OpenCoverage

ocsp_cl.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/ocsp/ocsp_cl.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3OCSP_ONEREQ *-
4OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)-
5{-
6 OCSP_ONEREQ *one = -
7 ((void *)0)-
8 ;-
9-
10 if (!(one = OCSP_ONEREQ_new())
!(one = OCSP_ONEREQ_new())Description
TRUEnever evaluated
FALSEnever evaluated
)		0
11 goto
never executed: goto err;
 err;
never executed: goto err;
0
12 if (one->reqCert
one->reqCertDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
13 OCSP_CERTID_free(one->reqCert);
never executed: OCSP_CERTID_free(one->reqCert);
0
14 one->reqCert = cid;-
15 if (req
reqDescription
TRUEnever evaluated
FALSEnever evaluated
 && !sk_push(((_STACK*) (1 ? (req->tbsRequest->requestList) : (struct stack_st_OCSP_ONEREQ*)0)), ((void*) (1 ? (one) : (OCSP_ONEREQ*)0)))
!sk_push(((_ST...P_ONEREQ*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
16 goto
never executed: goto err;
 err;
never executed: goto err;
0
17 return
never executed: return one;
 one;
never executed: return one;
0
18-
19err:-
20 OCSP_ONEREQ_free(one);-
21 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
22 ((void *)0)
never executed: return ((void *)0) ;
0
23 ;
never executed: return ((void *)0) ;
0
24}-
25-
26-
27int-
28OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)-
29{-
30 GENERAL_NAME *gen;-
31-
32 gen = GENERAL_NAME_new();-
33 if (gen ==
gen == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
34 ((void *)0)
gen == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
35 )-
36 return
never executed: return 0;
 0;
never executed: return 0;
0
37 if (!X509_NAME_set(&gen->d.directoryName, nm)
!X509_NAME_set...ctoryName, nm)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
38 GENERAL_NAME_free(gen);-
39 return
never executed: return 0;
 0;
never executed: return 0;
0
40 }-
41 gen->type = 4;-
42 if (req->tbsRequest->requestorName
req->tbsRequest->requestorNameDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
43 GENERAL_NAME_free(req->tbsRequest->requestorName);
never executed: GENERAL_NAME_free(req->tbsRequest->requestorName);
0
44 req->tbsRequest->requestorName = gen;-
45 return
never executed: return 1;
 1;
never executed: return 1;
0
46}-
47-
48-
49int-
50OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)-
51{-
52 OCSP_SIGNATURE *sig;-
53-
54 if (!req->optionalSignature
!req->optionalSignatureDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
55 req->optionalSignature = OCSP_SIGNATURE_new();
never executed: req->optionalSignature = OCSP_SIGNATURE_new();
0
56 sig = req->optionalSignature;-
57 if (!sig
!sigDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
58 return
never executed: return 0;
 0;
never executed: return 0;
0
59 if (!cert
!certDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
60 return
never executed: return 1;
 1;
never executed: return 1;
0
61 if (!sig->certs
!sig->certsDescription
TRUEnever evaluated
FALSEnever evaluated
 && !(sig->certs = ((struct stack_st_X509 *)sk_new_null()))
!(sig->certs =...k_new_null()))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
62 return
never executed: return 0;
 0;
never executed: return 0;
0
63-
64 if (!sk_push(((_STACK*) (1 ? (sig->certs) : (struct stack_st_X509*)0)), ((void*) (1 ? (cert) : (X509*)0)))
!sk_push(((_ST... : (X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
65 return
never executed: return 0;
 0;
never executed: return 0;
0
66 CRYPTO_add_lock(&cert->references,1,3,__FILE__,138);-
67 return
never executed: return 1;
 1;
never executed: return 1;
0
68}-
69-
70-
71-
72-
73-
74-
75int-
76OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key,-
77 const EVP_MD *dgst, struct stack_st_X509 *certs, unsigned long flags)-
78{-
79 int i;-
80 OCSP_SIGNATURE *sig;-
81 X509 *x;-
82-
83 if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))
!OCSP_request_..._name(signer))Description
TRUEnever evaluated
FALSEnever evaluated
)		0
84 goto
never executed: goto err;
 err;
never executed: goto err;
0
85-
86 if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new())
!(req->optiona...GNATURE_new())Description
TRUEnever evaluated
FALSEnever evaluated
)		0
87 goto
never executed: goto err;
 err;
never executed: goto err;
0
88 if (key
keyDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
89 if (!X509_check_private_key(signer, key)
!X509_check_pr...y(signer, key)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
90 ERR_put_error(39,(0xfff),(110),__FILE__,162);-
91 goto
never executed: goto err;
 err;
never executed: goto err;
0
92 }-
93 if (!ASN1_item_sign(&OCSP_REQINFO_it, req->optionalSignature->signatureAlgorithm,
!ASN1_item_sig...uest,key,dgst)Description
TRUEnever evaluated
FALSEnever evaluated
0
94 ((void *)0)
!ASN1_item_sig...uest,key,dgst)Description
TRUEnever evaluated
FALSEnever evaluated
0
95 , req->optionalSignature->signature,req->tbsRequest,key,dgst)
!ASN1_item_sig...uest,key,dgst)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
96 goto
never executed: goto err;
 err;
never executed: goto err;
0
97 }
never executed: end of block
0
98-
99 if (!(flags & 0x1)
!(flags & 0x1)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
100 if (!OCSP_request_add1_cert(req, signer)
!OCSP_request_...t(req, signer)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
101 goto
never executed: goto err;
 err;
never executed: goto err;
0
102 for (i = 0; i < sk_num(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)))
i < sk_num(((_..._st_X509*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
103 x = ((X509 *)sk_value(((_STACK*) (1 ? (certs) : (struct stack_st_X509*)0)), (i)));-
104 if (!OCSP_request_add1_cert(req, x)
!OCSP_request_...1_cert(req, x)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
105 goto
never executed: goto err;
 err;
never executed: goto err;
0
106 }
never executed: end of block
0
107 }
never executed: end of block
0
108-
109 return
never executed: return 1;
 1;
never executed: return 1;
0
110-
111err:-
112 OCSP_SIGNATURE_free(req->optionalSignature);-
113 req->optionalSignature = -
114 ((void *)0)-
115 ;-
116 return
never executed: return 0;
 0;
never executed: return 0;
0
117}-
118-
119-
120int-
121OCSP_response_status(OCSP_RESPONSE *resp)-
122{-
123 return
never executed: return ASN1_ENUMERATED_get(resp->responseStatus);
 ASN1_ENUMERATED_get(resp->responseStatus);
never executed: return ASN1_ENUMERATED_get(resp->responseStatus);
0
124}-
125-
126-
127-
128-
129OCSP_BASICRESP *-
130OCSP_response_get1_basic(OCSP_RESPONSE *resp)-
131{-
132 OCSP_RESPBYTES *rb;-
133-
134 rb = resp->responseBytes;-
135 if (!rb
!rbDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
136 ERR_put_error(39,(0xfff),(108),__FILE__,204);-
137 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
138 ((void *)0)
never executed: return ((void *)0) ;
0
139 ;
never executed: return ((void *)0) ;
0
140 }-
141 if (OBJ_obj2nid(rb->responseType) != 365
OBJ_obj2nid(rb...seType) != 365Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
142 ERR_put_error(39,(0xfff),(104),__FILE__,208);-
143 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
144 ((void *)0)
never executed: return ((void *)0) ;
0
145 ;
never executed: return ((void *)0) ;
0
146 }-
147-
148 return
never executed: return ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it);
 ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it);
never executed: return ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it);
0
149}-
150-
151-
152-
153-
154int-
155OCSP_resp_count(OCSP_BASICRESP *bs)-
156{-
157 if (!bs
!bsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
158 return
never executed: return -1;
 -1;
never executed: return -1;
0
159 return
never executed: return sk_num(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)));
 sk_num(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)));
never executed: return sk_num(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)));
0
160}-
161-
162-
163OCSP_SINGLERESP *-
164OCSP_resp_get0(OCSP_BASICRESP *bs, int idx)-
165{-
166 if (!bs
!bsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
167 return
never executed: return ((void *)0) ;
never executed: return ((void *)0) ;
0
168 ((void *)0)
never executed: return ((void *)0) ;
0
169 ;
never executed: return ((void *)0) ;
0
170 return
never executed: return ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)), (idx)));
 ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)), (idx)));
never executed: return ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (bs->tbsResponseData->responses) : (struct stack_st_OCSP_SINGLERESP*)0)), (idx)));
0
171}-
172-
173-
174int-
175OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)-
176{-
177 int i;-
178 struct stack_st_OCSP_SINGLERESP *sresp;-
179 OCSP_SINGLERESP *single;-
180-
181 if (!bs
!bsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
182 return
never executed: return -1;
 -1;
never executed: return -1;
0
183 if (last < 0
last < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
184 last = 0;
never executed: last = 0;
0
185 else-
186 last++;
never executed: last++;
0
187 sresp = bs->tbsResponseData->responses;-
188 for (i = last; i < sk_num(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)))
i < sk_num(((_...NGLERESP*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
; i++) {		0
189 single = ((OCSP_SINGLERESP *)sk_value(((_STACK*) (1 ? (sresp) : (struct stack_st_OCSP_SINGLERESP*)0)), (i)));-
190 if (!OCSP_id_cmp(id, single->certId)
!OCSP_id_cmp(i...ingle->certId)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
191 return
never executed: return i;
 i;
never executed: return i;
0
192 }
never executed: end of block
0
193 return
never executed: return -1;
 -1;
never executed: return -1;
0
194}-
195-
196-
197-
198-
199-
200-
201int-
202OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,-
203 ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd,-
204 ASN1_GENERALIZEDTIME **nextupd)-
205{-
206 int ret;-
207 OCSP_CERTSTATUS *cst;-
208-
209 if (!single
!singleDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
210 return
never executed: return -1;
 -1;
never executed: return -1;
0
211 cst = single->certStatus;-
212 ret = cst->type;-
213 if (ret == 1
ret == 1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
214 OCSP_REVOKEDINFO *rev = cst->value.revoked;-
215-
216 if (revtime
revtimeDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
217 *
never executed: *revtime = rev->revocationTime;
revtime = rev->revocationTime;
never executed: *revtime = rev->revocationTime;
0
218 if (reason
reasonDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
219 if (rev->revocationReason
rev->revocationReasonDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
220 *
never executed: *reason = ASN1_ENUMERATED_get( rev->revocationReason);
reason = ASN1_ENUMERATED_get(
never executed: *reason = ASN1_ENUMERATED_get( rev->revocationReason);
0
221 rev->revocationReason);
never executed: *reason = ASN1_ENUMERATED_get( rev->revocationReason);
0
222 else-
223 *
never executed: *reason = -1;
reason = -1;
never executed: *reason = -1;
0
224 }-
225 }
never executed: end of block
0
226 if (thisupd
thisupdDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
227 *
never executed: *thisupd = single->thisUpdate;
thisupd = single->thisUpdate;
never executed: *thisupd = single->thisUpdate;
0
228 if (nextupd
nextupdDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
229 *
never executed: *nextupd = single->nextUpdate;
nextupd = single->nextUpdate;
never executed: *nextupd = single->nextUpdate;
0
230 return
never executed: return ret;
 ret;
never executed: return ret;
0
231}-
232-
233-
234-
235-
236int-
237OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,-
238 int *reason, ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd,-
239 ASN1_GENERALIZEDTIME **nextupd)-
240{-
241 int i;-
242 OCSP_SINGLERESP *single;-
243-
244 i = OCSP_resp_find(bs, id, -1);-
245-
246 if (i < 0
i < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
247 return
never executed: return 0;
 0;
never executed: return 0;
0
248 single = OCSP_resp_get0(bs, i);-
249 i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd);-
250 if (status
statusDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
251 *
never executed: *status = i;
status = i;
never executed: *status = i;
0
252 return
never executed: return 1;
 1;
never executed: return 1;
0
253}-
254-
255-
256-
257-
258-
259-
260-
261int-
262OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,-
263 ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec)-
264{-
265 time_t t_now, t_tmp;-
266 struct tm tm_this, tm_next, tm_tmp;-
267-
268 time(&t_now);-
269 if (ASN1_time_parse(thisupd->data, thisupd->length, &tm_this,
ASN1_time_pars...his, 24) != 24Description
TRUEnever evaluated
FALSEnever evaluated
0
270 24) != 24
ASN1_time_pars...his, 24) != 24Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
271 ERR_put_error(39,(0xfff),(123),__FILE__,341);-
272 return
never executed: return 0;
 0;
never executed: return 0;
0
273 } else {-
274 t_tmp = t_now + nsec;-
275 if (gmtime_r(&t_tmp, &tm_tmp) ==
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
276 ((void *)0)
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
277 )-
278 return
never executed: return 0;
 0;
never executed: return 0;
0
279 if (ASN1_time_tm_cmp(&tm_this, &tm_tmp) > 0
ASN1_time_tm_c..., &tm_tmp) > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
280 ERR_put_error(39,(0xfff),(126),__FILE__,348);-
281 return
never executed: return 0;
 0;
never executed: return 0;
0
282 }-
283-
284-
285-
286-
287-
288 if (maxsec >= 0
maxsec >= 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
289 t_tmp = t_now - maxsec;-
290 if (gmtime_r(&t_tmp, &tm_tmp) ==
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
291 ((void *)0)
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
292 )-
293 return
never executed: return 0;
 0;
never executed: return 0;
0
294 if (ASN1_time_tm_cmp(&tm_this, &tm_tmp) < 0
ASN1_time_tm_c..., &tm_tmp) < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
295 ERR_put_error(39,(0xfff),(127),__FILE__,361);-
296 return
never executed: return 0;
 0;
never executed: return 0;
0
297 }-
298 }
never executed: end of block
0
299 }
never executed: end of block
0
300-
301 if (!nextupd
!nextupdDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
302 return
never executed: return 1;
 1;
never executed: return 1;
0
303-
304-
305 if (ASN1_time_parse(nextupd->data, nextupd->length, &tm_next,
ASN1_time_pars...ext, 24) != 24Description
TRUEnever evaluated
FALSEnever evaluated
0
306 24) != 24
ASN1_time_pars...ext, 24) != 24Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
307 ERR_put_error(39,(0xfff),(122),__FILE__,373);-
308 return
never executed: return 0;
 0;
never executed: return 0;
0
309 } else {-
310 t_tmp = t_now - nsec;-
311 if (gmtime_r(&t_tmp, &tm_tmp) ==
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
312 ((void *)0)
gmtime_r(&t_tm...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
313 )-
314 return
never executed: return 0;
 0;
never executed: return 0;
0
315 if (ASN1_time_tm_cmp(&tm_next, &tm_tmp) < 0
ASN1_time_tm_c..., &tm_tmp) < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
316 ERR_put_error(39,(0xfff),(125),__FILE__,380);-
317 return
never executed: return 0;
 0;
never executed: return 0;
0
318 }-
319 }
never executed: end of block
0
320-
321-
322 if (ASN1_time_tm_cmp(&tm_next, &tm_this) < 0
ASN1_time_tm_c... &tm_this) < 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
323 ERR_put_error(39,(0xfff),(124),__FILE__,387);-
324 return
never executed: return 0;
 0;
never executed: return 0;
0
325 }-
326-
327 return
never executed: return 1;
 1;
never executed: return 1;
0
328}-
329-
330const OCSP_CERTID *-
331OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *single)-
332{-
333 return
never executed: return single->certId;
 single->certId;
never executed: return single->certId;
0
334}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2