OpenCoverage

a_verify.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/asn1/a_verify.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: a_verify.c,v 1.24 2017/05/02 03:59:44 deraadt Exp $ */-
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)-
3 * All rights reserved.-
4 *-
5 * This package is an SSL implementation written-
6 * by Eric Young (eay@cryptsoft.com).-
7 * The implementation was written so as to conform with Netscapes SSL.-
8 *-
9 * This library is free for commercial and non-commercial use as long as-
10 * the following conditions are aheared to. The following conditions-
11 * apply to all code found in this distribution, be it the RC4, RSA,-
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation-
13 * included with this distribution is covered by the same copyright terms-
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).-
15 *-
16 * Copyright remains Eric Young's, and as such any Copyright notices in-
17 * the code are not to be removed.-
18 * If this package is used in a product, Eric Young should be given attribution-
19 * as the author of the parts of the library used.-
20 * This can be in the form of a textual message at program startup or-
21 * in documentation (online or textual) provided with the package.-
22 *-
23 * Redistribution and use in source and binary forms, with or without-
24 * modification, are permitted provided that the following conditions-
25 * are met:-
26 * 1. Redistributions of source code must retain the copyright-
27 * notice, this list of conditions and the following disclaimer.-
28 * 2. Redistributions in binary form must reproduce the above copyright-
29 * notice, this list of conditions and the following disclaimer in the-
30 * documentation and/or other materials provided with the distribution.-
31 * 3. All advertising materials mentioning features or use of this software-
32 * must display the following acknowledgement:-
33 * "This product includes cryptographic software written by-
34 * Eric Young (eay@cryptsoft.com)"-
35 * The word 'cryptographic' can be left out if the rouines from the library-
36 * being used are not cryptographic related :-).-
37 * 4. If you include any Windows specific code (or a derivative thereof) from-
38 * the apps directory (application code) you must include an acknowledgement:-
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"-
40 *-
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND-
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE-
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE-
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL-
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS-
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT-
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY-
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF-
51 * SUCH DAMAGE.-
52 *-
53 * The licence and distribution terms for any publically available version or-
54 * derivative of this code cannot be changed. i.e. this code cannot simply be-
55 * copied and put under another distribution licence-
56 * [including the GNU Public Licence.]-
57 */-
58-
59#include <sys/types.h>-
60-
61#include <stdio.h>-
62#include <string.h>-
63#include <time.h>-
64-
65#include <openssl/bn.h>-
66#include <openssl/buffer.h>-
67#include <openssl/err.h>-
68#include <openssl/evp.h>-
69#include <openssl/objects.h>-
70#include <openssl/x509.h>-
71-
72#include "asn1_locl.h"-
73-
74int-
75ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,-
76 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)-
77{-
78 EVP_MD_CTX ctx;-
79 unsigned char *buf_in = NULL;-
80 int ret = -1, inl;-
81-
82 int mdnid, pknid;-
83-
84 if (!pkey) {
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
85 ASN1error(ERR_R_PASSED_NULL_PARAMETER);-
86 return -1;
never executed: return -1;
0
87 }-
88-
89 if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
signature->type == 3Description
TRUEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
FALSEnever evaluated
signature->flags & 0x7Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
90 {-
91 ASN1error(ASN1_R_INVALID_BIT_STRING_BITS_LEFT);-
92 return -1;
never executed: return -1;
0
93 }-
94-
95 EVP_MD_CTX_init(&ctx);-
96-
97 /* Convert signature OID into digest and public key OIDs */-
98 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
!OBJ_find_sigi...mdnid, &pknid)Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
99 ASN1error(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);-
100 goto err;
never executed: goto err;
0
101 }-
102 if (mdnid == NID_undef) {
mdnid == 0Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
103 if (!pkey->ameth || !pkey->ameth->item_verify) {
!pkey->amethDescription
TRUEnever evaluated
FALSEnever evaluated
!pkey->ameth->item_verifyDescription
TRUEnever evaluated
FALSEnever evaluated
0
104 ASN1error(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);-
105 goto err;
never executed: goto err;
0
106 }-
107 ret = pkey->ameth->item_verify(&ctx, it, asn, a,-
108 signature, pkey);-
109 /* Return value of 2 means carry on, anything else means we-
110 * exit straight away: either a fatal error of the underlying-
111 * verification routine handles all verification.-
112 */-
113 if (ret != 2)
ret != 2Description
TRUEnever evaluated
FALSEnever evaluated
0
114 goto err;
never executed: goto err;
0
115 ret = -1;-
116 } else {
never executed: end of block
0
117 const EVP_MD *type;-
118 type = EVP_get_digestbynid(mdnid);-
119 if (type == NULL) {
type == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
120 ASN1error(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);-
121 goto err;
never executed: goto err;
0
122 }-
123-
124 /* Check public key OID matches public key type */-
125 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
EVP_PKEY_type(...ameth->pkey_idDescription
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
126 ASN1error(ASN1_R_WRONG_PUBLIC_KEY_TYPE);-
127 goto err;
never executed: goto err;
0
128 }-
129-
130 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
!EVP_DigestVer...d *)0) , pkey)Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
131 ASN1error(ERR_R_EVP_LIB);-
132 ret = 0;-
133 goto err;
never executed: goto err;
0
134 }-
135-
136 }
executed 72 times by 2 tests: end of block
Executed by:
  • ssltest
  • tlstest
72
137-
138 inl = ASN1_item_i2d(asn, &buf_in, it);-
139-
140 if (buf_in == NULL) {
buf_in == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
141 ASN1error(ERR_R_MALLOC_FAILURE);-
142 goto err;
never executed: goto err;
0
143 }-
144-
145 if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
!EVP_DigestUpd...tx,buf_in,inl)Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
146 ASN1error(ERR_R_EVP_LIB);-
147 ret = 0;-
148 goto err;
never executed: goto err;
0
149 }-
150-
151 freezero(buf_in, (unsigned int)inl);-
152-
153 if (EVP_DigestVerifyFinal(&ctx, signature->data,
EVP_DigestVeri...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
154 (size_t)signature->length) <= 0) {
EVP_DigestVeri...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 72 times by 2 tests
Evaluated by:
  • ssltest
  • tlstest
0-72
155 ASN1error(ERR_R_EVP_LIB);-
156 ret = 0;-
157 goto err;
never executed: goto err;
0
158 }-
159 /* we don't need to zero the 'ctx' because we just checked-
160 * public information */-
161 /* memset(&ctx,0,sizeof(ctx)); */-
162 ret = 1;-
163-
164err:
code before this statement executed 72 times by 2 tests: err:
Executed by:
  • ssltest
  • tlstest
72
165 EVP_MD_CTX_cleanup(&ctx);-
166 return (ret);
executed 72 times by 2 tests: return (ret);
Executed by:
  • ssltest
  • tlstest
72
167}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2