 case SSL3_ST_CR_SRVR_DONE_A:
423 case SSL3_ST_CR_SRVR_DONE_B:
426 case SSL3_ST_CW_CERT_A:
429 case SSL3_ST_CW_CERT_B:
432 case SSL3_ST_CW_CERT_C:
435 case SSL3_ST_CW_CERT_D:
438 case SSL3_ST_CW_KEY_EXCH_A:
441 case SSL3_ST_CW_KEY_EXCH_B:
444 case SSL3_ST_CW_CERT_VRFY_A:
447 case SSL3_ST_CW_CERT_VRFY_B:
451 case SSL3_ST_SW_CHANGE_A:
452 case SSL3_ST_CW_CHANGE_A:
455 case SSL3_ST_SW_CHANGE_B:
456 case SSL3_ST_CW_CHANGE_B:
459 case SSL3_ST_SW_FINISHED_A:
460 case SSL3_ST_CW_FINISHED_A:
463 case SSL3_ST_SW_FINISHED_B:
464 case SSL3_ST_CW_FINISHED_B:
467 case SSL3_ST_SR_CHANGE_A:
468 case SSL3_ST_CR_CHANGE_A:
471 case SSL3_ST_SR_CHANGE_B:
472 case SSL3_ST_CR_CHANGE_B:
475 case SSL3_ST_SR_FINISHED_A:
476 case SSL3_ST_CR_FINISHED_A:
479 case SSL3_ST_SR_FINISHED_B:
480 case SSL3_ST_CR_FINISHED_B:
484 case SSL3_ST_SW_HELLO_REQ_A:
487 case SSL3_ST_SW_HELLO_REQ_B:
490 case SSL3_ST_SW_HELLO_REQ_C:
493 case SSL3_ST_SR_CLNT_HELLO_A:
496 case SSL3_ST_SR_CLNT_HELLO_B:
499 case SSL3_ST_SR_CLNT_HELLO_C:
502 case SSL3_ST_SW_SRVR_HELLO_A:
505 case SSL3_ST_SW_SRVR_HELLO_B:
508 case SSL3_ST_SW_CERT_A:
511 case SSL3_ST_SW_CERT_B:
514 case SSL3_ST_SW_KEY_EXCH_A:
517 case SSL3_ST_SW_KEY_EXCH_B:
520 case SSL3_ST_SW_CERT_REQ_A:
523 case SSL3_ST_SW_CERT_REQ_B:
526 case SSL3_ST_SW_SRVR_DONE_A:
529 case SSL3_ST_SW_SRVR_DONE_B:
532 case SSL3_ST_SR_CERT_A:
535 case SSL3_ST_SR_CERT_B:
538 case SSL3_ST_SR_KEY_EXCH_A:
541 case SSL3_ST_SR_KEY_EXCH_B:
544 case SSL3_ST_SR_CERT_VRFY_A:
547 case SSL3_ST_SR_CERT_VRFY_B:
552 /* SSLv2/v3 compatibility states */
554 case SSL23_ST_CW_CLNT_HELLO_A:
557 case SSL23_ST_CW_CLNT_HELLO_B:
560 case SSL23_ST_CR_SRVR_HELLO_A:
563 case SSL23_ST_CR_SRVR_HELLO_B:
567 case SSL23_ST_SR_CLNT_HELLO_A:
570 case SSL23_ST_SR_CLNT_HELLO_B:
575 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
578 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
581 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
584 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
595 const char *SSL_alert_type_string_long(int value)
598 if (value == SSL3_AL_WARNING)
600 else if (value == SSL3_AL_FATAL)
606 const char *SSL_alert_type_string(int value)
609 if (value == SSL3_AL_WARNING)
611 else if (value == SSL3_AL_FATAL)
617 const char *SSL_alert_desc_string(int value)
621 switch (value & 0xff) {
622 case SSL3_AD_CLOSE_NOTIFY:
625 case SSL3_AD_UNEXPECTED_MESSAGE:
628 case SSL3_AD_BAD_RECORD_MAC:
631 case SSL3_AD_DECOMPRESSION_FAILURE:
634 case SSL3_AD_HANDSHAKE_FAILURE:
637 case SSL3_AD_NO_CERTIFICATE:
640 case SSL3_AD_BAD_CERTIFICATE:
643 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
646 case SSL3_AD_CERTIFICATE_REVOKED:
649 case SSL3_AD_CERTIFICATE_EXPIRED:
652 case SSL3_AD_CERTIFICATE_UNKNOWN:
655 case SSL3_AD_ILLEGAL_PARAMETER:
658 case TLS1_AD_DECRYPTION_FAILED:
661 case TLS1_AD_RECORD_OVERFLOW:
664 case TLS1_AD_UNKNOWN_CA:
667 case TLS1_AD_ACCESS_DENIED:
670 case TLS1_AD_DECODE_ERROR:
673 case TLS1_AD_DECRYPT_ERROR:
676 case TLS1_AD_EXPORT_RESTRICTION:
679 case TLS1_AD_PROTOCOL_VERSION:
682 case TLS1_AD_INSUFFICIENT_SECURITY:
685 case TLS1_AD_INTERNAL_ERROR:
688 case TLS1_AD_USER_CANCELLED:
691 case TLS1_AD_NO_RENEGOTIATION:
694 case TLS1_AD_UNSUPPORTED_EXTENSION:
697 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
700 case TLS1_AD_UNRECOGNIZED_NAME:
703 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
706 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
709 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
719 const char *SSL_alert_desc_string_long(int value)
723 switch (value & 0xff) {
724 case SSL3_AD_CLOSE_NOTIFY:
725 str = "close notify";
727 case SSL3_AD_UNEXPECTED_MESSAGE:
728 str = "unexpected_message";
730 case SSL3_AD_BAD_RECORD_MAC:
731 str = "bad record mac";
733 case SSL3_AD_DECOMPRESSION_FAILURE:
734 str = "decompression failure";
736 case SSL3_AD_HANDSHAKE_FAILURE:
737 str = "handshake failure";
739 case SSL3_AD_NO_CERTIFICATE:
740 str = "no certificate";
742 case SSL3_AD_BAD_CERTIFICATE:
743 str = "bad certificate";
745 case SSL3_AD_UNSUPPORTED_CERTIFICATE:
746 str = "unsupported certificate";
748 case SSL3_AD_CERTIFICATE_REVOKED:
749 str = "certificate revoked";
751 case SSL3_AD_CERTIFICATE_EXPIRED:
752 str = "certificate expired";
754 case SSL3_AD_CERTIFICATE_UNKNOWN:
755 str = "certificate unknown";
757 case SSL3_AD_ILLEGAL_PARAMETER:
758 str = "illegal parameter";
760 case TLS1_AD_DECRYPTION_FAILED:
761 str = "decryption failed";
763 case TLS1_AD_RECORD_OVERFLOW:
764 str = "record overflow";
766 case TLS1_AD_UNKNOWN_CA:
769 case TLS1_AD_ACCESS_DENIED:
770 str = "access denied";
772 case TLS1_AD_DECODE_ERROR:
773 str = "decode error";
775 case TLS1_AD_DECRYPT_ERROR:
776 str = "decrypt error";
778 case TLS1_AD_EXPORT_RESTRICTION:
779 str = "export restriction";
781 case TLS1_AD_PROTOCOL_VERSION:
782 str = "protocol version";
784 case TLS1_AD_INSUFFICIENT_SECURITY:
785 str = "insufficient security";
787 case TLS1_AD_INTERNAL_ERROR:
788 str = "internal error";
790 case TLS1_AD_USER_CANCELLED:
791 str = "user canceled";
793 case TLS1_AD_NO_RENEGOTIATION:
794 str = "no renegotiation";
796 case TLS1_AD_UNSUPPORTED_EXTENSION:
797 str = "unsupported extension";
799 case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
800 str = "certificate unobtainable";
802 case TLS1_AD_UNRECOGNIZED_NAME:
803 str = "unrecognized name";
805 case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
806 str = "bad certificate status response";
808 case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
809 str = "bad certificate hash value";
811 case TLS1_AD_UNKNOWN_PSK_IDENTITY:
812 str = "unknown PSK identity";
821 const char *SSL_rstate_string(const SSL *s)
826 case SSL_ST_READ_HEADER:
829 case SSL_ST_READ_BODY:
832 case SSL_ST_READ_DONE: