Add debug helper to print ticket_flags status

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2022-11-17 15:11:39 +08:00 · 2022-11-17 15:11:39 +08:00 · 5b8dcd2097
commit 5b8dcd2097
parent 449bd8303e
2 changed files with 50 additions and 0 deletions
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@ -68,6 +68,11 @@
    mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
 #endif

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag)             \
+    mbedtls_debug_print_ticket_flags(ssl, level, __FILE__, __LINE__, flag)
+#endif
+
 #else /* MBEDTLS_DEBUG_C */

 #define MBEDTLS_SSL_DEBUG_MSG(level, args)            do { } while (0)
@ -77,6 +82,7 @@
 #define MBEDTLS_SSL_DEBUG_ECP(level, text, X)         do { } while (0)
 #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)       do { } while (0)
 #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)     do { } while (0)
+#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag)   do { } while (0)

 #endif /* MBEDTLS_DEBUG_C */

@ -305,6 +311,13 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
                               mbedtls_debug_ecdh_attr attr);
 #endif

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+void mbedtls_debug_print_ticket_flags(
+    const mbedtls_ssl_context *ssl, int level,
+    const char *file, int line,
+    mbedtls_ssl_tls13_ticket_flags flag);
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
+
 #ifdef __cplusplus
 }
 #endif
--- a/library/debug.c
+++ b/library/debug.c
@ -386,4 +386,41 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
 }
 #endif /* MBEDTLS_ECDH_C */

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
+#define BITS_OF(var)    (sizeof(var) * 8)
+#define ARRAY_LENGTH(a) (sizeof(a) / sizeof(*(a)))
+
+static const char *ticket_flag_name_table[BITS_OF(mbedtls_ssl_tls13_ticket_flags)] =
+{
+    [0] = "ALLOW_PSK_RESUMPTION",
+    [2] = "ALLOW_PSK_EPHEMERAL_RESUMPTION",
+    [3] = "ALLOW_EARLY_DATA",
+};
+
+void mbedtls_debug_print_ticket_flags(
+    const mbedtls_ssl_context *ssl, int level,
+    const char *file, int line,
+    mbedtls_ssl_tls13_ticket_flags flag)
+{
+    size_t i;
+
+    if (NULL == ssl              ||
+        NULL == ssl->conf        ||
+        NULL == ssl->conf->f_dbg ||
+        level > debug_threshold) {
+        return;
+    }
+
+    mbedtls_debug_print_msg(ssl, level, file, line,
+                            "print ticket_flags (0x%02x)", flag);
+
+    for (i = 0; i < ARRAY_LENGTH(ticket_flag_name_table); i++) {
+        if ((flag & (1 << i)) & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK) {
+            mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.",
+                                    ticket_flag_name_table[i]);
+        }
+    }
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
+
 #endif /* MBEDTLS_DEBUG_C */