Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | | - |
27 | | - |
28 | | - |
29 | | - |
30 | | - |
31 | | - |
32 | | - |
33 | | - |
34 | | - |
35 | | - |
36 | | - |
37 | | - |
38 | | - |
39 | | - |
40 | | - |
41 | | - |
42 | | - |
43 | | - |
44 | | - |
45 | | - |
46 | | - |
47 | | - |
48 | | - |
49 | | - |
50 | | - |
51 | | - |
52 | | - |
53 | | - |
54 | | - |
55 | | - |
56 | | - |
57 | | - |
58 | | - |
59 | | - |
60 | | - |
61 | | - |
62 | | - |
63 | | - |
64 | #include <stdio.h> | - |
65 | #include <string.h> | - |
66 | | - |
67 | #include <openssl/opensslconf.h> | - |
68 | | - |
69 | #include <openssl/asn1t.h> | - |
70 | #include <openssl/err.h> | - |
71 | #include <openssl/objects.h> | - |
72 | #include <openssl/ocsp.h> | - |
73 | #include <openssl/pem.h> | - |
74 | #include <openssl/x509.h> | - |
75 | #include <openssl/x509v3.h> | - |
76 | | - |
77 | | - |
78 | | - |
79 | OCSP_CERTID * | - |
80 | OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, const X509 *issuer) | - |
81 | { | - |
82 | X509_NAME *iname; | - |
83 | const ASN1_INTEGER *serial; | - |
84 | ASN1_BIT_STRING *ikey; | - |
85 | | - |
86 | #ifndef OPENSSL_NO_SHA1 | - |
87 | if (!dgst)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
88 | dgst = EVP_sha1(); never executed: dgst = EVP_sha1(); | 0 |
89 | #endif | - |
90 | if (subject) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
91 | iname = X509_get_issuer_name(subject); | - |
92 | serial = X509_get0_serialNumber(subject); | - |
93 | } else { never executed: end of block | 0 |
94 | iname = X509_get_subject_name(issuer); | - |
95 | serial = NULL; | - |
96 | } never executed: end of block | 0 |
97 | ikey = X509_get0_pubkey_bitstr(issuer); | - |
98 | return OCSP_cert_id_new(dgst, iname, ikey, serial); never executed: return OCSP_cert_id_new(dgst, iname, ikey, serial); | 0 |
99 | } | - |
100 | | - |
101 | OCSP_CERTID * | - |
102 | OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, | - |
103 | const ASN1_BIT_STRING *issuerKey, const ASN1_INTEGER *serialNumber) | - |
104 | { | - |
105 | int nid; | - |
106 | unsigned int i; | - |
107 | X509_ALGOR *alg; | - |
108 | OCSP_CERTID *cid = NULL; | - |
109 | unsigned char md[EVP_MAX_MD_SIZE]; | - |
110 | | - |
111 | if (!(cid = OCSP_CERTID_new()))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
112 | goto err; never executed: goto err; | 0 |
113 | | - |
114 | alg = cid->hashAlgorithm; | - |
115 | if (alg->algorithm != NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
116 | ASN1_OBJECT_free(alg->algorithm); never executed: ASN1_OBJECT_free(alg->algorithm); | 0 |
117 | if ((nid = EVP_MD_type(dgst)) == NID_undef) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
118 | OCSPerror(OCSP_R_UNKNOWN_NID); | - |
119 | goto err; never executed: goto err; | 0 |
120 | } | - |
121 | if (!(alg->algorithm = OBJ_nid2obj(nid)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
122 | goto err; never executed: goto err; | 0 |
123 | if ((alg->parameter = ASN1_TYPE_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
124 | goto err; never executed: goto err; | 0 |
125 | alg->parameter->type = V_ASN1_NULL; | - |
126 | | - |
127 | if (!X509_NAME_digest(issuerName, dgst, md, &i))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
128 | goto digerr; never executed: goto digerr; | 0 |
129 | if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
130 | goto err; never executed: goto err; | 0 |
131 | | - |
132 | | - |
133 | if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
134 | goto err; never executed: goto err; | 0 |
135 | | - |
136 | if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
137 | goto err; never executed: goto err; | 0 |
138 | | - |
139 | if (serialNumber) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
140 | ASN1_INTEGER_free(cid->serialNumber); | - |
141 | if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
142 | goto err; never executed: goto err; | 0 |
143 | } never executed: end of block | 0 |
144 | return cid; never executed: return cid; | 0 |
145 | | - |
146 | digerr: | - |
147 | OCSPerror(OCSP_R_DIGEST_ERR); | - |
148 | err: code before this statement never executed: err: | 0 |
149 | if (cid)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
150 | OCSP_CERTID_free(cid); never executed: OCSP_CERTID_free(cid); | 0 |
151 | return NULL; never executed: return ((void *)0) ; | 0 |
152 | } | - |
153 | | - |
154 | int | - |
155 | OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b) | - |
156 | { | - |
157 | int ret; | - |
158 | | - |
159 | ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm); | - |
160 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
161 | return ret; never executed: return ret; | 0 |
162 | ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash); | - |
163 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
164 | return ret; never executed: return ret; | 0 |
165 | return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash); never executed: return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash); | 0 |
166 | } | - |
167 | | - |
168 | int | - |
169 | OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b) | - |
170 | { | - |
171 | int ret; | - |
172 | | - |
173 | ret = OCSP_id_issuer_cmp(a, b); | - |
174 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
175 | return ret; never executed: return ret; | 0 |
176 | return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber); never executed: return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber); | 0 |
177 | } | - |
178 | | - |
179 | | - |
180 | | - |
181 | | - |
182 | int | - |
183 | OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath, | - |
184 | int *pssl) | - |
185 | { | - |
186 | char *host, *path, *port, *tmp; | - |
187 | | - |
188 | *phost = *pport = *ppath = NULL; | - |
189 | *pssl = 0; | - |
190 | | - |
191 | if (strncmp(url, "https://", 8) == 0) { never executed: __result = (((const unsigned char *) (const char *) ( url ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "https://" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
192 | *pssl = 1; | - |
193 | host = strdup(url + 8); never executed: __retval = (char *) memcpy (__retval, url + 8 , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
194 | } else if (strncmp(url, "http://", 7) == 0) never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( url ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "http://" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
195 | host = strdup(url + 7); never executed: host = (__extension__ (__builtin_constant_p ( url + 7 ) && ((size_t)(const void *)(( url + 7 ) + 1) - (size_t)(const void *)( url + 7 ) == 1) ? (((const char *) ( url + 7 ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( url + 7 ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, url + 7 , __len); __retval; })) : __strdup ( url + 7 ))) ; never executed: __retval = (char *) memcpy (__retval, url + 7 , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
196 | else { | - |
197 | OCSPerror(OCSP_R_ERROR_PARSING_URL); | - |
198 | return 0; never executed: return 0; | 0 |
199 | } | - |
200 | if (host == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
201 | OCSPerror(ERR_R_MALLOC_FAILURE); | - |
202 | return 0; never executed: return 0; | 0 |
203 | } | - |
204 | | - |
205 | if ((tmp = strchr(host, '/')) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
206 | path = strdup(tmp); never executed: __retval = (char *) memcpy (__retval, tmp , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
207 | *tmp = '\0'; | - |
208 | } else never executed: end of block | 0 |
209 | path = strdup("/"); never executed: path = (__extension__ (__builtin_constant_p ( "/" ) && ((size_t)(const void *)(( "/" ) + 1) - (size_t)(const void *)( "/" ) == 1) ? (((const char *) ( "/" ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( "/" ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, "/" , __len); __retval; })) : __strdup ( "/" ))) ; never executed: __retval = (char *) memcpy (__retval, "/" , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
210 | | - |
211 | if ((tmp = strchr(host, ':')) != NULL ) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
212 | port = strdup(tmp + 1); never executed: __retval = (char *) memcpy (__retval, tmp + 1 , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
213 | *tmp = '\0'; | - |
214 | } else { never executed: end of block | 0 |
215 | if (*pssl)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
216 | port = strdup("443"); never executed: port = (__extension__ (__builtin_constant_p ( "443" ) && ((size_t)(const void *)(( "443" ) + 1) - (size_t)(const void *)( "443" ) == 1) ? (((const char *) ( "443" ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( "443" ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, "443" , __len); __retval; })) : __strdup ( "443" ))) ; never executed: __retval = (char *) memcpy (__retval, "443" , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
217 | else | - |
218 | port = strdup("80"); never executed: port = (__extension__ (__builtin_constant_p ( "80" ) && ((size_t)(const void *)(( "80" ) + 1) - (size_t)(const void *)( "80" ) == 1) ? (((const char *) ( "80" ))[0] == '\0' ? (char *) calloc ((size_t) 1, (size_t) 1) : ({ size_t __len = strlen ( "80" ) + 1; char *__retval = (char *) malloc (__len); if (__retval != ((void *)0)) __retval = (char *) memcpy (__retval, "80" , __len); __retval; })) : __strdup ( "80" ))) ; never executed: __retval = (char *) memcpy (__retval, "80" , __len); TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
219 | } | - |
220 | | - |
221 | if (path == NULL || port == NULL) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
222 | free(host); | - |
223 | free(path); | - |
224 | free(port); | - |
225 | OCSPerror(ERR_R_MALLOC_FAILURE); | - |
226 | return 0; never executed: return 0; | 0 |
227 | } | - |
228 | | - |
229 | *phost = host; | - |
230 | *ppath = path; | - |
231 | *pport = port; | - |
232 | return 1; never executed: return 1; | 0 |
233 | } | - |
234 | | - |
235 | OCSP_CERTID * | - |
236 | OCSP_CERTID_dup(OCSP_CERTID *x) | - |
237 | { | - |
238 | return ASN1_item_dup(&OCSP_CERTID_it, x); never executed: return ASN1_item_dup(&OCSP_CERTID_it, x); | 0 |
239 | } | - |
| | |