void printHandshakeSuccess()

in fizz/tool/FizzClientCommand.cpp [274:396]

• 118 lines of code
• 19 McCabe index (conditional complexity)

  void printHandshakeSuccess() {
    auto& state = transport_->getState();
    auto serverCert = state.serverCert();
    auto clientCert = state.clientCert();
    LOG(INFO) << (willResume_ ? "Initial handshake" : "Handshake")
              << " succeeded.";
    LOG(INFO) << "  TLS Version: " << toString(*state.version());
    LOG(INFO) << "  Cipher Suite:  " << toString(*state.cipher());
    LOG(INFO) << "  Named Group: "
              << (state.group() ? toString(*state.group()) : "(none)");
    LOG(INFO) << "  Signature Scheme: "
              << (state.sigScheme() ? toString(*state.sigScheme()) : "(none)");
    LOG(INFO) << "  PSK: " << toString(*state.pskType());
    LOG(INFO) << "  PSK Mode: "
              << (state.pskMode() ? toString(*state.pskMode()) : "(none)");
    LOG(INFO) << "  Key Exchange Type: " << toString(*state.keyExchangeType());
    LOG(INFO) << "  Early: " << toString(*state.earlyDataType());
    LOG(INFO) << "  Server Identity: "
              << (serverCert ? serverCert->getIdentity() : "(none)");
    LOG(INFO) << "  Client Identity: "
              << (clientCert ? clientCert->getIdentity() : "(none)");

    LOG(INFO) << "  Certificate Chain:";
    auto certs = verifier_->getCerts();
    for (size_t i = 0; i < certs.size(); i++) {
      auto x509Cert = certs[i]->getX509();
      LOG(INFO) << "   " << i
                << " s:" << OpenSSLCertUtils::getSubject(*x509Cert).value();
      LOG(INFO) << "     i:" << OpenSSLCertUtils::getIssuer(*x509Cert).value();
    }

    if (auto opensslCert = dynamic_cast<const OpenSSLCert*>(serverCert.get())) {
      BioUniquePtr bio(BIO_new(BIO_s_mem()));
      if (!PEM_write_bio_X509(bio.get(), opensslCert->getX509().get())) {
        LOG(ERROR) << "  Couldn't convert server certificate to PEM: "
                   << SSLContext::getErrors();
      } else {
        BUF_MEM* bptr = nullptr;
        BIO_get_mem_ptr(bio.get(), &bptr);
        LOG(INFO) << "  Server Certificate:\n"
                  << std::string(bptr->data, bptr->length);
      }
    }

    if (auto opensslCert = dynamic_cast<const OpenSSLCert*>(clientCert.get())) {
      BioUniquePtr bio(BIO_new(BIO_s_mem()));
      if (!PEM_write_bio_X509(bio.get(), opensslCert->getX509().get())) {
        LOG(ERROR) << "  Couldn't convert client certificate to PEM: "
                   << SSLContext::getErrors();
      } else {
        BUF_MEM* bptr = nullptr;
        BIO_get_mem_ptr(bio.get(), &bptr);
        LOG(INFO) << "  Client Certificate:\n"
                  << std::string(bptr->data, bptr->length);
      }
    }
    LOG(INFO) << "  Server Certificate Compression: "
              << (state.serverCertCompAlgo()
                      ? toString(*state.serverCertCompAlgo())
                      : "(none)");
    LOG(INFO) << "  ALPN: " << state.alpn().value_or("(none)");
    LOG(INFO) << "  Client Random: "
              << folly::hexlify(*transport_->getClientRandom());
    LOG(INFO) << "  Secrets:";
    LOG(INFO) << "    External PSK Binder: " << secretStr(externalPskBinder_);
    LOG(INFO) << "    Resumption PSK Binder: "
              << secretStr(resumptionPskBinder_);
    LOG(INFO) << "    Early Exporter: " << secretStr(earlyExporterSecret_);
    LOG(INFO) << "    Early Client Data: "
              << secretStr(clientEarlyTrafficSecret_);
    LOG(INFO) << "    Client Handshake: "
              << secretStr(clientHandshakeTrafficSecret_);
    LOG(INFO) << "    Server Handshake: "
              << secretStr(serverHandshakeTrafficSecret_);
    LOG(INFO) << "    Exporter Master: " << secretStr(exporterMasterSecret_);
    LOG(INFO) << "    Resumption Master: "
              << secretStr(resumptionMasterSecret_);
    LOG(INFO) << "    Client Traffic: " << secretStr(clientAppTrafficSecret_);
    LOG(INFO) << "    Server Traffic: " << secretStr(serverAppTrafficSecret_);

    if (echConfigs_.has_value()) {
      printECHSuccess(state);
    }

    if (keyLogger_) {
      if (clientEarlyTrafficSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::CLIENT_EARLY_TRAFFIC_SECRET,
            folly::range(*clientEarlyTrafficSecret_));
      }
      if (clientHandshakeTrafficSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::CLIENT_HANDSHAKE_TRAFFIC_SECRET,
            folly::range(*clientHandshakeTrafficSecret_));
      }
      if (serverHandshakeTrafficSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::SERVER_HANDSHAKE_TRAFFIC_SECRET,
            folly::range(*serverHandshakeTrafficSecret_));
      }
      if (exporterMasterSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::EXPORTER_SECRET,
            folly::range(*exporterMasterSecret_));
      }
      if (clientAppTrafficSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::CLIENT_TRAFFIC_SECRET_0,
            folly::range(*clientAppTrafficSecret_));
      }
      if (serverAppTrafficSecret_) {
        keyLogger_->write(
            *transport_->getClientRandom(),
            KeyLogWriter::Label::SERVER_TRAFFIC_SECRET_0,
            folly::range(*serverAppTrafficSecret_));
      }
    }
  }