OpenCoverage

ocsp_prn.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/ocsp/ocsp_prn.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: ocsp_prn.c,v 1.8 2015/07/16 02:16:19 miod Exp $ */-
2/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL-
3 * project. */-
4-
5/* History:-
6 This file was originally part of ocsp.c and was transfered to Richard-
7 Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included-
8 in OpenSSL or released as a patch kit. */-
9-
10/* ====================================================================-
11 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.-
12 *-
13 * Redistribution and use in source and binary forms, with or without-
14 * modification, are permitted provided that the following conditions-
15 * are met:-
16 *-
17 * 1. Redistributions of source code must retain the above copyright-
18 * notice, this list of conditions and the following disclaimer.-
19 *-
20 * 2. Redistributions in binary form must reproduce the above copyright-
21 * notice, this list of conditions and the following disclaimer in-
22 * the documentation and/or other materials provided with the-
23 * distribution.-
24 *-
25 * 3. All advertising materials mentioning features or use of this-
26 * software must display the following acknowledgment:-
27 * "This product includes software developed by the OpenSSL Project-
28 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"-
29 *-
30 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
31 * endorse or promote products derived from this software without-
32 * prior written permission. For written permission, please contact-
33 * openssl-core@openssl.org.-
34 *-
35 * 5. Products derived from this software may not be called "OpenSSL"-
36 * nor may "OpenSSL" appear in their names without prior written-
37 * permission of the OpenSSL Project.-
38 *-
39 * 6. Redistributions of any form whatsoever must retain the following-
40 * acknowledgment:-
41 * "This product includes software developed by the OpenSSL Project-
42 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"-
43 *-
44 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
45 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
46 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
47 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
48 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
49 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
50 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
51 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
53 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
54 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
55 * OF THE POSSIBILITY OF SUCH DAMAGE.-
56 * ====================================================================-
57 *-
58 * This product includes cryptographic software written by Eric Young-
59 * (eay@cryptsoft.com). This product includes software written by Tim-
60 * Hudson (tjh@cryptsoft.com).-
61 *-
62 */-
63-
64#include <openssl/bio.h>-
65#include <openssl/err.h>-
66#include <openssl/ocsp.h>-
67#include <openssl/pem.h>-
68-
69static int-
70ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent)-
71{-
72 BIO_printf(bp, "%*sCertificate ID:\n", indent, "");-
73 indent += 2;-
74 BIO_printf(bp, "%*sHash Algorithm: ", indent, "");-
75 i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);-
76 BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");-
77 i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);-
78 BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");-
79 i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);-
80 BIO_printf(bp, "\n%*sSerial Number: ", indent, "");-
81 i2a_ASN1_INTEGER(bp, a->serialNumber);-
82 BIO_printf(bp, "\n");-
83 return 1;
never executed: return 1;
0
84}-
85-
86typedef struct {-
87 long t;-
88 const char *m;-
89} OCSP_TBLSTR;-
90-
91static const char *-
92table2string(long s, const OCSP_TBLSTR *ts, int len)-
93{-
94 const OCSP_TBLSTR *p;-
95-
96 for (p = ts; p < ts + len; p++)
p < ts + lenDescription
TRUEnever evaluated
FALSEnever evaluated
0
97 if (p->t == s)
p->t == sDescription
TRUEnever evaluated
FALSEnever evaluated
0
98 return p->m;
never executed: return p->m;
0
99 return "(UNKNOWN)";
never executed: return "(UNKNOWN)";
0
100}-
101-
102const char *-
103OCSP_response_status_str(long s)-
104{-
105 static const OCSP_TBLSTR rstat_tbl[] = {-
106 { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" },-
107 { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" },-
108 { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" },-
109 { OCSP_RESPONSE_STATUS_TRYLATER, "trylater" },-
110 { OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired" },-
111 { OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized" }-
112 };-
113 return table2string(s, rstat_tbl, 6);
never executed: return table2string(s, rstat_tbl, 6);
0
114}-
115-
116const char *-
117OCSP_cert_status_str(long s)-
118{-
119 static const OCSP_TBLSTR cstat_tbl[] = {-
120 { V_OCSP_CERTSTATUS_GOOD, "good" },-
121 { V_OCSP_CERTSTATUS_REVOKED, "revoked" },-
122 { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" }-
123 };-
124 return table2string(s, cstat_tbl, 3);
never executed: return table2string(s, cstat_tbl, 3);
0
125}-
126-
127const char *-
128OCSP_crl_reason_str(long s)-
129{-
130 static const OCSP_TBLSTR reason_tbl[] = {-
131 { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" },-
132 { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" },-
133 { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" },-
134 { OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged" },-
135 { OCSP_REVOKED_STATUS_SUPERSEDED, "superseded" },-
136 { OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation" },-
137 { OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold" },-
138 { OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL" }-
139 };-
140 return table2string(s, reason_tbl, 8);
never executed: return table2string(s, reason_tbl, 8);
0
141}-
142-
143int-
144OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)-
145{-
146 int i;-
147 long l;-
148 OCSP_CERTID* cid = NULL;-
149 OCSP_ONEREQ *one = NULL;-
150 OCSP_REQINFO *inf = o->tbsRequest;-
151 OCSP_SIGNATURE *sig = o->optionalSignature;-
152-
153 if (BIO_write(bp, "OCSP Request Data:\n", 19) <= 0)
BIO_write(bp, ...:\n", 19) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
154 goto err;
never executed: goto err;
0
155 l = ASN1_INTEGER_get(inf->version);-
156 if (BIO_printf(bp, " Version: %lu (0x%lx)", l+1, l) <= 0)
BIO_printf(bp,..., l+1, l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
157 goto err;
never executed: goto err;
0
158 if (inf->requestorName != NULL) {
inf->requestor...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
159 if (BIO_write(bp, "\n Requestor Name: ", 21) <= 0)
BIO_write(bp, ...e: ", 21) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
160 goto err;
never executed: goto err;
0
161 GENERAL_NAME_print(bp, inf->requestorName);-
162 }
never executed: end of block
0
163 if (BIO_write(bp, "\n Requestor List:\n", 21) <= 0)
BIO_write(bp, ...:\n", 21) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
164 goto err;
never executed: goto err;
0
165 for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) {
i < sk_num(((_...P_ONEREQ*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
166 one = sk_OCSP_ONEREQ_value(inf->requestList, i);-
167 cid = one->reqCert;-
168 ocsp_certid_print(bp, cid, 8);-
169 if (!X509V3_extensions_print(bp, "Request Single Extensions",
!X509V3_extens...ons, flags, 8)Description
TRUEnever evaluated
FALSEnever evaluated
0
170 one->singleRequestExtensions, flags, 8))
!X509V3_extens...ons, flags, 8)Description
TRUEnever evaluated
FALSEnever evaluated
0
171 goto err;
never executed: goto err;
0
172 }
never executed: end of block
0
173 if (!X509V3_extensions_print(bp, "Request Extensions",
!X509V3_extens...ons, flags, 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
174 inf->requestExtensions, flags, 4))
!X509V3_extens...ons, flags, 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
175 goto err;
never executed: goto err;
0
176 if (sig) {
sigDescription
TRUEnever evaluated
FALSEnever evaluated
0
177 if (X509_signature_print(bp, sig->signatureAlgorithm,
X509_signature...ignature) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
178 sig->signature) == 0)
X509_signature...ignature) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
179 goto err;
never executed: goto err;
0
180 for (i = 0; i < sk_X509_num(sig->certs); i++) {
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
181 if (X509_print(bp, sk_X509_value(sig->certs, i)) == 0)
X509_print(bp,...), (i)))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
182 goto err;
never executed: goto err;
0
183 if (PEM_write_bio_X509(bp,
PEM_write_bio_...), (i)))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
184 sk_X509_value(sig->certs, i)) == 0)
PEM_write_bio_...), (i)))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
185 goto err;
never executed: goto err;
0
186 }
never executed: end of block
0
187 }
never executed: end of block
0
188 return 1;
never executed: return 1;
0
189-
190err:-
191 return 0;
never executed: return 0;
0
192}-
193-
194int-
195OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)-
196{-
197 int i, ret = 0;-
198 long l;-
199 OCSP_CERTID *cid = NULL;-
200 OCSP_BASICRESP *br = NULL;-
201 OCSP_RESPID *rid = NULL;-
202 OCSP_RESPDATA *rd = NULL;-
203 OCSP_CERTSTATUS *cst = NULL;-
204 OCSP_REVOKEDINFO *rev = NULL;-
205 OCSP_SINGLERESP *single = NULL;-
206 OCSP_RESPBYTES *rb = o->responseBytes;-
207-
208 if (BIO_puts(bp, "OCSP Response Data:\n") <= 0)
BIO_puts(bp, "...Data:\n") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
209 goto err;
never executed: goto err;
0
210 l = ASN1_ENUMERATED_get(o->responseStatus);-
211 if (BIO_printf(bp, " OCSP Response Status: %s (0x%lx)\n",
BIO_printf(bp,...tr(l), l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
212 OCSP_response_status_str(l), l) <= 0)
BIO_printf(bp,...tr(l), l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
213 goto err;
never executed: goto err;
0
214 if (rb == NULL)
rb == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
215 return 1;
never executed: return 1;
0
216 if (BIO_puts(bp, " Response Type: ") <= 0)
BIO_puts(bp, "... Type: ") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
217 goto err;
never executed: goto err;
0
218 if (i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
i2a_ASN1_OBJEC...onseType) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
219 goto err;
never executed: goto err;
0
220 if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
OBJ_obj2nid(rb...seType) != 365Description
TRUEnever evaluated
FALSEnever evaluated
0
221 BIO_puts(bp, " (unknown response type)\n");-
222 return 1;
never executed: return 1;
0
223 }-
224-
225 i = ASN1_STRING_length(rb->response);-
226 if (!(br = OCSP_response_get1_basic(o)))
!(br = OCSP_re...get1_basic(o))Description
TRUEnever evaluated
FALSEnever evaluated
0
227 goto err;
never executed: goto err;
0
228 rd = br->tbsResponseData;-
229 l = ASN1_INTEGER_get(rd->version);-
230 if (BIO_printf(bp, "\n Version: %lu (0x%lx)\n", l+1, l) <= 0)
BIO_printf(bp,..., l+1, l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
231 goto err;
never executed: goto err;
0
232 if (BIO_puts(bp, " Responder Id: ") <= 0)
BIO_puts(bp, "...er Id: ") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
233 goto err;
never executed: goto err;
0
234-
235 rid = rd->responderId;-
236 switch (rid->type) {-
237 case V_OCSP_RESPID_NAME:
never executed: case 0:
0
238 X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);-
239 break;
never executed: break;
0
240 case V_OCSP_RESPID_KEY:
never executed: case 1:
0
241 i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);-
242 break;
never executed: break;
0
243 }-
244-
245 if (BIO_printf(bp, "\n Produced At: ")<=0)
BIO_printf(bp,...uced At: ")<=0Description
TRUEnever evaluated
FALSEnever evaluated
0
246 goto err;
never executed: goto err;
0
247 if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt))
!ASN1_GENERALI...d->producedAt)Description
TRUEnever evaluated
FALSEnever evaluated
0
248 goto err;
never executed: goto err;
0
249 if (BIO_printf(bp, "\n Responses:\n") <= 0)
BIO_printf(bp,...nses:\n") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
250 goto err;
never executed: goto err;
0
251 for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) {
i < sk_num(((_...NGLERESP*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
252 if (! sk_OCSP_SINGLERESP_value(rd->responses, i))
! ((OCSP_SINGL...SP*)0)), (i)))Description
TRUEnever evaluated
FALSEnever evaluated
0
253 continue;
never executed: continue;
0
254 single = sk_OCSP_SINGLERESP_value(rd->responses, i);-
255 cid = single->certId;-
256 if (ocsp_certid_print(bp, cid, 4) <= 0)
ocsp_certid_pr..., cid, 4) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
257 goto err;
never executed: goto err;
0
258 cst = single->certStatus;-
259 if (BIO_printf(bp, " Cert Status: %s",
BIO_printf(bp,...t->type)) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
260 OCSP_cert_status_str(cst->type)) <= 0)
BIO_printf(bp,...t->type)) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
261 goto err;
never executed: goto err;
0
262 if (cst->type == V_OCSP_CERTSTATUS_REVOKED) {
cst->type == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
263 rev = cst->value.revoked;-
264 if (BIO_printf(bp, "\n Revocation Time: ") <= 0)
BIO_printf(bp,... Time: ") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
265 goto err;
never executed: goto err;
0
266 if (!ASN1_GENERALIZEDTIME_print(bp,
!ASN1_GENERALI...evocationTime)Description
TRUEnever evaluated
FALSEnever evaluated
0
267 rev->revocationTime))
!ASN1_GENERALI...evocationTime)Description
TRUEnever evaluated
FALSEnever evaluated
0
268 goto err;
never executed: goto err;
0
269 if (rev->revocationReason) {
rev->revocationReasonDescription
TRUEnever evaluated
FALSEnever evaluated
0
270 l = ASN1_ENUMERATED_get(rev->revocationReason);-
271 if (BIO_printf(bp,
BIO_printf(bp,...tr(l), l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
272 "\n Revocation Reason: %s (0x%lx)",
BIO_printf(bp,...tr(l), l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
273 OCSP_crl_reason_str(l), l) <= 0)
BIO_printf(bp,...tr(l), l) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
274 goto err;
never executed: goto err;
0
275 }
never executed: end of block
0
276 }
never executed: end of block
0
277 if (BIO_printf(bp, "\n This Update: ") <= 0)
BIO_printf(bp,...pdate: ") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
278 goto err;
never executed: goto err;
0
279 if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate))
!ASN1_GENERALI...e->thisUpdate)Description
TRUEnever evaluated
FALSEnever evaluated
0
280 goto err;
never executed: goto err;
0
281 if (single->nextUpdate) {
single->nextUpdateDescription
TRUEnever evaluated
FALSEnever evaluated
0
282 if (BIO_printf(bp, "\n Next Update: ") <= 0)
BIO_printf(bp,...pdate: ") <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
283 goto err;
never executed: goto err;
0
284 if (!ASN1_GENERALIZEDTIME_print(bp, single->nextUpdate))
!ASN1_GENERALI...e->nextUpdate)Description
TRUEnever evaluated
FALSEnever evaluated
0
285 goto err;
never executed: goto err;
0
286 }
never executed: end of block
0
287 if (BIO_write(bp, "\n", 1) <= 0)
BIO_write(bp, "\n", 1) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
288 goto err;
never executed: goto err;
0
289 if (!X509V3_extensions_print(bp, "Response Single Extensions",
!X509V3_extens...ons, flags, 8)Description
TRUEnever evaluated
FALSEnever evaluated
0
290 single->singleExtensions, flags, 8))
!X509V3_extens...ons, flags, 8)Description
TRUEnever evaluated
FALSEnever evaluated
0
291 goto err;
never executed: goto err;
0
292 if (BIO_write(bp, "\n", 1) <= 0)
BIO_write(bp, "\n", 1) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
293 goto err;
never executed: goto err;
0
294 }
never executed: end of block
0
295 if (!X509V3_extensions_print(bp, "Response Extensions",
!X509V3_extens...ons, flags, 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
296 rd->responseExtensions, flags, 4))
!X509V3_extens...ons, flags, 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
297 goto err;
never executed: goto err;
0
298 if (X509_signature_print(bp, br->signatureAlgorithm, br->signature) <=
X509_signature...ignature) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
299 0)
X509_signature...ignature) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
300 goto err;
never executed: goto err;
0
301-
302 for (i = 0; i < sk_X509_num(br->certs); i++) {
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
303 X509_print(bp, sk_X509_value(br->certs, i));-
304 PEM_write_bio_X509(bp, sk_X509_value(br->certs, i));-
305 }
never executed: end of block
0
306-
307 ret = 1;-
308-
309err:
code before this statement never executed: err:
0
310 OCSP_BASICRESP_free(br);-
311 return ret;
never executed: return ret;
0
312}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2