1 /*
2 * Debugging routines
3 *
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
22 #if !defined(MBEDTLS_CONFIG_FILE)
23 #include "mbedtls/config.h"
24 #else
25 #include MBEDTLS_CONFIG_FILE
26 #endif
27
28 #if defined(MBEDTLS_DEBUG_C)
29
30 #if defined(MBEDTLS_PLATFORM_C)
31 #include "mbedtls/platform.h"
32 #else
33 #include <stdlib.h>
34 #define mbedtls_calloc calloc
35 #define mbedtls_free free
36 #define mbedtls_time_t time_t
37 #define mbedtls_snprintf snprintf
38 #endif
39
40 #include "mbedtls/debug.h"
41
42 #include <stdarg.h>
43 #include <stdio.h>
44 #include <string.h>
45
46 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
47 !defined(inline) && !defined(__cplusplus)
48 #define inline __inline
49 #endif
50
51 #define DEBUG_BUF_SIZE 512
52
53 static int debug_threshold = 0;
54
mbedtls_debug_set_threshold(int threshold)55 void mbedtls_debug_set_threshold( int threshold )
56 {
57 debug_threshold = threshold;
58 }
59
60 /*
61 * All calls to f_dbg must be made via this function
62 */
debug_send_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * str)63 static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
64 const char *file, int line,
65 const char *str )
66 {
67 /*
68 * If in a threaded environment, we need a thread identifier.
69 * Since there is no portable way to get one, use the address of the ssl
70 * context instead, as it shouldn't be shared between threads.
71 */
72 #if defined(MBEDTLS_THREADING_C)
73 char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
74 mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
75 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
76 #else
77 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
78 #endif
79 }
80
mbedtls_debug_print_msg(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * format,...)81 void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
82 const char *file, int line,
83 const char *format, ... )
84 {
85 va_list argp;
86 char str[DEBUG_BUF_SIZE];
87 int ret;
88
89 if( NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || level > debug_threshold )
90 return;
91
92 va_start( argp, format );
93 #if defined(_WIN32)
94 #if defined(_TRUNCATE) && !defined(__MINGW32__)
95 ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
96 #else
97 ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
98 if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE )
99 {
100 str[DEBUG_BUF_SIZE-1] = '\0';
101 ret = -1;
102 }
103 #endif
104 #else
105 ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
106 #endif
107 va_end( argp );
108
109 if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
110 {
111 str[ret] = '\n';
112 str[ret + 1] = '\0';
113 }
114
115 debug_send_line( ssl, level, file, line, str );
116 }
117
mbedtls_debug_print_ret(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,int ret)118 void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
119 const char *file, int line,
120 const char *text, int ret )
121 {
122 char str[DEBUG_BUF_SIZE];
123
124 if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
125 return;
126
127 /*
128 * With non-blocking I/O and examples that just retry immediately,
129 * the logs would be quickly flooded with WANT_READ, so ignore that.
130 * Don't ignore WANT_WRITE however, since is is usually rare.
131 */
132 if( ret == MBEDTLS_ERR_SSL_WANT_READ )
133 return;
134
135 mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
136 text, ret, -ret );
137
138 debug_send_line( ssl, level, file, line, str );
139 }
140
mbedtls_debug_print_buf(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const unsigned char * buf,size_t len)141 void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
142 const char *file, int line, const char *text,
143 const unsigned char *buf, size_t len )
144 {
145 char str[DEBUG_BUF_SIZE];
146 char txt[17];
147 size_t i, idx = 0;
148
149 if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
150 return;
151
152 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
153 text, (unsigned int) len );
154
155 debug_send_line( ssl, level, file, line, str );
156
157 idx = 0;
158 memset( txt, 0, sizeof( txt ) );
159 for( i = 0; i < len; i++ )
160 {
161 if( i >= 4096 )
162 break;
163
164 if( i % 16 == 0 )
165 {
166 if( i > 0 )
167 {
168 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
169 debug_send_line( ssl, level, file, line, str );
170
171 idx = 0;
172 memset( txt, 0, sizeof( txt ) );
173 }
174
175 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
176 (unsigned int) i );
177
178 }
179
180 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x",
181 (unsigned int) buf[i] );
182 txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
183 }
184
185 if( len > 0 )
186 {
187 for( /* i = i */; i % 16 != 0; i++ )
188 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " );
189
190 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
191 debug_send_line( ssl, level, file, line, str );
192 }
193 }
194
195 #if defined(MBEDTLS_ECP_C)
mbedtls_debug_print_ecp(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_ecp_point * X)196 void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
197 const char *file, int line,
198 const char *text, const mbedtls_ecp_point *X )
199 {
200 char str[DEBUG_BUF_SIZE];
201
202 if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
203 return;
204
205 mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
206 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
207
208 mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text );
209 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
210 }
211 #endif /* MBEDTLS_ECP_C */
212
213 #if defined(MBEDTLS_BIGNUM_C)
mbedtls_debug_print_mpi(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_mpi * X)214 void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
215 const char *file, int line,
216 const char *text, const mbedtls_mpi *X )
217 {
218 char str[DEBUG_BUF_SIZE];
219 int j, k, zeros = 1;
220 size_t i, n, idx = 0;
221
222 if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold )
223 return;
224
225 for( n = X->n - 1; n > 0; n-- )
226 if( X->p[n] != 0 )
227 break;
228
229 for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
230 if( ( ( X->p[n] >> j ) & 1 ) != 0 )
231 break;
232
233 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
234 text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
235
236 debug_send_line( ssl, level, file, line, str );
237
238 idx = 0;
239 for( i = n + 1, j = 0; i > 0; i-- )
240 {
241 if( zeros && X->p[i - 1] == 0 )
242 continue;
243
244 for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
245 {
246 if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
247 continue;
248 else
249 zeros = 0;
250
251 if( j % 16 == 0 )
252 {
253 if( j > 0 )
254 {
255 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
256 debug_send_line( ssl, level, file, line, str );
257 idx = 0;
258 }
259 }
260
261 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
262 ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
263
264 j++;
265 }
266
267 }
268
269 if( zeros == 1 )
270 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
271
272 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
273 debug_send_line( ssl, level, file, line, str );
274 }
275 #endif /* MBEDTLS_BIGNUM_C */
276
277 #if defined(MBEDTLS_X509_CRT_PARSE_C)
debug_print_pk(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_pk_context * pk)278 static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
279 const char *file, int line,
280 const char *text, const mbedtls_pk_context *pk )
281 {
282 size_t i;
283 mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
284 char name[16];
285
286 memset( items, 0, sizeof( items ) );
287
288 if( mbedtls_pk_debug( pk, items ) != 0 )
289 {
290 debug_send_line( ssl, level, file, line,
291 "invalid PK context\n" );
292 return;
293 }
294
295 for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
296 {
297 if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
298 return;
299
300 mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
301 name[sizeof( name ) - 1] = '\0';
302
303 if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
304 mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
305 else
306 #if defined(MBEDTLS_ECP_C)
307 if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
308 mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
309 else
310 #endif
311 debug_send_line( ssl, level, file, line,
312 "should not happen\n" );
313 }
314 }
315
debug_print_line_by_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text)316 static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level,
317 const char *file, int line, const char *text )
318 {
319 char str[DEBUG_BUF_SIZE];
320 const char *start, *cur;
321
322 start = text;
323 for( cur = text; *cur != '\0'; cur++ )
324 {
325 if( *cur == '\n' )
326 {
327 size_t len = cur - start + 1;
328 if( len > DEBUG_BUF_SIZE - 1 )
329 len = DEBUG_BUF_SIZE - 1;
330
331 memcpy( str, start, len );
332 str[len] = '\0';
333
334 debug_send_line( ssl, level, file, line, str );
335
336 start = cur + 1;
337 }
338 }
339 }
340
mbedtls_debug_print_crt(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_x509_crt * crt)341 void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
342 const char *file, int line,
343 const char *text, const mbedtls_x509_crt *crt )
344 {
345 char str[DEBUG_BUF_SIZE];
346 int i = 0;
347
348 if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold )
349 return;
350
351 while( crt != NULL )
352 {
353 char buf[1024];
354
355 mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i );
356 debug_send_line( ssl, level, file, line, str );
357
358 mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
359 debug_print_line_by_line( ssl, level, file, line, buf );
360
361 debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
362
363 crt = crt->next;
364 }
365 }
366 #endif /* MBEDTLS_X509_CRT_PARSE_C */
367
368 #if defined(MBEDTLS_ECDH_C)
mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)369 static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl,
370 int level, const char *file,
371 int line,
372 const mbedtls_ecdh_context *ecdh,
373 mbedtls_debug_ecdh_attr attr )
374 {
375 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
376 const mbedtls_ecdh_context* ctx = ecdh;
377 #else
378 const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh;
379 #endif
380
381 switch( attr )
382 {
383 case MBEDTLS_DEBUG_ECDH_Q:
384 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q",
385 &ctx->Q );
386 break;
387 case MBEDTLS_DEBUG_ECDH_QP:
388 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp",
389 &ctx->Qp );
390 break;
391 case MBEDTLS_DEBUG_ECDH_Z:
392 mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z",
393 &ctx->z );
394 break;
395 default:
396 break;
397 }
398 }
399
mbedtls_debug_printf_ecdh(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)400 void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
401 const char *file, int line,
402 const mbedtls_ecdh_context *ecdh,
403 mbedtls_debug_ecdh_attr attr )
404 {
405 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
406 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr );
407 #else
408 switch( ecdh->var )
409 {
410 default:
411 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh,
412 attr );
413 }
414 #endif
415 }
416 #endif /* MBEDTLS_ECDH_C */
417
418 #endif /* MBEDTLS_DEBUG_C */
419