OpenCoverage

ocsp_vfy.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/ocsp/ocsp_vfy.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,-
3 struct stack_st_X509 *certs, X509_STORE *st, unsigned long flags);-
4static X509 *ocsp_find_signer_sk(struct stack_st_X509 *certs, OCSP_RESPID *id);-
5static int ocsp_check_issuer(OCSP_BASICRESP *bs, struct stack_st_X509 *chain,-
6 unsigned long flags);-
7static int ocsp_check_ids(struct stack_st_OCSP_SINGLERESP *sresp, OCSP_CERTID **ret);-
8static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,-
9 struct stack_st_OCSP_SINGLERESP *sresp);-
10static int ocsp_check_delegated(X509 *x, int flags);-
11static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,-
12 X509_NAME *nm, struct stack_st_X509 *certs, X509_STORE *st,-
13 unsigned long flags);-
14-
15-
16int-
17OCSP_basic_verify(OCSP_BASICRESP *bs, struct stack_st_X509 *certs, X509_STORE *st,-
18 unsigned long flags)-
19{-
20 X509 *signer, *x;-
21 struct stack_st_X509 *chain = -
22 ((void *)0)-
23 ;-
24 struct stack_st_X509 *untrusted = -
25 ((void *)0)-
26 ;-
27 X509_STORE_CTX ctx;-
28 int i, ret = 0;-
29-
30 ret = ocsp_find_signer(&signer, bs, certs, st, flags);-
31 if (!ret
!retDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
32 ERR_put_error(39,(0xfff),(118),__FILE__,89);-
33 goto
never executed: goto end;
 end;
never executed: goto end;
0
34 }-
35 if ((
(ret == 2)Description
TRUEnever evaluated
FALSEnever evaluated
ret == 2)
(ret == 2)Description
TRUEnever evaluated
FALSEnever evaluated
 && (
(flags & 0x200)Description
TRUEnever evaluated
FALSEnever evaluated
flags & 0x200)
(flags & 0x200)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
36 flags |= 0x10;
never executed: flags |= 0x10;
0
37 if (!(flags & 0x4)
!(flags & 0x4)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
38 EVP_PKEY *skey;-
39-
40 skey = X509_get_pubkey(signer);-
41 if (skey
skeyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
42 ret = ASN1_item_verify(&OCSP_RESPDATA_it, bs->signatureAlgorithm,bs->signature,bs->tbsResponseData,skey);-
43 EVP_PKEY_free(skey);-
44 }
never executed: end of block
0
45 if (!skey
!skeyDescription
TRUEnever evaluated
FALSEnever evaluated
 || ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
46 ERR_put_error(39,(0xfff),(117),__FILE__,103);-
47 goto
never executed: goto end;
 end;
never executed: goto end;
0
48 }-
49 }
never executed: end of block
0
50 if (!(flags & 0x10)
!(flags & 0x10)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
51 int init_res;-
52-
53 if (flags & 0x8
flags & 0x8Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
54 untrusted = -
55 ((void *)0)-
56 ;-
57 }
never executed: end of block
 else if (bs->certs
bs->certsDescription
TRUEnever evaluated
FALSEnever evaluated
 && certs
certsDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
58 untrusted = (struct stack_st_X509 *)sk_dup(((_STACK*) (1 ? bs->certs : (struct stack_st_X509*)0)));-
59 for (i = 0; i < sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)))
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
60 if (!sk_push(((_STACK*) (1 ? (untrusted) : (struct stack_st_X509*)0)), ((void*) (1 ? (((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i)))) : (X509*)0)))
!sk_push(((_ST... : (X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
61 ) {-
62 ERR_put_error(39,(0xfff),((1|64)),__FILE__,117);-
63 goto
never executed: goto end;
 end;
never executed: goto end;
0
64 }-
65 }
never executed: end of block
0
66 }
never executed: end of block
 else		0
67 untrusted = bs->certs;
never executed: untrusted = bs->certs;
0
68 init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted);-
69 if (!init_res
!init_resDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
70 ret = -1;-
71 ERR_put_error(39,(0xfff),(11),__FILE__,126);-
72 goto
never executed: goto end;
 end;
never executed: goto end;
0
73 }-
74-
75 if (X509_STORE_CTX_set_purpose(&ctx,
X509_STORE_CTX...(&ctx, 8) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
76 8) == 0
X509_STORE_CTX...(&ctx, 8) == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
77 X509_STORE_CTX_cleanup(&ctx);-
78 ret = -1;-
79 goto
never executed: goto end;
 end;
never executed: goto end;
0
80 }-
81 ret = X509_verify_cert(&ctx);-
82 chain = X509_STORE_CTX_get1_chain(&ctx);-
83 X509_STORE_CTX_cleanup(&ctx);-
84 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
85 i = X509_STORE_CTX_get_error(&ctx);-
86 ERR_put_error(39,(0xfff),(101),__FILE__,141);-
87 ERR_asprintf_error_data("Verify error:%s",-
88 X509_verify_cert_error_string(i));-
89 goto
never executed: goto end;
 end;
never executed: goto end;
0
90 }-
91 if (flags & 0x100
flags & 0x100Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
92 ret = 1;-
93 goto
never executed: goto end;
 end;
never executed: goto end;
0
94 }-
95-
96-
97-
98 ret = ocsp_check_issuer(bs, chain, flags);-
99-
100-
101 if (ret != 0
ret != 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
102 goto
never executed: goto end;
 end;
never executed: goto end;
0
103-
104-
105-
106-
107 if (flags & 0x20
flags & 0x20Description
TRUEnever evaluated
FALSEnever evaluated
)		0
108 goto
never executed: goto end;
 end;
never executed: goto end;
0
109-
110 x = ((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (sk_num(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0))) - 1)));-
111 if (X509_check_trust(x, 180, 0) !=
X509_check_tru..., 180, 0) != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
112 1
X509_check_tru..., 180, 0) != 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
113 ERR_put_error(39,(0xfff),(112),__FILE__,168);-
114 goto
never executed: goto end;
 end;
never executed: goto end;
0
115 }-
116 ret = 1;-
117 }
never executed: end of block
0
118-
119end:
code before this statement never executed: end:
0
120 if (chain
chainDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
121 sk_pop_free(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), ((void (*)(void *)) ((1 ? (X509_free) : (void (*)(X509 *))0))));
never executed: sk_pop_free(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), ((void (*)(void *)) ((1 ? (X509_free) : (void (*)(X509 *))0))));
0
122 if (bs->certs
bs->certsDescription
TRUEnever evaluated
FALSEnever evaluated
 && certs
certsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
123 sk_free(((_STACK*) (1 ? (untrusted) : (struct stack_st_X509*)0)));
never executed: sk_free(((_STACK*) (1 ? (untrusted) : (struct stack_st_X509*)0)));
0
124 return
never executed: return ret;
 ret;
never executed: return ret;
0
125}-
126-
127static int-
128ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, struct stack_st_X509 *certs,-
129 X509_STORE *st, unsigned long flags)-
130{-
131 X509 *signer;-
132 OCSP_RESPID *rid = bs->tbsResponseData->responderId;-
133-
134 if ((
(signer = ocsp...k(certs, rid))Description
TRUEnever evaluated
FALSEnever evaluated
signer = ocsp_find_signer_sk(certs, rid))
(signer = ocsp...k(certs, rid))Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
135 *psigner = signer;-
136 return
never executed: return 2;
 2;
never executed: return 2;
0
137 }-
138 if (!(flags & 0x2)
!(flags & 0x2)Description
TRUEnever evaluated
FALSEnever evaluated
 &&		0
139 (
(signer = ocsp...->certs, rid))Description
TRUEnever evaluated
FALSEnever evaluated
signer = ocsp_find_signer_sk(bs->certs, rid))
(signer = ocsp...->certs, rid))Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
140 *psigner = signer;-
141 return
never executed: return 1;
 1;
never executed: return 1;
0
142 }-
143-
144-
145 *psigner = -
146 ((void *)0)-
147 ;-
148 return
never executed: return 0;
 0;
never executed: return 0;
0
149}-
150-
151static X509 *-
152ocsp_find_signer_sk(struct stack_st_X509 *certs, OCSP_RESPID *id)-
153{-
154 int i;-
155 unsigned char tmphash[20], *keyhash;-
156 X509 *x;-
157-
158-
159 if (id->type == 0
id->type == 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
160 return
never executed: return X509_find_by_subject(certs, id->value.byName);
 X509_find_by_subject(certs, id->value.byName);
never executed: return X509_find_by_subject(certs, id->value.byName);
0
161-
162-
163-
164-
165 if (id->value.byKey->length != 20
id->value.byKey->length != 20Description
TRUEnever evaluated
FALSEnever evaluated
)		0
166 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
167 ((void *)0)
never executed: return ((void *)0) ;
0
168 ;
never executed: return ((void *)0) ;
0
169 keyhash = id->value.byKey->data;-
170-
171 for (i = 0; i < sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)))
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
172 x = ((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i)));-
173 X509_pubkey_digest(x, EVP_sha1(), tmphash, -
174 ((void *)0)-
175 );-
176 if (!memcmp(keyhash, tmphash, 20)
!memcmp(keyhash, tmphash, 20)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
177 return
never executed: return x;
 x;
never executed: return x;
0
178 }
never executed: end of block
0
179 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
180 ((void *)0)
never executed: return ((void *)0) ;
0
181 ;
never executed: return ((void *)0) ;
0
182}-
183-
184static int-
185ocsp_check_issuer(OCSP_BASICRESP *bs, struct stack_st_X509 *chain,-
186 unsigned long flags)-
187{-
188 struct stack_st_OCSP_SINGLERESP *sresp;-
189 X509 *signer, *sca;-
190 OCSP_CERTID *caid = -
191 ((void *)0)-
192 ;-
193 int i;-
194-
195 sresp = bs->tbsResponseData->responses;-
196-
197 if (sk_num(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0))) <= 0
sk_num(((_STAC...509*)0))) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
198 ERR_put_error(39,(0xfff),(105),__FILE__,243);-
199 return
never executed: return -1;
 -1;
never executed: return -1;
0
200 }-
201-
202-
203 i = ocsp_check_ids(sresp, &caid);-
204-
205-
206 if (i <= 0
i <= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
207 return
never executed: return i;
 i;
never executed: return i;
0
208-
209 signer = ((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (0)));-
210-
211 if (sk_num(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0))) > 1
sk_num(((_STAC...X509*)0))) > 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
212 sca = ((X509 *)sk_value(((_STACK*) (1 ? (chain) : (struct stack_st_X509*)0)), (1)));-
213 i = ocsp_match_issuerid(sca, caid, sresp);-
214 if (i < 0
i < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
215 return
never executed: return i;
 i;
never executed: return i;
0
216 if (i
iDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
217-
218 if (ocsp_check_delegated(signer, flags)
ocsp_check_del...signer, flags)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
219 return
never executed: return 1;
 1;
never executed: return 1;
0
220 return
never executed: return 0;
 0;
never executed: return 0;
0
221 }-
222 }
never executed: end of block
0
223-
224-
225 return
never executed: return ocsp_match_issuerid(signer, caid, sresp);
 ocsp_match_issuerid(signer, caid, sresp);
never executed: return ocsp_match_issuerid(signer, caid, sresp);
0
226}-
227-
228-
229-
230-
231-
232static int-
233ocsp_check_ids(struct stack_st_OCSP_SINGLERESP *sresp, OCSP_CERTID **ret)-
234{-
235 OCSP_CERTID *tmpid, *cid;-
236 int i, idcount;-
237-
238 idcount = sk_num(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)));-
239 if (idcount <= 0
idcount <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
240 ERR_put_error(39,(0xfff),(111),__FILE__,285);-
241 return
never executed: return -1;
 -1;
never executed: return -1;
0
242 }-
243-
244 cid = ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)), (0)))->certId;-
245-
246 *ret = -
247 ((void *)0)-
248 ;-
249-
250 for (i = 1; i < idcount
i < idcountDescription
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
251 tmpid = ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)), (i)))->certId;-
252-
253 if (OCSP_id_issuer_cmp(cid, tmpid)
OCSP_id_issuer_cmp(cid, tmpid)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
254 return
never executed: return 0;
 0;
never executed: return 0;
0
255 }-
256 }
never executed: end of block
0
257-
258-
259 *ret = cid;-
260 return
never executed: return 1;
 1;
never executed: return 1;
0
261}-
262-
263static int-
264ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,-
265 struct stack_st_OCSP_SINGLERESP *sresp)-
266{-
267-
268 if (cid
cidDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
269 const EVP_MD *dgst;-
270 X509_NAME *iname;-
271 int mdlen;-
272 unsigned char md[64];-
273-
274 if (!(dgst =
!(dgst = EVP_g...>algorithm))))Description
TRUEnever evaluated
FALSEnever evaluated
0
275 EVP_get_digestbyname(OBJ_nid2sn(OBJ_obj2nid(cid->hashAlgorithm->algorithm))))
!(dgst = EVP_g...>algorithm))))Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
276 ERR_put_error(39,(0xfff),(119),__FILE__,319);-
277 return
never executed: return -1;
 -1;
never executed: return -1;
0
278 }-
279-
280 mdlen = EVP_MD_size(dgst);-
281 if (mdlen < 0
mdlen < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
282 return
never executed: return -1;
 -1;
never executed: return -1;
0
283 if (cid->issuerNameHash->length != mdlen
cid->issuerNam...ength != mdlenDescription
TRUEnever evaluated
FALSEnever evaluated
 ||		0
284 cid->issuerKeyHash->length != mdlen
cid->issuerKey...ength != mdlenDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
285 return
never executed: return 0;
 0;
never executed: return 0;
0
286 iname = X509_get_subject_name(cert);-
287 if (!X509_NAME_digest(iname, dgst, md,
!X509_NAME_dig... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
288 ((void *)0)
!X509_NAME_dig... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
289 )
!X509_NAME_dig... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
290 return
never executed: return -1;
 -1;
never executed: return -1;
0
291 if (memcmp(md, cid->issuerNameHash->data, mdlen)
memcmp(md, cid...->data, mdlen)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
292 return
never executed: return 0;
 0;
never executed: return 0;
0
293 X509_pubkey_digest(cert, dgst, md, -
294 ((void *)0)-
295 );-
296 if (memcmp(md, cid->issuerKeyHash->data, mdlen)
memcmp(md, cid...->data, mdlen)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
297 return
never executed: return 0;
 0;
never executed: return 0;
0
298-
299 return
never executed: return 1;
 1;
never executed: return 1;
0
300 } else {-
301-
302 int i, ret;-
303 OCSP_CERTID *tmpid;-
304-
305 for (i = 0; i < sk_num(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)))
i < sk_num(((_...NGLERESP*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
306 tmpid = ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)), (i)))->certId;-
307 ret = ocsp_match_issuerid(cert, tmpid, -
308 ((void *)0)-
309 );-
310 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
311 return
never executed: return ret;
 ret;
never executed: return ret;
0
312 }
never executed: end of block
0
313 return
never executed: return 1;
 1;
never executed: return 1;
0
314 }-
315}-
316-
317static int-
318ocsp_check_delegated(X509 *x, int flags)-
319{-
320 X509_check_purpose(x, -1, 0);-
321 if ((
(x->ex_flags & 0x0004)Description
TRUEnever evaluated
FALSEnever evaluated
x->ex_flags & 0x0004)
(x->ex_flags & 0x0004)Description
TRUEnever evaluated
FALSEnever evaluated
 && (
(x->ex_xkusage & 0x20)Description
TRUEnever evaluated
FALSEnever evaluated
x->ex_xkusage & 0x20)
(x->ex_xkusage & 0x20)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
322 return
never executed: return 1;
 1;
never executed: return 1;
0
323 ERR_put_error(39,(0xfff),(103),__FILE__,360);-
324 return
never executed: return 0;
 0;
never executed: return 0;
0
325}-
326-
327-
328-
329-
330-
331int-
332OCSP_request_verify(OCSP_REQUEST *req, struct stack_st_X509 *certs, X509_STORE *store,-
333 unsigned long flags)-
334{-
335 X509 *signer;-
336 X509_NAME *nm;-
337 GENERAL_NAME *gen;-
338 int ret;-
339 X509_STORE_CTX ctx;-
340-
341 if (!req->optionalSignature
!req->optionalSignatureDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
342 ERR_put_error(39,(0xfff),(128),__FILE__,379);-
343 return
never executed: return 0;
 0;
never executed: return 0;
0
344 }-
345 gen = req->tbsRequest->requestorName;-
346 if (!gen
!genDescription
TRUEnever evaluated
FALSEnever evaluated
 || gen->type != 4
gen->type != 4Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
347 ERR_put_error(39,(0xfff),(129),__FILE__,384);-
348 return
never executed: return 0;
 0;
never executed: return 0;
0
349 }-
350 nm = gen->d.directoryName;-
351 ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags);-
352 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
353 ERR_put_error(39,(0xfff),(118),__FILE__,390);-
354 return
never executed: return 0;
 0;
never executed: return 0;
0
355 }-
356 if ((
(ret == 2)Description
TRUEnever evaluated
FALSEnever evaluated
ret == 2)
(ret == 2)Description
TRUEnever evaluated
FALSEnever evaluated
 && (
(flags & 0x200)Description
TRUEnever evaluated
FALSEnever evaluated
flags & 0x200)
(flags & 0x200)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
357 flags |= 0x10;
never executed: flags |= 0x10;
0
358 if (!(flags & 0x4)
!(flags & 0x4)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
359 EVP_PKEY *skey;-
360-
361 skey = X509_get_pubkey(signer);-
362 ret = ASN1_item_verify(&OCSP_REQINFO_it, req->optionalSignature->signatureAlgorithm, req->optionalSignature->signature,req->tbsRequest,skey);-
363 EVP_PKEY_free(skey);-
364 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
365 ERR_put_error(39,(0xfff),(117),__FILE__,402);-
366 return
never executed: return 0;
 0;
never executed: return 0;
0
367 }-
368 }
never executed: end of block
0
369 if (!(flags & 0x10)
!(flags & 0x10)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
370 int init_res;-
371-
372 if (flags & 0x8
flags & 0x8Description
TRUEnever evaluated
FALSEnever evaluated
)		0
373 init_res = X509_STORE_CTX_init(&ctx, store, signer,
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, ((void *)0) );
0
374
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, ((void *)0) );
0
375 ((void *)0)
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, ((void *)0) );
0
376 );
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, ((void *)0) );
0
377 else-
378 init_res = X509_STORE_CTX_init(&ctx, store, signer,
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, req->optionalSignature->certs);
0
379 req->optionalSignature->certs);
never executed: init_res = X509_STORE_CTX_init(&ctx, store, signer, req->optionalSignature->certs);
0
380 if (!init_res
!init_resDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
381 ERR_put_error(39,(0xfff),(11),__FILE__,416);-
382 return
never executed: return 0;
 0;
never executed: return 0;
0
383 }-
384-
385 if (X509_STORE_CTX_set_purpose(&ctx,
X509_STORE_CTX...(&ctx, 8) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
386 8) == 0
X509_STORE_CTX...(&ctx, 8) == 0Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
387 X509_STORE_CTX_set_trust(&ctx,
X509_STORE_CTX...(&ctx, 7) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
388 7) == 0
X509_STORE_CTX...(&ctx, 7) == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
389 X509_STORE_CTX_cleanup(&ctx);-
390 return
never executed: return 0;
 0;
never executed: return 0;
0
391 }-
392 ret = X509_verify_cert(&ctx);-
393 X509_STORE_CTX_cleanup(&ctx);-
394 if (ret <= 0
ret <= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
395 ret = X509_STORE_CTX_get_error(&ctx);-
396 ERR_put_error(39,(0xfff),(101),__FILE__,431);-
397 ERR_asprintf_error_data("Verify error:%s",-
398 X509_verify_cert_error_string(ret));-
399 return
never executed: return 0;
 0;
never executed: return 0;
0
400 }-
401 }
never executed: end of block
0
402 return
never executed: return 1;
 1;
never executed: return 1;
0
403}-
404-
405static int-
406ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm,-
407 struct stack_st_X509 *certs, X509_STORE *st, unsigned long flags)-
408{-
409 X509 *signer;-
410-
411 if (!(flags & 0x2)
!(flags & 0x2)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
412 signer = X509_find_by_subject(req->optionalSignature->certs, nm);-
413 if (signer
signerDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
414 *psigner = signer;-
415 return
never executed: return 1;
 1;
never executed: return 1;
0
416 }-
417 }
never executed: end of block
0
418-
419 signer = X509_find_by_subject(certs, nm);-
420 if (signer
signerDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
421 *psigner = signer;-
422 return
never executed: return 2;
 2;
never executed: return 2;
0
423 }-
424 return
never executed: return 0;
 0;
never executed: return 0;
0
425}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2