1 /*
2 * Debugging routines
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20 #include "common.h"
21
22 #if defined(MBEDTLS_DEBUG_C)
23
24 #include "mbedtls/platform.h"
25
26 #include "mbedtls/debug.h"
27 #include "mbedtls/error.h"
28
29 #include <stdarg.h>
30 #include <stdio.h>
31 #include <string.h>
32
33 #define DEBUG_BUF_SIZE 512
34
35 static int debug_threshold = 0;
36
mbedtls_debug_set_threshold(int threshold)37 void mbedtls_debug_set_threshold( int threshold )
38 {
39 debug_threshold = threshold;
40 }
41
42 /*
43 * All calls to f_dbg must be made via this function
44 */
debug_send_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * str)45 static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
46 const char *file, int line,
47 const char *str )
48 {
49 /*
50 * If in a threaded environment, we need a thread identifier.
51 * Since there is no portable way to get one, use the address of the ssl
52 * context instead, as it shouldn't be shared between threads.
53 */
54 #if defined(MBEDTLS_THREADING_C)
55 char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
56 mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
57 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
58 #else
59 ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
60 #endif
61 }
62
63 MBEDTLS_PRINTF_ATTRIBUTE(5, 6)
mbedtls_debug_print_msg(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * format,...)64 void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
65 const char *file, int line,
66 const char *format, ... )
67 {
68 va_list argp;
69 char str[DEBUG_BUF_SIZE];
70 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
71
72 if( NULL == ssl ||
73 NULL == ssl->conf ||
74 NULL == ssl->conf->f_dbg ||
75 level > debug_threshold )
76 {
77 return;
78 }
79
80 va_start( argp, format );
81 ret = mbedtls_vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
82 va_end( argp );
83
84 if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
85 {
86 str[ret] = '\n';
87 str[ret + 1] = '\0';
88 }
89
90 debug_send_line( ssl, level, file, line, str );
91 }
92
mbedtls_debug_print_ret(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,int ret)93 void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
94 const char *file, int line,
95 const char *text, int ret )
96 {
97 char str[DEBUG_BUF_SIZE];
98
99 if( NULL == ssl ||
100 NULL == ssl->conf ||
101 NULL == ssl->conf->f_dbg ||
102 level > debug_threshold )
103 {
104 return;
105 }
106
107 /*
108 * With non-blocking I/O and examples that just retry immediately,
109 * the logs would be quickly flooded with WANT_READ, so ignore that.
110 * Don't ignore WANT_WRITE however, since it is usually rare.
111 */
112 if( ret == MBEDTLS_ERR_SSL_WANT_READ )
113 return;
114
115 mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
116 text, ret, (unsigned int) -ret );
117
118 debug_send_line( ssl, level, file, line, str );
119 }
120
mbedtls_debug_print_buf(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const unsigned char * buf,size_t len)121 void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
122 const char *file, int line, const char *text,
123 const unsigned char *buf, size_t len )
124 {
125 char str[DEBUG_BUF_SIZE];
126 char txt[17];
127 size_t i, idx = 0;
128
129 if( NULL == ssl ||
130 NULL == ssl->conf ||
131 NULL == ssl->conf->f_dbg ||
132 level > debug_threshold )
133 {
134 return;
135 }
136
137 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
138 text, (unsigned int) len );
139
140 debug_send_line( ssl, level, file, line, str );
141
142 idx = 0;
143 memset( txt, 0, sizeof( txt ) );
144 for( i = 0; i < len; i++ )
145 {
146 if( i >= 4096 )
147 break;
148
149 if( i % 16 == 0 )
150 {
151 if( i > 0 )
152 {
153 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
154 debug_send_line( ssl, level, file, line, str );
155
156 idx = 0;
157 memset( txt, 0, sizeof( txt ) );
158 }
159
160 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
161 (unsigned int) i );
162
163 }
164
165 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x",
166 (unsigned int) buf[i] );
167 txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
168 }
169
170 if( len > 0 )
171 {
172 for( /* i = i */; i % 16 != 0; i++ )
173 idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " " );
174
175 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %s\n", txt );
176 debug_send_line( ssl, level, file, line, str );
177 }
178 }
179
180 #if defined(MBEDTLS_ECP_C)
mbedtls_debug_print_ecp(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_ecp_point * X)181 void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
182 const char *file, int line,
183 const char *text, const mbedtls_ecp_point *X )
184 {
185 char str[DEBUG_BUF_SIZE];
186
187 if( NULL == ssl ||
188 NULL == ssl->conf ||
189 NULL == ssl->conf->f_dbg ||
190 level > debug_threshold )
191 {
192 return;
193 }
194
195 mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
196 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
197
198 mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text );
199 mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
200 }
201 #endif /* MBEDTLS_ECP_C */
202
203 #if defined(MBEDTLS_BIGNUM_C)
mbedtls_debug_print_mpi(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_mpi * X)204 void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
205 const char *file, int line,
206 const char *text, const mbedtls_mpi *X )
207 {
208 char str[DEBUG_BUF_SIZE];
209 size_t bitlen;
210 size_t idx = 0;
211
212 if( NULL == ssl ||
213 NULL == ssl->conf ||
214 NULL == ssl->conf->f_dbg ||
215 NULL == X ||
216 level > debug_threshold )
217 {
218 return;
219 }
220
221 bitlen = mbedtls_mpi_bitlen( X );
222
223 mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n",
224 text, (unsigned) bitlen );
225 debug_send_line( ssl, level, file, line, str );
226
227 if( bitlen == 0 )
228 {
229 str[0] = ' '; str[1] = '0'; str[2] = '0';
230 idx = 3;
231 }
232 else
233 {
234 int n;
235 for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- )
236 {
237 size_t limb_offset = n / sizeof( mbedtls_mpi_uint );
238 size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint );
239 unsigned char octet =
240 ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff;
241 mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet );
242 idx += 3;
243 /* Wrap lines after 16 octets that each take 3 columns */
244 if( idx >= 3 * 16 )
245 {
246 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
247 debug_send_line( ssl, level, file, line, str );
248 idx = 0;
249 }
250 }
251 }
252
253 if( idx != 0 )
254 {
255 mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
256 debug_send_line( ssl, level, file, line, str );
257 }
258 }
259 #endif /* MBEDTLS_BIGNUM_C */
260
261 #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
debug_print_pk(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_pk_context * pk)262 static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
263 const char *file, int line,
264 const char *text, const mbedtls_pk_context *pk )
265 {
266 size_t i;
267 mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
268 char name[16];
269
270 memset( items, 0, sizeof( items ) );
271
272 if( mbedtls_pk_debug( pk, items ) != 0 )
273 {
274 debug_send_line( ssl, level, file, line,
275 "invalid PK context\n" );
276 return;
277 }
278
279 for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
280 {
281 if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
282 return;
283
284 mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
285 name[sizeof( name ) - 1] = '\0';
286
287 if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
288 mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
289 else
290 #if defined(MBEDTLS_ECP_C)
291 if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
292 mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
293 else
294 #endif
295 debug_send_line( ssl, level, file, line,
296 "should not happen\n" );
297 }
298 }
299
debug_print_line_by_line(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text)300 static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level,
301 const char *file, int line, const char *text )
302 {
303 char str[DEBUG_BUF_SIZE];
304 const char *start, *cur;
305
306 start = text;
307 for( cur = text; *cur != '\0'; cur++ )
308 {
309 if( *cur == '\n' )
310 {
311 size_t len = cur - start + 1;
312 if( len > DEBUG_BUF_SIZE - 1 )
313 len = DEBUG_BUF_SIZE - 1;
314
315 memcpy( str, start, len );
316 str[len] = '\0';
317
318 debug_send_line( ssl, level, file, line, str );
319
320 start = cur + 1;
321 }
322 }
323 }
324
mbedtls_debug_print_crt(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const char * text,const mbedtls_x509_crt * crt)325 void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
326 const char *file, int line,
327 const char *text, const mbedtls_x509_crt *crt )
328 {
329 char str[DEBUG_BUF_SIZE];
330 int i = 0;
331
332 if( NULL == ssl ||
333 NULL == ssl->conf ||
334 NULL == ssl->conf->f_dbg ||
335 NULL == crt ||
336 level > debug_threshold )
337 {
338 return;
339 }
340
341 while( crt != NULL )
342 {
343 char buf[1024];
344
345 mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i );
346 debug_send_line( ssl, level, file, line, str );
347
348 mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
349 debug_print_line_by_line( ssl, level, file, line, buf );
350
351 debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
352
353 crt = crt->next;
354 }
355 }
356 #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */
357
358 #if defined(MBEDTLS_ECDH_C)
mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)359 static void mbedtls_debug_printf_ecdh_internal( const mbedtls_ssl_context *ssl,
360 int level, const char *file,
361 int line,
362 const mbedtls_ecdh_context *ecdh,
363 mbedtls_debug_ecdh_attr attr )
364 {
365 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
366 const mbedtls_ecdh_context* ctx = ecdh;
367 #else
368 const mbedtls_ecdh_context_mbed* ctx = &ecdh->ctx.mbed_ecdh;
369 #endif
370
371 switch( attr )
372 {
373 case MBEDTLS_DEBUG_ECDH_Q:
374 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Q",
375 &ctx->Q );
376 break;
377 case MBEDTLS_DEBUG_ECDH_QP:
378 mbedtls_debug_print_ecp( ssl, level, file, line, "ECDH: Qp",
379 &ctx->Qp );
380 break;
381 case MBEDTLS_DEBUG_ECDH_Z:
382 mbedtls_debug_print_mpi( ssl, level, file, line, "ECDH: z",
383 &ctx->z );
384 break;
385 default:
386 break;
387 }
388 }
389
mbedtls_debug_printf_ecdh(const mbedtls_ssl_context * ssl,int level,const char * file,int line,const mbedtls_ecdh_context * ecdh,mbedtls_debug_ecdh_attr attr)390 void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
391 const char *file, int line,
392 const mbedtls_ecdh_context *ecdh,
393 mbedtls_debug_ecdh_attr attr )
394 {
395 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
396 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh, attr );
397 #else
398 switch( ecdh->var )
399 {
400 default:
401 mbedtls_debug_printf_ecdh_internal( ssl, level, file, line, ecdh,
402 attr );
403 }
404 #endif
405 }
406 #endif /* MBEDTLS_ECDH_C */
407
408 #endif /* MBEDTLS_DEBUG_C */
409
