diff --git a/lib/tls/mbedtls/wrapper/library/ssl_lib.c b/lib/tls/mbedtls/wrapper/library/ssl_lib.c index 5e3e9edb8..f9c671177 100644 --- a/lib/tls/mbedtls/wrapper/library/ssl_lib.c +++ b/lib/tls/mbedtls/wrapper/library/ssl_lib.c @@ -804,220 +804,6 @@ const char *SSL_get_version(const SSL *ssl) return ssl_protocol_to_string(SSL_version(ssl)); } -/** - * @brief get alert description string - */ -const char* SSL_alert_desc_string(int value) -{ - const char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: - str = "CN"; - break; - case SSL3_AD_UNEXPECTED_MESSAGE: - str = "UM"; - break; - case SSL3_AD_BAD_RECORD_MAC: - str = "BM"; - break; - case SSL3_AD_DECOMPRESSION_FAILURE: - str = "DF"; - break; - case SSL3_AD_HANDSHAKE_FAILURE: - str = "HF"; - break; - case SSL3_AD_NO_CERTIFICATE: - str = "NC"; - break; - case SSL3_AD_BAD_CERTIFICATE: - str = "BC"; - break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "UC"; - break; - case SSL3_AD_CERTIFICATE_REVOKED: - str = "CR"; - break; - case SSL3_AD_CERTIFICATE_EXPIRED: - str = "CE"; - break; - case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "CU"; - break; - case SSL3_AD_ILLEGAL_PARAMETER: - str = "IP"; - break; - case TLS1_AD_DECRYPTION_FAILED: - str = "DC"; - break; - case TLS1_AD_RECORD_OVERFLOW: - str = "RO"; - break; - case TLS1_AD_UNKNOWN_CA: - str = "CA"; - break; - case TLS1_AD_ACCESS_DENIED: - str = "AD"; - break; - case TLS1_AD_DECODE_ERROR: - str = "DE"; - break; - case TLS1_AD_DECRYPT_ERROR: - str = "CY"; - break; - case TLS1_AD_EXPORT_RESTRICTION: - str = "ER"; - break; - case TLS1_AD_PROTOCOL_VERSION: - str = "PV"; - break; - case TLS1_AD_INSUFFICIENT_SECURITY: - str = "IS"; - break; - case TLS1_AD_INTERNAL_ERROR: - str = "IE"; - break; - case TLS1_AD_USER_CANCELLED: - str = "US"; - break; - case TLS1_AD_NO_RENEGOTIATION: - str = "NR"; - break; - case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "UE"; - break; - case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "CO"; - break; - case TLS1_AD_UNRECOGNIZED_NAME: - str = "UN"; - break; - case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "BR"; - break; - case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "BH"; - break; - case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "UP"; - break; - default: - str = "UK"; - break; - } - - return str; -} - -/** - * @brief get alert description long string - */ -const char* SSL_alert_desc_string_long(int value) -{ - const char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: - str = "close notify"; - break; - case SSL3_AD_UNEXPECTED_MESSAGE: - str = "unexpected_message"; - break; - case SSL3_AD_BAD_RECORD_MAC: - str = "bad record mac"; - break; - case SSL3_AD_DECOMPRESSION_FAILURE: - str = "decompression failure"; - break; - case SSL3_AD_HANDSHAKE_FAILURE: - str = "handshake failure"; - break; - case SSL3_AD_NO_CERTIFICATE: - str = "no certificate"; - break; - case SSL3_AD_BAD_CERTIFICATE: - str = "bad certificate"; - break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str = "unsupported certificate"; - break; - case SSL3_AD_CERTIFICATE_REVOKED: - str = "certificate revoked"; - break; - case SSL3_AD_CERTIFICATE_EXPIRED: - str = "certificate expired"; - break; - case SSL3_AD_CERTIFICATE_UNKNOWN: - str = "certificate unknown"; - break; - case SSL3_AD_ILLEGAL_PARAMETER: - str = "illegal parameter"; - break; - case TLS1_AD_DECRYPTION_FAILED: - str = "decryption failed"; - break; - case TLS1_AD_RECORD_OVERFLOW: - str = "record overflow"; - break; - case TLS1_AD_UNKNOWN_CA: - str = "unknown CA"; - break; - case TLS1_AD_ACCESS_DENIED: - str = "access denied"; - break; - case TLS1_AD_DECODE_ERROR: - str = "decode error"; - break; - case TLS1_AD_DECRYPT_ERROR: - str = "decrypt error"; - break; - case TLS1_AD_EXPORT_RESTRICTION: - str = "export restriction"; - break; - case TLS1_AD_PROTOCOL_VERSION: - str = "protocol version"; - break; - case TLS1_AD_INSUFFICIENT_SECURITY: - str = "insufficient security"; - break; - case TLS1_AD_INTERNAL_ERROR: - str = "internal error"; - break; - case TLS1_AD_USER_CANCELLED: - str = "user canceled"; - break; - case TLS1_AD_NO_RENEGOTIATION: - str = "no renegotiation"; - break; - case TLS1_AD_UNSUPPORTED_EXTENSION: - str = "unsupported extension"; - break; - case TLS1_AD_CERTIFICATE_UNOBTAINABLE: - str = "certificate unobtainable"; - break; - case TLS1_AD_UNRECOGNIZED_NAME: - str = "unrecognized name"; - break; - case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE: - str = "bad certificate status response"; - break; - case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE: - str = "bad certificate hash value"; - break; - case TLS1_AD_UNKNOWN_PSK_IDENTITY: - str = "unknown PSK identity"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - /** * @brief get alert type string */ @@ -1041,306 +827,6 @@ const char *SSL_alert_type_string(int value) return str; } -/** - * @brief get alert type long string - */ -const char *SSL_alert_type_string_long(int value) -{ - const char *str; - - switch (value >> 8) - { - case SSL3_AL_WARNING: - str = "warning"; - break; - case SSL3_AL_FATAL: - str = "fatal"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - -/** - * @brief get the state string where SSL is reading - */ -const char *SSL_rstate_string(SSL *ssl) -{ - const char *str; - - SSL_ASSERT2(ssl); - - switch (ssl->rlayer.rstate) - { - case SSL_ST_READ_HEADER: - str = "RH"; - break; - case SSL_ST_READ_BODY: - str = "RB"; - break; - case SSL_ST_READ_DONE: - str = "RD"; - break; - default: - str = "unknown"; - break; - } - - return str; -} - -/** - * @brief get the statement long string where SSL is reading - */ -const char *SSL_rstate_string_long(SSL *ssl) -{ - const char *str = "unknown"; - - SSL_ASSERT2(ssl); - - switch (ssl->rlayer.rstate) - { - case SSL_ST_READ_HEADER: - str = "read header"; - break; - case SSL_ST_READ_BODY: - str = "read body"; - break; - case SSL_ST_READ_DONE: - str = "read done"; - break; - default: - break; - } - - return str; -} - -/** - * @brief get SSL statement string - */ -char *SSL_state_string(const SSL *ssl) -{ - char *str = "UNKWN "; - - SSL_ASSERT2(ssl); - - if (ossl_statem_in_error(ssl)) - str = "SSLERR"; - else - { - switch (SSL_get_state(ssl)) - { - case TLS_ST_BEFORE: - str = "PINIT "; - break; - case TLS_ST_OK: - str = "SSLOK "; - break; - case TLS_ST_CW_CLNT_HELLO: - str = "TWCH"; - break; - case TLS_ST_CR_SRVR_HELLO: - str = "TRSH"; - break; - case TLS_ST_CR_CERT: - str = "TRSC"; - break; - case TLS_ST_CR_KEY_EXCH: - str = "TRSKE"; - break; - case TLS_ST_CR_CERT_REQ: - str = "TRCR"; - break; - case TLS_ST_CR_SRVR_DONE: - str = "TRSD"; - break; - case TLS_ST_CW_CERT: - str = "TWCC"; - break; - case TLS_ST_CW_KEY_EXCH: - str = "TWCKE"; - break; - case TLS_ST_CW_CERT_VRFY: - str = "TWCV"; - break; - case TLS_ST_SW_CHANGE: - case TLS_ST_CW_CHANGE: - str = "TWCCS"; - break; - case TLS_ST_SW_FINISHED: - case TLS_ST_CW_FINISHED: - str = "TWFIN"; - break; - case TLS_ST_SR_CHANGE: - case TLS_ST_CR_CHANGE: - str = "TRCCS"; - break; - case TLS_ST_SR_FINISHED: - case TLS_ST_CR_FINISHED: - str = "TRFIN"; - break; - case TLS_ST_SW_HELLO_REQ: - str = "TWHR"; - break; - case TLS_ST_SR_CLNT_HELLO: - str = "TRCH"; - break; - case TLS_ST_SW_SRVR_HELLO: - str = "TWSH"; - break; - case TLS_ST_SW_CERT: - str = "TWSC"; - break; - case TLS_ST_SW_KEY_EXCH: - str = "TWSKE"; - break; - case TLS_ST_SW_CERT_REQ: - str = "TWCR"; - break; - case TLS_ST_SW_SRVR_DONE: - str = "TWSD"; - break; - case TLS_ST_SR_CERT: - str = "TRCC"; - break; - case TLS_ST_SR_KEY_EXCH: - str = "TRCKE"; - break; - case TLS_ST_SR_CERT_VRFY: - str = "TRCV"; - break; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DRCHV"; - break; - case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DWCHV"; - break; - default: - break; - } - } - - return str; -} - -/** - * @brief get SSL statement long string - */ -char *SSL_state_string_long(const SSL *ssl) -{ - char *str = "UNKWN "; - - SSL_ASSERT2(ssl); - - if (ossl_statem_in_error(ssl)) - str = "SSLERR"; - else - { - switch (SSL_get_state(ssl)) - { - case TLS_ST_BEFORE: - str = "before SSL initialization"; - break; - case TLS_ST_OK: - str = "SSL negotiation finished successfully"; - break; - case TLS_ST_CW_CLNT_HELLO: - str = "SSLv3/TLS write client hello"; - break; - case TLS_ST_CR_SRVR_HELLO: - str = "SSLv3/TLS read server hello"; - break; - case TLS_ST_CR_CERT: - str = "SSLv3/TLS read server certificate"; - break; - case TLS_ST_CR_KEY_EXCH: - str = "SSLv3/TLS read server key exchange"; - break; - case TLS_ST_CR_CERT_REQ: - str = "SSLv3/TLS read server certificate request"; - break; - case TLS_ST_CR_SESSION_TICKET: - str = "SSLv3/TLS read server session ticket"; - break; - case TLS_ST_CR_SRVR_DONE: - str = "SSLv3/TLS read server done"; - break; - case TLS_ST_CW_CERT: - str = "SSLv3/TLS write client certificate"; - break; - case TLS_ST_CW_KEY_EXCH: - str = "SSLv3/TLS write client key exchange"; - break; - case TLS_ST_CW_CERT_VRFY: - str = "SSLv3/TLS write certificate verify"; - break; - case TLS_ST_CW_CHANGE: - case TLS_ST_SW_CHANGE: - str = "SSLv3/TLS write change cipher spec"; - break; - case TLS_ST_CW_FINISHED: - case TLS_ST_SW_FINISHED: - str = "SSLv3/TLS write finished"; - break; - case TLS_ST_CR_CHANGE: - case TLS_ST_SR_CHANGE: - str = "SSLv3/TLS read change cipher spec"; - break; - case TLS_ST_CR_FINISHED: - case TLS_ST_SR_FINISHED: - str = "SSLv3/TLS read finished"; - break; - case TLS_ST_SR_CLNT_HELLO: - str = "SSLv3/TLS read client hello"; - break; - case TLS_ST_SW_HELLO_REQ: - str = "SSLv3/TLS write hello request"; - break; - case TLS_ST_SW_SRVR_HELLO: - str = "SSLv3/TLS write server hello"; - break; - case TLS_ST_SW_CERT: - str = "SSLv3/TLS write certificate"; - break; - case TLS_ST_SW_KEY_EXCH: - str = "SSLv3/TLS write key exchange"; - break; - case TLS_ST_SW_CERT_REQ: - str = "SSLv3/TLS write certificate request"; - break; - case TLS_ST_SW_SESSION_TICKET: - str = "SSLv3/TLS write session ticket"; - break; - case TLS_ST_SW_SRVR_DONE: - str = "SSLv3/TLS write server done"; - break; - case TLS_ST_SR_CERT: - str = "SSLv3/TLS read client certificate"; - break; - case TLS_ST_SR_KEY_EXCH: - str = "SSLv3/TLS read client key exchange"; - break; - case TLS_ST_SR_CERT_VRFY: - str = "SSLv3/TLS read certificate verify"; - break; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - str = "DTLS1 read hello verify request"; - break; - case DTLS_ST_SW_HELLO_VERIFY_REQUEST: - str = "DTLS1 write hello verify request"; - break; - default: - break; - } - } - - return str; -} - /** * @brief set the SSL context read buffer length */