• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef CONSCRYPT_TRACE_H_
18 #define CONSCRYPT_TRACE_H_
19 
20 #include <cstddef>
21 #include <conscrypt/macros.h>
22 
23 namespace conscrypt {
24 namespace trace {
25 
26 extern const bool kWithJniTrace;
27 extern const bool kWithJniTraceMd;
28 extern const bool kWithJniTraceData;
29 
30 /*
31  * To print create a pcap-style dump you can take the log output and
32  * pipe it through text2pcap.
33  *
34  * For example, if you were interested in ssl=0x12345678, you would do:
35  *
36  *  address=0x12345678
37  *  awk "match(\$0,/ssl=$address SSL_DATA: (.*)\$/,a){print a[1]}" | text2pcap -T 443,1337 -t
38  * '%s.' -n -D - $address.pcapng
39  */
40 extern const bool kWithJniTracePackets;
41 
42 /*
43  * How to use this for debugging with Wireshark:
44  *
45  * 1. Pull lines from logcat to a file that have "KEY_LINE:" and remove the
46  *    prefix up to and including "KEY_LINE: " so they look like this
47  *    (without the quotes):
48  *     "RSA 3b8...184 1c5...aa0" <CR>
49  *     "CLIENT_RANDOM 82e...f18b 1c5...aa0" <CR>
50  *     <etc>
51  *    Follows the format defined at
52  *    https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
53  * 2. Start Wireshark
54  * 3. Go to Edit -> Preferences -> SSL -> (Pre-)Master-Key log and fill in
55  *    the file you put the lines in above.
56  * 4. Follow the stream that corresponds to the desired "Session-ID" in
57  *    the Server Hello.
58  */
59 extern const bool kWithJniTraceKeys;
60 
61 // don't overwhelm logcat
62 extern const std::size_t kWithJniTraceDataChunkSize;
63 
64 }  // namespace trace
65 }  // namespace conscrypt
66 
67 #define JNI_TRACE(...)                               \
68     if (conscrypt::trace::kWithJniTrace) {           \
69         ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
70     }
71 #define JNI_TRACE_MD(...)                            \
72     if (conscrypt::trace::kWithJniTraceMd) {         \
73         ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
74     }
75 #define JNI_TRACE_KEYS(...)                          \
76     if (conscrypt::trace::kWithJniTraceKeys) {       \
77         ALOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
78     }
79 #define JNI_TRACE_PACKET_DATA(ssl, dir, data, len)    \
80     if (conscrypt::trace::kWithJniTracePackets) {     \
81         debug_print_packet_data(ssl, dir, data, len); \
82     }
83 
84 #endif  // CONSCRYPT_TRACE_H_
85