xref: /aosp_15_r20/external/conscrypt/common/src/jni/main/include/conscrypt/trace.h (revision cd0cc2e34ba52cdf454361820a14d744e4bd531d) 
1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef CONSCRYPT_TRACE_H_
18 #define CONSCRYPT_TRACE_H_
19 
20 #include <stdio.h>
21 #include <cstddef>
22 #include <conscrypt/logging.h>
23 
24 namespace conscrypt {
25 namespace trace {
26 
27 constexpr bool kWithJniTrace = false;
28 constexpr bool kWithJniTraceMd = false;
29 constexpr bool kWithJniTraceData = false;
30 // Don't overwhelm logcat when tracing data.
31 constexpr std::size_t kWithJniTraceDataChunkSize = 512;
32 
33 /*
34  * To print create a pcap-style dump you can take the log output and
35  * pipe it through text2pcap.
36  *
37  * For example, if you were interested in ssl=0x12345678, you would do:
38  *
39  *  address=0x12345678
40  *  awk "match(\$0,/ssl=$address SSL_DATA: (.*)\$/,a){print a[1]}" | text2pcap -T 443,1337 -t
41  * '%s.' -n -D - $address.pcapng
42  */
43 constexpr bool kWithJniTracePackets = false;
44 
45 /*
46  * How to use this for debugging with Wireshark:
47  *
48  * 1. Pull lines from logcat to a file that have "KEY_LINE:" and remove the
49  *    prefix up to and including "KEY_LINE: " so they look like this
50  *    (without the quotes):
51  *     "RSA 3b8...184 1c5...aa0" <CR>
52  *     "CLIENT_RANDOM 82e...f18b 1c5...aa0" <CR>
53  *     <etc>
54  *    Follows the format defined at
55  *    https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
56  * 2. Start Wireshark
57  * 3. Go to Edit -> Preferences -> SSL -> (Pre-)Master-Key log and fill in
58  *    the file you put the lines in above.
59  * 4. Follow the stream that corresponds to the desired "Session-ID" in
60  *    the Server Hello.
61  */
62  constexpr bool kWithJniTraceKeys = false;
63 
64 }  // namespace trace
65 }  // namespace conscrypt
66 
67 #define JNI_TRACE(...)                                        \
68     if (conscrypt::trace::kWithJniTrace) {                    \
69         CONSCRYPT_LOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
70     }
71 #define JNI_TRACE_MD(...)                                     \
72     if (conscrypt::trace::kWithJniTraceMd) {                  \
73         CONSCRYPT_LOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
74     }
75 #define JNI_TRACE_KEYS(...)                                   \
76     if (conscrypt::trace::kWithJniTraceKeys) {                \
77         CONSCRYPT_LOG(LOG_INFO, LOG_TAG "-jni", __VA_ARGS__); \
78     }
79 #define JNI_TRACE_PACKET_DATA(ssl, dir, data, len)    \
80     if (conscrypt::trace::kWithJniTracePackets) {     \
81         debug_print_packet_data(ssl, dir, data, len); \
82     }
83 
84 #endif  // CONSCRYPT_TRACE_H_
85