OpenCoverage

pk7_doit.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/pkcs7/pk7_doit.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: pk7_doit.c,v 1.42 2017/05/02 03:59:45 deraadt Exp $ */-
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)-
3 * All rights reserved.-
4 *-
5 * This package is an SSL implementation written-
6 * by Eric Young (eay@cryptsoft.com).-
7 * The implementation was written so as to conform with Netscapes SSL.-
8 *-
9 * This library is free for commercial and non-commercial use as long as-
10 * the following conditions are aheared to. The following conditions-
11 * apply to all code found in this distribution, be it the RC4, RSA,-
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation-
13 * included with this distribution is covered by the same copyright terms-
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).-
15 *-
16 * Copyright remains Eric Young's, and as such any Copyright notices in-
17 * the code are not to be removed.-
18 * If this package is used in a product, Eric Young should be given attribution-
19 * as the author of the parts of the library used.-
20 * This can be in the form of a textual message at program startup or-
21 * in documentation (online or textual) provided with the package.-
22 *-
23 * Redistribution and use in source and binary forms, with or without-
24 * modification, are permitted provided that the following conditions-
25 * are met:-
26 * 1. Redistributions of source code must retain the copyright-
27 * notice, this list of conditions and the following disclaimer.-
28 * 2. Redistributions in binary form must reproduce the above copyright-
29 * notice, this list of conditions and the following disclaimer in the-
30 * documentation and/or other materials provided with the distribution.-
31 * 3. All advertising materials mentioning features or use of this software-
32 * must display the following acknowledgement:-
33 * "This product includes cryptographic software written by-
34 * Eric Young (eay@cryptsoft.com)"-
35 * The word 'cryptographic' can be left out if the rouines from the library-
36 * being used are not cryptographic related :-).-
37 * 4. If you include any Windows specific code (or a derivative thereof) from-
38 * the apps directory (application code) you must include an acknowledgement:-
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"-
40 *-
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND-
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE-
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE-
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL-
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS-
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT-
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY-
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF-
51 * SUCH DAMAGE.-
52 *-
53 * The licence and distribution terms for any publically available version or-
54 * derivative of this code cannot be changed. i.e. this code cannot simply be-
55 * copied and put under another distribution licence-
56 * [including the GNU Public Licence.]-
57 */-
58-
59#include <stdio.h>-
60#include <stdlib.h>-
61#include <string.h>-
62-
63#include <openssl/err.h>-
64#include <openssl/objects.h>-
65#include <openssl/x509.h>-
66#include <openssl/x509v3.h>-
67-
68static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,-
69 void *value);-
70static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);-
71-
72static int-
73PKCS7_type_is_other(PKCS7* p7)-
74{-
75 int isOther = 1;-
76-
77 int nid = OBJ_obj2nid(p7->type);-
78-
79 switch (nid ) {-
80 case NID_pkcs7_data:
never executed: case 21:
0
81 case NID_pkcs7_signed:
never executed: case 22:
0
82 case NID_pkcs7_enveloped:
never executed: case 23:
0
83 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
84 case NID_pkcs7_digest:
never executed: case 25:
0
85 case NID_pkcs7_encrypted:
never executed: case 26:
0
86 isOther = 0;-
87 break;
never executed: break;
0
88 default:
never executed: default:
0
89 isOther = 1;-
90 }
never executed: end of block
0
91-
92 return isOther;
never executed: return isOther;
0
93-
94}-
95-
96static ASN1_OCTET_STRING *-
97PKCS7_get_octet_string(PKCS7 *p7)-
98{-
99 if (PKCS7_type_is_data(p7))
(OBJ_obj2nid((...->type) == 21)Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-6
100 return p7->d.data;
executed 6 times by 1 test: return p7->d.data;
Executed by:
  • pkcs7test
6
101 if (PKCS7_type_is_other(p7) && p7->d.other &&
PKCS7_type_is_other(p7)Description
TRUEnever evaluated
FALSEnever evaluated
p7->d.otherDescription
TRUEnever evaluated
FALSEnever evaluated
0
102 (p7->d.other->type == V_ASN1_OCTET_STRING))
(p7->d.other->type == 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
103 return p7->d.other->value.octet_string;
never executed: return p7->d.other->value.octet_string;
0
104 return NULL;
never executed: return ((void *)0) ;
0
105}-
106-
107static int-
108PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)-
109{-
110 BIO *btmp;-
111 const EVP_MD *md;-
112 if ((btmp = BIO_new(BIO_f_md())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
0-4
113 PKCS7error(ERR_R_BIO_LIB);-
114 goto err;
never executed: goto err;
0
115 }-
116-
117 md = EVP_get_digestbyobj(alg->algorithm);-
118 if (md == NULL) {
md == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
0-4
119 PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE);-
120 goto err;
never executed: goto err;
0
121 }-
122-
123 BIO_set_md(btmp, md);-
124 if (*pbio == NULL)
*pbio == ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-4
125 *pbio = btmp;
executed 4 times by 1 test: *pbio = btmp;
Executed by:
  • pkcs7test
4
126 else if (!BIO_push(*pbio, btmp)) {
!BIO_push(*pbio, btmp)Description
TRUEnever evaluated
FALSEnever evaluated
0
127 PKCS7error(ERR_R_BIO_LIB);-
128 goto err;
never executed: goto err;
0
129 }-
130 btmp = NULL;-
131-
132 return 1;
executed 4 times by 1 test: return 1;
Executed by:
  • pkcs7test
4
133-
134err:-
135 BIO_free(btmp);-
136 return 0;
never executed: return 0;
0
137-
138}-
139-
140static int-
141pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen)-
142{-
143 EVP_PKEY_CTX *pctx = NULL;-
144 EVP_PKEY *pkey = NULL;-
145 unsigned char *ek = NULL;-
146 int ret = 0;-
147 size_t eklen;-
148-
149 pkey = X509_get_pubkey(ri->cert);-
150 if (!pkey)
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
151 return 0;
never executed: return 0;
0
152-
153 pctx = EVP_PKEY_CTX_new(pkey, NULL);-
154 if (!pctx)
!pctxDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
155 return 0;
never executed: return 0;
0
156-
157 if (EVP_PKEY_encrypt_init(pctx) <= 0)
EVP_PKEY_encry...nit(pctx) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
158 goto err;
never executed: goto err;
0
159-
160 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
EVP_PKEY_CTX_c...3, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
161 EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
EVP_PKEY_CTX_c...3, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
162 PKCS7error(PKCS7_R_CTRL_ERROR);-
163 goto err;
never executed: goto err;
0
164 }-
165-
166 if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
EVP_PKEY_encry..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
167 goto err;
never executed: goto err;
0
168-
169 ek = malloc(eklen);-
170-
171 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
172 PKCS7error(ERR_R_MALLOC_FAILURE);-
173 goto err;
never executed: goto err;
0
174 }-
175-
176 if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
EVP_PKEY_encry..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
177 goto err;
never executed: goto err;
0
178-
179 ASN1_STRING_set0(ri->enc_key, ek, eklen);-
180 ek = NULL;-
181-
182 ret = 1;-
183-
184err:
code before this statement executed 1 time by 1 test: err:
Executed by:
  • pkcs7test
1
185 EVP_PKEY_free(pkey);-
186 EVP_PKEY_CTX_free(pctx);-
187 free(ek);-
188 return ret;
executed 1 time by 1 test: return ret;
Executed by:
  • pkcs7test
1
189}-
190-
191-
192static int-
193pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri,-
194 EVP_PKEY *pkey)-
195{-
196 EVP_PKEY_CTX *pctx = NULL;-
197 unsigned char *ek = NULL;-
198 size_t eklen;-
199-
200 int ret = -1;-
201-
202 pctx = EVP_PKEY_CTX_new(pkey, NULL);-
203 if (!pctx)
!pctxDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
204 return -1;
never executed: return -1;
0
205-
206 if (EVP_PKEY_decrypt_init(pctx) <= 0)
EVP_PKEY_decry...nit(pctx) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
207 goto err;
never executed: goto err;
0
208-
209 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
EVP_PKEY_CTX_c...4, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
210 EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
EVP_PKEY_CTX_c...4, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
211 PKCS7error(PKCS7_R_CTRL_ERROR);-
212 goto err;
never executed: goto err;
0
213 }-
214-
215 if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
216 ri->enc_key->data, ri->enc_key->length) <= 0)
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
217 goto err;
never executed: goto err;
0
218-
219 ek = malloc(eklen);-
220 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
221 PKCS7error(ERR_R_MALLOC_FAILURE);-
222 goto err;
never executed: goto err;
0
223 }-
224-
225 if (EVP_PKEY_decrypt(pctx, ek, &eklen,
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
226 ri->enc_key->data, ri->enc_key->length) <= 0) {
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
227 ret = 0;-
228 PKCS7error(ERR_R_EVP_LIB);-
229 goto err;
never executed: goto err;
0
230 }-
231-
232 ret = 1;-
233-
234 freezero(*pek, *peklen);-
235-
236 *pek = ek;-
237 *peklen = eklen;-
238-
239err:
code before this statement executed 1 time by 1 test: err:
Executed by:
  • pkcs7test
1
240 EVP_PKEY_CTX_free(pctx);-
241 if (!ret && ek)
!retDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
ekDescription
TRUEnever evaluated
FALSEnever evaluated
0-1
242 free(ek);
never executed: free(ek);
0
243-
244 return ret;
executed 1 time by 1 test: return ret;
Executed by:
  • pkcs7test
1
245}-
246-
247BIO *-
248PKCS7_dataInit(PKCS7 *p7, BIO *bio)-
249{-
250 int i;-
251 BIO *out = NULL, *btmp = NULL;-
252 X509_ALGOR *xa = NULL;-
253 const EVP_CIPHER *evp_cipher = NULL;-
254 STACK_OF(X509_ALGOR) *md_sk = NULL;-
255 STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;-
256 X509_ALGOR *xalg = NULL;-
257 PKCS7_RECIP_INFO *ri = NULL;-
258 ASN1_OCTET_STRING *os = NULL;-
259-
260 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • pkcs7test
0-5
261 PKCS7error(PKCS7_R_INVALID_NULL_POINTER);-
262 return NULL;
never executed: return ((void *)0) ;
0
263 }-
264-
265 /*-
266 * The content field in the PKCS7 ContentInfo is optional,-
267 * but that really only applies to inner content (precisely,-
268 * detached signatures).-
269 *-
270 * When reading content, missing outer content is therefore-
271 * treated as an error.-
272 *-
273 * When creating content, PKCS7_content_new() must be called-
274 * before calling this method, so a NULL p7->d is always-
275 * an error.-
276 */-
277 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • pkcs7test
0-5
278 PKCS7error(PKCS7_R_NO_CONTENT);-
279 return NULL;
never executed: return ((void *)0) ;
0
280 }-
281-
282 i = OBJ_obj2nid(p7->type);-
283 p7->state = PKCS7_S_HEADER;-
284-
285 switch (i) {-
286 case NID_pkcs7_signed:
executed 4 times by 1 test: case 22:
Executed by:
  • pkcs7test
4
287 md_sk = p7->d.sign->md_algs;-
288 os = PKCS7_get_octet_string(p7->d.sign->contents);-
289 break;
executed 4 times by 1 test: break;
Executed by:
  • pkcs7test
4
290 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
291 rsk = p7->d.signed_and_enveloped->recipientinfo;-
292 md_sk = p7->d.signed_and_enveloped->md_algs;-
293 xalg = p7->d.signed_and_enveloped->enc_data->algorithm;-
294 evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;-
295 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
296 PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED);-
297 goto err;
never executed: goto err;
0
298 }-
299 break;
never executed: break;
0
300 case NID_pkcs7_enveloped:
executed 1 time by 1 test: case 23:
Executed by:
  • pkcs7test
1
301 rsk = p7->d.enveloped->recipientinfo;-
302 xalg = p7->d.enveloped->enc_data->algorithm;-
303 evp_cipher = p7->d.enveloped->enc_data->cipher;-
304 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
305 PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED);-
306 goto err;
never executed: goto err;
0
307 }-
308 break;
executed 1 time by 1 test: break;
Executed by:
  • pkcs7test
1
309 case NID_pkcs7_digest:
never executed: case 25:
0
310 xa = p7->d.digest->md;-
311 os = PKCS7_get_octet_string(p7->d.digest->contents);-
312 break;
never executed: break;
0
313 case NID_pkcs7_data:
never executed: case 21:
0
314 break;
never executed: break;
0
315 default:
never executed: default:
0
316 PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
317 goto err;
never executed: goto err;
0
318 }-
319-
320 for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
i < sk_num(((_...09_ALGOR*)0)))Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 5 times by 1 test
Evaluated by:
  • pkcs7test
4-5
321 if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
!PKCS7_bio_add...R*)0)), (i))))Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
0-4
322 goto err;
never executed: goto err;
0
323-
324 if (xa && !PKCS7_bio_add_digest(&out, xa))
xaDescription
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • pkcs7test
!PKCS7_bio_add...gest(&out, xa)Description
TRUEnever evaluated
FALSEnever evaluated
0-5
325 goto err;
never executed: goto err;
0
326-
327 if (evp_cipher != NULL) {
evp_cipher != ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
1-4
328 unsigned char key[EVP_MAX_KEY_LENGTH];-
329 unsigned char iv[EVP_MAX_IV_LENGTH];-
330 int keylen, ivlen;-
331 EVP_CIPHER_CTX *ctx;-
332-
333 if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
334 PKCS7error(ERR_R_BIO_LIB);-
335 goto err;
never executed: goto err;
0
336 }-
337 BIO_get_cipher_ctx(btmp, &ctx);-
338 keylen = EVP_CIPHER_key_length(evp_cipher);-
339 ivlen = EVP_CIPHER_iv_length(evp_cipher);-
340 xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));-
341 if (ivlen > 0)
ivlen > 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
342 arc4random_buf(iv, ivlen);
executed 1 time by 1 test: arc4random_buf(iv, ivlen);
Executed by:
  • pkcs7test
1
343 if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL,
EVP_CipherInit...*)0) , 1) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
344 NULL, 1) <= 0)
EVP_CipherInit...*)0) , 1) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
345 goto err;
never executed: goto err;
0
346 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
EVP_CIPHER_CTX...ctx, key) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
347 goto err;
never executed: goto err;
0
348 if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
EVP_CipherInit...y, iv, 1) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
349 goto err;
never executed: goto err;
0
350-
351 if (ivlen > 0) {
ivlen > 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
352 if (xalg->parameter == NULL) {
xalg->parameter == ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
353 xalg->parameter = ASN1_TYPE_new();-
354 if (xalg->parameter == NULL)
xalg->parameter == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
355 goto err;
never executed: goto err;
0
356 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
357 if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
EVP_CIPHER_par...parameter) < 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
358 goto err;
never executed: goto err;
0
359 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
360-
361 /* Lets do the pub key stuff :-) */-
362 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_num(((_...CIP_INFO*)0)))Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
1
363 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
364 if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
pkcs7_encode_r..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
365 goto err;
never executed: goto err;
0
366 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
367 explicit_bzero(key, keylen);-
368-
369 if (out == NULL)
out == ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
370 out = btmp;
executed 1 time by 1 test: out = btmp;
Executed by:
  • pkcs7test
1
371 else-
372 BIO_push(out, btmp);
never executed: BIO_push(out, btmp);
0
373 btmp = NULL;-
374 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
375-
376 if (bio == NULL) {
bio == ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
1-4
377 if (PKCS7_is_detached(p7))
(OBJ_obj2nid((...->type) == 22)Description
TRUEevaluated 3 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
1-3
378 bio = BIO_new(BIO_s_null());
executed 1 time by 1 test: bio = BIO_new(BIO_s_null());
Executed by:
  • pkcs7test
1
379 else if (os && os->length > 0)
osDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
os->length > 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
1-2
380 bio = BIO_new_mem_buf(os->data, os->length);
executed 1 time by 1 test: bio = BIO_new_mem_buf(os->data, os->length);
Executed by:
  • pkcs7test
1
381 if (bio == NULL) {
bio == ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
2
382 bio = BIO_new(BIO_s_mem());-
383 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
384 goto err;
never executed: goto err;
0
385 BIO_set_mem_eof_return(bio, 0);-
386 }
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
387 }
executed 4 times by 1 test: end of block
Executed by:
  • pkcs7test
4
388 if (out)
outDescription
TRUEevaluated 5 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-5
389 BIO_push(out, bio);
executed 5 times by 1 test: BIO_push(out, bio);
Executed by:
  • pkcs7test
5
390 else-
391 out = bio;
never executed: out = bio;
0
392 bio = NULL;-
393 if (0) {-
394err:-
395 if (out != NULL)
out != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
396 BIO_free_all(out);
never executed: BIO_free_all(out);
0
397 if (btmp != NULL)
btmp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
398 BIO_free_all(btmp);
never executed: BIO_free_all(btmp);
0
399 out = NULL;-
400 }
never executed: end of block
0
401 return (out);
executed 5 times by 1 test: return (out);
Executed by:
  • pkcs7test
5
402}-
403-
404static int-
405pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)-
406{-
407 int ret;-
408-
409 ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,-
410 pcert->cert_info->issuer);-
411 if (ret)
retDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
412 return ret;
never executed: return ret;
0
413 return ASN1_STRING_cmp(pcert->cert_info->serialNumber,
executed 1 time by 1 test: return ASN1_STRING_cmp(pcert->cert_info->serialNumber, ri->issuer_and_serial->serial);
Executed by:
  • pkcs7test
1
414 ri->issuer_and_serial->serial);
executed 1 time by 1 test: return ASN1_STRING_cmp(pcert->cert_info->serialNumber, ri->issuer_and_serial->serial);
Executed by:
  • pkcs7test
1
415}-
416-
417/* int */-
418BIO *-
419PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)-
420{-
421 int i, j;-
422 BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;-
423 X509_ALGOR *xa;-
424 ASN1_OCTET_STRING *data_body = NULL;-
425 const EVP_MD *evp_md;-
426 const EVP_CIPHER *evp_cipher = NULL;-
427 EVP_CIPHER_CTX *evp_ctx = NULL;-
428 X509_ALGOR *enc_alg = NULL;-
429 STACK_OF(X509_ALGOR) *md_sk = NULL;-
430 STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;-
431 PKCS7_RECIP_INFO *ri = NULL;-
432 unsigned char *ek = NULL, *tkey = NULL;-
433 int eklen = 0, tkeylen = 0;-
434-
435 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
436 PKCS7error(PKCS7_R_INVALID_NULL_POINTER);-
437 return NULL;
never executed: return ((void *)0) ;
0
438 }-
439-
440 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
441 PKCS7error(PKCS7_R_NO_CONTENT);-
442 return NULL;
never executed: return ((void *)0) ;
0
443 }-
444-
445 i = OBJ_obj2nid(p7->type);-
446 p7->state = PKCS7_S_HEADER;-
447-
448 switch (i) {-
449 case NID_pkcs7_signed:
never executed: case 22:
0
450 data_body = PKCS7_get_octet_string(p7->d.sign->contents);-
451 md_sk = p7->d.sign->md_algs;-
452 break;
never executed: break;
0
453 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
454 rsk = p7->d.signed_and_enveloped->recipientinfo;-
455 md_sk = p7->d.signed_and_enveloped->md_algs;-
456 data_body = p7->d.signed_and_enveloped->enc_data->enc_data;-
457 enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;-
458 evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);-
459 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
460 PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE);-
461 goto err;
never executed: goto err;
0
462 }-
463 break;
never executed: break;
0
464 case NID_pkcs7_enveloped:
executed 1 time by 1 test: case 23:
Executed by:
  • pkcs7test
1
465 rsk = p7->d.enveloped->recipientinfo;-
466 enc_alg = p7->d.enveloped->enc_data->algorithm;-
467 data_body = p7->d.enveloped->enc_data->enc_data;-
468 evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);-
469 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
470 PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE);-
471 goto err;
never executed: goto err;
0
472 }-
473 break;
executed 1 time by 1 test: break;
Executed by:
  • pkcs7test
1
474 default:
never executed: default:
0
475 PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
476 goto err;
never executed: goto err;
0
477 }-
478-
479 /* We will be checking the signature */-
480 if (md_sk != NULL) {
md_sk != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
481 for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
i < sk_num(((_...09_ALGOR*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
482 xa = sk_X509_ALGOR_value(md_sk, i);-
483 if ((btmp = BIO_new(BIO_f_md())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
484 PKCS7error(ERR_R_BIO_LIB);-
485 goto err;
never executed: goto err;
0
486 }-
487-
488 j = OBJ_obj2nid(xa->algorithm);-
489 evp_md = EVP_get_digestbynid(j);-
490 if (evp_md == NULL) {
evp_md == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
491 PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE);-
492 goto err;
never executed: goto err;
0
493 }-
494-
495 BIO_set_md(btmp, evp_md);-
496 if (out == NULL)
out == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
497 out = btmp;
never executed: out = btmp;
0
498 else-
499 BIO_push(out, btmp);
never executed: BIO_push(out, btmp);
0
500 btmp = NULL;-
501 }
never executed: end of block
0
502 }
never executed: end of block
0
503-
504 if (evp_cipher != NULL) {
evp_cipher != ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
505 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
(etmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
506 PKCS7error(ERR_R_BIO_LIB);-
507 goto err;
never executed: goto err;
0
508 }-
509-
510 /* It was encrypted, we need to decrypt the secret key-
511 * with the private key */-
512-
513 /* Find the recipientInfo which matches the passed certificate-
514 * (if any)-
515 */-
516 if (pcert) {
pcertDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
517 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_num(((_...CIP_INFO*)0)))Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
518 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
519 if (!pkcs7_cmp_ri(ri, pcert))
!pkcs7_cmp_ri(ri, pcert)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
520 break;
executed 1 time by 1 test: break;
Executed by:
  • pkcs7test
1
521 ri = NULL;-
522 }
never executed: end of block
0
523 if (ri == NULL) {
ri == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
524 PKCS7error(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);-
525 goto err;
never executed: goto err;
0
526 }-
527 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
528-
529 /* If we haven't got a certificate try each ri in turn */-
530 if (pcert == NULL) {
pcert == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
531 /* Always attempt to decrypt all rinfo even-
532 * after sucess as a defence against MMA timing-
533 * attacks.-
534 */-
535 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_num(((_...CIP_INFO*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
536 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
537-
538 if (pkcs7_decrypt_rinfo(&ek, &eklen,
pkcs7_decrypt_... ri, pkey) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
539 ri, pkey) < 0)
pkcs7_decrypt_... ri, pkey) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
540 goto err;
never executed: goto err;
0
541 ERR_clear_error();-
542 }
never executed: end of block
0
543 } else {
never executed: end of block
0
544 /* Only exit on fatal errors, not decrypt failure */-
545 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
pkcs7_decrypt_... ri, pkey) < 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
546 goto err;
never executed: goto err;
0
547 ERR_clear_error();-
548 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
549-
550 evp_ctx = NULL;-
551 BIO_get_cipher_ctx(etmp, &evp_ctx);-
552 if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL,
EVP_CipherInit...*)0) , 0) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
553 NULL, 0) <= 0)
EVP_CipherInit...*)0) , 0) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
554 goto err;
never executed: goto err;
0
555 if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
EVP_CIPHER_asn...parameter) < 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
556 goto err;
never executed: goto err;
0
557 /* Generate random key as MMA defence */-
558 tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);-
559 tkey = malloc(tkeylen);-
560 if (!tkey)
!tkeyDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
561 goto err;
never executed: goto err;
0
562 if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
EVP_CIPHER_CTX...tx, tkey) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
563 goto err;
never executed: goto err;
0
564 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
565 ek = tkey;-
566 eklen = tkeylen;-
567 tkey = NULL;-
568 }
never executed: end of block
0
569-
570 if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
eklen != EVP_C...ength(evp_ctx)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
571 /* Some S/MIME clients don't use the same key-
572 * and effective key length. The key length is-
573 * determined by the size of the decrypted RSA key.-
574 */-
575 if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
!EVP_CIPHER_CT...vp_ctx, eklen)Description
TRUEnever evaluated
FALSEnever evaluated
0
576 /* Use random key as MMA defence */-
577 freezero(ek, eklen);-
578 ek = tkey;-
579 eklen = tkeylen;-
580 tkey = NULL;-
581 }
never executed: end of block
0
582 }
never executed: end of block
0
583 /* Clear errors so we don't leak information useful in MMA */-
584 ERR_clear_error();-
585 if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
EVP_CipherInit...*)0) , 0) <= 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
586 goto err;
never executed: goto err;
0
587-
588 freezero(ek, eklen);-
589 ek = NULL;-
590 freezero(tkey, tkeylen);-
591 tkey = NULL;-
592-
593 if (out == NULL)
out == ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
594 out = etmp;
executed 1 time by 1 test: out = etmp;
Executed by:
  • pkcs7test
1
595 else-
596 BIO_push(out, etmp);
never executed: BIO_push(out, etmp);
0
597 etmp = NULL;-
598 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
599-
600 if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
(in_bio != ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
601 bio = in_bio;-
602 } else {
never executed: end of block
0
603 if (data_body != NULL && data_body->length > 0)
data_body != ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
data_body->length > 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
604 bio = BIO_new_mem_buf(data_body->data, data_body->length);
executed 1 time by 1 test: bio = BIO_new_mem_buf(data_body->data, data_body->length);
Executed by:
  • pkcs7test
1
605 else {-
606 bio = BIO_new(BIO_s_mem());-
607 BIO_set_mem_eof_return(bio, 0);-
608 }
never executed: end of block
0
609 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
610 goto err;
never executed: goto err;
0
611 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
612 BIO_push(out, bio);-
613-
614 if (0) {-
615err:-
616 freezero(ek, eklen);-
617 freezero(tkey, tkeylen);-
618 if (out != NULL)
out != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
619 BIO_free_all(out);
never executed: BIO_free_all(out);
0
620 if (btmp != NULL)
btmp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
621 BIO_free_all(btmp);
never executed: BIO_free_all(btmp);
0
622 if (etmp != NULL)
etmp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
623 BIO_free_all(etmp);
never executed: BIO_free_all(etmp);
0
624 out = NULL;-
625 }
never executed: end of block
0
626 return (out);
executed 1 time by 1 test: return (out);
Executed by:
  • pkcs7test
1
627}-
628-
629static BIO *-
630PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)-
631{-
632 for (;;) {-
633 bio = BIO_find_type(bio, BIO_TYPE_MD);-
634 if (bio == NULL) {
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
635 PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
636 return NULL;
never executed: return ((void *)0) ;
0
637 }-
638 BIO_get_md_ctx(bio, pmd);-
639 if (*pmd == NULL) {
*pmd == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
640 PKCS7error(ERR_R_INTERNAL_ERROR);-
641 return NULL;
never executed: return ((void *)0) ;
0
642 }-
643 if (EVP_MD_CTX_type(*pmd) == nid)
EVP_MD_type(EV...(*pmd)) == nidDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
644 return bio;
executed 2 times by 1 test: return bio;
Executed by:
  • pkcs7test
2
645 bio = BIO_next(bio);-
646 }
never executed: end of block
0
647 return NULL;
never executed: return ((void *)0) ;
0
648}-
649-
650static int-
651do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)-
652{-
653 unsigned char md_data[EVP_MAX_MD_SIZE];-
654 unsigned int md_len;-
655-
656 /* Add signing time if not already present */-
657 if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
!PKCS7_get_sig...ribute(si, 52)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
658 if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
!PKCS7_add0_at... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
659 PKCS7error(ERR_R_MALLOC_FAILURE);-
660 return 0;
never executed: return 0;
0
661 }-
662 }
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
663-
664 /* Add digest */-
665 if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
!EVP_DigestFin...data, &md_len)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
666 PKCS7error(ERR_R_EVP_LIB);-
667 return 0;
never executed: return 0;
0
668 }-
669 if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
!PKCS7_add1_at..._data, md_len)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
670 PKCS7error(ERR_R_MALLOC_FAILURE);-
671 return 0;
never executed: return 0;
0
672 }-
673-
674 /* Now sign the attributes */-
675 if (!PKCS7_SIGNER_INFO_sign(si))
!PKCS7_SIGNER_INFO_sign(si)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
676 return 0;
never executed: return 0;
0
677-
678 return 1;
executed 2 times by 1 test: return 1;
Executed by:
  • pkcs7test
2
679}-
680-
681-
682int-
683PKCS7_dataFinal(PKCS7 *p7, BIO *bio)-
684{-
685 int ret = 0;-
686 int i, j;-
687 BIO *btmp;-
688 PKCS7_SIGNER_INFO *si;-
689 EVP_MD_CTX *mdc, ctx_tmp;-
690 STACK_OF(X509_ATTRIBUTE) *sk;-
691 STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;-
692 ASN1_OCTET_STRING *os = NULL;-
693-
694 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 1 test
Evaluated by:
  • pkcs7test
0-3
695 PKCS7error(PKCS7_R_INVALID_NULL_POINTER);-
696 return 0;
never executed: return 0;
0
697 }-
698-
699 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 1 test
Evaluated by:
  • pkcs7test
0-3
700 PKCS7error(PKCS7_R_NO_CONTENT);-
701 return 0;
never executed: return 0;
0
702 }-
703-
704 EVP_MD_CTX_init(&ctx_tmp);-
705 i = OBJ_obj2nid(p7->type);-
706 p7->state = PKCS7_S_HEADER;-
707-
708 switch (i) {-
709 case NID_pkcs7_data:
never executed: case 21:
0
710 os = p7->d.data;-
711 break;
never executed: break;
0
712 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
713 /* XXX */-
714 si_sk = p7->d.signed_and_enveloped->signer_info;-
715 os = p7->d.signed_and_enveloped->enc_data->enc_data;-
716 if (!os) {
!osDescription
TRUEnever evaluated
FALSEnever evaluated
0
717 os = ASN1_OCTET_STRING_new();-
718 if (!os) {
!osDescription
TRUEnever evaluated
FALSEnever evaluated
0
719 PKCS7error(ERR_R_MALLOC_FAILURE);-
720 goto err;
never executed: goto err;
0
721 }-
722 p7->d.signed_and_enveloped->enc_data->enc_data = os;-
723 }
never executed: end of block
0
724 break;
never executed: break;
0
725 case NID_pkcs7_enveloped:
executed 1 time by 1 test: case 23:
Executed by:
  • pkcs7test
1
726 /* XXX */-
727 os = p7->d.enveloped->enc_data->enc_data;-
728 if (!os) {
!osDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-1
729 os = ASN1_OCTET_STRING_new();-
730 if (!os) {
!osDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-1
731 PKCS7error(ERR_R_MALLOC_FAILURE);-
732 goto err;
never executed: goto err;
0
733 }-
734 p7->d.enveloped->enc_data->enc_data = os;-
735 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
736 break;
executed 1 time by 1 test: break;
Executed by:
  • pkcs7test
1
737 case NID_pkcs7_signed:
executed 2 times by 1 test: case 22:
Executed by:
  • pkcs7test
2
738 si_sk = p7->d.sign->signer_info;-
739 os = PKCS7_get_octet_string(p7->d.sign->contents);-
740 if (!PKCS7_is_detached(p7) && os == NULL) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
os == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-2
741 PKCS7error(PKCS7_R_DECODE_ERROR);-
742 goto err;
never executed: goto err;
0
743 }-
744 /* If detached data then the content is excluded */-
745 if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
(OBJ_obj2nid((...->type) == 21)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
p7->detachedDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-2
746 ASN1_OCTET_STRING_free(os);-
747 os = NULL;-
748 p7->d.sign->contents->d.data = NULL;-
749 }
executed 1 time by 1 test: end of block
Executed by:
  • pkcs7test
1
750 break;
executed 2 times by 1 test: break;
Executed by:
  • pkcs7test
2
751-
752 case NID_pkcs7_digest:
never executed: case 25:
0
753 os = PKCS7_get_octet_string(p7->d.digest->contents);-
754 if (os == NULL) {
os == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
755 PKCS7error(PKCS7_R_DECODE_ERROR);-
756 goto err;
never executed: goto err;
0
757 }-
758 /* If detached data then the content is excluded */-
759 if (PKCS7_type_is_data(p7->d.digest->contents) &&
(OBJ_obj2nid((...->type) == 21)Description
TRUEnever evaluated
FALSEnever evaluated
0
760 p7->detached) {
p7->detachedDescription
TRUEnever evaluated
FALSEnever evaluated
0
761 ASN1_OCTET_STRING_free(os);-
762 os = NULL;-
763 p7->d.digest->contents->d.data = NULL;-
764 }
never executed: end of block
0
765 break;
never executed: break;
0
766-
767 default:
never executed: default:
0
768 PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
769 goto err;
never executed: goto err;
0
770 }-
771-
772 if (si_sk != NULL) {
si_sk != ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
1-2
773 for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
i < sk_num(((_...NER_INFO*)0)))Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
2
774 si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);-
775 if (si->pkey == NULL)
si->pkey == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
776 continue;
never executed: continue;
0
777-
778 j = OBJ_obj2nid(si->digest_alg->algorithm);-
779-
780 if ((btmp = PKCS7_find_digest(&mdc, bio, j)) == NULL)
(btmp = PKCS7_...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
781 goto err;
never executed: goto err;
0
782-
783 /* We now have the EVP_MD_CTX, lets do the-
784 * signing. */-
785 if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
!EVP_MD_CTX_co...&ctx_tmp, mdc)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
786 goto err;
never executed: goto err;
0
787-
788 sk = si->auth_attr;-
789-
790 /* If there are attributes, we add the digest-
791 * attribute and only sign the attributes */-
792 if (sk_X509_ATTRIBUTE_num(sk) > 0) {
sk_num(((_STAC...BUTE*)0))) > 0Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
793 if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
!do_pkcs7_sign...(si, &ctx_tmp)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
794 goto err;
never executed: goto err;
0
795 } else {
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
796 unsigned char *abuf = NULL;-
797 unsigned int abuflen;-
798 abuflen = EVP_PKEY_size(si->pkey);-
799 abuf = malloc(abuflen);-
800 if (!abuf)
!abufDescription
TRUEnever evaluated
FALSEnever evaluated
0
801 goto err;
never executed: goto err;
0
802-
803 if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen,
!EVP_SignFinal...len, si->pkey)Description
TRUEnever evaluated
FALSEnever evaluated
0
804 si->pkey)) {
!EVP_SignFinal...len, si->pkey)Description
TRUEnever evaluated
FALSEnever evaluated
0
805 PKCS7error(ERR_R_EVP_LIB);-
806 goto err;
never executed: goto err;
0
807 }-
808 ASN1_STRING_set0(si->enc_digest, abuf, abuflen);-
809 }
never executed: end of block
0
810 }-
811 } else if (i == NID_pkcs7_digest) {
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
i == 25Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
0-2
812 unsigned char md_data[EVP_MAX_MD_SIZE];-
813 unsigned int md_len;-
814-
815 if (!PKCS7_find_digest(&mdc, bio,
!PKCS7_find_di...d->algorithm))Description
TRUEnever evaluated
FALSEnever evaluated
0
816 OBJ_obj2nid(p7->d.digest->md->algorithm)))
!PKCS7_find_di...d->algorithm))Description
TRUEnever evaluated
FALSEnever evaluated
0
817 goto err;
never executed: goto err;
0
818 if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
!EVP_DigestFin...data, &md_len)Description
TRUEnever evaluated
FALSEnever evaluated
0
819 goto err;
never executed: goto err;
0
820 if (ASN1_STRING_set(p7->d.digest->digest, md_data,
ASN1_STRING_se..., md_len) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
821 md_len) == 0)
ASN1_STRING_se..., md_len) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
822 goto err;
never executed: goto err;
0
823 }
never executed: end of block
0
824-
825 if (!PKCS7_is_detached(p7)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 1 time by 1 test
Evaluated by:
  • pkcs7test
1-2
826 /*-
827 * NOTE: only reach os == NULL here because detached-
828 * digested data support is broken?-
829 */-
830 if (os == NULL)
os == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
831 goto err;
never executed: goto err;
0
832 if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
!(os->flags & 0x010)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
833 char *cont;-
834 long contlen;-
835-
836 btmp = BIO_find_type(bio, BIO_TYPE_MEM);-
837 if (btmp == NULL) {
btmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
838 PKCS7error(PKCS7_R_UNABLE_TO_FIND_MEM_BIO);-
839 goto err;
never executed: goto err;
0
840 }-
841 contlen = BIO_get_mem_data(btmp, &cont);-
842 /*-
843 * Mark the BIO read only then we can use its copy-
844 * of the data instead of making an extra copy.-
845 */-
846 BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);-
847 BIO_set_mem_eof_return(btmp, 0);-
848 ASN1_STRING_set0(os, (unsigned char *)cont, contlen);-
849 }
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
850 }
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
851 ret = 1;-
852err:
code before this statement executed 3 times by 1 test: err:
Executed by:
  • pkcs7test
3
853 EVP_MD_CTX_cleanup(&ctx_tmp);-
854 return (ret);
executed 3 times by 1 test: return (ret);
Executed by:
  • pkcs7test
3
855}-
856-
857int-
858PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)-
859{-
860 EVP_MD_CTX mctx;-
861 EVP_PKEY_CTX *pctx;-
862 unsigned char *abuf = NULL;-
863 int alen;-
864 size_t siglen;-
865 const EVP_MD *md = NULL;-
866-
867 md = EVP_get_digestbyobj(si->digest_alg->algorithm);-
868 if (md == NULL)
md == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
869 return 0;
never executed: return 0;
0
870-
871 EVP_MD_CTX_init(&mctx);-
872 if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
EVP_DigestSign...si->pkey) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
873 goto err;
never executed: goto err;
0
874-
875 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTX_c...5, 0, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
876 EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
EVP_PKEY_CTX_c...5, 0, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
877 PKCS7error(PKCS7_R_CTRL_ERROR);-
878 goto err;
never executed: goto err;
0
879 }-
880-
881 alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,-
882 &PKCS7_ATTR_SIGN_it);-
883 if (!abuf)
!abufDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
884 goto err;
never executed: goto err;
0
885 if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
EVP_DigestUpda...buf,alen) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
886 goto err;
never executed: goto err;
0
887 free(abuf);-
888 abuf = NULL;-
889 if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
EVP_DigestSign... &siglen) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
890 goto err;
never executed: goto err;
0
891 abuf = malloc(siglen);-
892 if (!abuf)
!abufDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
893 goto err;
never executed: goto err;
0
894 if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
EVP_DigestSign... &siglen) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
895 goto err;
never executed: goto err;
0
896-
897 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTX_c...5, 1, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
898 EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
EVP_PKEY_CTX_c...5, 1, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
899 PKCS7error(PKCS7_R_CTRL_ERROR);-
900 goto err;
never executed: goto err;
0
901 }-
902-
903 EVP_MD_CTX_cleanup(&mctx);-
904-
905 ASN1_STRING_set0(si->enc_digest, abuf, siglen);-
906-
907 return 1;
executed 2 times by 1 test: return 1;
Executed by:
  • pkcs7test
2
908-
909err:-
910 free(abuf);-
911 EVP_MD_CTX_cleanup(&mctx);-
912 return 0;
never executed: return 0;
0
913}-
914-
915int-
916PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,-
917 PKCS7 *p7, PKCS7_SIGNER_INFO *si)-
918{-
919 PKCS7_ISSUER_AND_SERIAL *ias;-
920 int ret = 0, i;-
921 STACK_OF(X509) *cert;-
922 X509 *x509;-
923-
924 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
925 PKCS7error(PKCS7_R_INVALID_NULL_POINTER);-
926 return 0;
never executed: return 0;
0
927 }-
928-
929 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
930 PKCS7error(PKCS7_R_NO_CONTENT);-
931 return 0;
never executed: return 0;
0
932 }-
933-
934 if (PKCS7_type_is_signed(p7)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEnever evaluated
FALSEnever evaluated
0
935 cert = p7->d.sign->cert;-
936 } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
never executed: end of block
(OBJ_obj2nid((...->type) == 24)Description
TRUEnever evaluated
FALSEnever evaluated
0
937 cert = p7->d.signed_and_enveloped->cert;-
938 } else {
never executed: end of block
0
939 PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE);-
940 goto err;
never executed: goto err;
0
941 }-
942 /* XXXX */-
943 ias = si->issuer_and_serial;-
944-
945 x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);-
946-
947 /* were we able to find the cert in passed to us */-
948 if (x509 == NULL) {
x509 == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
949 PKCS7error(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);-
950 goto err;
never executed: goto err;
0
951 }-
952-
953 /* Lets verify */-
954 if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
!X509_STORE_CT...e, x509, cert)Description
TRUEnever evaluated
FALSEnever evaluated
0
955 PKCS7error(ERR_R_X509_LIB);-
956 goto err;
never executed: goto err;
0
957 }-
958 if (X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN) == 0) {
X509_STORE_CTX...e(ctx, 4) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
959 X509_STORE_CTX_cleanup(ctx);-
960 goto err;
never executed: goto err;
0
961 }-
962 i = X509_verify_cert(ctx);-
963 if (i <= 0) {
i <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
964 PKCS7error(ERR_R_X509_LIB);-
965 X509_STORE_CTX_cleanup(ctx);-
966 goto err;
never executed: goto err;
0
967 }-
968 X509_STORE_CTX_cleanup(ctx);-
969-
970 return PKCS7_signatureVerify(bio, p7, si, x509);
never executed: return PKCS7_signatureVerify(bio, p7, si, x509);
0
971err:-
972 -
973 return ret;
never executed: return ret;
0
974}-
975-
976int-
977PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509)-
978{-
979 ASN1_OCTET_STRING *os;-
980 EVP_MD_CTX mdc_tmp, *mdc;-
981 int ret = 0, i;-
982 int md_type;-
983 STACK_OF(X509_ATTRIBUTE) *sk;-
984 BIO *btmp;-
985 EVP_PKEY *pkey;-
986-
987 EVP_MD_CTX_init(&mdc_tmp);-
988-
989 if (!PKCS7_type_is_signed(p7) &&
!(OBJ_obj2nid(...->type) == 22)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
990 !PKCS7_type_is_signedAndEnveloped(p7)) {
!(OBJ_obj2nid(...->type) == 24)Description
TRUEnever evaluated
FALSEnever evaluated
0
991 PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE);-
992 goto err;
never executed: goto err;
0
993 }-
994-
995 md_type = OBJ_obj2nid(si->digest_alg->algorithm);-
996-
997 btmp = bio;-
998 for (;;) {-
999 if ((btmp == NULL) ||
(btmp == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1000 ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
((btmp = BIO_f... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1001 PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
1002 goto err;
never executed: goto err;
0
1003 }-
1004 BIO_get_md_ctx(btmp, &mdc);-
1005 if (mdc == NULL) {
mdc == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1006 PKCS7error(ERR_R_INTERNAL_ERROR);-
1007 goto err;
never executed: goto err;
0
1008 }-
1009 if (EVP_MD_CTX_type(mdc) == md_type)
EVP_MD_type(EV...c)) == md_typeDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
1010 break;
executed 2 times by 1 test: break;
Executed by:
  • pkcs7test
2
1011 /* Workaround for some broken clients that put the signature-
1012 * OID instead of the digest OID in digest_alg->algorithm-
1013 */-
1014 if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
EVP_MD_pkey_ty...c)) == md_typeDescription
TRUEnever evaluated
FALSEnever evaluated
0
1015 break;
never executed: break;
0
1016 btmp = BIO_next(btmp);-
1017 }
never executed: end of block
0
1018-
1019 /* mdc is the digest ctx that we want, unless there are attributes,-
1020 * in which case the digest is the signed attributes */-
1021 if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
!EVP_MD_CTX_co...&mdc_tmp, mdc)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1022 goto err;
never executed: goto err;
0
1023-
1024 sk = si->auth_attr;-
1025 if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
(sk != ((void *)0) )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
(sk_num(((_STA...TE*)0))) != 0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
1026 unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;-
1027 unsigned int md_len;-
1028 int alen;-
1029 ASN1_OCTET_STRING *message_digest;-
1030-
1031 if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
!EVP_DigestFin..._dat, &md_len)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1032 goto err;
never executed: goto err;
0
1033 message_digest = PKCS7_digest_from_attributes(sk);-
1034 if (!message_digest) {
!message_digestDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1035 PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
1036 goto err;
never executed: goto err;
0
1037 }-
1038 if ((message_digest->length != (int)md_len) ||
(message_diges...= (int)md_len)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1039 (memcmp(message_digest->data, md_dat, md_len))) {
(memcmp(messag..._dat, md_len))Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1040 PKCS7error(PKCS7_R_DIGEST_FAILURE);-
1041 ret = -1;-
1042 goto err;
never executed: goto err;
0
1043 }-
1044-
1045 if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type),
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1046 NULL))-
1047 goto err;
never executed: goto err;
0
1048-
1049 alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,-
1050 &PKCS7_ATTR_VERIFY_it);-
1051 if (alen <= 0) {
alen <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1052 PKCS7error(ERR_R_ASN1_LIB);-
1053 ret = -1;-
1054 goto err;
never executed: goto err;
0
1055 }-
1056 if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
!EVP_DigestUpd...tmp,abuf,alen)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1057 goto err;
never executed: goto err;
0
1058-
1059 free(abuf);-
1060 }
executed 2 times by 1 test: end of block
Executed by:
  • pkcs7test
2
1061-
1062 os = si->enc_digest;-
1063 pkey = X509_get_pubkey(x509);-
1064 if (!pkey) {
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1065 ret = -1;-
1066 goto err;
never executed: goto err;
0
1067 }-
1068-
1069 i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);-
1070 EVP_PKEY_free(pkey);-
1071 if (i <= 0) {
i <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1072 PKCS7error(PKCS7_R_SIGNATURE_FAILURE);-
1073 ret = -1;-
1074 goto err;
never executed: goto err;
0
1075 } else-
1076 ret = 1;
executed 2 times by 1 test: ret = 1;
Executed by:
  • pkcs7test
2
1077err:
code before this statement executed 2 times by 1 test: err:
Executed by:
  • pkcs7test
2
1078 EVP_MD_CTX_cleanup(&mdc_tmp);-
1079 return (ret);
executed 2 times by 1 test: return (ret);
Executed by:
  • pkcs7test
2
1080}-
1081-
1082PKCS7_ISSUER_AND_SERIAL *-
1083PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)-
1084{-
1085 STACK_OF(PKCS7_RECIP_INFO) *rsk;-
1086 PKCS7_RECIP_INFO *ri;-
1087 int i;-
1088-
1089 i = OBJ_obj2nid(p7->type);-
1090 if (i != NID_pkcs7_signedAndEnveloped)
i != 24Description
TRUEnever evaluated
FALSEnever evaluated
0
1091 return NULL;
never executed: return ((void *)0) ;
0
1092 if (p7->d.signed_and_enveloped == NULL)
p7->d.signed_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1093 return NULL;
never executed: return ((void *)0) ;
0
1094 rsk = p7->d.signed_and_enveloped->recipientinfo;-
1095 if (rsk == NULL)
rsk == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1096 return NULL;
never executed: return ((void *)0) ;
0
1097 ri = sk_PKCS7_RECIP_INFO_value(rsk, 0);-
1098 if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
sk_num(((_STAC...O*)0))) <= idxDescription
TRUEnever evaluated
FALSEnever evaluated
0
1099 return (NULL);
never executed: return ( ((void *)0) );
0
1100 ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);-
1101 return (ri->issuer_and_serial);
never executed: return (ri->issuer_and_serial);
0
1102}-
1103-
1104ASN1_TYPE *-
1105PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)-
1106{-
1107 return (get_attribute(si->auth_attr, nid));
executed 4 times by 1 test: return (get_attribute(si->auth_attr, nid));
Executed by:
  • pkcs7test
4
1108}-
1109-
1110ASN1_TYPE *-
1111PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)-
1112{-
1113 return (get_attribute(si->unauth_attr, nid));
never executed: return (get_attribute(si->unauth_attr, nid));
0
1114}-
1115-
1116static ASN1_TYPE *-
1117get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)-
1118{-
1119 int i;-
1120 X509_ATTRIBUTE *xa;-
1121 ASN1_OBJECT *o;-
1122-
1123 o = OBJ_nid2obj(nid);-
1124 if (!o || !sk)
!oDescription
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • pkcs7test
!skDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 4 times by 1 test
Evaluated by:
  • pkcs7test
0-6
1125 return (NULL);
executed 2 times by 1 test: return ( ((void *)0) );
Executed by:
  • pkcs7test
2
1126 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
i < sk_num(((_...TTRIBUTE*)0)))Description
TRUEevaluated 10 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
2-10
1127 xa = sk_X509_ATTRIBUTE_value(sk, i);-
1128 if (OBJ_cmp(xa->object, o) == 0) {
OBJ_cmp(xa->object, o) == 0Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 8 times by 1 test
Evaluated by:
  • pkcs7test
2-8
1129 if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
!xa->singleDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
sk_num(((_STAC...SN1_TYPE*)0)))Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEnever evaluated
0-2
1130 return (sk_ASN1_TYPE_value(xa->value.set, 0));
executed 2 times by 1 test: return (((ASN1_TYPE *)sk_value(((_STACK*) (1 ? (xa->value.set) : (struct stack_st_ASN1_TYPE*)0)), (0))));
Executed by:
  • pkcs7test
2
1131 else-
1132 return (NULL);
never executed: return ( ((void *)0) );
0
1133 }-
1134 }
executed 8 times by 1 test: end of block
Executed by:
  • pkcs7test
8
1135 return (NULL);
executed 2 times by 1 test: return ( ((void *)0) );
Executed by:
  • pkcs7test
2
1136}-
1137-
1138ASN1_OCTET_STRING *-
1139PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)-
1140{-
1141 ASN1_TYPE *astype;-
1142-
1143 if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
!(astype = get...ibute(sk, 51))Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1144 return NULL;
never executed: return ((void *)0) ;
0
1145 if (astype->type != V_ASN1_OCTET_STRING)
astype->type != 4Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1146 return NULL;
never executed: return ((void *)0) ;
0
1147 return astype->value.octet_string;
executed 2 times by 1 test: return astype->value.octet_string;
Executed by:
  • pkcs7test
2
1148}-
1149-
1150int-
1151PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,-
1152 STACK_OF(X509_ATTRIBUTE) *sk)-
1153{-
1154 int i;-
1155-
1156 if (p7si->auth_attr != NULL)
p7si->auth_attr != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1157 sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,
never executed: sk_pop_free(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE*)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) ;
0
1158 X509_ATTRIBUTE_free);
never executed: sk_pop_free(((_STACK*) (1 ? (p7si->auth_attr) : (struct stack_st_X509_ATTRIBUTE*)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) ;
0
1159 p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);-
1160 if (p7si->auth_attr == NULL)
p7si->auth_attr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1161 return 0;
never executed: return 0;
0
1162 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
i < sk_num(((_...TTRIBUTE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
1163 if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1164 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i))))
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1165 == NULL)
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1166 return (0);
never executed: return (0);
0
1167 }
never executed: end of block
0
1168 return (1);
never executed: return (1);
0
1169}-
1170-
1171int-
1172PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)-
1173{-
1174 int i;-
1175-
1176 if (p7si->unauth_attr != NULL)
p7si->unauth_a...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1177 sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
never executed: sk_pop_free(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE*)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) ;
0
1178 X509_ATTRIBUTE_free);
never executed: sk_pop_free(((_STACK*) (1 ? (p7si->unauth_attr) : (struct stack_st_X509_ATTRIBUTE*)0)), ((void (*)(void *)) ((1 ? (X509_ATTRIBUTE_free) : (void (*)(X509_ATTRIBUTE *))0)))) ;
0
1179 p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);-
1180 if (p7si->unauth_attr == NULL)
p7si->unauth_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1181 return 0;
never executed: return 0;
0
1182 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
i < sk_num(((_...TTRIBUTE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
1183 if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1184 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i))))
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1185 == NULL)
(sk_set(((_STA...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1186 return (0);
never executed: return (0);
0
1187 }
never executed: end of block
0
1188 return (1);
never executed: return (1);
0
1189}-
1190-
1191int-
1192PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,-
1193 void *value)-
1194{-
1195 return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
executed 8 times by 1 test: return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
Executed by:
  • pkcs7test
8
1196}-
1197-
1198int-
1199PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, void *value)-
1200{-
1201 return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
never executed: return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
0
1202}-
1203-
1204static int-
1205add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value)-
1206{-
1207 X509_ATTRIBUTE *attr = NULL;-
1208-
1209 if (*sk == NULL) {
*sk == ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 6 times by 1 test
Evaluated by:
  • pkcs7test
2-6
1210 *sk = sk_X509_ATTRIBUTE_new_null();-
1211 if (*sk == NULL)
*sk == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • pkcs7test
0-2
1212 return 0;
never executed: return 0;
0
1213new_attrib:
code before this statement executed 2 times by 1 test: new_attrib:
Executed by:
  • pkcs7test
2
1214 if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
!(attr = X509_...rtype, value))Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • pkcs7test
0-8
1215 return 0;
never executed: return 0;
0
1216 if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
!sk_push(((_ST...TTRIBUTE*)0)))Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • pkcs7test
0-8
1217 X509_ATTRIBUTE_free(attr);-
1218 return 0;
never executed: return 0;
0
1219 }-
1220 } else {
executed 8 times by 1 test: end of block
Executed by:
  • pkcs7test
8
1221 int i;-
1222-
1223 for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
i < sk_num(((_...TTRIBUTE*)0)))Description
TRUEevaluated 12 times by 1 test
Evaluated by:
  • pkcs7test
FALSEevaluated 6 times by 1 test
Evaluated by:
  • pkcs7test
6-12
1224 attr = sk_X509_ATTRIBUTE_value(*sk, i);-
1225 if (OBJ_obj2nid(attr->object) == nid) {
OBJ_obj2nid(at...object) == nidDescription
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • pkcs7test
0-12
1226 X509_ATTRIBUTE_free(attr);-
1227 attr = X509_ATTRIBUTE_create(nid, atrtype,-
1228 value);-
1229 if (attr == NULL)
attr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1230 return 0;
never executed: return 0;
0
1231 if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
!sk_set(((_STA...TTRIBUTE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
1232 X509_ATTRIBUTE_free(attr);-
1233 return 0;
never executed: return 0;
0
1234 }-
1235 goto end;
never executed: goto end;
0
1236 }-
1237 }
executed 12 times by 1 test: end of block
Executed by:
  • pkcs7test
12
1238 goto new_attrib;
executed 6 times by 1 test: goto new_attrib;
Executed by:
  • pkcs7test
6
1239 }-
1240end:
code before this statement executed 8 times by 1 test: end:
Executed by:
  • pkcs7test
8
1241 return (1);
executed 8 times by 1 test: return (1);
Executed by:
  • pkcs7test
8
1242}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2