1 /*
2 * Debugging routines
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 *
7 * This file is provided under the Apache License 2.0, or the
8 * GNU General Public License v2.0 or later.
9 *
10 * **********
11 * Apache License 2.0:
12 *
13 * Licensed under the Apache License, Version 2.0 (the "License"); you may
14 * not use this file except in compliance with the License.
15 * You may obtain a copy of the License at
16 *
17 * http://www.apache.org/licenses/LICENSE-2.0
18 *
19 * Unless required by applicable law or agreed to in writing, software
20 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22 * See the License for the specific language governing permissions and
23 * limitations under the License.
24 *
25 * **********
26 *
27 * **********
28 * GNU General Public License v2.0 or later:
29 *
30 * This program is free software; you can redistribute it and/or modify
31 * it under the terms of the GNU General Public License as published by
32 * the Free Software Foundation; either version 2 of the License, or
33 * (at your option) any later version.
34 *
35 * This program is distributed in the hope that it will be useful,
36 * but WITHOUT ANY WARRANTY; without even the implied warranty of
37 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 * GNU General Public License for more details.
39 *
40 * You should have received a copy of the GNU General Public License along
41 * with this program; if not, write to the Free Software Foundation, Inc.,
42 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43 *
44 * **********
45 */
46
47 #if !defined(MBEDTLS_CONFIG_FILE)
48 #include "mbedtls/config.h"
49 #else
50 #include MBEDTLS_CONFIG_FILE
51 #endif
52
53 #if defined(MBEDTLS_DEBUG_C)
54
55 #if defined(MBEDTLS_PLATFORM_C)
56 #include "mbedtls/platform.h"
57 #else
58 #include <stdlib.h>
59 #define mbedtls_calloc calloc
60 #define mbedtls_free free
61 #define mbedtls_time_t time_t
62 #define mbedtls_snprintf snprintf
63 #endif
64
65 #include "mbedtls/debug.h"
66
67 #include <stdarg.h>
68 #include <stdio.h>
69 #include <string.h>
70
71 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
72 !defined(inline) && !defined(__cplusplus)
73 #define inline __inline
74 #endif
75
76 #define DEBUG_BUF_SIZE 512
77
78 static int debug_threshold = 0;
79
mbedtls_debug_set_threshold(int threshold)80 void mbedtls_debug_set_threshold( int threshold )
81 {
82 debug_threshold = threshold;
83 }
84
85 /*
86 * All calls to f_dbg must be made via this function
87 */
debug_send_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * str)88 static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
89 const char *file, int line,
90 const char *str )
91 {
92 /*
93 * If in a threaded environment, we need a thread identifier.
94 * Since there is no portable way to get one, use the address of the ssl
95 * context instead, as it shouldn't be shared between threads.
96 */
97 #if defined(MBEDTLS_THREADING_C)
98 char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
99 mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
100 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
101 #else
102 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
103 #endif
104 }
105
mbedtls_debug_print_msg(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * format,...)106 void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
107 const char *file, int line,
108 const char *format, ... )
109 {
110 va_list argp;
111 char str[DEBUG_BUF_SIZE];
112 int ret;
113
114 if( NULL == ssl ||
115 NULL == ssl->conf ||
116 NULL == ssl->conf->f_dbg ||
117 level > debug_threshold )
118 {
119 return;
120 }
121
122 va_start( argp, format );
123 #if defined(_WIN32)
124 #if defined(_TRUNCATE) && !defined(__MINGW32__)
125 ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
126 #else
127 ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
128 if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE )
129 {
130 str[DEBUG_BUF_SIZE-1] = '\0';
131 ret = -1;
132 }
133 #endif
134 #else
135 ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
136 #endif
137 va_end( argp );
138
139 if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
140 {
141 str[ret] = '\n';
142 str[ret + 1] = '\0';
143 }
144
145 debug_send_line( ssl, level, file, line, str );
146 }
147
mbedtls_debug_print_ret(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,int ret)148 void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
149 const char *file, int line,
150 const char *text, int ret )
151 {
152 char str[DEBUG_BUF_SIZE];
153
154 if( NULL == ssl ||
155 NULL == ssl->conf ||
156 NULL == ssl->conf->f_dbg ||
157 level > debug_threshold )
158 {
159 return;
160 }
161
162 /*
163 * With non-blocking I/O and examples that just retry immediately,
164 * the logs would be quickly flooded with WANT_READ, so ignore that.
165 * Don't ignore WANT_WRITE however, since is is usually rare.
166 */
167 if( ret == MBEDTLS_ERR_SSL_WANT_READ )
168 return;
169
170 mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
171 text, ret, -ret );
172
173 debug_send_line( ssl, level, file, line, str );
174 }
175
mbedtls_debug_print_buf(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const unsigned char * buf,size_t len)176 void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
177 const char *file, int line, const char *text,
178 const unsigned char *buf, size_t len )
179 {
180 char str[DEBUG_BUF_SIZE];
181 char txt[17];
182 size_t i, idx = 0;
183
184 if( NULL == ssl ||
185 NULL == ssl->conf ||
186 NULL == ssl->conf->f_dbg ||
187 level > debug_threshold )
188 {
189 return;
190 }
191
192 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
193 text, (unsigned int) len );
194
195 debug_send_line( ssl, level, file, line, str );
196
197 idx = 0;
198 memset( txt, 0, sizeof( txt ) );
199 for( i = 0; i < len; i++ )
200 {
201 if( i >= 4096 )
202 break;
203
204 if( i % 16 == 0 )
205 {
206 if( i > 0 )
207 {
208 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
209 debug_send_line( ssl, level, file, line, str );
210
211 idx = 0;
212 memset( txt, 0, sizeof( txt ) );
213 }
214
215 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
216 (unsigned int) i );
217
218 }
219
220 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x",
221 (unsigned int) buf[i] );
222 txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
223 }
224
225 if( len > 0 )
226 {
227 for( /* i = i */; i % 16 != 0; i++ )
228 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " );
229
230 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
231 debug_send_line( ssl, level, file, line, str );
232 }
233 }
234
235 #if defined(MBEDTLS_ECP_C)
mbedtls_debug_print_ecp(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_ecp_point * X)236 void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
237 const char *file, int line,
238 const char *text, const mbedtls_ecp_point *X )
239 {
240 char str[DEBUG_BUF_SIZE];
241
242 if( NULL == ssl ||
243 NULL == ssl->conf ||
244 NULL == ssl->conf->f_dbg ||
245 level > debug_threshold )
246 {
247 return;
248 }
249
250 mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
251 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
252
253 mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text );
254 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
255 }
256 #endif /* MBEDTLS_ECP_C */
257
258 #if defined(MBEDTLS_BIGNUM_C)
mbedtls_debug_print_mpi(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_mpi * X)259 void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
260 const char *file, int line,
261 const char *text, const mbedtls_mpi *X )
262 {
263 char str[DEBUG_BUF_SIZE];
264 size_t bitlen;
265 size_t idx = 0;
266
267 if( NULL == ssl ||
268 NULL == ssl->conf ||
269 NULL == ssl->conf->f_dbg ||
270 NULL == X ||
271 level > debug_threshold )
272 {
273 return;
274 }
275
276 bitlen = mbedtls_mpi_bitlen( X );
277
278 mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n",
279 text, (unsigned) bitlen );
280 debug_send_line( ssl, level, file, line, str );
281
282 if( bitlen == 0 )
283 {
284 str[0] = ' '; str[1] = '0'; str[2] = '0';
285 idx = 3;
286 }
287 else
288 {
289 int n;
290 for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- )
291 {
292 size_t limb_offset = n / sizeof( mbedtls_mpi_uint );
293 size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint );
294 unsigned char octet =
295 ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff;
296 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet );
297 idx += 3;
298 /* Wrap lines after 16 octets that each take 3 columns */
299 if( idx >= 3 * 16 )
300 {
301 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
302 debug_send_line( ssl, level, file, line, str );
303 idx = 0;
304 }
305 }
306 }
307
308 if( idx != 0 )
309 {
310 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
311 debug_send_line( ssl, level, file, line, str );
312 }
313 }
314 #endif /* MBEDTLS_BIGNUM_C */
315
316 #if defined(MBEDTLS_X509_CRT_PARSE_C)
debug_print_pk(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_pk_context * pk)317 static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
318 const char *file, int line,
319 const char *text, const mbedtls_pk_context *pk )
320 {
321 size_t i;
322 mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
323 char name[16];
324
325 memset( items, 0, sizeof( items ) );
326
327 if( mbedtls_pk_debug( pk, items ) != 0 )
328 {
329 debug_send_line( ssl, level, file, line,
330 "invalid PK context\n" );
331 return;
332 }
333
334 for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
335 {
336 if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
337 return;
338
339 mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
340 name[sizeof( name ) - 1] = '\0';
341
342 if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
343 mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
344 else
345 #if defined(MBEDTLS_ECP_C)
346 if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
347 mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
348 else
349 #endif
350 debug_send_line( ssl, level, file, line,
351 "should not happen\n" );
352 }
353 }
354
debug_print_line_by_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text)355 static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level,
356 const char *file, int line, const char *text )
357 {
358 char str[DEBUG_BUF_SIZE];
359 const char *start, *cur;
360
361 start = text;
362 for( cur = text; *cur != '\0'; cur++ )
363 {
364 if( *cur == '\n' )
365 {
366 size_t len = cur - start + 1;
367 if( len > DEBUG_BUF_SIZE - 1 )
368 len = DEBUG_BUF_SIZE - 1;
369
370 memcpy( str, start, len );
371 str[len] = '\0';
372
373 debug_send_line( ssl, level, file, line, str );
374
375 start = cur + 1;
376 }
377 }
378 }
379
mbedtls_debug_print_crt(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_x509_crt * crt)380 void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
381 const char *file, int line,
382 const char *text, const mbedtls_x509_crt *crt )
383 {
384 char str[DEBUG_BUF_SIZE];
385 int i = 0;
386
387 if( NULL == ssl ||
388 NULL == ssl->conf ||
389 NULL == ssl->conf->f_dbg ||
390 NULL == crt ||
391 level > debug_threshold )
392 {
393 return;
394 }
395
396 while( crt != NULL )
397 {
398 char buf[1024];
399
400 mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i );
401 debug_send_line( ssl, level, file, line, str );
402
403 mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
404 debug_print_line_by_line( ssl, level, file, line, buf );
405
406 debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
407
408 crt = crt->next;
409 }
410 }
411 #endif /* MBEDTLS_X509_CRT_PARSE_C */
412
413 #if defined(MBEDTLS_ECDH_C)
mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)414 static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl,
415 int level, const char *file,
416 int line,
417 const mbedtls_ecdh_context *ecdh,
418 mbedtls_debug_ecdh_attr attr )
419 {
420 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
421 const mbedtls_ecdh_context* ctx = ecdh;
422 #else
423 const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh;
424 #endif
425
426 switch( attr )
427 {
428 case MBEDTLS_DEBUG_ECDH_Q:
429 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q",
430 &ctx->Q );
431 break;
432 case MBEDTLS_DEBUG_ECDH_QP:
433 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp",
434 &ctx->Qp );
435 break;
436 case MBEDTLS_DEBUG_ECDH_Z:
437 mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z",
438 &ctx->z );
439 break;
440 default:
441 break;
442 }
443 }
444
mbedtls_debug_printf_ecdh(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)445 void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
446 const char *file, int line,
447 const mbedtls_ecdh_context *ecdh,
448 mbedtls_debug_ecdh_attr attr )
449 {
450 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
451 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr );
452 #else
453 switch( ecdh->var )
454 {
455 default:
456 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh,
457 attr );
458 }
459 #endif
460 }
461 #endif /* MBEDTLS_ECDH_C */
462
463 #endif /* MBEDTLS_DEBUG_C */
464