From fb9409e226e64c365bac0ffaf648397386781ce2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=C3=A1niel=20Buga?= Date: Sat, 22 Apr 2023 00:12:44 +0200 Subject: [PATCH] Make handshake logs more useful --- src/connection.rs | 19 +++---------------- src/handshake/mod.rs | 2 +- 2 files changed, 4 insertions(+), 17 deletions(-) diff --git a/src/connection.rs b/src/connection.rs index 230cf665..89009753 100644 --- a/src/connection.rs +++ b/src/connection.rs @@ -59,15 +59,11 @@ where let server_key = key_schedule.get_key()?; let nonce = key_schedule.get_nonce()?; - // info!("decrypting {:x?} with {}", &header, app_data.len()); - //let crypto = Aes128Gcm::new(&self.key_schedule.get_server_key()); let crypto = ::new(&server_key); - // let nonce = &key_schedule.get_server_nonce(); - // info!("server write nonce {:x?}", nonce); crypto .decrypt_in_place(&nonce, header.data(), &mut app_data) .map_err(|_| TlsError::CryptoError)?; - // info!("decrypted with padding {:x?}", app_data.as_slice()); + let padding = app_data .as_slice() .iter() @@ -76,12 +72,11 @@ where if let Some((index, _)) = padding { app_data.truncate(index + 1); }; - //trace!("decrypted {:x?}", data); let content_type = ContentType::of(*app_data.as_slice().last().unwrap()).ok_or(TlsError::InvalidRecord)?; - trace!("Decrypting content type = {:?}", content_type); + trace!("Decrypting: content type = {:?}", content_type); // Remove the content type app_data.truncate(app_data.len() - 1); @@ -98,23 +93,18 @@ where let handshake_length = remaining - buf.remaining(); if let ServerHandshake::Finished(ref mut finished) = inner { - // trace!("Server finished hash: {:x?}", finished.hash); finished .hash .replace(key_schedule.transcript_hash().clone().finalize()); } - //info!("===> inner ==> {:?}", inner); - //if hash_later { key_schedule .transcript_hash() .update(&data[offset..offset + handshake_length]); offset += handshake_length; - // info!("hash {:02x?}", &data[..data.len()]); cb(key_schedule, ServerRecord::Handshake(inner))?; } - //} } ContentType::ApplicationData => { let inner = ApplicationData::new(app_data, header); @@ -127,10 +117,9 @@ where } _ => return Err(TlsError::Unimplemented), } - //debug!("decrypted {:?} --> {:x?}", content_type, data); key_schedule.increment_counter(); } else { - debug!("Not decrypting: Not encapsulated in app data"); + trace!("Not decrypting: content_type = {:?}", record.content_type()); cb(key_schedule, record)?; } Ok(()) @@ -481,10 +470,8 @@ where { let mut state = State::ServerVerify; decrypt_record(key_schedule.read_state(), record, |key_schedule, record| { - trace!("record = {:?}", record.content_type()); match record { ServerRecord::Handshake(server_handshake) => { - trace!("handshake = {:?}", server_handshake.handshake_type()); match server_handshake { ServerHandshake::EncryptedExtensions(_) => {} ServerHandshake::Certificate(certificate) => { diff --git a/src/handshake/mod.rs b/src/handshake/mod.rs index 9e317efc..ad4772c1 100644 --- a/src/handshake/mod.rs +++ b/src/handshake/mod.rs @@ -200,7 +200,7 @@ impl<'a, N: ArrayLength> ServerHandshake<'a, N> { HandshakeType::of(buf.read_u8().map_err(|_| TlsError::InvalidHandshake)?) .ok_or(TlsError::InvalidHandshake)?; - // info!("Handshake type {:?}", handshake_type); + trace!("handshake = {:?}", handshake_type); let content_len = buf.read_u24().map_err(|_| TlsError::InvalidHandshake)?;