x509_vfy.c

Line

Source

Count

1

-

-

-

-

-

static int build_chain(X509_STORE_CTX *ctx);

-

7

static int verify_chain(X509_STORE_CTX *ctx);

-

8

static int dane_verify(X509_STORE_CTX *ctx);

-

9

static int null_callback(int ok, X509_STORE_CTX *e);

-

10

static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);

-

11

static X509 *find_issuer(X509_STORE_CTX *ctx, struct stack_st_X509 *sk, X509 *x);

-

12

static int check_chain_extensions(X509_STORE_CTX *ctx);

-

13

static int check_name_constraints(X509_STORE_CTX *ctx);

-

14

static int check_id(X509_STORE_CTX *ctx);

-

15

static int check_trust(X509_STORE_CTX *ctx, int num_untrusted);

-

16

static int check_revocation(X509_STORE_CTX *ctx);

-

17

static int check_cert(X509_STORE_CTX *ctx);

-

18

static int check_policy(X509_STORE_CTX *ctx);

-

19

static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);

-

20

static int check_dane_issuer(X509_STORE_CTX *ctx, int depth);

-

21

static int check_key_level(X509_STORE_CTX *ctx, X509 *cert);

-

22

static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert);

-

23

-

24

static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,

-

25

unsigned int *preasons, X509_CRL *crl, X509 *x);

-

26

static int get_crl_delta(X509_STORE_CTX *ctx,

-

27

X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);

-

28

static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,

-

29

int *pcrl_score, X509_CRL *base,

-

30

struct stack_st_X509_CRL *crls);

-

31

static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,

-

32

int *pcrl_score);

-

33

static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,

-

34

unsigned int *preasons);

-

35

static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);

-

36

static int check_crl_chain(X509_STORE_CTX *ctx,

-

37

struct stack_st_X509 *cert_path,

-

38

struct stack_st_X509 *crl_path);

-

39

-

40

static int internal_verify(X509_STORE_CTX *ctx);

-

41

-

42

static int null_callback(int ok, X509_STORE_CTX *e)

-

43

{

-

44

return

executed 5718 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 5718 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

5718

45

}

-

46

-

47

-

48

static int cert_self_signed(X509 *x)

-

49

{

-

-

-

-

-

-

X509_check_purpose(x, -1, 0);

-

56

if (x->ex_flags & 0x2000

x->ex_flags & 0x2000	Description
TRUE	evaluated 2474 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8506 times by 1 test Evaluated by: libcrypto.so.1.1

)

2474-8506

57

return

executed 2474 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2474 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2474

58

else

-

59

return

executed 8506 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 8506 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

8506

60

}

-

-

-

-

static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x)

-

65

{

-

66

struct stack_st_X509 *certs;

-

67

X509 *xtmp =

-

68

((void *)0)

-

69

;

-

70

int i;

-

71

-

72

certs = ctx->lookup_certs(ctx, X509_get_subject_name(x));

-

73

if (certs ==

certs == ((void *)0)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 12 times by 1 test Evaluated by: libcrypto.so.1.1

5-12

74

((void *)0)

certs == ((void *)0)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 12 times by 1 test Evaluated by: libcrypto.so.1.1

5-12

75

)

-

76

return

executed 5 times by 1 test: return ((void *)0) ;

Executed by:

libcrypto.so.1.1

executed 5 times by 1 test: return ((void *)0) ;

Executed by:

libcrypto.so.1.1

5

77

((void *)0)

executed 5 times by 1 test: return ((void *)0) ;

Executed by:

libcrypto.so.1.1

5

78

;

executed 5 times by 1 test: return ((void *)0) ;

Executed by:

libcrypto.so.1.1

5

79

-

80

for (i = 0; i < sk_X509_num(certs)

i < sk_X509_num(certs)	Description
TRUE	evaluated 12 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

1-12

81

xtmp = sk_X509_value(certs, i);

-

82

if (!X509_cmp(xtmp, x)

!X509_cmp(xtmp, x)	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

1-11

83

break;

executed 11 times by 1 test: break;

Executed by:

libcrypto.so.1.1

11

84

}

executed 1 time by 1 test: end of block

Executed by:

libcrypto.so.1.1

1

85

if (i < sk_X509_num(certs)

i < sk_X509_num(certs)	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

1-11

86

X509_up_ref(xtmp);

executed 11 times by 1 test: X509_up_ref(xtmp);

Executed by:

libcrypto.so.1.1

11

87

else

-

88

xtmp =

executed 1 time by 1 test: xtmp = ((void *)0) ;

Executed by:

libcrypto.so.1.1

1

89

((void *)0)

executed 1 time by 1 test: xtmp = ((void *)0) ;

Executed by:

libcrypto.so.1.1

1

90

;

executed 1 time by 1 test: xtmp = ((void *)0) ;

Executed by:

libcrypto.so.1.1

1

91

sk_X509_pop_free(certs, X509_free);

-

92

return

executed 12 times by 1 test: return xtmp;

Executed by:

libcrypto.so.1.1

xtmp;

executed 12 times by 1 test: return xtmp;

Executed by:

libcrypto.so.1.1

12

93

}

-

94

static int verify_cb_cert(X509_STORE_CTX *ctx, X509 *x, int depth, int err)

-

95

{

-

96

ctx->error_depth = depth;

-

97

ctx->current_cert = (

(x != ((void *)0) )	Description
TRUE	evaluated 361 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3598 times by 1 test Evaluated by: libcrypto.so.1.1

x !=

(x != ((void *)0) )	Description
TRUE	evaluated 361 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3598 times by 1 test Evaluated by: libcrypto.so.1.1

361-3598

98

((void *)0)

(x != ((void *)0) )	Description
TRUE	evaluated 361 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3598 times by 1 test Evaluated by: libcrypto.so.1.1

361-3598

99

)

(x != ((void *)0) )	Description
TRUE	evaluated 361 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3598 times by 1 test Evaluated by: libcrypto.so.1.1

? x : sk_X509_value(ctx->chain, depth);

361-3598

100

if (err != 0

err != 0	Description
TRUE	evaluated 3949 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 10 times by 1 test Evaluated by: libcrypto.so.1.1

)

10-3949

101

ctx->error = err;

executed 3949 times by 1 test: ctx->error = err;

Executed by:

libcrypto.so.1.1

3949

102

return

executed 3959 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

libcrypto.so.1.1

ctx->verify_cb(0, ctx);

executed 3959 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

libcrypto.so.1.1

3959

103

}

-

104

static int verify_cb_crl(X509_STORE_CTX *ctx, int err)

-

105

{

-

106

ctx->error = err;

-

107

return

executed 5 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

libcrypto.so.1.1

ctx->verify_cb(0, ctx);

executed 5 times by 1 test: return ctx->verify_cb(0, ctx);

Executed by:

libcrypto.so.1.1

5

108

}

-

109

-

110

static int check_auth_level(X509_STORE_CTX *ctx)

-

111

{

-

112

int i;

-

113

int num = sk_X509_num(ctx->chain);

-

114

-

115

if (ctx->param->auth_level <= 0

ctx->param->auth_level <= 0	Description
TRUE	evaluated 169 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1169 times by 1 test Evaluated by: libcrypto.so.1.1

)

169-1169

116

return

executed 169 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 169 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

169

117

-

118

for (i = 0; i < num

i < num	Description
TRUE	evaluated 2304 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1164 times by 1 test Evaluated by: libcrypto.so.1.1

; ++i) {

1164-2304

119

X509 *cert = sk_X509_value(ctx->chain, i);

-

-

-

-

-

-

if (i > 0

i > 0	Description
TRUE	evaluated 1135 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1169 times by 1 test Evaluated by: libcrypto.so.1.1

&& !check_key_level(ctx, cert)

!check_key_level(ctx, cert)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1133 times by 1 test Evaluated by: libcrypto.so.1.1

&&

2-1169

126

verify_cb_cert(ctx, cert, i, 67) == 0

verify_cb_cert...t, i, 67) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-2

127

return

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

2

-

-

-

-

if (i < num - 1

i < num - 1	Description
TRUE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1164 times by 1 test Evaluated by: libcrypto.so.1.1

&& !check_sig_level(ctx, cert)

!check_sig_level(ctx, cert)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1135 times by 1 test Evaluated by: libcrypto.so.1.1

&&

3-1164

133

verify_cb_cert(ctx, cert, i, 68) == 0

verify_cb_cert...t, i, 68) == 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-3

134

return

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

3

135

}

executed 2299 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2299

136

return

executed 1164 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1164 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1164

137

}

-

138

-

139

static int verify_chain(X509_STORE_CTX *ctx)

-

140

{

-

141

int err;

-

142

int ok;

-

-

-

-

-

-

if ((

(ok = build_chain(ctx)) == 0	Description
TRUE	evaluated 3503 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1343 times by 1 test Evaluated by: libcrypto.so.1.1

ok = build_chain(ctx)) == 0

(ok = build_chain(ctx)) == 0	Description
TRUE	evaluated 3503 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1343 times by 1 test Evaluated by: libcrypto.so.1.1

||

1343-3503

149

(

(ok = check_ch...ons(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1338 times by 1 test Evaluated by: libcrypto.so.1.1

ok = check_chain_extensions(ctx)) == 0

(ok = check_ch...ons(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1338 times by 1 test Evaluated by: libcrypto.so.1.1

||

5-1338

150

(

(ok = check_au...vel(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1333 times by 1 test Evaluated by: libcrypto.so.1.1

ok = check_auth_level(ctx)) == 0

(ok = check_au...vel(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1333 times by 1 test Evaluated by: libcrypto.so.1.1

||

5-1333

151

(

(ok = check_id(ctx)) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1331 times by 1 test Evaluated by: libcrypto.so.1.1

ok = check_id(ctx)) == 0

(ok = check_id(ctx)) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1331 times by 1 test Evaluated by: libcrypto.so.1.1

|| 1

1	Description
TRUE	evaluated 1331 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1331

152

X509_get_pubkey_parameters(

executed 4846 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

4846

153

((void *)0)

executed 4846 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

4846

154

, ctx->chain);

executed 4846 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

4846

155

if (ok == 0

ok == 0	Description
TRUE	evaluated 3515 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1331 times by 1 test Evaluated by: libcrypto.so.1.1

|| (

(ok = ctx->che...ion(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1

ok = ctx->check_revocation(ctx)) == 0

(ok = ctx->che...ion(ctx)) == 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1

)

5-3515

156

return

executed 3520 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 3520 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

3520

157

-

158

err = X509_chain_check_suiteb(&ctx->error_depth,

-

159

((void *)0)

-

160

, ctx->chain,

-

161

ctx->param->flags);

-

162

if (err != 0

err != 0	Description
TRUE	never evaluated
FALSE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1326

163

if ((

(ok = verify_c...th, err)) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

ok = verify_cb_cert(ctx,

(ok = verify_c...th, err)) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

164

((void *)0)

(ok = verify_c...th, err)) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

165

, ctx->error_depth, err)) == 0

(ok = verify_c...th, err)) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

166

return

never executed: return ok;

ok;

never executed: return ok;

0

167

}

never executed: end of block

0

168

-

169

-

170

ok = (

(ctx->verify != ((void *)0) )	Description
TRUE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

ctx->verify !=

(ctx->verify != ((void *)0) )	Description
TRUE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1326

171

((void *)0)

(ctx->verify != ((void *)0) )	Description
TRUE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1326

172

)

(ctx->verify != ((void *)0) )	Description
TRUE	evaluated 1326 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

? ctx->verify(ctx) : internal_verify(ctx);

0-1326

173

if (!ok

!ok	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1320 times by 1 test Evaluated by: libcrypto.so.1.1

)

6-1320

174

return

executed 6 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 6 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

6

175

-

176

if ((

(ok = check_na...nts(ctx)) == 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

ok = check_name_constraints(ctx)) == 0

(ok = check_na...nts(ctx)) == 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

)

15-1305

177

return

executed 15 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 15 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

15

-

-

-

if ((

(ok = X509v3_a...ath(ctx)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

ok = X509v3_asid_validate_path(ctx)) == 0

(ok = X509v3_a...ath(ctx)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1305

182

return

never executed: return ok;

ok;

never executed: return ok;

0

183

if ((

(ok = X509v3_a...ath(ctx)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

ok = X509v3_addr_validate_path(ctx)) == 0

(ok = X509v3_a...ath(ctx)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1305

184

return

never executed: return ok;

ok;

never executed: return ok;

0

-

-

-

if (ctx->param->flags & 0x80

ctx->param->flags & 0x80	Description
TRUE	never evaluated
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1305

189

ok = ctx->check_policy(ctx);

never executed: ok = ctx->check_policy(ctx);

0

190

return

executed 1305 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 1305 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

1305

191

}

-

192

-

193

int X509_verify_cert(X509_STORE_CTX *ctx)

-

194

{

-

195

SSL_DANE *dane = ctx->dane;

-

196

int ret;

-

197

-

198

if (ctx->cert ==

ctx->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

199

((void *)0)

ctx->cert == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

200

) {

-

201

ERR_put_error(11,(127),(105),__FILE__,259);

-

202

ctx->error = 69;

-

203

return

never executed: return -1;

-1;

never executed: return -1;

0

204

}

-

205

-

206

if (ctx->chain !=

ctx->chain != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

207

((void *)0)

ctx->chain != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

208

) {

-

-

-

-

-

ERR_put_error(11,(127),((2|64)),__FILE__,269);

-

214

ctx->error = 69;

-

215

return

never executed: return -1;

-1;

never executed: return -1;

0

216

}

-

-

-

-

-

-

if (((

((ctx->chain =... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

ctx->chain = sk_X509_new_null()) ==

((ctx->chain =... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

223

((void *)0)

((ctx->chain =... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

0-5018

224

)

((ctx->chain =... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

||

0-5018

225

(

(!sk_X509_push...n, ctx->cert))	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

!sk_X509_push(ctx->chain, ctx->cert))

(!sk_X509_push...n, ctx->cert))	Description
TRUE	never evaluated
FALSE	evaluated 5018 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-5018

226

ERR_put_error(11,(127),((1|64)),__FILE__,280);

-

227

ctx->error = 17;

-

228

return

never executed: return -1;

-1;

never executed: return -1;

0

229

}

-

230

X509_up_ref(ctx->cert);

-

231

ctx->num_untrusted = 1;

-

232

-

233

-

234

if (!check_key_level(ctx, ctx->cert)

!check_key_lev...tx, ctx->cert)	Description
TRUE	evaluated 156 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

&&

156-4862

235

!verify_cb_cert(ctx, ctx->cert, 0, 66)

!verify_cb_cer...->cert, 0, 66)	Description
TRUE	evaluated 156 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-156

236

return

executed 156 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 156 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

156

237

-

238

if (((

(dane) != ((void *)0)	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

dane) !=

(dane) != ((void *)0)	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

49-4813

239

((void *)0)

(dane) != ((void *)0)	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

49-4813

240

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

))

0-49

241

ret = dane_verify(ctx);

executed 49 times by 1 test: ret = dane_verify(ctx);

Executed by:

libcrypto.so.1.1

49

242

else

-

243

ret = verify_chain(ctx);

executed 4813 times by 1 test: ret = verify_chain(ctx);

Executed by:

libcrypto.so.1.1

4813

-

-

-

-

-

-

if (ret <= 0

ret <= 0	Description
TRUE	evaluated 3547 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1315 times by 1 test Evaluated by: libcrypto.so.1.1

&& ctx->error == 0

ctx->error == 0	Description
TRUE	never evaluated
FALSE	evaluated 3547 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-3547

251

ctx->error = 1;

never executed: ctx->error = 1;

0

252

return

executed 4862 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

ret;

executed 4862 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

4862

253

}

-

-

-

-

-

static X509 *find_issuer(X509_STORE_CTX *ctx, struct stack_st_X509 *sk, X509 *x)

-

259

{

-

260

int i;

-

261

X509 *issuer, *rv =

-

262

((void *)0)

-

263

;

-

264

-

265

for (i = 0; i < sk_X509_num(sk)

i < sk_X509_num(sk)	Description
TRUE	evaluated 2824 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1684 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

1684-2824

266

issuer = sk_X509_value(sk, i);

-

267

if (ctx->check_issued(ctx, x, issuer)

ctx->check_iss...tx, x, issuer)	Description
TRUE	evaluated 549 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2275 times by 1 test Evaluated by: libcrypto.so.1.1

) {

549-2275

268

rv = issuer;

-

269

if (x509_check_cert_time(ctx, rv, -1)

x509_check_cer...e(ctx, rv, -1)	Description
TRUE	evaluated 369 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 180 times by 1 test Evaluated by: libcrypto.so.1.1

)

180-369

270

break;

executed 369 times by 1 test: break;

Executed by:

libcrypto.so.1.1

369

271

}

executed 180 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

180

272

}

executed 2455 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2455

273

return

executed 2053 times by 1 test: return rv;

Executed by:

libcrypto.so.1.1

rv;

executed 2053 times by 1 test: return rv;

Executed by:

libcrypto.so.1.1

2053

274

}

-

-

-

-

static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)

-

279

{

-

280

int ret;

-

281

if (x == issuer

x == issuer	Description
TRUE	evaluated 2838 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2411 times by 1 test Evaluated by: libcrypto.so.1.1

)

2411-2838

282

return

executed 2838 times by 1 test: return cert_self_signed(x);

Executed by:

libcrypto.so.1.1

cert_self_signed(x);

executed 2838 times by 1 test: return cert_self_signed(x);

Executed by:

libcrypto.so.1.1

2838

283

ret = X509_check_issued(issuer, x);

-

284

if (ret == 0

ret == 0	Description
TRUE	evaluated 1651 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 760 times by 1 test Evaluated by: libcrypto.so.1.1

) {

760-1651

285

int i;

-

286

X509 *ch;

-

287

-

288

if (cert_self_signed(x)

cert_self_signed(x)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1646 times by 1 test Evaluated by: libcrypto.so.1.1

&& sk_X509_num(ctx->chain) == 1

sk_X509_num(ctx->chain) == 1	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1646

289

return

never executed: return 1;

1;

never executed: return 1;

0

290

for (i = 0; i < sk_X509_num(ctx->chain)

i < sk_X509_num(ctx->chain)	Description
TRUE	evaluated 517 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1650 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

517-1650

291

ch = sk_X509_value(ctx->chain, i);

-

292

if (ch == issuer

ch == issuer	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 516 times by 1 test Evaluated by: libcrypto.so.1.1

|| !X509_cmp(ch, issuer)

!X509_cmp(ch, issuer)	Description
TRUE	never evaluated
FALSE	evaluated 516 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-516

293

ret = 55;

-

294

break;

executed 1 time by 1 test: break;

Executed by:

libcrypto.so.1.1

1

295

}

-

296

}

executed 516 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

516

297

}

executed 1651 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1651

298

-

299

return

executed 2411 times by 1 test: return (ret == 0);

Executed by:

libcrypto.so.1.1

(ret == 0);

executed 2411 times by 1 test: return (ret == 0);

Executed by:

libcrypto.so.1.1

2411

300

}

-

-

-

-

static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)

-

305

{

-

306

*issuer = find_issuer(ctx, ctx->other_ctx, x);

-

307

if (*

*issuer	Description
TRUE	evaluated 130 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 107 times by 1 test Evaluated by: libcrypto.so.1.1

issuer

*issuer	Description
TRUE	evaluated 130 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 107 times by 1 test Evaluated by: libcrypto.so.1.1

) {

107-130

308

X509_up_ref(*issuer);

-

309

return

executed 130 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 130 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

130

310

} else

-

311

return

executed 107 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 107 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

107

312

}

-

313

-

314

static struct stack_st_X509 *lookup_certs_sk(X509_STORE_CTX *ctx, X509_NAME *nm)

-

315

{

-

316

struct stack_st_X509 *sk =

-

317

((void *)0)

-

318

;

-

319

X509 *x;

-

320

int i;

-

321

-

322

for (i = 0; i < sk_X509_num(ctx->other_ctx)

i < sk_X509_nu...tx->other_ctx)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

7

323

x = sk_X509_value(ctx->other_ctx, i);

-

324

if (X509_NAME_cmp(nm, X509_get_subject_name(x)) == 0

X509_NAME_cmp(..._name(x)) == 0	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-7

325

if (sk ==

sk == ((void *)0)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-7

326

((void *)0)

sk == ((void *)0)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-7

327

)

-

328

sk = sk_X509_new_null();

executed 7 times by 1 test: sk = sk_X509_new_null();

Executed by:

libcrypto.so.1.1

7

329

if (sk ==

sk == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

0-7

330

((void *)0)

sk == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

0-7

331

|| sk_X509_push(sk, x) == 0

sk_X509_push(sk, x) == 0	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-7

332

sk_X509_pop_free(sk, X509_free);

-

333

ERR_put_error(11,(152),((1|64)),__FILE__,377);

-

334

ctx->error = 17;

-

335

return

never executed: return ((void *)0) ;

0

336

((void *)0)

never executed: return ((void *)0) ;

0

337

;

never executed: return ((void *)0) ;

0

338

}

-

339

X509_up_ref(x);

-

340

}

executed 7 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

7

341

}

executed 7 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

7

342

return

executed 7 times by 1 test: return sk;

Executed by:

libcrypto.so.1.1

sk;

executed 7 times by 1 test: return sk;

Executed by:

libcrypto.so.1.1

7

343

}

-

-

-

-

-

-

static int check_purpose(X509_STORE_CTX *ctx, X509 *x, int purpose, int depth,

-

350

int must_be_ca)

-

351

{

-

352

int tr_ok = 3;

-

353

if (depth >= ctx->num_untrusted

depth >= ctx->num_untrusted	Description
TRUE	evaluated 1218 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1411 times by 1 test Evaluated by: libcrypto.so.1.1

&& purpose == ctx->param->purpose

purpose == ctx->param->purpose	Description
TRUE	evaluated 1218 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1411

354

tr_ok = X509_check_trust(x, ctx->param->trust, (1U << 2));

executed 1218 times by 1 test: tr_ok = X509_check_trust(x, ctx->param->trust, (1U << 2));

Executed by:

libcrypto.so.1.1

1218

355

-

356

switch (tr_ok) {

-

357

case

executed 24 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 24 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

24

358

return

executed 24 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 24 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

24

359

case

never executed: case 2:

2:

never executed: case 2:

0

360

break;

never executed: break;

0

361

default

executed 2605 times by 1 test: default:

Executed by:

libcrypto.so.1.1

:

executed 2605 times by 1 test: default:

Executed by:

libcrypto.so.1.1

2605

362

switch (X509_check_purpose(x, purpose, must_be_ca > 0)) {

-

363

case

executed 2594 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 2594 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

2594

364

return

executed 2594 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2594 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2594

365

case

executed 9 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

0:

executed 9 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

9

366

break;

executed 9 times by 1 test: break;

Executed by:

libcrypto.so.1.1

9

367

default

executed 2 times by 1 test: default:

Executed by:

libcrypto.so.1.1

:

executed 2 times by 1 test: default:

Executed by:

libcrypto.so.1.1

2

368

if ((

(ctx->param->f...s & 0x20) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

ctx->param->flags & 0x20) == 0

(ctx->param->f...s & 0x20) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-2

369

return

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2

370

}

never executed: end of block

0

371

break;

executed 9 times by 1 test: break;

Executed by:

libcrypto.so.1.1

9

372

}

-

373

-

374

return

executed 9 times by 1 test: return verify_cb_cert(ctx, x, depth, 26);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx, x, depth, 26);

executed 9 times by 1 test: return verify_cb_cert(ctx, x, depth, 26);

Executed by:

libcrypto.so.1.1

9

375

}

-

-

-

-

-

-

-

static int check_chain_extensions(X509_STORE_CTX *ctx)

-

383

{

-

384

int i, must_be_ca, plen = 0;

-

385

X509 *x;

-

386

int proxy_path_length = 0;

-

387

int purpose;

-

388

int allow_proxy_certs;

-

389

int num = sk_X509_num(ctx->chain);

-

390

must_be_ca = -1;

-

391

-

392

-

393

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	evaluated 1343 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1343

394

allow_proxy_certs = 0;

-

395

purpose = 6;

-

396

}

never executed: end of block

else {

0

397

allow_proxy_certs =

-

398

! !(ctx->param->flags & 0x40);

-

399

purpose = ctx->param->purpose;

-

400

}

executed 1343 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1343

401

-

402

for (i = 0; i < num

i < num	Description
TRUE	evaluated 2671 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1338 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

1338-2671

403

int ret;

-

404

x = sk_X509_value(ctx->chain, i);

-

405

if (!(ctx->param->flags & 0x10)

!(ctx->param->flags & 0x10)	Description
TRUE	evaluated 2671 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-2671

406

&& (

(x->ex_flags & 0x200)	Description
TRUE	never evaluated
FALSE	evaluated 2671 times by 1 test Evaluated by: libcrypto.so.1.1

x->ex_flags & 0x200)

(x->ex_flags & 0x200)	Description
TRUE	never evaluated
FALSE	evaluated 2671 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-2671

407

if (!verify_cb_cert(ctx, x, i,

!verify_cb_cert(ctx, x, i, 34)	Description
TRUE	never evaluated
FALSE	never evaluated

0

408

34)

!verify_cb_cert(ctx, x, i, 34)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

409

return

never executed: return 0;

0;

never executed: return 0;

0

410

}

never executed: end of block

0

411

if (!allow_proxy_certs

!allow_proxy_certs	Description
TRUE	evaluated 2650 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libcrypto.so.1.1

&& (

(x->ex_flags & 0x400)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2647 times by 1 test Evaluated by: libcrypto.so.1.1

x->ex_flags & 0x400)

(x->ex_flags & 0x400)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2647 times by 1 test Evaluated by: libcrypto.so.1.1

) {

3-2650

412

if (!verify_cb_cert(ctx, x, i,

!verify_cb_cert(ctx, x, i, 40)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-3

413

40)

!verify_cb_cert(ctx, x, i, 40)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-3

414

return

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

3

415

}

never executed: end of block

0

416

ret = X509_check_ca(x);

-

417

switch (must_be_ca) {

-

418

case

executed 1340 times by 1 test: case -1:

Executed by:

libcrypto.so.1.1

-1:

executed 1340 times by 1 test: case -1:

Executed by:

libcrypto.so.1.1

1340

419

if ((

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 1340 times by 1 test Evaluated by: libcrypto.so.1.1

ctx->param->flags & 0x20)

(ctx->param->flags & 0x20)	Description
TRUE	never evaluated
FALSE	evaluated 1340 times by 1 test Evaluated by: libcrypto.so.1.1

0-1340

420

&& (

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 1)

(ret != 1)	Description
TRUE	never evaluated
FALSE	never evaluated

&& (

(ret != 0)	Description
TRUE	never evaluated
FALSE	never evaluated

ret != 0)

(ret != 0)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

421

ret = 0;

-

422

ctx->error = 24;

-

423

}

never executed: end of block

else

0

424

ret = 1;

executed 1340 times by 1 test: ret = 1;

Executed by:

libcrypto.so.1.1

1340

425

break;

executed 1340 times by 1 test: break;

Executed by:

libcrypto.so.1.1

1340

426

case

executed 8 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

0:

executed 8 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

8

427

if (ret != 0

ret != 0	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-8

428

ret = 0;

-

429

ctx->error = 37;

-

430

}

never executed: end of block

else

0

431

ret = 1;

executed 8 times by 1 test: ret = 1;

Executed by:

libcrypto.so.1.1

8

432

break;

executed 8 times by 1 test: break;

Executed by:

libcrypto.so.1.1

8

433

default

executed 1320 times by 1 test: default:

Executed by:

libcrypto.so.1.1

:

executed 1320 times by 1 test: default:

Executed by:

libcrypto.so.1.1

1320

434

-

435

if ((

(ret == 0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1312 times by 1 test Evaluated by: libcrypto.so.1.1

ret == 0)

(ret == 0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1312 times by 1 test Evaluated by: libcrypto.so.1.1

8-1312

436

|| ((i + 1 < num

i + 1 < num	Description
TRUE	evaluated 115 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1197 times by 1 test Evaluated by: libcrypto.so.1.1

|| ctx->param->flags & 0x20

ctx->param->flags & 0x20	Description
TRUE	never evaluated
FALSE	evaluated 1197 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1197

437

&& (

(ret != 1)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 113 times by 1 test Evaluated by: libcrypto.so.1.1

ret != 1)

(ret != 1)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 113 times by 1 test Evaluated by: libcrypto.so.1.1

)) {

2-113

438

ret = 0;

-

439

ctx->error = 24;

-

440

}

executed 10 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

else

10

441

ret = 1;

executed 1310 times by 1 test: ret = 1;

Executed by:

libcrypto.so.1.1

1310

442

break;

executed 1320 times by 1 test: break;

Executed by:

libcrypto.so.1.1

1320

443

}

-

444

if (ret == 0

ret == 0	Description
TRUE	evaluated 10 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2658 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_cert(ctx, x, i, 0)

!verify_cb_cert(ctx, x, i, 0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1

)

1-2658

445

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

446

-

447

if (purpose > 0

purpose > 0	Description
TRUE	evaluated 2629 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1

&& !check_purpose(ctx, x, purpose, i, must_be_ca)

!check_purpose...i, must_be_ca)	Description
TRUE	never evaluated
FALSE	evaluated 2629 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2629

448

return

never executed: return 0;

0;

never executed: return 0;

0

449

-

450

if ((

(i > 1)	Description
TRUE	evaluated 124 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2543 times by 1 test Evaluated by: libcrypto.so.1.1

i > 1)

(i > 1)	Description
TRUE	evaluated 124 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2543 times by 1 test Evaluated by: libcrypto.so.1.1

&& !(x->ex_flags & 0x20)

!(x->ex_flags & 0x20)	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 113 times by 1 test Evaluated by: libcrypto.so.1.1

11-2543

451

&& (

(x->ex_pathlen != -1)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1

x->ex_pathlen != -1)

(x->ex_pathlen != -1)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1

0-11

452

&& (

(plen > (x->ex...h_length + 1))	Description
TRUE	never evaluated
FALSE	never evaluated

plen > (x->ex_pathlen + proxy_path_length + 1))

(plen > (x->ex...h_length + 1))	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

453

if (!verify_cb_cert(ctx, x, i, 25)

!verify_cb_cert(ctx, x, i, 25)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

454

return

never executed: return 0;

0;

never executed: return 0;

0

455

}

never executed: end of block

0

456

-

457

if (!(x->ex_flags & 0x20)

!(x->ex_flags & 0x20)	Description
TRUE	evaluated 1488 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1179 times by 1 test Evaluated by: libcrypto.so.1.1

)

1179-1488

458

plen++;

executed 1488 times by 1 test: plen++;

Executed by:

libcrypto.so.1.1

1488

-

-

-

-

-

if (x->ex_flags & 0x400

x->ex_flags & 0x400	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2658 times by 1 test Evaluated by: libcrypto.so.1.1

) {

9-2658

465

if (x->ex_pcpathlen != -1

x->ex_pcpathlen != -1	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-9

466

if (proxy_path_length > x->ex_pcpathlen

proxy_path_len...->ex_pcpathlen	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1-8

467

if (!verify_cb_cert(ctx, x, i,

!verify_cb_cert(ctx, x, i, 38)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

468

38)

!verify_cb_cert(ctx, x, i, 38)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1

469

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

470

}

never executed: end of block

0

471

proxy_path_length = x->ex_pcpathlen;

-

472

}

executed 8 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

8

473

proxy_path_length++;

-

474

must_be_ca = 0;

-

475

}

executed 8 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

else

8

476

must_be_ca = 1;

executed 2658 times by 1 test: must_be_ca = 1;

Executed by:

libcrypto.so.1.1

2658

477

}

-

478

return

executed 1338 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1338 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1338

479

}

-

480

-

481

static int has_san_id(X509 *x, int gtype)

-

482

{

-

483

int i;

-

484

int ret = 0;

-

485

GENERAL_NAMES *gs = X509_get_ext_d2i(x, 85,

-

486

((void *)0)

-

487

,

-

488

((void *)0)

-

489

);

-

490

-

491

if (gs ==

gs == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1

0-13

492

((void *)0)

gs == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1

0-13

493

)

-

494

return

never executed: return 0;

0;

never executed: return 0;

0

495

-

496

for (i = 0; i < sk_GENERAL_NAME_num(gs)

i < sk_GENERAL_NAME_num(gs)	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

4-17

497

GENERAL_NAME *g = sk_GENERAL_NAME_value(gs, i);

-

498

-

499

if (g->type == gtype

g->type == gtype	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1

) {

8-9

500

ret = 1;

-

501

break;

executed 9 times by 1 test: break;

Executed by:

libcrypto.so.1.1

9

502

}

-

503

}

executed 8 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

8

504

GENERAL_NAMES_free(gs);

-

505

return

executed 13 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

ret;

executed 13 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

13

506

}

-

507

-

508

static int check_name_constraints(X509_STORE_CTX *ctx)

-

509

{

-

510

int i;

-

511

-

512

-

513

for (i = sk_X509_num(ctx->chain) - 1; i >= 0

i >= 0	Description
TRUE	evaluated 2622 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1305 times by 1 test Evaluated by: libcrypto.so.1.1

; i--) {

1305-2622

514

X509 *x = sk_X509_value(ctx->chain, i);

-

515

int j;

-

516

-

517

-

518

if (i

i	Description
TRUE	evaluated 1302 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1320 times by 1 test Evaluated by: libcrypto.so.1.1

&& (

(x->ex_flags & 0x20)	Description
TRUE	evaluated 1158 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 144 times by 1 test Evaluated by: libcrypto.so.1.1

x->ex_flags & 0x20)

(x->ex_flags & 0x20)	Description
TRUE	evaluated 1158 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 144 times by 1 test Evaluated by: libcrypto.so.1.1

)

144-1320

519

continue;

executed 1158 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

1158

-

-

-

-

-

-

-

if (x->ex_flags & 0x400

x->ex_flags & 0x400	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1457 times by 1 test Evaluated by: libcrypto.so.1.1

) {

7-1457

528

X509_NAME *tmpsubject = X509_get_subject_name(x);

-

529

X509_NAME *tmpissuer = X509_get_issuer_name(x);

-

530

X509_NAME_ENTRY *tmpentry =

-

531

((void *)0)

-

532

;

-

533

int last_object_nid = 0;

-

534

int err = 0;

-

535

int last_object_loc = X509_NAME_entry_count(tmpsubject) - 1;

-

536

-

537

-

538

if (last_object_loc < 1

last_object_loc < 1	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-7

539

err = 72;

-

540

goto

never executed: goto proxy_name_done;

proxy_name_done;

never executed: goto proxy_name_done;

0

541

}

-

-

-

-

-

-

if (X509_NAME_entry_count(tmpsubject)

X509_NAME_entr...tmpissuer) + 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

1-6

548

!= X509_NAME_entry_count(tmpissuer) + 1

X509_NAME_entr...tmpissuer) + 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1-6

549

err = 72;

-

550

goto

executed 1 time by 1 test: goto proxy_name_done;

Executed by:

libcrypto.so.1.1

proxy_name_done;

executed 1 time by 1 test: goto proxy_name_done;

Executed by:

libcrypto.so.1.1

1

551

}

-

-

-

-

-

-

if (X509_NAME_ENTRY_set(X509_NAME_get_entry(tmpsubject,

X509_NAME_ENTR...ject_loc - 1))	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

558

last_object_loc))

X509_NAME_ENTR...ject_loc - 1))	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

559

== X509_NAME_ENTRY_set(X509_NAME_get_entry(tmpsubject,

X509_NAME_ENTR...ject_loc - 1))	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

560

last_object_loc - 1))

X509_NAME_ENTR...ject_loc - 1))	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

561

err = 72;

-

562

goto

never executed: goto proxy_name_done;

proxy_name_done;

never executed: goto proxy_name_done;

0

563

}

-

-

-

-

-

-

tmpsubject = X509_NAME_dup(tmpsubject);

-

570

if (tmpsubject ==

tmpsubject == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

571

((void *)0)

tmpsubject == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

572

) {

-

573

ERR_put_error(11,(149),((1|64)),__FILE__,645);

-

574

ctx->error = 17;

-

575

return

never executed: return 0;

0;

never executed: return 0;

0

576

}

-

577

-

578

tmpentry =

-

579

X509_NAME_delete_entry(tmpsubject, last_object_loc);

-

580

last_object_nid =

-

581

OBJ_obj2nid(X509_NAME_ENTRY_get_object(tmpentry));

-

582

-

583

if (last_object_nid != 13

last_object_nid != 13	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

0-6

584

|| X509_NAME_cmp(tmpsubject, tmpissuer) != 0

X509_NAME_cmp(...mpissuer) != 0	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

585

err = 72;

-

586

}

never executed: end of block

0

587

-

588

X509_NAME_ENTRY_free(tmpentry);

-

589

X509_NAME_free(tmpsubject);

-

590

-

591

proxy_name_done:

code before this statement executed 6 times by 1 test: proxy_name_done:

Executed by:

libcrypto.so.1.1

6

592

if (err != 0

err != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

1-6

593

&& !verify_cb_cert(ctx, x, i, err)

!verify_cb_cer...tx, x, i, err)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1

594

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

595

}

executed 6 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

6

-

-

-

-

-

-

-

for (j = sk_X509_num(ctx->chain) - 1; j > i

j > i	Description
TRUE	evaluated 1429 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1449 times by 1 test Evaluated by: libcrypto.so.1.1

; j--) {

1429-1449

604

NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;

-

605

-

606

if (nc

nc	Description
TRUE	evaluated 28 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1401 times by 1 test Evaluated by: libcrypto.so.1.1

) {

28-1401

607

int rv = NAME_CONSTRAINTS_check(x, nc);

-

608

-

609

-

610

if (rv == 0

rv == 0	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1

&& i == 0

i == 0	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

4-17

611

&& (

(ctx->param->h...s & 0x20) == 0	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

ctx->param->hostflags

(ctx->param->h...s & 0x20) == 0	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-13

612

& 0x20) == 0

(ctx->param->h...s & 0x20) == 0	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-13

613

&& ((

(ctx->param->h...gs & 0x1) != 0	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1

ctx->param->hostflags

(ctx->param->h...gs & 0x1) != 0	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1

0-13

614

& 0x1) != 0

(ctx->param->h...gs & 0x1) != 0	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1

0-13

615

|| !has_san_id(x, 2)

!has_san_id(x, 2)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1

))

4-9

616

rv = NAME_CONSTRAINTS_check_CN(x, nc);

executed 4 times by 1 test: rv = NAME_CONSTRAINTS_check_CN(x, nc);

Executed by:

libcrypto.so.1.1

4

617

-

618

switch (rv) {

-

619

case

executed 14 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

0:

executed 14 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

14

620

break;

executed 14 times by 1 test: break;

Executed by:

libcrypto.so.1.1

14

621

case

never executed: case 17:

17:

never executed: case 17:

0

622

return

never executed: return 0;

0;

never executed: return 0;

0

623

default

executed 14 times by 1 test: default:

Executed by:

libcrypto.so.1.1

:

executed 14 times by 1 test: default:

Executed by:

libcrypto.so.1.1

14

624

if (!verify_cb_cert(ctx, x, i, rv)

!verify_cb_cert(ctx, x, i, rv)	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-14

625

return

executed 14 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 14 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

14

626

break;

never executed: break;

0

627

}

-

628

}

-

629

}

executed 1415 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1415

630

}

executed 1449 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1449

631

return

executed 1305 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1305 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1305

632

}

-

633

-

634

static int check_id_error(X509_STORE_CTX *ctx, int errcode)

-

635

{

-

636

return

executed 3 times by 1 test: return verify_cb_cert(ctx, ctx->cert, 0, errcode);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx, ctx->cert, 0, errcode);

executed 3 times by 1 test: return verify_cb_cert(ctx, ctx->cert, 0, errcode);

Executed by:

libcrypto.so.1.1

3

637

}

-

638

-

639

static int check_hosts(X509 *x, X509_VERIFY_PARAM *vpm)

-

640

{

-

641

int i;

-

642

int n = sk_OPENSSL_STRING_num(vpm->hosts);

-

643

char *name;

-

644

-

645

if (vpm->peername !=

vpm->peername != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 1 test Evaluated by: libcrypto.so.1.1

0-36

646

((void *)0)

vpm->peername != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 36 times by 1 test Evaluated by: libcrypto.so.1.1

0-36

647

) {

-

648

CRYPTO_free(vpm->peername, __FILE__, 718);

-

649

vpm->peername =

-

650

((void *)0)

-

651

;

-

652

}

never executed: end of block

0

653

for (i = 0; i < n

i < n	Description
TRUE	evaluated 36 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

; ++i) {

3-36

654

name = sk_OPENSSL_STRING_value(vpm->hosts, i);

-

655

if (X509_check_host(x, name, 0, vpm->hostflags, &vpm->peername) > 0

X509_check_hos...>peername) > 0	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

)

3-33

656

return

executed 33 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 33 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

33

657

}

executed 3 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

3

658

return

executed 3 times by 1 test: return n == 0;

Executed by:

libcrypto.so.1.1

n == 0;

executed 3 times by 1 test: return n == 0;

Executed by:

libcrypto.so.1.1

3

659

}

-

660

-

661

static int check_id(X509_STORE_CTX *ctx)

-

662

{

-

663

X509_VERIFY_PARAM *vpm = ctx->param;

-

664

X509 *x = ctx->cert;

-

665

if (vpm->hosts

vpm->hosts	Description
TRUE	evaluated 36 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1303 times by 1 test Evaluated by: libcrypto.so.1.1

&& check_hosts(x, vpm) <= 0

check_hosts(x, vpm) <= 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1

) {

3-1303

666

if (!check_id_error(ctx, 62)

!check_id_error(ctx, 62)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-3

667

return

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 3 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

3

668

}

never executed: end of block

0

669

if (vpm->email

vpm->email	Description
TRUE	never evaluated
FALSE	evaluated 1336 times by 1 test Evaluated by: libcrypto.so.1.1

&& X509_check_email(x, vpm->email, vpm->emaillen, 0) <= 0

X509_check_ema...illen, 0) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-1336

670

if (!check_id_error(ctx, 63)

!check_id_error(ctx, 63)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

671

return

never executed: return 0;

0;

never executed: return 0;

0

672

}

never executed: end of block

0

673

if (vpm->ip

vpm->ip	Description
TRUE	never evaluated
FALSE	evaluated 1336 times by 1 test Evaluated by: libcrypto.so.1.1

&& X509_check_ip(x, vpm->ip, vpm->iplen, 0) <= 0

X509_check_ip(...iplen, 0) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-1336

674

if (!check_id_error(ctx, 64)

!check_id_error(ctx, 64)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

675

return

never executed: return 0;

0;

never executed: return 0;

0

676

}

never executed: end of block

0

677

return

executed 1336 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1336 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1336

678

}

-

679

-

680

static int check_trust(X509_STORE_CTX *ctx, int num_untrusted)

-

681

{

-

682

int i;

-

683

X509 *x =

-

684

((void *)0)

-

685

;

-

686

X509 *mx;

-

687

SSL_DANE *dane = ctx->dane;

-

688

int num = sk_X509_num(ctx->chain);

-

689

int trust;

-

-

-

-

-

-

if (((

(dane)	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4821 times by 1 test Evaluated by: libcrypto.so.1.1

dane)

(dane)	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4821 times by 1 test Evaluated by: libcrypto.so.1.1

&& ((

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

dane)->umask & (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 2))))

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) && num_untrusted > 0

num_untrusted > 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& num_untrusted < num

num_untrusted < num	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-4821

696

switch (trust = check_dane_issuer(ctx, num_untrusted)) {

-

697

case

never executed: case 1:

1:

never executed: case 1:

0

698

case

never executed: case 2:

2:

never executed: case 2:

0

699

return

never executed: return trust;

trust;

never executed: return trust;

0

700

}

-

701

}

executed 11 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

11

-

-

-

-

-

-

-

for (i = num_untrusted; i < num

i < num	Description
TRUE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3623 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

1231-3623

710

x = sk_X509_value(ctx->chain, i);

-

711

trust = X509_check_trust(x, ctx->param->trust, 0);

-

712

-

713

if (trust == 1

trust == 1	Description
TRUE	evaluated 1190 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 41 times by 1 test Evaluated by: libcrypto.so.1.1

)

41-1190

714

goto

executed 1190 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

trusted;

executed 1190 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

1190

715

if (trust == 2

trust == 2	Description
TRUE	evaluated 24 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1

)

17-24

716

goto

executed 24 times by 1 test: goto rejected;

Executed by:

libcrypto.so.1.1

rejected;

executed 24 times by 1 test: goto rejected;

Executed by:

libcrypto.so.1.1

24

717

}

executed 17 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

17

-

-

-

-

-

if (num_untrusted < num

num_untrusted < num	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3606 times by 1 test Evaluated by: libcrypto.so.1.1

) {

17-3606

724

if (ctx->param->flags & 0x80000

ctx->param->flags & 0x80000	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1

)

8-9

725

goto

executed 8 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

trusted;

executed 8 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

8

726

return

executed 9 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 9 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

9

727

}

-

728

-

729

if (num_untrusted == num

num_untrusted == num	Description
TRUE	evaluated 3606 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& ctx->param->flags & 0x80000

ctx->param->flags & 0x80000	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3589 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-3606

-

-

-

-

i = 0;

-

735

x = sk_X509_value(ctx->chain, i);

-

736

mx = lookup_cert_match(ctx, x);

-

737

if (!mx

!mx	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1

)

6-11

738

return

executed 6 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 6 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

6

-

-

-

-

-

trust = X509_check_trust(mx, ctx->param->trust, 0);

-

745

if (trust == 2

trust == 2	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-9

746

X509_free(mx);

-

747

goto

executed 2 times by 1 test: goto rejected;

Executed by:

libcrypto.so.1.1

rejected;

executed 2 times by 1 test: goto rejected;

Executed by:

libcrypto.so.1.1

2

748

}

-

749

-

750

-

751

(void) sk_X509_set(ctx->chain, 0, mx);

-

752

X509_free(x);

-

753

ctx->num_untrusted = 0;

-

754

goto

executed 9 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

trusted;

executed 9 times by 1 test: goto trusted;

Executed by:

libcrypto.so.1.1

9

755

}

-

-

-

-

-

-

return

executed 3589 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 3589 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3589

762

-

763

rejected:

-

764

if (!verify_cb_cert(ctx, x, i, 28)

!verify_cb_cert(ctx, x, i, 28)	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-26

765

return

executed 26 times by 1 test: return 2;

Executed by:

libcrypto.so.1.1

2;

executed 26 times by 1 test: return 2;

Executed by:

libcrypto.so.1.1

26

766

return

never executed: return 3;

3;

never executed: return 3;

0

767

-

768

trusted:

-

769

if (!((

(dane) != ((void *)0)	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1192 times by 1 test Evaluated by: libcrypto.so.1.1

dane) !=

(dane) != ((void *)0)	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1192 times by 1 test Evaluated by: libcrypto.so.1.1

15-1192

770

((void *)0)

(dane) != ((void *)0)	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1192 times by 1 test Evaluated by: libcrypto.so.1.1

15-1192

771

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

))

0-15

772

return

executed 1192 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1192 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1192

773

if (dane->pdpth < 0

dane->pdpth < 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-15

774

dane->pdpth = num_untrusted;

executed 15 times by 1 test: dane->pdpth = num_untrusted;

Executed by:

libcrypto.so.1.1

15

775

-

776

if (dane->mdpth >= 0

dane->mdpth >= 0	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-13

777

return

executed 13 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 13 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

13

778

return

executed 2 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 2 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

2

779

}

-

780

-

781

static int check_revocation(X509_STORE_CTX *ctx)

-

782

{

-

783

int i = 0, last = 0, ok = 0;

-

784

if (!(ctx->param->flags & 0x4)

!(ctx->param->flags & 0x4)	Description
TRUE	evaluated 1324 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

7-1324

785

return

executed 1324 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1324 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1324

786

if (ctx->param->flags & 0x8

ctx->param->flags & 0x8	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

787

last = sk_X509_num(ctx->chain) - 1;

never executed: last = sk_X509_num(ctx->chain) - 1;

0

788

else {

-

789

-

790

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

791

return

never executed: return 1;

1;

never executed: return 1;

0

792

last = 0;

-

793

}

executed 7 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

7

794

for (i = 0; i <= last

i <= last	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

2-7

795

ctx->error_depth = i;

-

796

ok = check_cert(ctx);

-

797

if (!ok

!ok	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-5

798

return

executed 5 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 5 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

5

799

}

executed 2 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2

800

return

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2

801

}

-

802

-

803

static int check_cert(X509_STORE_CTX *ctx)

-

804

{

-

805

X509_CRL *crl =

-

806

((void *)0)

-

807

, *dcrl =

-

808

((void *)0)

-

809

;

-

810

int ok = 0;

-

811

int cnum = ctx->error_depth;

-

812

X509 *x = sk_X509_value(ctx->chain, cnum);

-

813

-

814

ctx->current_cert = x;

-

815

ctx->current_issuer =

-

816

((void *)0)

-

817

;

-

818

ctx->current_crl_score = 0;

-

819

ctx->current_reasons = 0;

-

820

-

821

if (x->ex_flags & 0x400

x->ex_flags & 0x400	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

822

return

never executed: return 1;

1;

never executed: return 1;

0

823

-

824

while (ctx->current_reasons != 0x807f

ctx->current_reasons != 0x807f	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-7

825

unsigned int last_reasons = ctx->current_reasons;

-

826

-

827

-

828

if (ctx->get_crl

ctx->get_crl	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

829

ok = ctx->get_crl(ctx, &crl, x);

never executed: ok = ctx->get_crl(ctx, &crl, x);

0

830

else

-

831

ok = get_crl_delta(ctx, &crl, &dcrl, x);

executed 7 times by 1 test: ok = get_crl_delta(ctx, &crl, &dcrl, x);

Executed by:

libcrypto.so.1.1

7

-

-

-

if (!ok

!ok	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-5

836

ok = verify_cb_crl(ctx, 3);

-

837

goto

executed 2 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

done;

executed 2 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

2

838

}

-

839

ctx->current_crl = crl;

-

840

ok = ctx->check_crl(ctx, crl);

-

841

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5

842

goto

never executed: goto done;

done;

never executed: goto done;

0

843

-

844

if (dcrl

dcrl	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-5

845

ok = ctx->check_crl(ctx, dcrl);

-

846

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

847

goto

never executed: goto done;

done;

never executed: goto done;

0

848

ok = ctx->cert_crl(ctx, dcrl, x);

-

849

if (!ok

!ok	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

850

goto

never executed: goto done;

done;

never executed: goto done;

0

851

}

never executed: end of block

else

0

852

ok = 1;

executed 5 times by 1 test: ok = 1;

Executed by:

libcrypto.so.1.1

5

853

-

854

-

855

if (ok != 2

ok != 2	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-5

856

ok = ctx->cert_crl(ctx, crl, x);

-

857

if (!ok

!ok	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-3

858

goto

executed 3 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

done;

executed 3 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

3

859

}

executed 2 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2

860

-

861

X509_CRL_free(crl);

-

862

X509_CRL_free(dcrl);

-

863

crl =

-

864

((void *)0)

-

865

;

-

866

dcrl =

-

867

((void *)0)

-

868

;

-

-

-

-

-

if (last_reasons == ctx->current_reasons

last_reasons =...urrent_reasons	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-2

874

ok = verify_cb_crl(ctx, 3);

-

875

goto

never executed: goto done;

done;

never executed: goto done;

0

876

}

-

877

}

executed 2 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2

878

done:

code before this statement executed 2 times by 1 test: done:

Executed by:

libcrypto.so.1.1

2

879

X509_CRL_free(crl);

-

880

X509_CRL_free(dcrl);

-

881

-

882

ctx->current_crl =

-

883

((void *)0)

-

884

;

-

885

return

executed 7 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 7 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

7

886

}

-

-

-

-

static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)

-

891

{

-

892

time_t *ptime;

-

893

int i;

-

894

-

895

if (notify

notify	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

896

ctx->current_crl = crl;

never executed: ctx->current_crl = crl;

0

897

if (ctx->param->flags & 0x2

ctx->param->flags & 0x2	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-6

898

ptime = &ctx->param->check_time;

executed 6 times by 1 test: ptime = &ctx->param->check_time;

Executed by:

libcrypto.so.1.1

6

899

else if (ctx->param->flags & 0x200000

ctx->param->flags & 0x200000	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

900

return

never executed: return 1;

1;

never executed: return 1;

0

901

else

-

902

ptime =

never executed: ptime = ((void *)0) ;

0

903

((void *)0)

never executed: ptime = ((void *)0) ;

0

904

;

never executed: ptime = ((void *)0) ;

0

905

-

906

i = X509_cmp_time(X509_CRL_get0_lastUpdate(crl), ptime);

-

907

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

908

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

909

return

never executed: return 0;

0;

never executed: return 0;

0

910

if (!verify_cb_crl(ctx, 15)

!verify_cb_crl(ctx, 15)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

911

return

never executed: return 0;

0;

never executed: return 0;

0

912

}

never executed: end of block

0

913

-

914

if (i > 0

i > 0	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

915

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

916

return

never executed: return 0;

0;

never executed: return 0;

0

917

if (!verify_cb_crl(ctx, 11)

!verify_cb_crl(ctx, 11)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

918

return

never executed: return 0;

0;

never executed: return 0;

0

919

}

never executed: end of block

0

920

-

921

if (X509_CRL_get0_nextUpdate(crl)

X509_CRL_get0_nextUpdate(crl)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-6

922

i = X509_cmp_time(X509_CRL_get0_nextUpdate(crl), ptime);

-

923

-

924

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

925

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

926

return

never executed: return 0;

0;

never executed: return 0;

0

927

if (!verify_cb_crl(ctx, 16)

!verify_cb_crl(ctx, 16)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

928

return

never executed: return 0;

0;

never executed: return 0;

0

929

}

never executed: end of block

0

930

-

931

if ((

(i < 0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

i < 0)

(i < 0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

&& !(ctx->current_crl_score & 0x002)

!(ctx->current...score & 0x002)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-6

932

if (!notify

!notify	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

933

return

never executed: return 0;

0;

never executed: return 0;

0

934

if (!verify_cb_crl(ctx, 12)

!verify_cb_crl(ctx, 12)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

935

return

never executed: return 0;

0;

never executed: return 0;

0

936

}

never executed: end of block

0

937

}

executed 6 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

6

938

-

939

if (notify

notify	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

940

ctx->current_crl =

never executed: ctx->current_crl = ((void *)0) ;

0

941

((void *)0)

never executed: ctx->current_crl = ((void *)0) ;

0

942

;

never executed: ctx->current_crl = ((void *)0) ;

0

943

-

944

return

executed 6 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 6 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

6

945

}

-

946

-

947

static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,

-

948

X509 **pissuer, int *pscore, unsigned int *preasons,

-

949

struct stack_st_X509_CRL *crls)

-

950

{

-

951

int i, crl_score, best_score = *pscore;

-

952

unsigned int reasons, best_reasons = 0;

-

953

X509 *x = ctx->current_cert;

-

954

X509_CRL *crl, *best_crl =

-

955

((void *)0)

-

956

;

-

957

X509 *crl_issuer =

-

958

((void *)0)

-

959

, *best_crl_issuer =

-

960

((void *)0)

-

961

;

-

962

-

963

for (i = 0; i < sk_X509_CRL_num(crls)

i < sk_X509_CRL_num(crls)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

7-9

964

crl = sk_X509_CRL_value(crls, i);

-

965

reasons = *preasons;

-

966

crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);

-

967

if (crl_score < best_score

crl_score < best_score	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

|| crl_score == 0

crl_score == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

968

continue;

executed 1 time by 1 test: continue;

Executed by:

libcrypto.so.1.1

1

969

-

970

if (crl_score == best_score

crl_score == best_score	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&& best_crl !=

best_crl != ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5

971

((void *)0)

best_crl != ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

972

) {

-

973

int day, sec;

-

974

if (ASN1_TIME_diff(&day, &sec, X509_CRL_get0_lastUpdate(best_crl),

ASN1_TIME_diff...ate(crl)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

0-1

975

X509_CRL_get0_lastUpdate(crl)) == 0

ASN1_TIME_diff...ate(crl)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

0-1

976

continue;

never executed: continue;

0

-

-

-

-

if (day <= 0

day <= 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& sec <= 0

sec <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

0-1

982

continue;

never executed: continue;

0

983

}

executed 1 time by 1 test: end of block

Executed by:

libcrypto.so.1.1

1

984

best_crl = crl;

-

985

best_crl_issuer = crl_issuer;

-

986

best_score = crl_score;

-

987

best_reasons = reasons;

-

988

}

executed 6 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

6

989

-

990

if (best_crl

best_crl	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

) {

4-5

991

X509_CRL_free(*pcrl);

-

992

*pcrl = best_crl;

-

993

*pissuer = best_crl_issuer;

-

994

*pscore = best_score;

-

995

*preasons = best_reasons;

-

996

X509_CRL_up_ref(best_crl);

-

997

X509_CRL_free(*pdcrl);

-

998

*pdcrl =

-

999

((void *)0)

-

1000

;

-

1001

get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);

-

1002

}

executed 5 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5

1003

-

1004

if (best_score >= (0x100|0x040|0x080)

best_score >= ...0\|0x040\|0x080)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

3-6

1005

return

executed 3 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 3 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

3

1006

-

1007

return

executed 6 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 6 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

6

1008

}

-

-

-

-

-

-

-

static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)

-

1016

{

-

1017

ASN1_OCTET_STRING *exta, *extb;

-

1018

int i;

-

1019

i = X509_CRL_get_ext_by_NID(a, nid, -1);

-

1020

if (i >= 0

i >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1021

-

1022

if (X509_CRL_get_ext_by_NID(a, nid, i) != -1

X509_CRL_get_e... nid, i) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1023

return

never executed: return 0;

0;

never executed: return 0;

0

1024

exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));

-

1025

}

never executed: end of block

else

0

1026

exta =

never executed: exta = ((void *)0) ;

0

1027

((void *)0)

never executed: exta = ((void *)0) ;

0

1028

;

never executed: exta = ((void *)0) ;

0

1029

-

1030

i = X509_CRL_get_ext_by_NID(b, nid, -1);

-

1031

-

1032

if (i >= 0

i >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1033

-

1034

if (X509_CRL_get_ext_by_NID(b, nid, i) != -1

X509_CRL_get_e... nid, i) != -1	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1035

return

never executed: return 0;

0;

never executed: return 0;

0

1036

extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));

-

1037

}

never executed: end of block

else

0

1038

extb =

never executed: extb = ((void *)0) ;

0

1039

((void *)0)

never executed: extb = ((void *)0) ;

0

1040

;

never executed: extb = ((void *)0) ;

0

1041

-

1042

if (!exta

!exta	Description
TRUE	never evaluated
FALSE	never evaluated

&& !extb

!extb	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1043

return

never executed: return 1;

1;

never executed: return 1;

0

1044

-

1045

if (!exta

!exta	Description
TRUE	never evaluated
FALSE	never evaluated

|| !extb

!extb	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1046

return

never executed: return 0;

0;

never executed: return 0;

0

1047

-

1048

if (ASN1_OCTET_STRING_cmp(exta, extb)

ASN1_OCTET_STR...mp(exta, extb)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1049

return

never executed: return 0;

0;

never executed: return 0;

0

1050

-

1051

return

never executed: return 1;

1;

never executed: return 1;

0

1052

}

-

-

-

-

static int check_delta_base(X509_CRL *delta, X509_CRL *base)

-

1057

{

-

1058

-

1059

if (!delta->base_crl_number

!delta->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1060

return

never executed: return 0;

0;

never executed: return 0;

0

1061

-

1062

if (!base->crl_number

!base->crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1063

return

never executed: return 0;

0;

never executed: return 0;

0

1064

-

1065

if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta))

X509_NAME_cmp(...issuer(delta))	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1066

return

never executed: return 0;

0;

never executed: return 0;

0

1067

-

1068

if (!crl_extension_match(delta, base, 90)

!crl_extension...lta, base, 90)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1069

return

never executed: return 0;

0;

never executed: return 0;

0

1070

if (!crl_extension_match(delta, base, 770)

!crl_extension...ta, base, 770)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1071

return

never executed: return 0;

0;

never executed: return 0;

0

1072

-

1073

if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0

ASN1_INTEGER_c...rl_number) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1074

return

never executed: return 0;

0;

never executed: return 0;

0

1075

-

1076

if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0

ASN1_INTEGER_c...rl_number) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1077

return

never executed: return 1;

1;

never executed: return 1;

0

1078

return

never executed: return 0;

0;

never executed: return 0;

0

1079

}

-

-

-

-

-

-

-

static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,

-

1087

X509_CRL *base, struct stack_st_X509_CRL *crls)

-

1088

{

-

1089

X509_CRL *delta;

-

1090

int i;

-

1091

if (!(ctx->param->flags & 0x2000)

!(ctx->param->flags & 0x2000)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-5

1092

return;

executed 5 times by 1 test: return;

Executed by:

libcrypto.so.1.1

5

1093

if (!((ctx->current_cert->ex_flags | base->flags) & 0x1000)

!((ctx->curren...ags) & 0x1000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1094

return;

never executed: return;

0

1095

for (i = 0; i < sk_X509_CRL_num(crls)

i < sk_X509_CRL_num(crls)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1096

delta = sk_X509_CRL_value(crls, i);

-

1097

if (check_delta_base(delta, base)

check_delta_base(delta, base)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1098

if (check_crl_time(ctx, delta, 0)

check_crl_time(ctx, delta, 0)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1099

*

never executed: *pscore |= 0x002;

pscore |= 0x002;

never executed: *pscore |= 0x002;

0

1100

X509_CRL_up_ref(delta);

-

1101

*dcrl = delta;

-

1102

return;

never executed: return;

0

1103

}

-

1104

}

never executed: end of block

0

1105

*dcrl =

-

1106

((void *)0)

-

1107

;

-

1108

}

never executed: end of block

0

1109

static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,

-

1110

unsigned int *preasons, X509_CRL *crl, X509 *x)

-

1111

{

-

1112

-

1113

int crl_score = 0;

-

1114

unsigned int tmp_reasons = *preasons, crl_reasons;

-

-

-

-

-

if (crl->idp_flags & 0x2

crl->idp_flags & 0x2	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

1120

return

never executed: return 0;

0;

never executed: return 0;

0

1121

-

1122

if (!(ctx->param->flags & 0x1000)

!(ctx->param->flags & 0x1000)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-7

1123

if (crl->idp_flags & (0x20 | 0x40)

crl->idp_flags & (0x20 \| 0x40)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-7

1124

return

never executed: return 0;

0;

never executed: return 0;

0

1125

}

executed 7 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

else if (crl->idp_flags & 0x40

crl->idp_flags & 0x40	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-7

1126

-

1127

if (!(crl->idp_reasons & ~tmp_reasons)

!(crl->idp_rea... ~tmp_reasons)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1128

return

never executed: return 0;

0;

never executed: return 0;

0

1129

}

never executed: end of block

0

1130

-

1131

else if (crl->base_crl_number

crl->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1132

return

never executed: return 0;

0;

never executed: return 0;

0

1133

-

1134

if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))

X509_NAME_cmp(...t_issuer(crl))	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1-6

1135

if (!(crl->idp_flags & 0x20)

!(crl->idp_flags & 0x20)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1

1136

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

1137

}

never executed: end of block

else

0

1138

crl_score |= 0x020;

executed 6 times by 1 test: crl_score |= 0x020;

Executed by:

libcrypto.so.1.1

6

1139

-

1140

if (!(crl->flags & 0x200)

!(crl->flags & 0x200)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-4

1141

crl_score |= 0x100;

executed 4 times by 1 test: crl_score |= 0x100;

Executed by:

libcrypto.so.1.1

4

1142

-

1143

-

1144

if (check_crl_time(ctx, crl, 0)

check_crl_time(ctx, crl, 0)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-6

1145

crl_score |= 0x040;

executed 6 times by 1 test: crl_score |= 0x040;

Executed by:

libcrypto.so.1.1

6

1146

-

1147

-

1148

crl_akid_check(ctx, crl, pissuer, &crl_score);

-

-

-

-

if (!(crl_score & 0x004)

!(crl_score & 0x004)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

1153

return

never executed: return 0;

0;

never executed: return 0;

0

-

-

-

if (crl_crldp_check(x, crl, crl_score, &crl_reasons)

crl_crldp_chec... &crl_reasons)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-6

1158

-

1159

if (!(crl_reasons & ~tmp_reasons)

!(crl_reasons & ~tmp_reasons)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

1160

return

never executed: return 0;

0;

never executed: return 0;

0

1161

tmp_reasons |= crl_reasons;

-

1162

crl_score |= 0x080;

-

1163

}

executed 6 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

6

1164

-

1165

*preasons = tmp_reasons;

-

1166

-

1167

return

executed 6 times by 1 test: return crl_score;

Executed by:

libcrypto.so.1.1

crl_score;

executed 6 times by 1 test: return crl_score;

Executed by:

libcrypto.so.1.1

6

1168

-

1169

}

-

1170

-

1171

static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,

-

1172

X509 **pissuer, int *pcrl_score)

-

1173

{

-

1174

X509 *crl_issuer =

-

1175

((void *)0)

-

1176

;

-

1177

X509_NAME *cnm = X509_CRL_get_issuer(crl);

-

1178

int cidx = ctx->error_depth;

-

1179

int i;

-

1180

-

1181

if (cidx != sk_X509_num(ctx->chain) - 1

cidx != sk_X50...tx->chain) - 1	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-6

1182

cidx++;

executed 6 times by 1 test: cidx++;

Executed by:

libcrypto.so.1.1

6

1183

-

1184

crl_issuer = sk_X509_value(ctx->chain, cidx);

-

1185

-

1186

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-6

1187

if (*

*pcrl_score & 0x020	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

pcrl_score & 0x020

*pcrl_score & 0x020	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-6

1188

*pcrl_score |= 0x004 | 0x018;

-

1189

*pissuer = crl_issuer;

-

1190

return;

executed 6 times by 1 test: return;

Executed by:

libcrypto.so.1.1

6

1191

}

-

1192

}

never executed: end of block

0

1193

-

1194

for (cidx++; cidx < sk_X509_num(ctx->chain)

cidx < sk_X509_num(ctx->chain)	Description
TRUE	never evaluated
FALSE	never evaluated

; cidx++) {

0

1195

crl_issuer = sk_X509_value(ctx->chain, cidx);

-

1196

if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)

X509_NAME_cmp(..._issuer), cnm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1197

continue;

never executed: continue;

0

1198

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1199

*pcrl_score |= 0x004 | 0x008;

-

1200

*pissuer = crl_issuer;

-

1201

return;

never executed: return;

0

1202

}

-

1203

}

never executed: end of block

0

-

-

-

if (!(ctx->param->flags & 0x1000)

!(ctx->param->flags & 0x1000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1208

return;

never executed: return;

0

-

-

-

-

-

for (i = 0; i < sk_X509_num(ctx->untrusted)

i < sk_X509_nu...tx->untrusted)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1215

crl_issuer = sk_X509_value(ctx->untrusted, i);

-

1216

if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)

X509_NAME_cmp(..._issuer), cnm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1217

continue;

never executed: continue;

0

1218

if (X509_check_akid(crl_issuer, crl->akid) == 0

X509_check_aki...rl->akid) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1219

*pissuer = crl_issuer;

-

1220

*pcrl_score |= 0x004;

-

1221

return;

never executed: return;

0

1222

}

-

1223

}

never executed: end of block

0

1224

}

never executed: end of block

0

1225

static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)

-

1226

{

-

1227

X509_STORE_CTX crl_ctx;

-

1228

int ret;

-

1229

-

1230

-

1231

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1232

return

never executed: return 0;

0;

never executed: return 0;

0

1233

if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)

!X509_STORE_CT...tx->untrusted)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1234

return

never executed: return -1;

-1;

never executed: return -1;

0

1235

-

1236

crl_ctx.crls = ctx->crls;

-

1237

-

1238

X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);

-

1239

-

1240

crl_ctx.parent = ctx;

-

1241

crl_ctx.verify_cb = ctx->verify_cb;

-

1242

-

1243

-

1244

ret = X509_verify_cert(&crl_ctx);

-

1245

if (ret <= 0

ret <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1246

goto

never executed: goto err;

err;

never executed: goto err;

0

1247

-

1248

-

1249

ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);

-

1250

err:

code before this statement never executed: err:

0

1251

X509_STORE_CTX_cleanup(&crl_ctx);

-

1252

return

never executed: return ret;

ret;

never executed: return ret;

0

1253

}

-

1254

static int check_crl_chain(X509_STORE_CTX *ctx,

-

1255

struct stack_st_X509 *cert_path,

-

1256

struct stack_st_X509 *crl_path)

-

1257

{

-

1258

X509 *cert_ta, *crl_ta;

-

1259

cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);

-

1260

crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);

-

1261

if (!X509_cmp(cert_ta, crl_ta)

!X509_cmp(cert_ta, crl_ta)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1262

return

never executed: return 1;

1;

never executed: return 1;

0

1263

return

never executed: return 0;

0;

never executed: return 0;

0

1264

}

-

1265

static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)

-

1266

{

-

1267

X509_NAME *nm =

-

1268

((void *)0)

-

1269

;

-

1270

GENERAL_NAMES *gens =

-

1271

((void *)0)

-

1272

;

-

1273

GENERAL_NAME *gena, *genb;

-

1274

int i, j;

-

1275

if (!a

!a	Description
TRUE	never evaluated
FALSE	never evaluated

|| !b

!b	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1276

return

never executed: return 1;

1;

never executed: return 1;

0

1277

if (a->type == 1

a->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1278

if (!a->dpname

!a->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1279

return

never executed: return 0;

0;

never executed: return 0;

0

1280

-

1281

if (b->type == 1

b->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1282

if (!b->dpname

!b->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1283

return

never executed: return 0;

0;

never executed: return 0;

0

1284

if (!X509_NAME_cmp(a->dpname, b->dpname)

!X509_NAME_cmp...me, b->dpname)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1285

return

never executed: return 1;

1;

never executed: return 1;

0

1286

else

-

1287

return

never executed: return 0;

0;

never executed: return 0;

0

1288

}

-

1289

-

1290

nm = a->dpname;

-

1291

gens = b->name.fullname;

-

1292

}

never executed: end of block

else if (b->type == 1

b->type == 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1293

if (!b->dpname

!b->dpname	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1294

return

never executed: return 0;

0;

never executed: return 0;

0

1295

-

1296

gens = a->name.fullname;

-

1297

nm = b->dpname;

-

1298

}

never executed: end of block

0

1299

-

1300

-

1301

if (nm

nm	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1302

for (i = 0; i < sk_GENERAL_NAME_num(gens)

i < sk_GENERAL_NAME_num(gens)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1303

gena = sk_GENERAL_NAME_value(gens, i);

-

1304

if (gena->type != 4

gena->type != 4	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1305

continue;

never executed: continue;

0

1306

if (!X509_NAME_cmp(nm, gena->d.directoryName)

!X509_NAME_cmp...directoryName)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1307

return

never executed: return 1;

1;

never executed: return 1;

0

1308

}

never executed: end of block

0

1309

return

never executed: return 0;

0;

never executed: return 0;

0

1310

}

-

-

-

-

for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname)

i < sk_GENERAL...name.fullname)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1315

gena = sk_GENERAL_NAME_value(a->name.fullname, i);

-

1316

for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname)

j < sk_GENERAL...name.fullname)	Description
TRUE	never evaluated
FALSE	never evaluated

; j++) {

0

1317

genb = sk_GENERAL_NAME_value(b->name.fullname, j);

-

1318

if (!GENERAL_NAME_cmp(gena, genb)

!GENERAL_NAME_cmp(gena, genb)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1319

return

never executed: return 1;

1;

never executed: return 1;

0

1320

}

never executed: end of block

0

1321

}

never executed: end of block

0

1322

-

1323

return

never executed: return 0;

0;

never executed: return 0;

0

1324

-

1325

}

-

1326

-

1327

static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)

-

1328

{

-

1329

int i;

-

1330

X509_NAME *nm = X509_CRL_get_issuer(crl);

-

1331

-

1332

if (!dp->CRLissuer

!dp->CRLissuer	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1333

return

never executed: return ! !(crl_score & 0x020);

! !(crl_score & 0x020);

never executed: return ! !(crl_score & 0x020);

0

1334

for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer)

i < sk_GENERAL...dp->CRLissuer)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1335

GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);

-

1336

if (gen->type != 4

gen->type != 4	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1337

continue;

never executed: continue;

0

1338

if (!X509_NAME_cmp(gen->d.directoryName, nm)

!X509_NAME_cmp...ctoryName, nm)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1339

return

never executed: return 1;

1;

never executed: return 1;

0

1340

}

never executed: end of block

0

1341

return

never executed: return 0;

0;

never executed: return 0;

0

1342

}

-

-

-

-

static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,

-

1347

unsigned int *preasons)

-

1348

{

-

1349

int i;

-

1350

if (crl->idp_flags & 0x10

crl->idp_flags & 0x10	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

1351

return

never executed: return 0;

0;

never executed: return 0;

0

1352

if (x->ex_flags & 0x10

x->ex_flags & 0x10	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6

1353

if (crl->idp_flags & 0x4

crl->idp_flags & 0x4	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1354

return

never executed: return 0;

0;

never executed: return 0;

0

1355

}

never executed: end of block

else {

0

1356

if (crl->idp_flags & 0x8

crl->idp_flags & 0x8	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-6

1357

return

never executed: return 0;

0;

never executed: return 0;

0

1358

}

executed 6 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

6

1359

*preasons = crl->idp_reasons;

-

1360

for (i = 0; i < sk_DIST_POINT_num(x->crldp)

i < sk_DIST_PO..._num(x->crldp)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

0-6

1361

DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);

-

1362

if (crldp_check_crlissuer(dp, crl, crl_score)

crldp_check_cr...rl, crl_score)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1363

if (!crl->idp

!crl->idp	Description
TRUE	never evaluated
FALSE	never evaluated

|| idp_check_dp(dp->distpoint, crl->idp->distpoint)

idp_check_dp(d...dp->distpoint)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1364

*preasons &= dp->dp_reasons;

-

1365

return

never executed: return 1;

1;

never executed: return 1;

0

1366

}

-

1367

}

never executed: end of block

0

1368

}

never executed: end of block

0

1369

if ((!crl->idp

!crl->idp	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

|| !crl->idp->distpoint

!crl->idp->distpoint	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-6

1370

&& (

(crl_score & 0x020)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

crl_score & 0x020)

(crl_score & 0x020)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-6

1371

return

executed 6 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 6 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

6

1372

return

never executed: return 0;

0;

never executed: return 0;

0

1373

}

-

-

-

-

-

-

-

static int get_crl_delta(X509_STORE_CTX *ctx,

-

1381

X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)

-

1382

{

-

1383

int ok;

-

1384

X509 *issuer =

-

1385

((void *)0)

-

1386

;

-

1387

int crl_score = 0;

-

1388

unsigned int reasons;

-

1389

X509_CRL *crl =

-

1390

((void *)0)

-

1391

, *dcrl =

-

1392

((void *)0)

-

1393

;

-

1394

struct stack_st_X509_CRL *skcrl;

-

1395

X509_NAME *nm = X509_get_issuer_name(x);

-

1396

-

1397

reasons = ctx->current_reasons;

-

1398

ok = get_crl_sk(ctx, &crl, &dcrl,

-

1399

&issuer, &crl_score, &reasons, ctx->crls);

-

1400

if (ok

ok	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

)

3-4

1401

goto

executed 3 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

done;

executed 3 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

3

-

-

-

skcrl = ctx->lookup_crls(ctx, nm);

-

1406

-

1407

-

1408

if (!skcrl

!skcrl	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& crl

crl	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-4

1409

goto

executed 2 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

done;

executed 2 times by 1 test: goto done;

Executed by:

libcrypto.so.1.1

2

1410

-

1411

get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);

-

1412

-

1413

sk_X509_CRL_pop_free(skcrl, X509_CRL_free);

-

1414

-

1415

done:

code before this statement executed 2 times by 1 test: done:

Executed by:

libcrypto.so.1.1

2

1416

-

1417

if (crl

crl	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-5

1418

ctx->current_issuer = issuer;

-

1419

ctx->current_crl_score = crl_score;

-

1420

ctx->current_reasons = reasons;

-

1421

*pcrl = crl;

-

1422

*pdcrl = dcrl;

-

1423

return

executed 5 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 5 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

5

1424

}

-

1425

return

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

2

1426

}

-

1427

-

1428

-

1429

static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)

-

1430

{

-

1431

X509 *issuer =

-

1432

((void *)0)

-

1433

;

-

1434

EVP_PKEY *ikey =

-

1435

((void *)0)

-

1436

;

-

1437

int cnum = ctx->error_depth;

-

1438

int chnum = sk_X509_num(ctx->chain) - 1;

-

1439

-

1440

-

1441

if (ctx->current_issuer

ctx->current_issuer	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-5

1442

issuer = ctx->current_issuer;

executed 5 times by 1 test: issuer = ctx->current_issuer;

Executed by:

libcrypto.so.1.1

5

-

-

-

-

else if (cnum < chnum

cnum < chnum	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1448

issuer = sk_X509_value(ctx->chain, cnum + 1);

never executed: issuer = sk_X509_value(ctx->chain, cnum + 1);

0

1449

else {

-

1450

issuer = sk_X509_value(ctx->chain, chnum);

-

1451

-

1452

if (!ctx->check_issued(ctx, issuer, issuer)

!ctx->check_is...ssuer, issuer)	Description
TRUE	never evaluated
FALSE	never evaluated

&&

0

1453

!verify_cb_crl(ctx, 33)

!verify_cb_crl(ctx, 33)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1454

return

never executed: return 0;

0;

never executed: return 0;

0

1455

}

never executed: end of block

0

1456

-

1457

if (issuer ==

issuer == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

0-5

1458

((void *)0)

issuer == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

0-5

1459

)

-

1460

return

never executed: return 1;

1;

never executed: return 1;

0

-

-

-

-

if (!crl->base_crl_number

!crl->base_crl_number	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-5

1466

-

1467

if ((

(issuer->ex_flags & 0x2)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

issuer->ex_flags & 0x2)

(issuer->ex_flags & 0x2)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1468

!(issuer->ex_kusage & 0x0002)

!(issuer->ex_kusage & 0x0002)	Description
TRUE	never evaluated
FALSE	never evaluated

&&

0

1469

!verify_cb_crl(ctx, 35)

!verify_cb_crl(ctx, 35)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1470

return

never executed: return 0;

0;

never executed: return 0;

0

1471

-

1472

if (!(ctx->current_crl_score & 0x080)

!(ctx->current...score & 0x080)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1473

!verify_cb_crl(ctx, 44)

!verify_cb_crl(ctx, 44)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1474

return

never executed: return 0;

0;

never executed: return 0;

0

1475

-

1476

if (!(ctx->current_crl_score & 0x008)

!(ctx->current...score & 0x008)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1477

check_crl_path(ctx, ctx->current_issuer) <= 0

check_crl_path...t_issuer) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

&&

0

1478

!verify_cb_crl(ctx, 54)

!verify_cb_crl(ctx, 54)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1479

return

never executed: return 0;

0;

never executed: return 0;

0

1480

-

1481

if ((

(crl->idp_flags & 0x2)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

crl->idp_flags & 0x2)

(crl->idp_flags & 0x2)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1482

!verify_cb_crl(ctx, 41)

!verify_cb_crl(ctx, 41)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1483

return

never executed: return 0;

0;

never executed: return 0;

0

1484

}

executed 5 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5

1485

-

1486

if (!(ctx->current_crl_score & 0x040)

!(ctx->current...score & 0x040)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1487

!check_crl_time(ctx, crl, 1)

!check_crl_time(ctx, crl, 1)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1488

return

never executed: return 0;

0;

never executed: return 0;

0

1489

-

1490

-

1491

ikey = X509_get0_pubkey(issuer);

-

1492

-

1493

if (!ikey

!ikey	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1494

!verify_cb_crl(ctx, 6)

!verify_cb_crl(ctx, 6)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1495

return

never executed: return 0;

0;

never executed: return 0;

0

1496

-

1497

if (ikey

ikey	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-5

1498

int rv = X509_CRL_check_suiteb(crl, ikey, ctx->param->flags);

-

1499

-

1500

if (rv != 0

rv != 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_crl(ctx, rv)

!verify_cb_crl(ctx, rv)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-5

1501

return

never executed: return 0;

0;

never executed: return 0;

0

1502

-

1503

if (X509_CRL_verify(crl, ikey) <= 0

X509_CRL_verif...rl, ikey) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

0-5

1504

!verify_cb_crl(ctx, 8)

!verify_cb_crl(ctx, 8)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1505

return

never executed: return 0;

0;

never executed: return 0;

0

1506

}

executed 5 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5

1507

return

executed 5 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 5 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

5

1508

}

-

1509

-

1510

-

1511

static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)

-

1512

{

-

1513

X509_REVOKED *rev;

-

-

-

-

-

-

-

-

if (!(ctx->param->flags & 0x10)

!(ctx->param->flags & 0x10)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5

1522

&& (

(crl->flags & 0x200)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

crl->flags & 0x200)

(crl->flags & 0x200)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

&&

2-3

1523

!verify_cb_crl(ctx, 36)

!verify_cb_crl(ctx, 36)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-2

1524

return

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

2

-

-

-

-

if (X509_CRL_get0_by_cert(crl, &rev, x)

X509_CRL_get0_...(crl, &rev, x)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1-2

1530

if (rev->reason == 8

rev->reason == 8	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

0-1

1531

return

never executed: return 2;

2;

never executed: return 2;

0

1532

if (!verify_cb_crl(ctx, 23)

!verify_cb_crl(ctx, 23)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-1

1533

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

1534

}

never executed: end of block

0

1535

-

1536

return

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2

1537

}

-

1538

-

1539

static int check_policy(X509_STORE_CTX *ctx)

-

1540

{

-

1541

int ret;

-

1542

-

1543

if (ctx->parent

ctx->parent	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1544

return

never executed: return 1;

1;

never executed: return 1;

0

1545

if (ctx->bare_ta_signed

ctx->bare_ta_signed	Description
TRUE	never evaluated
FALSE	never evaluated

&& !sk_X509_push(ctx->chain,

!sk_X509_push(... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

0

1546

((void *)0)

!sk_X509_push(... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

0

1547

)

!sk_X509_push(... ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1548

ERR_put_error(11,(145),((1|64)),__FILE__,1607);

-

1549

ctx->error = 17;

-

1550

return

never executed: return 0;

0;

never executed: return 0;

0

1551

}

-

1552

ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,

-

1553

ctx->param->policies, ctx->param->flags);

-

1554

if (ctx->bare_ta_signed

ctx->bare_ta_signed	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1555

sk_X509_pop(ctx->chain);

never executed: sk_X509_pop(ctx->chain);

0

1556

-

1557

if (ret == 0

ret == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1558

ERR_put_error(11,(145),((1|64)),__FILE__,1617);

-

1559

ctx->error = 17;

-

1560

return

never executed: return 0;

0;

never executed: return 0;

0

1561

}

-

1562

-

1563

if (ret == -1

ret == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1564

int i;

-

1565

-

1566

-

1567

for (i = 1; i < sk_X509_num(ctx->chain)

i < sk_X509_num(ctx->chain)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1568

X509 *x = sk_X509_value(ctx->chain, i);

-

1569

-

1570

if (!(x->ex_flags & 0x800)

!(x->ex_flags & 0x800)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1571

continue;

never executed: continue;

0

1572

if (!verify_cb_cert(ctx, x, i,

!verify_cb_cert(ctx, x, i, 42)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1573

42)

!verify_cb_cert(ctx, x, i, 42)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1574

return

never executed: return 0;

0;

never executed: return 0;

0

1575

}

never executed: end of block

0

1576

return

never executed: return 1;

1;

never executed: return 1;

0

1577

}

-

1578

if (ret == -2

ret == -2	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1579

ctx->current_cert =

-

1580

((void *)0)

-

1581

;

-

1582

ctx->error = 43;

-

1583

return

never executed: return ctx->verify_cb(0, ctx);

ctx->verify_cb(0, ctx);

never executed: return ctx->verify_cb(0, ctx);

0

1584

}

-

1585

if (ret != 1

ret != 1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1586

ERR_put_error(11,(145),((4|64)),__FILE__,1643);

-

1587

return

never executed: return 0;

0;

never executed: return 0;

0

1588

}

-

1589

-

1590

if (ctx->param->flags & 0x800

ctx->param->flags & 0x800	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1591

ctx->current_cert =

-

1592

((void *)0)

-

1593

;

-

-

-

-

-

-

-

if (!ctx->verify_cb(2, ctx)

!ctx->verify_cb(2, ctx)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1601

return

never executed: return 0;

0;

never executed: return 0;

0

1602

}

never executed: end of block

0

1603

-

1604

return

never executed: return 1;

1;

never executed: return 1;

0

1605

}

-

1606

int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth)

-

1607

{

-

1608

time_t *ptime;

-

1609

int i;

-

1610

-

1611

if (ctx->param->flags & 0x2

ctx->param->flags & 0x2	Description
TRUE	evaluated 59 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4082 times by 1 test Evaluated by: libcrypto.so.1.1

)

59-4082

1612

ptime = &ctx->param->check_time;

executed 59 times by 1 test: ptime = &ctx->param->check_time;

Executed by:

libcrypto.so.1.1

59

1613

else if (ctx->param->flags & 0x200000

ctx->param->flags & 0x200000	Description
TRUE	never evaluated
FALSE	evaluated 4082 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-4082

1614

return

never executed: return 1;

1;

never executed: return 1;

0

1615

else

-

1616

ptime =

executed 4082 times by 1 test: ptime = ((void *)0) ;

Executed by:

libcrypto.so.1.1

4082

1617

((void *)0)

executed 4082 times by 1 test: ptime = ((void *)0) ;

Executed by:

libcrypto.so.1.1

4082

1618

;

executed 4082 times by 1 test: ptime = ((void *)0) ;

Executed by:

libcrypto.so.1.1

4082

1619

-

1620

i = X509_cmp_time(X509_get0_notBefore(x), ptime);

-

1621

if (i >= 0

i >= 0	Description
TRUE	evaluated 102 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4039 times by 1 test Evaluated by: libcrypto.so.1.1

&& depth < 0

depth < 0	Description
TRUE	evaluated 102 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-4039

1622

return

executed 102 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 102 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

102

1623

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 4039 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer... x, depth, 13)	Description
TRUE	never evaluated
FALSE	never evaluated

0-4039

1624

13)

!verify_cb_cer... x, depth, 13)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1625

return

never executed: return 0;

0;

never executed: return 0;

0

1626

if (i > 0

i > 0	Description
TRUE	never evaluated
FALSE	evaluated 4039 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_cert(ctx, x, depth, 9)

!verify_cb_cer..., x, depth, 9)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-4039

1627

return

never executed: return 0;

0;

never executed: return 0;

0

1628

-

1629

i = X509_cmp_time(X509_get0_notAfter(x), ptime);

-

1630

if (i <= 0

i <= 0	Description
TRUE	evaluated 79 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3960 times by 1 test Evaluated by: libcrypto.so.1.1

&& depth < 0

depth < 0	Description
TRUE	evaluated 78 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

1-3960

1631

return

executed 78 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 78 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

78

1632

if (i == 0

i == 0	Description
TRUE	never evaluated
FALSE	evaluated 3961 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_cert(ctx, x, depth,

!verify_cb_cer... x, depth, 14)	Description
TRUE	never evaluated
FALSE	never evaluated

0-3961

1633

14)

!verify_cb_cer... x, depth, 14)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1634

return

never executed: return 0;

0;

never executed: return 0;

0

1635

if (i < 0

i < 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3960 times by 1 test Evaluated by: libcrypto.so.1.1

&& !verify_cb_cert(ctx, x, depth, 10)

!verify_cb_cer... x, depth, 10)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

0-3960

1636

return

never executed: return 0;

0;

never executed: return 0;

0

1637

return

executed 3961 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 3961 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

3961

1638

}

-

1639

-

1640

static int internal_verify(X509_STORE_CTX *ctx)

-

1641

{

-

1642

int n = sk_X509_num(ctx->chain) - 1;

-

1643

X509 *xi = sk_X509_value(ctx->chain, n);

-

1644

X509 *xs;

-

-

-

-

-

-

-

if (ctx->bare_ta_signed

ctx->bare_ta_signed	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1324 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-1324

1652

xs = xi;

-

1653

xi =

-

1654

((void *)0)

-

1655

;

-

1656

goto

executed 2 times by 1 test: goto check_cert;

Executed by:

libcrypto.so.1.1

check_cert;

executed 2 times by 1 test: goto check_cert;

Executed by:

libcrypto.so.1.1

2

1657

}

-

1658

-

1659

if (ctx->check_issued(ctx, xi, xi)

ctx->check_issued(ctx, xi, xi)	Description
TRUE	evaluated 1167 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 157 times by 1 test Evaluated by: libcrypto.so.1.1

)

157-1167

1660

xs = xi;

executed 1167 times by 1 test: xs = xi;

Executed by:

libcrypto.so.1.1

1167

1661

else {

-

1662

if (ctx->param->flags & 0x80000

ctx->param->flags & 0x80000	Description
TRUE	evaluated 20 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 137 times by 1 test Evaluated by: libcrypto.so.1.1

) {

20-137

1663

xs = xi;

-

1664

goto

executed 20 times by 1 test: goto check_cert;

Executed by:

libcrypto.so.1.1

check_cert;

executed 20 times by 1 test: goto check_cert;

Executed by:

libcrypto.so.1.1

20

1665

}

-

1666

if (n <= 0

n <= 0	Description
TRUE	evaluated 121 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1

)

16-121

1667

return

executed 121 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx, xi, 0,

executed 121 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

libcrypto.so.1.1

121

1668

21);

executed 121 times by 1 test: return verify_cb_cert(ctx, xi, 0, 21);

Executed by:

libcrypto.so.1.1

121

1669

n--;

-

1670

ctx->error_depth = n;

-

1671

xs = sk_X509_value(ctx->chain, n);

-

1672

}

executed 16 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

16

-

-

-

-

-

while (n >= 0

n >= 0	Description
TRUE	evaluated 2475 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1199 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1199-2475

1679

EVP_PKEY *pkey;

-

-

-

-

-

-

-

-

if (xs != xi

xs != xi	Description
TRUE	evaluated 1308 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1167 times by 1 test Evaluated by: libcrypto.so.1.1

|| (

(ctx->param->flags & 0x4000)	Description
TRUE	never evaluated
FALSE	evaluated 1167 times by 1 test Evaluated by: libcrypto.so.1.1

ctx->param->flags & 0x4000)

(ctx->param->flags & 0x4000)	Description
TRUE	never evaluated
FALSE	evaluated 1167 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1308

1688

if ((

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1308 times by 1 test Evaluated by: libcrypto.so.1.1

pkey = X509_get0_pubkey(xi)) ==

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1308 times by 1 test Evaluated by: libcrypto.so.1.1

0-1308

1689

((void *)0)

(pkey = X509_g...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1308 times by 1 test Evaluated by: libcrypto.so.1.1

0-1308

1690

) {

-

1691

if (!verify_cb_cert(ctx, xi, xi != xs ? n+1 : n,

!verify_cb_cer... ? n+1 : n, 6)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1692

6)

!verify_cb_cer... ? n+1 : n, 6)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1693

return

never executed: return 0;

0;

never executed: return 0;

0

1694

}

never executed: end of block

else if (X509_verify(xs, pkey) <= 0

X509_verify(xs, pkey) <= 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1302 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1302

1695

if (!verify_cb_cert(ctx, xs, n,

!verify_cb_cert(ctx, xs, n, 7)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-6

1696

7)

!verify_cb_cert(ctx, xs, n, 7)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-6

1697

return

executed 6 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 6 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

6

1698

}

never executed: end of block

0

1699

}

executed 1302 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1302

1700

-

1701

check_cert:

code before this statement executed 2469 times by 1 test: check_cert:

Executed by:

libcrypto.so.1.1

2469

1702

-

1703

if (!x509_check_cert_time(ctx, xs, n)

!x509_check_ce...me(ctx, xs, n)	Description
TRUE	never evaluated
FALSE	evaluated 2491 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2491

1704

return

never executed: return 0;

0;

never executed: return 0;

0

-

-

-

-

-

ctx->current_issuer = xi;

-

1711

ctx->current_cert = xs;

-

1712

ctx->error_depth = n;

-

1713

if (!ctx->verify_cb(1, ctx)

!ctx->verify_cb(1, ctx)	Description
TRUE	never evaluated
FALSE	evaluated 2491 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2491

1714

return

never executed: return 0;

0;

never executed: return 0;

0

1715

-

1716

if (--

--n >= 0	Description
TRUE	evaluated 1292 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1199 times by 1 test Evaluated by: libcrypto.so.1.1

n >= 0

--n >= 0	Description
TRUE	evaluated 1292 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1199 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1199-1292

1717

xi = xs;

-

1718

xs = sk_X509_value(ctx->chain, n);

-

1719

}

executed 1292 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1292

1720

}

executed 2491 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2491

1721

return

executed 1199 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1199 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1199

1722

}

-

1723

-

1724

int X509_cmp_current_time(const ASN1_TIME *ctm)

-

1725

{

-

1726

return

never executed: return X509_cmp_time(ctm, ((void *)0) );

X509_cmp_time(ctm,

never executed: return X509_cmp_time(ctm, ((void *)0) );

0

1727

((void *)0)

never executed: return X509_cmp_time(ctm, ((void *)0) );

0

1728

);

never executed: return X509_cmp_time(ctm, ((void *)0) );

0

1729

}

-

1730

-

1731

int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)

-

1732

{

-

1733

static const size_t utctime_length = sizeof("YYMMDDHHMMSSZ") - 1;

-

1734

static const size_t generalizedtime_length = sizeof("YYYYMMDDHHMMSSZ") - 1;

-

1735

ASN1_TIME *asn1_cmp_time =

-

1736

((void *)0)

-

1737

;

-

1738

int i, day, sec, ret = 0;

-

1739

switch (ctm->type) {

-

1740

case

executed 4699 times by 1 test: case 23:

Executed by:

libcrypto.so.1.1

23:

executed 4699 times by 1 test: case 23:

Executed by:

libcrypto.so.1.1

4699

1741

if (ctm->length != (int)(utctime_length)

ctm->length !=...tctime_length)	Description
TRUE	evaluated 10 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4689 times by 1 test Evaluated by: libcrypto.so.1.1

)

10-4689

1742

return

executed 10 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 10 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

10

1743

break;

executed 4689 times by 1 test: break;

Executed by:

libcrypto.so.1.1

4689

1744

case

executed 3520 times by 1 test: case 24:

Executed by:

libcrypto.so.1.1

24:

executed 3520 times by 1 test: case 24:

Executed by:

libcrypto.so.1.1

3520

1745

if (ctm->length != (int)(generalizedtime_length)

ctm->length !=...edtime_length)	Description
TRUE	evaluated 23 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3497 times by 1 test Evaluated by: libcrypto.so.1.1

)

23-3497

1746

return

executed 23 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 23 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

23

1747

break;

executed 3497 times by 1 test: break;

Executed by:

libcrypto.so.1.1

3497

1748

default

executed 1 time by 1 test: default:

Executed by:

libcrypto.so.1.1

:

executed 1 time by 1 test: default:

Executed by:

libcrypto.so.1.1

1

1749

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

1750

}

-

-

-

-

-

-

-

for (i = 0; i < ctm->length - 1

i < ctm->length - 1	Description
TRUE	evaluated 104760 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8117 times by 1 test Evaluated by: libcrypto.so.1.1

; i++) {

8117-104760

1758

if (!(ossl_ctype_check((ctm->data[i]), 0x4))

!(ossl_ctype_c...ata[i]), 0x4))	Description
TRUE	evaluated 69 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 104691 times by 1 test Evaluated by: libcrypto.so.1.1

)

69-104691

1759

return

executed 69 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 69 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

69

1760

}

executed 104691 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

104691

1761

if (ctm->data[ctm->length - 1] != 'Z'

ctm->data[ctm-...th - 1] != 'Z'	Description
TRUE	evaluated 12 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8105 times by 1 test Evaluated by: libcrypto.so.1.1

)

12-8105

1762

return

executed 12 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 12 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

12

-

-

-

-

-

-

asn1_cmp_time = X509_time_adj(

-

1770

((void *)0)

-

1771

, 0, cmp_time);

-

1772

if (asn1_cmp_time ==

asn1_cmp_time == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8105 times by 1 test Evaluated by: libcrypto.so.1.1

0-8105

1773

((void *)0)

asn1_cmp_time == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8105 times by 1 test Evaluated by: libcrypto.so.1.1

0-8105

1774

)

-

1775

goto

never executed: goto err;

err;

never executed: goto err;

0

1776

if (!ASN1_TIME_diff(&day, &sec, ctm, asn1_cmp_time)

!ASN1_TIME_dif...asn1_cmp_time)	Description
TRUE	evaluated 53 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8052 times by 1 test Evaluated by: libcrypto.so.1.1

)

53-8052

1777

goto

executed 53 times by 1 test: goto err;

Executed by:

libcrypto.so.1.1

err;

executed 53 times by 1 test: goto err;

Executed by:

libcrypto.so.1.1

53

-

-

-

-

-

ret = (day >= 0

day >= 0	Description
TRUE	evaluated 4085 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3967 times by 1 test Evaluated by: libcrypto.so.1.1

&& sec >= 0

sec >= 0	Description
TRUE	evaluated 4080 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) ? -1 : 1;

5-4085

1784

-

1785

err:

code before this statement executed 8052 times by 1 test: err:

Executed by:

libcrypto.so.1.1

8052

1786

ASN1_TIME_free(asn1_cmp_time);

-

1787

return

executed 8105 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

ret;

executed 8105 times by 1 test: return ret;

Executed by:

libcrypto.so.1.1

8105

1788

}

-

1789

-

1790

ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)

-

1791

{

-

1792

return

executed 88 times by 1 test: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.1.1

X509_time_adj(s, adj,

executed 88 times by 1 test: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.1.1

88

1793

((void *)0)

executed 88 times by 1 test: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.1.1

88

1794

);

executed 88 times by 1 test: return X509_time_adj(s, adj, ((void *)0) );

Executed by:

libcrypto.so.1.1

88

1795

}

-

1796

-

1797

ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)

-

1798

{

-

1799

return

executed 8193 times by 1 test: return X509_time_adj_ex(s, 0, offset_sec, in_tm);

Executed by:

libcrypto.so.1.1

X509_time_adj_ex(s, 0, offset_sec, in_tm);

executed 8193 times by 1 test: return X509_time_adj_ex(s, 0, offset_sec, in_tm);

Executed by:

libcrypto.so.1.1

8193

1800

}

-

1801

-

1802

ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,

-

1803

int offset_day, long offset_sec, time_t *in_tm)

-

1804

{

-

1805

time_t t;

-

1806

-

1807

if (in_tm

in_tm	Description
TRUE	evaluated 139 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8069 times by 1 test Evaluated by: libcrypto.so.1.1

)

139-8069

1808

t = *in_tm;

executed 139 times by 1 test: t = *in_tm;

Executed by:

libcrypto.so.1.1

139

1809

else

-

1810

time(&t);

executed 8069 times by 1 test: time(&t);

Executed by:

libcrypto.so.1.1

8069

1811

-

1812

if (s

s	Description
TRUE	evaluated 32 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8176 times by 1 test Evaluated by: libcrypto.so.1.1

&& !(s->flags & 0x040)

!(s->flags & 0x040)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 30 times by 1 test Evaluated by: libcrypto.so.1.1

) {

2-8176

1813

if (s->type == 23

s->type == 23	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2

1814

return

never executed: return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);

ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);

never executed: return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);

0

1815

if (s->type == 24

s->type == 24	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-2

1816

return

executed 2 times by 1 test: return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.1.1

ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);

executed 2 times by 1 test: return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.1.1

2

1817

}

never executed: end of block

0

1818

return

executed 8206 times by 1 test: return ASN1_TIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.1.1

ASN1_TIME_adj(s, t, offset_day, offset_sec);

executed 8206 times by 1 test: return ASN1_TIME_adj(s, t, offset_day, offset_sec);

Executed by:

libcrypto.so.1.1

8206

1819

}

-

1820

-

1821

int X509_get_pubkey_parameters(EVP_PKEY *pkey, struct stack_st_X509 *chain)

-

1822

{

-

1823

EVP_PKEY *ktmp =

-

1824

((void *)0)

-

1825

, *ktmp2;

-

1826

int i, j;

-

1827

-

1828

if ((

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

pkey !=

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1829

((void *)0)

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1830

)

(pkey != ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

&& !EVP_PKEY_missing_parameters(pkey)

!EVP_PKEY_miss...rameters(pkey)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-4862

1831

return

never executed: return 1;

1;

never executed: return 1;

0

1832

-

1833

for (i = 0; i < sk_X509_num(chain)

i < sk_X509_num(chain)	Description
TRUE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

; i++) {

0-4862

1834

ktmp = X509_get0_pubkey(sk_X509_value(chain, i));

-

1835

if (ktmp ==

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1836

((void *)0)

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1837

) {

-

1838

ERR_put_error(11,(110),(108),__FILE__,1892)

-

1839

;

-

1840

return

never executed: return 0;

0;

never executed: return 0;

0

1841

}

-

1842

if (!EVP_PKEY_missing_parameters(ktmp)

!EVP_PKEY_miss...rameters(ktmp)	Description
TRUE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-4862

1843

break;

executed 4862 times by 1 test: break;

Executed by:

libcrypto.so.1.1

4862

1844

}

never executed: end of block

0

1845

if (ktmp ==

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1846

((void *)0)

ktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1847

) {

-

1848

ERR_put_error(11,(110),(107),__FILE__,1900)

-

1849

;

-

1850

return

never executed: return 0;

0;

never executed: return 0;

0

1851

}

-

1852

-

1853

-

1854

for (j = i - 1; j >= 0

j >= 0	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

; j--) {

0-4862

1855

ktmp2 = X509_get0_pubkey(sk_X509_value(chain, j));

-

1856

EVP_PKEY_copy_parameters(ktmp2, ktmp);

-

1857

}

never executed: end of block

0

1858

-

1859

if (pkey !=

pkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1860

((void *)0)

pkey != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4862 times by 1 test Evaluated by: libcrypto.so.1.1

0-4862

1861

)

-

1862

EVP_PKEY_copy_parameters(pkey, ktmp);

never executed: EVP_PKEY_copy_parameters(pkey, ktmp);

0

1863

return

executed 4862 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 4862 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

4862

1864

}

-

-

-

-

X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,

-

1869

EVP_PKEY *skey, const EVP_MD *md, unsigned int flags)

-

1870

{

-

1871

X509_CRL *crl =

-

1872

((void *)0)

-

1873

;

-

1874

int i;

-

1875

struct stack_st_X509_REVOKED *revs =

-

1876

((void *)0)

-

1877

;

-

1878

-

1879

if (base->base_crl_number

base->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

|| newer->base_crl_number

newer->base_crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1880

ERR_put_error(11,(105),(127),__FILE__,1925);

-

1881

return

never executed: return ((void *)0) ;

0

1882

((void *)0)

never executed: return ((void *)0) ;

0

1883

;

never executed: return ((void *)0) ;

0

1884

}

-

1885

-

1886

if (!base->crl_number

!base->crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

|| !newer->crl_number

!newer->crl_number	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1887

ERR_put_error(11,(105),(130),__FILE__,1930);

-

1888

return

never executed: return ((void *)0) ;

0

1889

((void *)0)

never executed: return ((void *)0) ;

0

1890

;

never executed: return ((void *)0) ;

0

1891

}

-

1892

-

1893

if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))

X509_NAME_cmp(...issuer(newer))	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1894

ERR_put_error(11,(105),(129),__FILE__,1935);

-

1895

return

never executed: return ((void *)0) ;

0

1896

((void *)0)

never executed: return ((void *)0) ;

0

1897

;

never executed: return ((void *)0) ;

0

1898

}

-

1899

-

1900

if (!crl_extension_match(base, newer, 90)

!crl_extension...se, newer, 90)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1901

ERR_put_error(11,(105),(110),__FILE__,1940);

-

1902

return

never executed: return ((void *)0) ;

0

1903

((void *)0)

never executed: return ((void *)0) ;

0

1904

;

never executed: return ((void *)0) ;

0

1905

}

-

1906

if (!crl_extension_match(base, newer, 770)

!crl_extension...e, newer, 770)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1907

ERR_put_error(11,(105),(128),__FILE__,1944);

-

1908

return

never executed: return ((void *)0) ;

0

1909

((void *)0)

never executed: return ((void *)0) ;

0

1910

;

never executed: return ((void *)0) ;

0

1911

}

-

1912

-

1913

if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0

ASN1_INTEGER_c...l_number) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1914

ERR_put_error(11,(105),(132),__FILE__,1949);

-

1915

return

never executed: return ((void *)0) ;

0

1916

((void *)0)

never executed: return ((void *)0) ;

0

1917

;

never executed: return ((void *)0) ;

0

1918

}

-

1919

-

1920

if (skey

skey	Description
TRUE	never evaluated
FALSE	never evaluated

&& (X509_CRL_verify(base, skey) <= 0

X509_CRL_verif...se, skey) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

||

0

1921

X509_CRL_verify(newer, skey) <= 0

X509_CRL_verif...er, skey) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

)) {

0

1922

ERR_put_error(11,(105),(131),__FILE__,1955);

-

1923

return

never executed: return ((void *)0) ;

0

1924

((void *)0)

never executed: return ((void *)0) ;

0

1925

;

never executed: return ((void *)0) ;

0

1926

}

-

1927

-

1928

crl = X509_CRL_new();

-

1929

if (crl ==

crl == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1930

((void *)0)

crl == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

1931

|| !X509_CRL_set_version(crl, 1)

!X509_CRL_set_version(crl, 1)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1932

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1933

-

1934

if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer))

!X509_CRL_set_...issuer(newer))	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1935

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1936

-

1937

if (!X509_CRL_set1_lastUpdate(crl, X509_CRL_get0_lastUpdate(newer))

!X509_CRL_set1...Update(newer))	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1938

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1939

if (!X509_CRL_set1_nextUpdate(crl, X509_CRL_get0_nextUpdate(newer))

!X509_CRL_set1...Update(newer))	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1940

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

-

-

-

if (!X509_CRL_add1_ext_i2d(crl, 140, base->crl_number, 1, 0)

!X509_CRL_add1..._number, 1, 0)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1945

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

-

-

-

-

-

-

for (i = 0; i < X509_CRL_get_ext_count(newer)

i < X509_CRL_g...t_count(newer)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1953

X509_EXTENSION *ext;

-

1954

ext = X509_CRL_get_ext(newer, i);

-

1955

if (!X509_CRL_add_ext(crl, ext, -1)

!X509_CRL_add_...(crl, ext, -1)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1956

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1957

}

never executed: end of block

0

-

-

-

revs = X509_CRL_get_REVOKED(newer);

-

1962

-

1963

for (i = 0; i < sk_X509_REVOKED_num(revs)

i < sk_X509_REVOKED_num(revs)	Description
TRUE	never evaluated
FALSE	never evaluated

; i++) {

0

1964

X509_REVOKED *rvn, *rvtmp;

-

1965

rvn = sk_X509_REVOKED_value(revs, i);

-

-

-

-

-

if (!X509_CRL_get0_by_serial(base, &rvtmp, &rvn->serialNumber)

!X509_CRL_get0...>serialNumber)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1971

rvtmp = X509_REVOKED_dup(rvn);

-

1972

if (!rvtmp

!rvtmp	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1973

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1974

if (!X509_CRL_add0_revoked(crl, rvtmp)

!X509_CRL_add0...ed(crl, rvtmp)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

1975

X509_REVOKED_free(rvtmp);

-

1976

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1977

}

-

1978

}

never executed: end of block

0

1979

}

never executed: end of block

0

1980

-

1981

-

1982

if (skey

skey	Description
TRUE	never evaluated
FALSE	never evaluated

&& md

md	Description
TRUE	never evaluated
FALSE	never evaluated

&& !X509_CRL_sign(crl, skey, md)

!X509_CRL_sign(crl, skey, md)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

1983

goto

never executed: goto memerr;

memerr;

never executed: goto memerr;

0

1984

-

1985

return

never executed: return crl;

crl;

never executed: return crl;

0

1986

-

1987

memerr:

-

1988

ERR_put_error(11,(105),((1|64)),__FILE__,2017);

-

1989

X509_CRL_free(crl);

-

1990

return

never executed: return ((void *)0) ;

0

1991

((void *)0)

never executed: return ((void *)0) ;

0

1992

;

never executed: return ((void *)0) ;

0

1993

}

-

1994

-

1995

int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)

-

1996

{

-

1997

return

executed 2660 times by 1 test: return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

Executed by:

libcrypto.so.1.1

CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

executed 2660 times by 1 test: return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);

Executed by:

libcrypto.so.1.1

2660

1998

}

-

1999

-

2000

void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)

-

2001

{

-

2002

return

never executed: return CRYPTO_get_ex_data(&ctx->ex_data, idx);

CRYPTO_get_ex_data(&ctx->ex_data, idx);

never executed: return CRYPTO_get_ex_data(&ctx->ex_data, idx);

0

2003

}

-

2004

-

2005

int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)

-

2006

{

-

2007

return

executed 3491 times by 1 test: return ctx->error;

Executed by:

libcrypto.so.1.1

ctx->error;

executed 3491 times by 1 test: return ctx->error;

Executed by:

libcrypto.so.1.1

3491

2008

}

-

2009

-

2010

void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)

-

2011

{

-

2012

ctx->error = err;

-

2013

}

executed 3 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

3

2014

-

2015

int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)

-

2016

{

-

2017

return

executed 334 times by 1 test: return ctx->error_depth;

Executed by:

libcrypto.so.1.1

ctx->error_depth;

executed 334 times by 1 test: return ctx->error_depth;

Executed by:

libcrypto.so.1.1

334

2018

}

-

2019

-

2020

void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth)

-

2021

{

-

2022

ctx->error_depth = depth;

-

2023

}

never executed: end of block

0

2024

-

2025

X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)

-

2026

{

-

2027

return

executed 571 times by 1 test: return ctx->current_cert;

Executed by:

libcrypto.so.1.1

ctx->current_cert;

executed 571 times by 1 test: return ctx->current_cert;

Executed by:

libcrypto.so.1.1

571

2028

}

-

2029

-

2030

void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x)

-

2031

{

-

2032

ctx->current_cert = x;

-

2033

}

never executed: end of block

0

2034

-

2035

struct stack_st_X509 *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx)

-

2036

{

-

2037

return

executed 4715 times by 1 test: return ctx->chain;

Executed by:

libcrypto.so.1.1

ctx->chain;

executed 4715 times by 1 test: return ctx->chain;

Executed by:

libcrypto.so.1.1

4715

2038

}

-

2039

-

2040

struct stack_st_X509 *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)

-

2041

{

-

2042

if (!ctx->chain

!ctx->chain	Description
TRUE	never evaluated
FALSE	evaluated 2628 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2628

2043

return

never executed: return ((void *)0) ;

0

2044

((void *)0)

never executed: return ((void *)0) ;

0

2045

;

never executed: return ((void *)0) ;

0

2046

return

executed 2628 times by 1 test: return X509_chain_up_ref(ctx->chain);

Executed by:

libcrypto.so.1.1

X509_chain_up_ref(ctx->chain);

executed 2628 times by 1 test: return X509_chain_up_ref(ctx->chain);

Executed by:

libcrypto.so.1.1

2628

2047

}

-

2048

-

2049

X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)

-

2050

{

-

2051

return

never executed: return ctx->current_issuer;

ctx->current_issuer;

never executed: return ctx->current_issuer;

0

2052

}

-

2053

-

2054

X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)

-

2055

{

-

2056

return

never executed: return ctx->current_crl;

ctx->current_crl;

never executed: return ctx->current_crl;

0

2057

}

-

2058

-

2059

X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)

-

2060

{

-

2061

return

executed 82 times by 1 test: return ctx->parent;

Executed by:

libcrypto.so.1.1

ctx->parent;

executed 82 times by 1 test: return ctx->parent;

Executed by:

libcrypto.so.1.1

82

2062

}

-

2063

-

2064

void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)

-

2065

{

-

2066

ctx->cert = x;

-

2067

}

executed 5 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5

2068

-

2069

void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, struct stack_st_X509_CRL *sk)

-

2070

{

-

2071

ctx->crls = sk;

-

2072

}

executed 32 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

32

2073

-

2074

int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)

-

2075

{

-

-

-

-

-

-

return

executed 25 times by 1 test: return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

Executed by:

libcrypto.so.1.1

X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

executed 25 times by 1 test: return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);

Executed by:

libcrypto.so.1.1

25

2082

}

-

2083

-

2084

int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)

-

2085

{

-

-

-

-

-

return

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

never executed: return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);

0

2091

}

-

2092

int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,

-

2093

int purpose, int trust)

-

2094

{

-

2095

int idx;

-

2096

-

2097

if (!purpose

!purpose	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-25

2098

purpose = def_purpose;

never executed: purpose = def_purpose;

0

2099

-

2100

if (purpose

purpose	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-25

2101

X509_PURPOSE *ptmp;

-

2102

idx = X509_PURPOSE_get_by_id(purpose);

-

2103

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-25

2104

ERR_put_error(11,(134),(121),__FILE__,2142)

-

2105

;

-

2106

return

never executed: return 0;

0;

never executed: return 0;

0

2107

}

-

2108

ptmp = X509_PURPOSE_get0(idx);

-

2109

if (ptmp->trust == 0

ptmp->trust == 0	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-25

2110

idx = X509_PURPOSE_get_by_id(def_purpose);

-

-

-

-

-

-

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

2117

ERR_put_error(11,(134),(121),__FILE__,2155)

-

2118

;

-

2119

return

never executed: return 0;

0;

never executed: return 0;

0

2120

}

-

2121

ptmp = X509_PURPOSE_get0(idx);

-

2122

}

never executed: end of block

0

2123

-

2124

if (!trust

!trust	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-25

2125

trust = ptmp->trust;

executed 25 times by 1 test: trust = ptmp->trust;

Executed by:

libcrypto.so.1.1

25

2126

}

executed 25 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

25

2127

if (trust

trust	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-25

2128

idx = X509_TRUST_get_by_id(trust);

-

2129

if (idx == -1

idx == -1	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-25

2130

ERR_put_error(11,(134),(120),__FILE__,2168)

-

2131

;

-

2132

return

never executed: return 0;

0;

never executed: return 0;

0

2133

}

-

2134

}

executed 25 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

25

2135

-

2136

if (purpose

purpose	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& !ctx->param->purpose

!ctx->param->purpose	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-25

2137

ctx->param->purpose = purpose;

executed 25 times by 1 test: ctx->param->purpose = purpose;

Executed by:

libcrypto.so.1.1

25

2138

if (trust

trust	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& !ctx->param->trust

!ctx->param->trust	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-25

2139

ctx->param->trust = trust;

executed 25 times by 1 test: ctx->param->trust = trust;

Executed by:

libcrypto.so.1.1

25

2140

return

executed 25 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 25 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

25

2141

}

-

2142

-

2143

X509_STORE_CTX *X509_STORE_CTX_new(void)

-

2144

{

-

2145

X509_STORE_CTX *ctx = CRYPTO_zalloc(sizeof(*ctx), __FILE__, 2182);

-

2146

-

2147

if (ctx ==

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5037 times by 1 test Evaluated by: libcrypto.so.1.1

0-5037

2148

((void *)0)

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5037 times by 1 test Evaluated by: libcrypto.so.1.1

0-5037

2149

) {

-

2150

ERR_put_error(11,(142),((1|64)),__FILE__,2185);

-

2151

return

never executed: return ((void *)0) ;

0

2152

((void *)0)

never executed: return ((void *)0) ;

0

2153

;

never executed: return ((void *)0) ;

0

2154

}

-

2155

return

executed 5037 times by 1 test: return ctx;

Executed by:

libcrypto.so.1.1

ctx;

executed 5037 times by 1 test: return ctx;

Executed by:

libcrypto.so.1.1

5037

2156

}

-

2157

-

2158

void X509_STORE_CTX_free(X509_STORE_CTX *ctx)

-

2159

{

-

2160

if (ctx ==

ctx == ((void *)0)	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5037 times by 1 test Evaluated by: libcrypto.so.1.1

21-5037

2161

((void *)0)

ctx == ((void *)0)	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5037 times by 1 test Evaluated by: libcrypto.so.1.1

21-5037

2162

)

-

2163

return;

executed 21 times by 1 test: return;

Executed by:

libcrypto.so.1.1

21

2164

-

2165

X509_STORE_CTX_cleanup(ctx);

-

2166

CRYPTO_free(ctx, __FILE__, 2197);

-

2167

}

executed 5037 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5037

2168

-

2169

int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,

-

2170

struct stack_st_X509 *chain)

-

2171

{

-

2172

int ret = 1;

-

2173

-

2174

ctx->ctx = store;

-

2175

ctx->cert = x509;

-

2176

ctx->untrusted = chain;

-

2177

ctx->crls =

-

2178

((void *)0)

-

2179

;

-

2180

ctx->num_untrusted = 0;

-

2181

ctx->other_ctx =

-

2182

((void *)0)

-

2183

;

-

2184

ctx->valid = 0;

-

2185

ctx->chain =

-

2186

((void *)0)

-

2187

;

-

2188

ctx->error = 0;

-

2189

ctx->explicit_policy = 0;

-

2190

ctx->error_depth = 0;

-

2191

ctx->current_cert =

-

2192

((void *)0)

-

2193

;

-

2194

ctx->current_issuer =

-

2195

((void *)0)

-

2196

;

-

2197

ctx->current_crl =

-

2198

((void *)0)

-

2199

;

-

2200

ctx->current_crl_score = 0;

-

2201

ctx->current_reasons = 0;

-

2202

ctx->tree =

-

2203

((void *)0)

-

2204

;

-

2205

ctx->parent =

-

2206

((void *)0)

-

2207

;

-

2208

ctx->dane =

-

2209

((void *)0)

-

2210

;

-

2211

ctx->bare_ta_signed = 0;

-

2212

-

2213

memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));

-

2214

-

2215

-

2216

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

1-5030

2217

ctx->cleanup = store->cleanup;

executed 5030 times by 1 test: ctx->cleanup = store->cleanup;

Executed by:

libcrypto.so.1.1

5030

2218

else

-

2219

ctx->cleanup = 0;

executed 1 time by 1 test: ctx->cleanup = 0;

Executed by:

libcrypto.so.1.1

1

2220

-

2221

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->check_issued

store->check_issued	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2222

ctx->check_issued = store->check_issued;

never executed: ctx->check_issued = store->check_issued;

0

2223

else

-

2224

ctx->check_issued = check_issued;

executed 5031 times by 1 test: ctx->check_issued = check_issued;

Executed by:

libcrypto.so.1.1

5031

2225

-

2226

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->get_issuer

store->get_issuer	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2227

ctx->get_issuer = store->get_issuer;

never executed: ctx->get_issuer = store->get_issuer;

0

2228

else

-

2229

ctx->get_issuer = X509_STORE_CTX_get1_issuer;

executed 5031 times by 1 test: ctx->get_issuer = X509_STORE_CTX_get1_issuer;

Executed by:

libcrypto.so.1.1

5031

2230

-

2231

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->verify_cb

store->verify_cb	Description
TRUE	evaluated 233 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4797 times by 1 test Evaluated by: libcrypto.so.1.1

)

1-5030

2232

ctx->verify_cb = store->verify_cb;

executed 233 times by 1 test: ctx->verify_cb = store->verify_cb;

Executed by:

libcrypto.so.1.1

233

2233

else

-

2234

ctx->verify_cb = null_callback;

executed 4798 times by 1 test: ctx->verify_cb = null_callback;

Executed by:

libcrypto.so.1.1

4798

2235

-

2236

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->verify

store->verify	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2237

ctx->verify = store->verify;

never executed: ctx->verify = store->verify;

0

2238

else

-

2239

ctx->verify = internal_verify;

executed 5031 times by 1 test: ctx->verify = internal_verify;

Executed by:

libcrypto.so.1.1

5031

2240

-

2241

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->check_revocation

store->check_revocation	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2242

ctx->check_revocation = store->check_revocation;

never executed: ctx->check_revocation = store->check_revocation;

0

2243

else

-

2244

ctx->check_revocation = check_revocation;

executed 5031 times by 1 test: ctx->check_revocation = check_revocation;

Executed by:

libcrypto.so.1.1

5031

2245

-

2246

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->get_crl

store->get_crl	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2247

ctx->get_crl = store->get_crl;

never executed: ctx->get_crl = store->get_crl;

0

2248

else

-

2249

ctx->get_crl =

executed 5031 times by 1 test: ctx->get_crl = ((void *)0) ;

Executed by:

libcrypto.so.1.1

5031

2250

((void *)0)

executed 5031 times by 1 test: ctx->get_crl = ((void *)0) ;

Executed by:

libcrypto.so.1.1

5031

2251

;

executed 5031 times by 1 test: ctx->get_crl = ((void *)0) ;

Executed by:

libcrypto.so.1.1

5031

2252

-

2253

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->check_crl

store->check_crl	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2254

ctx->check_crl = store->check_crl;

never executed: ctx->check_crl = store->check_crl;

0

2255

else

-

2256

ctx->check_crl = check_crl;

executed 5031 times by 1 test: ctx->check_crl = check_crl;

Executed by:

libcrypto.so.1.1

5031

2257

-

2258

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->cert_crl

store->cert_crl	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2259

ctx->cert_crl = store->cert_crl;

never executed: ctx->cert_crl = store->cert_crl;

0

2260

else

-

2261

ctx->cert_crl = cert_crl;

executed 5031 times by 1 test: ctx->cert_crl = cert_crl;

Executed by:

libcrypto.so.1.1

5031

2262

-

2263

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->check_policy

store->check_policy	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2264

ctx->check_policy = store->check_policy;

never executed: ctx->check_policy = store->check_policy;

0

2265

else

-

2266

ctx->check_policy = check_policy;

executed 5031 times by 1 test: ctx->check_policy = check_policy;

Executed by:

libcrypto.so.1.1

5031

2267

-

2268

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->lookup_certs

store->lookup_certs	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2269

ctx->lookup_certs = store->lookup_certs;

never executed: ctx->lookup_certs = store->lookup_certs;

0

2270

else

-

2271

ctx->lookup_certs = X509_STORE_CTX_get1_certs;

executed 5031 times by 1 test: ctx->lookup_certs = X509_STORE_CTX_get1_certs;

Executed by:

libcrypto.so.1.1

5031

2272

-

2273

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&& store->lookup_crls

store->lookup_crls	Description
TRUE	never evaluated
FALSE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5030

2274

ctx->lookup_crls = store->lookup_crls;

never executed: ctx->lookup_crls = store->lookup_crls;

0

2275

else

-

2276

ctx->lookup_crls = X509_STORE_CTX_get1_crls;

executed 5031 times by 1 test: ctx->lookup_crls = X509_STORE_CTX_get1_crls;

Executed by:

libcrypto.so.1.1

5031

2277

-

2278

ctx->param = X509_VERIFY_PARAM_new();

-

2279

if (ctx->param ==

ctx->param == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1

0-5031

2280

((void *)0)

ctx->param == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1

0-5031

2281

) {

-

2282

ERR_put_error(11,(143),((1|64)),__FILE__,2291);

-

2283

goto

never executed: goto err;

err;

never executed: goto err;

0

2284

}

-

-

-

-

-

if (store

store	Description
TRUE	evaluated 5030 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

)

1-5030

2290

ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);

executed 5030 times by 1 test: ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);

Executed by:

libcrypto.so.1.1

5030

2291

else

-

2292

ctx->param->inh_flags |= 0x1 | 0x10;

executed 1 time by 1 test: ctx->param->inh_flags |= 0x1 | 0x10;

Executed by:

libcrypto.so.1.1

1

2293

-

2294

if (ret

ret	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-5031

2295

ret = X509_VERIFY_PARAM_inherit(ctx->param,

executed 5031 times by 1 test: ret = X509_VERIFY_PARAM_inherit(ctx->param, X509_VERIFY_PARAM_lookup("default"));

Executed by:

libcrypto.so.1.1

5031

2296

X509_VERIFY_PARAM_lookup("default"));

executed 5031 times by 1 test: ret = X509_VERIFY_PARAM_inherit(ctx->param, X509_VERIFY_PARAM_lookup("default"));

Executed by:

libcrypto.so.1.1

5031

2297

-

2298

if (ret == 0

ret == 0	Description
TRUE	never evaluated
FALSE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-5031

2299

ERR_put_error(11,(143),((1|64)),__FILE__,2308);

-

2300

goto

never executed: goto err;

err;

never executed: goto err;

0

2301

}

-

-

-

-

-

-

if (ctx->param->trust == 0

ctx->param->trust == 0	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-5031

2308

int idx = X509_PURPOSE_get_by_id(ctx->param->purpose);

-

2309

X509_PURPOSE *xp = X509_PURPOSE_get0(idx);

-

2310

-

2311

if (xp !=

xp != ((void *)0)	Description
TRUE	evaluated 133 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4898 times by 1 test Evaluated by: libcrypto.so.1.1

133-4898

2312

((void *)0)

xp != ((void *)0)	Description
TRUE	evaluated 133 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4898 times by 1 test Evaluated by: libcrypto.so.1.1

133-4898

2313

)

-

2314

ctx->param->trust = X509_PURPOSE_get_trust(xp);

executed 133 times by 1 test: ctx->param->trust = X509_PURPOSE_get_trust(xp);

Executed by:

libcrypto.so.1.1

133

2315

}

executed 5031 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5031

2316

-

2317

if (CRYPTO_new_ex_data(5, ctx,

CRYPTO_new_ex_...&ctx->ex_data)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5031

2318

&ctx->ex_data)

CRYPTO_new_ex_...&ctx->ex_data)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-5031

2319

return

executed 5031 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 5031 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

5031

2320

ERR_put_error(11,(143),((1|64)),__FILE__,2327);

-

2321

-

2322

err:

code before this statement never executed: err:

0

-

-

-

-

X509_STORE_CTX_cleanup(ctx);

-

2328

return

never executed: return 0;

0;

never executed: return 0;

0

2329

}

-

-

-

-

-

-

void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, struct stack_st_X509 *sk)

-

2336

{

-

2337

ctx->other_ctx = sk;

-

2338

ctx->get_issuer = get_issuer_sk;

-

2339

ctx->lookup_certs = lookup_certs_sk;

-

2340

}

executed 138 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

138

2341

-

2342

void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)

-

2343

{

-

-

-

-

-

-

-

-

if (ctx->cleanup !=

ctx->cleanup != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5111 times by 1 test Evaluated by: libcrypto.so.1.1

0-5111

2352

((void *)0)

ctx->cleanup != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 5111 times by 1 test Evaluated by: libcrypto.so.1.1

0-5111

2353

) {

-

2354

ctx->cleanup(ctx);

-

2355

ctx->cleanup =

-

2356

((void *)0)

-

2357

;

-

2358

}

never executed: end of block

0

2359

if (ctx->param !=

ctx->param != ((void *)0)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 80 times by 1 test Evaluated by: libcrypto.so.1.1

80-5031

2360

((void *)0)

ctx->param != ((void *)0)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 80 times by 1 test Evaluated by: libcrypto.so.1.1

80-5031

2361

) {

-

2362

if (ctx->parent ==

ctx->parent == ((void *)0)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5031

2363

((void *)0)

ctx->parent == ((void *)0)	Description
TRUE	evaluated 5031 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5031

2364

)

-

2365

X509_VERIFY_PARAM_free(ctx->param);

executed 5031 times by 1 test: X509_VERIFY_PARAM_free(ctx->param);

Executed by:

libcrypto.so.1.1

5031

2366

ctx->param =

-

2367

((void *)0)

-

2368

;

-

2369

}

executed 5031 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5031

2370

X509_policy_tree_free(ctx->tree);

-

2371

ctx->tree =

-

2372

((void *)0)

-

2373

;

-

2374

sk_X509_pop_free(ctx->chain, X509_free);

-

2375

ctx->chain =

-

2376

((void *)0)

-

2377

;

-

2378

CRYPTO_free_ex_data(5, ctx, &(ctx->ex_data));

-

2379

memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));

-

2380

}

executed 5111 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5111

2381

-

2382

void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)

-

2383

{

-

2384

X509_VERIFY_PARAM_set_depth(ctx->param, depth);

-

2385

}

never executed: end of block

0

2386

-

2387

void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)

-

2388

{

-

2389

X509_VERIFY_PARAM_set_flags(ctx->param, flags);

-

2390

}

executed 2616 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2616

2391

-

2392

void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,

-

2393

time_t t)

-

2394

{

-

2395

X509_VERIFY_PARAM_set_time(ctx->param, t);

-

2396

}

never executed: end of block

0

2397

-

2398

X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)

-

2399

{

-

2400

return

executed 2 times by 1 test: return ctx->cert;

Executed by:

libcrypto.so.1.1

ctx->cert;

executed 2 times by 1 test: return ctx->cert;

Executed by:

libcrypto.so.1.1

2

2401

}

-

2402

-

2403

struct stack_st_X509 *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx)

-

2404

{

-

2405

return

never executed: return ctx->untrusted;

ctx->untrusted;

never executed: return ctx->untrusted;

0

2406

}

-

2407

-

2408

void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, struct stack_st_X509 *sk)

-

2409

{

-

2410

ctx->untrusted = sk;

-

2411

}

never executed: end of block

0

2412

-

2413

void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, struct stack_st_X509 *sk)

-

2414

{

-

2415

sk_X509_pop_free(ctx->chain, X509_free);

-

2416

ctx->chain = sk;

-

2417

}

never executed: end of block

0

2418

-

2419

void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,

-

2420

X509_STORE_CTX_verify_cb verify_cb)

-

2421

{

-

2422

ctx->verify_cb = verify_cb;

-

2423

}

executed 127 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

127

2424

-

2425

X509_STORE_CTX_verify_cb X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx)

-

2426

{

-

2427

return

never executed: return ctx->verify_cb;

ctx->verify_cb;

never executed: return ctx->verify_cb;

0

2428

}

-

2429

-

2430

void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx,

-

2431

X509_STORE_CTX_verify_fn verify)

-

2432

{

-

2433

ctx->verify = verify;

-

2434

}

never executed: end of block

0

2435

-

2436

X509_STORE_CTX_verify_fn X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx)

-

2437

{

-

2438

return

never executed: return ctx->verify;

ctx->verify;

never executed: return ctx->verify;

0

2439

}

-

2440

-

2441

X509_STORE_CTX_get_issuer_fn X509_STORE_CTX_get_get_issuer(X509_STORE_CTX *ctx)

-

2442

{

-

2443

return

never executed: return ctx->get_issuer;

ctx->get_issuer;

never executed: return ctx->get_issuer;

0

2444

}

-

2445

-

2446

X509_STORE_CTX_check_issued_fn X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx)

-

2447

{

-

2448

return

never executed: return ctx->check_issued;

ctx->check_issued;

never executed: return ctx->check_issued;

0

2449

}

-

2450

-

2451

X509_STORE_CTX_check_revocation_fn X509_STORE_CTX_get_check_revocation(X509_STORE_CTX *ctx)

-

2452

{

-

2453

return

never executed: return ctx->check_revocation;

ctx->check_revocation;

never executed: return ctx->check_revocation;

0

2454

}

-

2455

-

2456

X509_STORE_CTX_get_crl_fn X509_STORE_CTX_get_get_crl(X509_STORE_CTX *ctx)

-

2457

{

-

2458

return

never executed: return ctx->get_crl;

ctx->get_crl;

never executed: return ctx->get_crl;

0

2459

}

-

2460

-

2461

X509_STORE_CTX_check_crl_fn X509_STORE_CTX_get_check_crl(X509_STORE_CTX *ctx)

-

2462

{

-

2463

return

never executed: return ctx->check_crl;

ctx->check_crl;

never executed: return ctx->check_crl;

0

2464

}

-

2465

-

2466

X509_STORE_CTX_cert_crl_fn X509_STORE_CTX_get_cert_crl(X509_STORE_CTX *ctx)

-

2467

{

-

2468

return

never executed: return ctx->cert_crl;

ctx->cert_crl;

never executed: return ctx->cert_crl;

0

2469

}

-

2470

-

2471

X509_STORE_CTX_check_policy_fn X509_STORE_CTX_get_check_policy(X509_STORE_CTX *ctx)

-

2472

{

-

2473

return

never executed: return ctx->check_policy;

ctx->check_policy;

never executed: return ctx->check_policy;

0

2474

}

-

2475

-

2476

X509_STORE_CTX_lookup_certs_fn X509_STORE_CTX_get_lookup_certs(X509_STORE_CTX *ctx)

-

2477

{

-

2478

return

never executed: return ctx->lookup_certs;

ctx->lookup_certs;

never executed: return ctx->lookup_certs;

0

2479

}

-

2480

-

2481

X509_STORE_CTX_lookup_crls_fn X509_STORE_CTX_get_lookup_crls(X509_STORE_CTX *ctx)

-

2482

{

-

2483

return

never executed: return ctx->lookup_crls;

ctx->lookup_crls;

never executed: return ctx->lookup_crls;

0

2484

}

-

2485

-

2486

X509_STORE_CTX_cleanup_fn X509_STORE_CTX_get_cleanup(X509_STORE_CTX *ctx)

-

2487

{

-

2488

return

never executed: return ctx->cleanup;

ctx->cleanup;

never executed: return ctx->cleanup;

0

2489

}

-

2490

-

2491

X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)

-

2492

{

-

2493

return

never executed: return ctx->tree;

ctx->tree;

never executed: return ctx->tree;

0

2494

}

-

2495

-

2496

int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)

-

2497

{

-

2498

return

never executed: return ctx->explicit_policy;

ctx->explicit_policy;

never executed: return ctx->explicit_policy;

0

2499

}

-

2500

-

2501

int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx)

-

2502

{

-

2503

return

never executed: return ctx->num_untrusted;

ctx->num_untrusted;

never executed: return ctx->num_untrusted;

0

2504

}

-

2505

-

2506

int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)

-

2507

{

-

2508

const X509_VERIFY_PARAM *param;

-

2509

param = X509_VERIFY_PARAM_lookup(name);

-

2510

if (!param

!param	Description
TRUE	never evaluated
FALSE	evaluated 2748 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2748

2511

return

never executed: return 0;

0;

never executed: return 0;

0

2512

return

executed 2748 times by 1 test: return X509_VERIFY_PARAM_inherit(ctx->param, param);

Executed by:

libcrypto.so.1.1

X509_VERIFY_PARAM_inherit(ctx->param, param);

executed 2748 times by 1 test: return X509_VERIFY_PARAM_inherit(ctx->param, param);

Executed by:

libcrypto.so.1.1

2748

2513

}

-

2514

-

2515

X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)

-

2516

{

-

2517

return

executed 2660 times by 1 test: return ctx->param;

Executed by:

libcrypto.so.1.1

ctx->param;

executed 2660 times by 1 test: return ctx->param;

Executed by:

libcrypto.so.1.1

2660

2518

}

-

2519

-

2520

void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)

-

2521

{

-

2522

X509_VERIFY_PARAM_free(ctx->param);

-

2523

ctx->param = param;

-

2524

}

executed 7 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

7

2525

-

2526

void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane)

-

2527

{

-

2528

ctx->dane = dane;

-

2529

}

executed 49 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

49

2530

-

2531

static unsigned char *dane_i2d(

-

2532

X509 *cert,

-

2533

uint8_t selector,

-

2534

unsigned int *i2dlen)

-

2535

{

-

2536

unsigned char *buf =

-

2537

((void *)0)

-

2538

;

-

2539

int len;

-

-

-

-

-

switch (selector) {

-

2545

case

executed 33 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

0:

executed 33 times by 1 test: case 0:

Executed by:

libcrypto.so.1.1

33

2546

len = i2d_X509(cert, &buf);

-

2547

break;

executed 33 times by 1 test: break;

Executed by:

libcrypto.so.1.1

33

2548

case

executed 29 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 29 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

29

2549

len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), &buf);

-

2550

break;

executed 29 times by 1 test: break;

Executed by:

libcrypto.so.1.1

29

2551

default

never executed: default:

:

never executed: default:

0

2552

ERR_put_error(11,(107),(133),__FILE__,2543);

-

2553

return

never executed: return ((void *)0) ;

0

2554

((void *)0)

never executed: return ((void *)0) ;

0

2555

;

never executed: return ((void *)0) ;

0

2556

}

-

2557

-

2558

if (len < 0

len < 0	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

|| buf ==

buf == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

0-62

2559

((void *)0)

buf == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

0-62

2560

) {

-

2561

ERR_put_error(11,(107),((1|64)),__FILE__,2548);

-

2562

return

never executed: return ((void *)0) ;

0

2563

((void *)0)

never executed: return ((void *)0) ;

0

2564

;

never executed: return ((void *)0) ;

0

2565

}

-

2566

-

2567

*i2dlen = (unsigned int)len;

-

2568

return

executed 62 times by 1 test: return buf;

Executed by:

libcrypto.so.1.1

buf;

executed 62 times by 1 test: return buf;

Executed by:

libcrypto.so.1.1

62

2569

}

-

-

-

-

static int dane_match(X509_STORE_CTX *ctx, X509 *cert, int depth)

-

2574

{

-

2575

SSL_DANE *dane = ctx->dane;

-

2576

unsigned usage = 256;

-

2577

unsigned selector = 256;

-

2578

unsigned ordinal = 256;

-

2579

unsigned mtype = 256;

-

2580

unsigned char *i2dbuf =

-

2581

((void *)0)

-

2582

;

-

2583

unsigned int i2dlen = 0;

-

2584

unsigned char mdbuf[64];

-

2585

unsigned char *cmpbuf =

-

2586

((void *)0)

-

2587

;

-

2588

unsigned int cmplen = 0;

-

2589

int i;

-

2590

int recnum;

-

2591

int matched = 0;

-

2592

danetls_record *t =

-

2593

((void *)0)

-

2594

;

-

2595

uint32_t mask;

-

2596

-

2597

mask = (

(depth == 0)	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1

depth == 0)

(depth == 0)	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1

? (((((uint32_t)1) << 1)) | ((((uint32_t)1) << 3))) : (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 2)));

46-49

-

-

-

-

if (depth >= ctx->num_untrusted

depth >= ctx->num_untrusted	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 84 times by 1 test Evaluated by: libcrypto.so.1.1

)

11-84

2603

mask &= (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1)));

executed 11 times by 1 test: mask &= (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1)));

Executed by:

libcrypto.so.1.1

11

-

-

-

-

-

-

if (dane->mdpth >= 0

dane->mdpth >= 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 89 times by 1 test Evaluated by: libcrypto.so.1.1

)

6-89

2611

mask &= ~(((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1)));

executed 6 times by 1 test: mask &= ~(((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1)));

Executed by:

libcrypto.so.1.1

6

2612

recnum = (

(dane->umask & mask)	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1

dane->umask & mask)

(dane->umask & mask)	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1

? sk_danetls_record_num(dane->trecs) : 0;

33-62

2613

for (i = 0; matched == 0

matched == 0	Description
TRUE	evaluated 117 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& i < recnum

i < recnum	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 55 times by 1 test Evaluated by: libcrypto.so.1.1

; ++i) {

0-117

2614

t = sk_danetls_record_value(dane->trecs, i);

-

2615

if (((((

((((uint32_t)1...) & mask) == 0	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

uint32_t)1) << t->usage) & mask) == 0

((((uint32_t)1...) & mask) == 0	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-62

2616

continue;

never executed: continue;

0

2617

if (t->usage != usage

t->usage != usage	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-62

2618

usage = t->usage;

-

2619

-

2620

-

2621

mtype = 256;

-

2622

ordinal = dane->dctx->mdord[t->mtype];

-

2623

}

executed 62 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

62

2624

if (t->selector != selector

t->selector != selector	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-62

2625

selector = t->selector;

-

2626

-

2627

-

2628

CRYPTO_free(i2dbuf, __FILE__, 2636);

-

2629

i2dbuf = dane_i2d(cert, selector, &i2dlen);

-

2630

if (i2dbuf ==

i2dbuf == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

0-62

2631

((void *)0)

i2dbuf == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1

0-62

2632

)

-

2633

return

never executed: return -1;

-1;

never executed: return -1;

0

2634

-

2635

-

2636

mtype = 256;

-

2637

ordinal = dane->dctx->mdord[t->mtype];

-

2638

}

executed 62 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

else if (t->mtype != 0

t->mtype != 0	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0-62

2639

if (dane->dctx->mdord[t->mtype] < ordinal

dane->dctx->md...ype] < ordinal	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

2640

continue;

never executed: continue;

0

2641

}

never executed: end of block

0

-

-

-

-

-

if (t->mtype != mtype

t->mtype != mtype	Description
TRUE	evaluated 62 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-62

2648

const EVP_MD *md = dane->dctx->mdevp[mtype = t->mtype];

-

2649

cmpbuf = i2dbuf;

-

2650

cmplen = i2dlen;

-

2651

-

2652

if (md !=

md != ((void *)0)	Description
TRUE	evaluated 58 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

4-58

2653

((void *)0)

md != ((void *)0)	Description
TRUE	evaluated 58 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

4-58

2654

) {

-

2655

cmpbuf = mdbuf;

-

2656

if (!EVP_Digest(i2dbuf, i2dlen, cmpbuf, &cmplen, md, 0)

!EVP_Digest(i2...cmplen, md, 0)	Description
TRUE	never evaluated
FALSE	evaluated 58 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-58

2657

matched = -1;

-

2658

break;

never executed: break;

0

2659

}

-

2660

}

executed 58 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

58

2661

}

executed 62 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

62

-

-

-

-

-

-

if (cmplen == t->dlen

cmplen == t->dlen	Description
TRUE	evaluated 61 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

&&

1-61

2669

memcmp(cmpbuf, t->data, cmplen) == 0

memcmp(cmpbuf,..., cmplen) == 0	Description
TRUE	evaluated 40 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libcrypto.so.1.1

) {

21-40

2670

if ((((

(((uint32_t)1)...2_t)1) << 3)))	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 14 times by 1 test Evaluated by: libcrypto.so.1.1

uint32_t)1) << usage) & (((((uint32_t)1) << 2)) | ((((uint32_t)1) << 3)))

(((uint32_t)1)...2_t)1) << 3)))	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 14 times by 1 test Evaluated by: libcrypto.so.1.1

)

14-26

2671

matched = 1;

executed 26 times by 1 test: matched = 1;

Executed by:

libcrypto.so.1.1

26

2672

if (matched

matched	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 14 times by 1 test Evaluated by: libcrypto.so.1.1

|| dane->mdpth < 0

dane->mdpth < 0	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-26

2673

dane->mdpth = depth;

-

2674

dane->mtlsa = t;

-

2675

CRYPTO_free(dane->mcert, __FILE__, 2688);

-

2676

dane->mcert = cert;

-

2677

X509_up_ref(cert);

-

2678

}

executed 40 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

40

2679

break;

executed 40 times by 1 test: break;

Executed by:

libcrypto.so.1.1

40

2680

}

-

2681

}

executed 22 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

22

2682

-

2683

-

2684

CRYPTO_free(i2dbuf, __FILE__, 2697);

-

2685

return

executed 95 times by 1 test: return matched;

Executed by:

libcrypto.so.1.1

matched;

executed 95 times by 1 test: return matched;

Executed by:

libcrypto.so.1.1

95

2686

}

-

2687

-

2688

static int check_dane_issuer(X509_STORE_CTX *ctx, int depth)

-

2689

{

-

2690

SSL_DANE *dane = ctx->dane;

-

2691

int matched = 0;

-

2692

X509 *cert;

-

2693

-

2694

if (!((

(dane)	Description
TRUE	evaluated 50 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 380 times by 1 test Evaluated by: libcrypto.so.1.1

dane)

(dane)	Description
TRUE	evaluated 50 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 380 times by 1 test Evaluated by: libcrypto.so.1.1

&& ((

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

dane)->umask & (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 2))))

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libcrypto.so.1.1

) || depth == 0

depth == 0	Description
TRUE	never evaluated
FALSE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-380

2695

return

executed 384 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 384 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

384

-

-

-

-

-

-

cert = sk_X509_value(ctx->chain, depth);

-

2703

if (cert !=

cert != ((void *)0)	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-46

2704

((void *)0)

cert != ((void *)0)	Description
TRUE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-46

2705

&& (

(matched = dan...t, depth)) < 0	Description
TRUE	never evaluated
FALSE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1

matched = dane_match(ctx, cert, depth)) < 0

(matched = dan...t, depth)) < 0	Description
TRUE	never evaluated
FALSE	evaluated 46 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-46

2706

return

never executed: return 2;

2;

never executed: return 2;

0

2707

if (matched > 0

matched > 0	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 31 times by 1 test Evaluated by: libcrypto.so.1.1

) {

15-31

2708

ctx->num_untrusted = depth - 1;

-

2709

return

executed 15 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 15 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

15

2710

}

-

2711

-

2712

return

executed 31 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

3;

executed 31 times by 1 test: return 3;

Executed by:

libcrypto.so.1.1

31

2713

}

-

2714

-

2715

static int check_dane_pkeys(X509_STORE_CTX *ctx)

-

2716

{

-

2717

SSL_DANE *dane = ctx->dane;

-

2718

danetls_record *t;

-

2719

int num = ctx->num_untrusted;

-

2720

X509 *cert = sk_X509_value(ctx->chain, num - 1);

-

2721

int recnum = sk_danetls_record_num(dane->trecs);

-

2722

int i;

-

2723

-

2724

for (i = 0; i < recnum

i < recnum	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

; ++i) {

0-2

2725

t = sk_danetls_record_value(dane->trecs, i);

-

2726

if (t->usage != 2

t->usage != 2	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

||

0-2

2727

t->selector != 1

t->selector != 1	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

||

0-2

2728

t->mtype != 0

t->mtype != 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

||

0-2

2729

X509_verify(cert, t->spki) <= 0

X509_verify(ce... t->spki) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2

2730

continue;

never executed: continue;

0

2731

-

2732

-

2733

X509_free(dane->mcert);

-

2734

dane->mcert =

-

2735

((void *)0)

-

2736

;

-

2737

-

2738

-

2739

ctx->bare_ta_signed = 1;

-

2740

dane->mdpth = num - 1;

-

2741

dane->mtlsa = t;

-

2742

-

2743

-

2744

num = sk_X509_num(ctx->chain);

-

2745

for (; num > ctx->num_untrusted

num > ctx->num_untrusted	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

; --num)

0-2

2746

X509_free(sk_X509_pop(ctx->chain));

never executed: X509_free(sk_X509_pop(ctx->chain));

0

2747

-

2748

return

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 2 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

2

2749

}

-

2750

-

2751

return

never executed: return 3;

3;

never executed: return 3;

0

2752

}

-

2753

-

2754

static void dane_reset(SSL_DANE *dane)

-

2755

{

-

-

-

-

X509_free(dane->mcert);

-

2760

dane->mcert =

-

2761

((void *)0)

-

2762

;

-

2763

dane->mtlsa =

-

2764

((void *)0)

-

2765

;

-

2766

dane->mdpth = -1;

-

2767

dane->pdpth = -1;

-

2768

}

executed 49 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

49

2769

-

2770

static int check_leaf_suiteb(X509_STORE_CTX *ctx, X509 *cert)

-

2771

{

-

2772

int err = X509_chain_check_suiteb(

-

2773

((void *)0)

-

2774

, cert,

-

2775

((void *)0)

-

2776

, ctx->param->flags);

-

2777

-

2778

if (err == 0

err == 0	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-16

2779

return

executed 16 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 16 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

16

2780

return

never executed: return verify_cb_cert(ctx, cert, 0, err);

verify_cb_cert(ctx, cert, 0, err);

never executed: return verify_cb_cert(ctx, cert, 0, err);

0

2781

}

-

2782

-

2783

static int dane_verify(X509_STORE_CTX *ctx)

-

2784

{

-

2785

X509 *cert = ctx->cert;

-

2786

SSL_DANE *dane = ctx->dane;

-

2787

int matched;

-

2788

int done;

-

2789

-

2790

dane_reset(dane);

-

2791

matched = dane_match(ctx, ctx->cert, 0);

-

2792

done = matched != 0

matched != 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1

|| (!((

(dane)	Description
TRUE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

dane)

(dane)	Description
TRUE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& ((

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 28 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 10 times by 1 test Evaluated by: libcrypto.so.1.1

dane)->umask & (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 2))))

((dane)->umask..._t)1) << 2))))	Description
TRUE	evaluated 28 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 10 times by 1 test Evaluated by: libcrypto.so.1.1

) && dane->mdpth < 0

dane->mdpth < 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

);

0-38

2793

-

2794

if (done

done	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1

)

16-33

2795

X509_get_pubkey_parameters(

executed 16 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

16

2796

((void *)0)

executed 16 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

16

2797

, ctx->chain);

executed 16 times by 1 test: X509_get_pubkey_parameters( ((void *)0) , ctx->chain);

Executed by:

libcrypto.so.1.1

16

2798

-

2799

if (matched > 0

matched > 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1

) {

11-38

2800

-

2801

if (!check_leaf_suiteb(ctx, cert)

!check_leaf_suiteb(ctx, cert)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-11

2802

return

never executed: return 0;

0;

never executed: return 0;

0

2803

-

2804

if ((

(dane->flags & (1L << 0)) == 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

dane->flags & (1L << 0)) == 0

(dane->flags & (1L << 0)) == 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

&&

5-6

2805

!check_id(ctx)

!check_id(ctx)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

)

1-5

2806

return

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 1 time by 1 test: return 0;

Executed by:

libcrypto.so.1.1

1

2807

-

2808

ctx->error_depth = 0;

-

2809

ctx->current_cert = cert;

-

2810

return

executed 10 times by 1 test: return ctx->verify_cb(1, ctx);

Executed by:

libcrypto.so.1.1

ctx->verify_cb(1, ctx);

executed 10 times by 1 test: return ctx->verify_cb(1, ctx);

Executed by:

libcrypto.so.1.1

10

2811

}

-

2812

-

2813

if (matched < 0

matched < 0	Description
TRUE	never evaluated
FALSE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-38

2814

ctx->error_depth = 0;

-

2815

ctx->current_cert = cert;

-

2816

ctx->error = 17;

-

2817

return

never executed: return -1;

-1;

never executed: return -1;

0

2818

}

-

2819

-

2820

if (done

done	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1

) {

5-33

2821

-

2822

if (!check_leaf_suiteb(ctx, cert)

!check_leaf_suiteb(ctx, cert)	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-5

2823

return

never executed: return 0;

0;

never executed: return 0;

0

2824

return

executed 5 times by 1 test: return verify_cb_cert(ctx, cert, 0, 65);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx, cert, 0, 65);

executed 5 times by 1 test: return verify_cb_cert(ctx, cert, 0, 65);

Executed by:

libcrypto.so.1.1

5

2825

}

-

-

-

-

-

-

return

executed 33 times by 1 test: return verify_chain(ctx);

Executed by:

libcrypto.so.1.1

verify_chain(ctx);

executed 33 times by 1 test: return verify_chain(ctx);

Executed by:

libcrypto.so.1.1

33

2832

}

-

2833

-

2834

-

2835

static int get_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *cert)

-

2836

{

-

2837

struct stack_st_X509 *saved_chain = ctx->chain;

-

2838

int ok;

-

2839

-

2840

ctx->chain =

-

2841

((void *)0)

-

2842

;

-

2843

ok = ctx->get_issuer(issuer, ctx, cert);

-

2844

ctx->chain = saved_chain;

-

2845

-

2846

return

executed 6733 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

ok;

executed 6733 times by 1 test: return ok;

Executed by:

libcrypto.so.1.1

6733

2847

}

-

2848

-

2849

static int build_chain(X509_STORE_CTX *ctx)

-

2850

{

-

2851

SSL_DANE *dane = ctx->dane;

-

2852

int num = sk_X509_num(ctx->chain);

-

2853

X509 *cert = sk_X509_value(ctx->chain, num - 1);

-

2854

int ss = cert_self_signed(cert);

-

2855

struct stack_st_X509 *sktmp =

-

2856

((void *)0)

-

2857

;

-

2858

unsigned int search;

-

2859

int may_trusted = 0;

-

2860

int may_alternate = 0;

-

2861

int trust = 3;

-

2862

int alt_untrusted = 0;

-

2863

int depth;

-

2864

int ok = 0;

-

2865

int i;

-

2866

-

2867

-

2868

if (!((num == 1

num == 1	Description
TRUE	evaluated 4846 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& ctx->num_untrusted == num

ctx->num_untrusted == num	Description
TRUE	evaluated 4846 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) != 0)

!((num == 1 &&... == num) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 4846 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-4846

2869

ERR_put_error(11,(106),((4|64)),__FILE__,2877);

-

2870

ctx->error = 1;

-

2871

return

never executed: return 0;

0;

never executed: return 0;

0

2872

}

-

2873

search = (

(ctx->untruste... ((void *)0) )	Description
TRUE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1

ctx->untrusted !=

(ctx->untruste... ((void *)0) )	Description
TRUE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1

2141-2705

2874

((void *)0)

(ctx->untruste... ((void *)0) )	Description
TRUE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1

2141-2705

2875

)

(ctx->untruste... ((void *)0) )	Description
TRUE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1

? (1 << 0) : 0;

2141-2705

2876

if (((

(dane)	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

dane)

(dane)	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

&& ((

((dane)->umask..._t)1) << 1))))	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1

dane)->umask & (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1))))

((dane)->umask..._t)1) << 1))))	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1

) || !((

(dane)	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

dane)

(dane)	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

&& ((

((dane)->umask..._t)1) << 3))))	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

dane)->umask & (((((uint32_t)1) << 2)) | ((((uint32_t)1) << 3))))

((dane)->umask..._t)1) << 3))))	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)) {

0-4813

2877

if (search == 0

search == 0	Description
TRUE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2688 times by 1 test Evaluated by: libcrypto.so.1.1

|| ctx->param->flags & 0x8000

ctx->param->flags & 0x8000	Description
TRUE	evaluated 2688 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

)

0-2688

2878

search |= (1 << 1);

executed 4829 times by 1 test: search |= (1 << 1);

Executed by:

libcrypto.so.1.1

4829

2879

else if (!(ctx->param->flags & 0x100000)

!(ctx->param->...gs & 0x100000)	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

2880

may_alternate = 1;

never executed: may_alternate = 1;

0

2881

may_trusted = 1;

-

2882

}

executed 4829 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

4829

-

-

-

-

-

-

if (ctx->untrusted

ctx->untrusted	Description
TRUE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2141 times by 1 test Evaluated by: libcrypto.so.1.1

&& (

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1

sktmp = sk_X509_dup(ctx->untrusted)) ==

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1

0-2705

2890

((void *)0)

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2705 times by 1 test Evaluated by: libcrypto.so.1.1

0-2705

2891

) {

-

2892

ERR_put_error(11,(106),((1|64)),__FILE__,2907);

-

2893

ctx->error = 17;

-

2894

return

never executed: return 0;

0;

never executed: return 0;

0

2895

}

-

2896

if (((

(dane) != ((void *)0)	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

dane) !=

(dane) != ((void *)0)	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

33-4813

2897

((void *)0)

(dane) != ((void *)0)	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 4813 times by 1 test Evaluated by: libcrypto.so.1.1

33-4813

2898

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	evaluated 33 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) && dane->certs !=

dane->certs != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 30 times by 1 test Evaluated by: libcrypto.so.1.1

0-33

2899

((void *)0)

dane->certs != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 30 times by 1 test Evaluated by: libcrypto.so.1.1

3-30

2900

) {

-

2901

if (sktmp ==

sktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

0-3

2902

((void *)0)

sktmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

0-3

2903

&& (

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

sktmp = sk_X509_new_null()) ==

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2904

((void *)0)

(sktmp = sk_X5...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2905

) {

-

2906

ERR_put_error(11,(106),((1|64)),__FILE__,2924);

-

2907

ctx->error = 17;

-

2908

return

never executed: return 0;

0;

never executed: return 0;

0

2909

}

-

2910

for (i = 0; i < sk_X509_num(dane->certs)

i < sk_X509_num(dane->certs)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

; ++i) {

3

2911

if (!sk_X509_push(sktmp, sk_X509_value(dane->certs, i))

!sk_X509_push(...ne->certs, i))	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-3

2912

sk_X509_free(sktmp);

-

2913

ERR_put_error(11,(106),((1|64)),__FILE__,2931);

-

2914

ctx->error = 17;

-

2915

return

never executed: return 0;

0;

never executed: return 0;

0

2916

}

-

2917

}

executed 3 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

3

2918

}

executed 3 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

3

-

-

-

-

-

if (ctx->param->depth > 0x7fffffff/2

ctx->param->de...> 0x7fffffff/2	Description
TRUE	never evaluated
FALSE	evaluated 4846 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-4846

2925

ctx->param->depth = 0x7fffffff/2;

never executed: ctx->param->depth = 0x7fffffff/2;

0

-

-

-

-

-

-

depth = ctx->param->depth + 1;

-

2933

-

2934

while (search != 0

search != 0	Description
TRUE	evaluated 6761 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1237 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1237-6761

2935

X509 *x;

-

2936

X509 *xtmp =

-

2937

((void *)0)

-

2938

;

-

2939

if ((

(search & (1 << 1)) != 0	Description
TRUE	evaluated 6735 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1

search & (1 << 1)) != 0

(search & (1 << 1)) != 0	Description
TRUE	evaluated 6735 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 26 times by 1 test Evaluated by: libcrypto.so.1.1

) {

26-6735

2940

i = num = sk_X509_num(ctx->chain);

-

2941

if ((

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 6735 times by 1 test Evaluated by: libcrypto.so.1.1

search & (1 << 2)) != 0

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 6735 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6735

2942

i = alt_untrusted;

-

2943

}

never executed: end of block

0

2944

x = sk_X509_value(ctx->chain, i-1);

-

2945

-

2946

ok = (

(depth < num)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6733 times by 1 test Evaluated by: libcrypto.so.1.1

depth < num)

(depth < num)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 6733 times by 1 test Evaluated by: libcrypto.so.1.1

? 0 : get_issuer(&xtmp, ctx, x);

2-6733

2947

-

2948

if (ok < 0

ok < 0	Description
TRUE	never evaluated
FALSE	evaluated 6735 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-6735

2949

trust = 2;

-

2950

ctx->error = 70;

-

2951

search = 0;

-

2952

continue;

never executed: continue;

0

2953

}

-

2954

-

2955

if (ok > 0

ok > 0	Description
TRUE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5504 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1231-5504

2956

if ((

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1

search & (1 << 2)) != 0

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1231

2957

if (!((num > i

num > i	Description
TRUE	never evaluated
FALSE	never evaluated

&& i > 0

i > 0	Description
TRUE	never evaluated
FALSE	never evaluated

&& ss == 0

ss == 0	Description
TRUE	never evaluated
FALSE	never evaluated

) != 0)

!((num > i && ...ss == 0) != 0)	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

2958

ERR_put_error(11,(106),((4|64)),__FILE__,3018);

-

2959

X509_free(xtmp);

-

2960

trust = 2;

-

2961

ctx->error = 1;

-

2962

search = 0;

-

2963

continue;

never executed: continue;

0

2964

}

-

2965

search &= ~(1 << 2);

-

2966

for (; num > i

num > i	Description
TRUE	never evaluated
FALSE	never evaluated

; --num)

0

2967

X509_free(sk_X509_pop(ctx->chain));

never executed: X509_free(sk_X509_pop(ctx->chain));

0

2968

ctx->num_untrusted = num;

-

2969

-

2970

if (((

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

dane) !=

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2971

((void *)0)

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2972

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) &&

0

2973

dane->mdpth >= ctx->num_untrusted

dane->mdpth >=...>num_untrusted	Description
TRUE	never evaluated
FALSE	never evaluated

) {

0

2974

dane->mdpth = -1;

-

2975

X509_free(dane->mcert);

-

2976

dane->mcert =

-

2977

((void *)0)

-

2978

;

-

2979

}

never executed: end of block

0

2980

if (((

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

dane) !=

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2981

((void *)0)

(dane) != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

2982

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

) &&

0

2983

dane->pdpth >= ctx->num_untrusted

dane->pdpth >=...>num_untrusted	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

2984

dane->pdpth = -1;

never executed: dane->pdpth = -1;

0

2985

}

never executed: end of block

0

-

-

-

-

-

if (ss == 0

ss == 0	Description
TRUE	evaluated 1226 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) {

5-1226

2992

if (!sk_X509_push(ctx->chain, x = xtmp)

!sk_X509_push(...ain, x = xtmp)	Description
TRUE	never evaluated
FALSE	evaluated 1226 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1226

2993

X509_free(xtmp);

-

2994

ERR_put_error(11,(106),((1|64)),__FILE__,3048);

-

2995

trust = 2;

-

2996

ctx->error = 17;

-

2997

search = 0;

-

2998

continue;

never executed: continue;

0

2999

}

-

3000

ss = cert_self_signed(x);

-

3001

}

executed 1226 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

else if (num == ctx->num_untrusted

num == ctx->num_untrusted	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-1226

-

-

-

-

-

-

if (X509_cmp(x, xtmp) != 0

X509_cmp(x, xtmp) != 0	Description
TRUE	never evaluated
FALSE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-5

3009

-

3010

X509_free(xtmp);

-

3011

ok = 0;

-

3012

}

never executed: end of block

else {

0

3013

X509_free(x);

-

3014

ctx->num_untrusted = --num;

-

3015

(void) sk_X509_set(ctx->chain, num, x = xtmp);

-

3016

}

executed 5 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

5

3017

}

-

3018

if (ok

ok	Description
TRUE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-1231

3019

if (!((ctx->num_untrusted <= num) != 0)

!((ctx->num_un... <= num) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1231 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1231

3020

ERR_put_error(11,(106),((4|64)),__FILE__,3088);

-

3021

trust = 2;

-

3022

ctx->error = 1;

-

3023

search = 0;

-

3024

continue;

never executed: continue;

0

3025

}

-

3026

search &= ~(1 << 0);

-

3027

switch (trust = check_trust(ctx, num)) {

-

3028

case

executed 1196 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 1196 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1196

3029

case

executed 24 times by 1 test: case 2:

Executed by:

libcrypto.so.1.1

2:

executed 24 times by 1 test: case 2:

Executed by:

libcrypto.so.1.1

24

3030

search = 0;

-

3031

continue;

executed 1220 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

1220

3032

}

-

3033

if (ss == 0

ss == 0	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-9

3034

continue;

executed 9 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

9

3035

}

executed 2 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2

3036

}

executed 2 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2

-

-

-

-

-

-

-

if ((

(search & (1 << 0)) == 0	Description
TRUE	evaluated 3609 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1897 times by 1 test Evaluated by: libcrypto.so.1.1

search & (1 << 0)) == 0

(search & (1 << 0)) == 0	Description
TRUE	evaluated 3609 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1897 times by 1 test Evaluated by: libcrypto.so.1.1

) {

1897-3609

3045

-

3046

if ((

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 3609 times by 1 test Evaluated by: libcrypto.so.1.1

search & (1 << 2)) != 0

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	evaluated 3609 times by 1 test Evaluated by: libcrypto.so.1.1

&& --

--alt_untrusted > 0	Description
TRUE	never evaluated
FALSE	never evaluated

alt_untrusted > 0

--alt_untrusted > 0	Description
TRUE	never evaluated
FALSE	never evaluated

)

0-3609

3047

continue;

never executed: continue;

0

3048

-

3049

if (!may_alternate

!may_alternate	Description
TRUE	evaluated 3609 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

|| (

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

search & (1 << 2)) != 0

(search & (1 << 2)) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

||

0-3609

3050

ctx->num_untrusted < 2

ctx->num_untrusted < 2	Description
TRUE	never evaluated
FALSE	never evaluated

)

0

3051

break;

executed 3609 times by 1 test: break;

Executed by:

libcrypto.so.1.1

3609

3052

-

3053

search |= (1 << 2);

-

3054

alt_untrusted = ctx->num_untrusted - 1;

-

3055

ss = 0;

-

3056

}

never executed: end of block

0

3057

}

executed 1897 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1897

-

-

-

-

if ((

(search & (1 << 0)) != 0	Description
TRUE	evaluated 1923 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

search & (1 << 0)) != 0

(search & (1 << 0)) != 0	Description
TRUE	evaluated 1923 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) {

0-1923

3063

num = sk_X509_num(ctx->chain);

-

3064

if (!((num == ctx->num_untrusted) != 0)

!((num == ctx-...trusted) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1923 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-1923

3065

ERR_put_error(11,(106),((4|64)),__FILE__,3133);

-

3066

trust = 2;

-

3067

ctx->error = 1;

-

3068

search = 0;

-

3069

continue;

never executed: continue;

0

3070

}

-

3071

x = sk_X509_value(ctx->chain, num-1);

-

-

-

-

-

-

xtmp = (ss

ss	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1817 times by 1 test Evaluated by: libcrypto.so.1.1

|| depth < num

depth < num	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1816 times by 1 test Evaluated by: libcrypto.so.1.1

) ?

1-1817

3078

((void *)0)

-

3079

: find_issuer(ctx, sktmp, x);

-

3080

if (xtmp ==

xtmp == ((void *)0)	Description
TRUE	evaluated 1504 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 419 times by 1 test Evaluated by: libcrypto.so.1.1

419-1504

3081

((void *)0)

xtmp == ((void *)0)	Description
TRUE	evaluated 1504 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 419 times by 1 test Evaluated by: libcrypto.so.1.1

419-1504

3082

) {

-

3083

search &= ~(1 << 0);

-

3084

if (may_trusted

may_trusted	Description
TRUE	evaluated 1502 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-1502

3085

search |= (1 << 1);

executed 1502 times by 1 test: search |= (1 << 1);

Executed by:

libcrypto.so.1.1

1502

3086

continue;

executed 1504 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

1504

3087

}

-

3088

-

3089

-

3090

(void) sk_X509_delete_ptr(sktmp, xtmp);

-

3091

-

3092

if (!sk_X509_push(ctx->chain, xtmp)

!sk_X509_push(...->chain, xtmp)	Description
TRUE	never evaluated
FALSE	evaluated 419 times by 1 test Evaluated by: libcrypto.so.1.1

) {

0-419

3093

ERR_put_error(11,(106),((1|64)),__FILE__,3157);

-

3094

trust = 2;

-

3095

ctx->error = 17;

-

3096

search = 0;

-

3097

continue;

never executed: continue;

0

3098

}

-

3099

-

3100

X509_up_ref(x = xtmp);

-

3101

++ctx->num_untrusted;

-

3102

ss = cert_self_signed(xtmp);

-

-

-

-

-

switch (trust = check_dane_issuer(ctx, ctx->num_untrusted - 1)) {

-

3108

case

executed 15 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 15 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

15

3109

case

never executed: case 2:

2:

never executed: case 2:

0

3110

search = 0;

-

3111

continue;

executed 15 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

15

3112

}

-

3113

}

executed 404 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

404

3114

}

executed 404 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

404

3115

sk_X509_free(sktmp);

-

-

-

-

-

-

num = sk_X509_num(ctx->chain);

-

3122

if (num <= depth

num <= depth	Description
TRUE	evaluated 4843 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

) {

3-4843

3123

if (trust == 3

trust == 3	Description
TRUE	evaluated 3610 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1233 times by 1 test Evaluated by: libcrypto.so.1.1

&& ((

(dane)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3605 times by 1 test Evaluated by: libcrypto.so.1.1

dane)

(dane)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3605 times by 1 test Evaluated by: libcrypto.so.1.1

&&((

((dane)->umask...2_t)1) << 2)))	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

dane)->umask & ((((uint32_t)1) << 2)))

((dane)->umask...2_t)1) << 2)))	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1

))

2-3610

3124

trust = check_dane_pkeys(ctx);

executed 2 times by 1 test: trust = check_dane_pkeys(ctx);

Executed by:

libcrypto.so.1.1

2

3125

if (trust == 3

trust == 3	Description
TRUE	evaluated 3608 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1235 times by 1 test Evaluated by: libcrypto.so.1.1

&& num == ctx->num_untrusted

num == ctx->num_untrusted	Description
TRUE	evaluated 3606 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1

)

2-3608

3126

trust = check_trust(ctx, num);

executed 3606 times by 1 test: trust = check_trust(ctx, num);

Executed by:

libcrypto.so.1.1

3606

3127

}

executed 4843 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

4843

3128

-

3129

switch (trust) {

-

3130

case

executed 1222 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1:

executed 1222 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

1222

3131

return

executed 1222 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 1222 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1222

3132

case

executed 26 times by 1 test: case 2:

Executed by:

libcrypto.so.1.1

2:

executed 26 times by 1 test: case 2:

Executed by:

libcrypto.so.1.1

26

3133

-

3134

return

executed 26 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 26 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

26

3135

case

executed 3598 times by 1 test: case 3:

Executed by:

libcrypto.so.1.1

3:

executed 3598 times by 1 test: case 3:

Executed by:

libcrypto.so.1.1

3598

3136

default

never executed: default:

:

never executed: default:

0

3137

num = sk_X509_num(ctx->chain);

-

3138

if (num > depth

num > depth	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3597 times by 1 test Evaluated by: libcrypto.so.1.1

)

1-3597

3139

return

executed 1 time by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 22);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx,

executed 1 time by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 22);

Executed by:

libcrypto.so.1.1

1

3140

((void *)0)

executed 1 time by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 22);

Executed by:

libcrypto.so.1.1

1

3141

, num-1,

executed 1 time by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 22);

Executed by:

libcrypto.so.1.1

1

3142

22);

executed 1 time by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 22);

Executed by:

libcrypto.so.1.1

1

3143

if (((

(dane) != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3594 times by 1 test Evaluated by: libcrypto.so.1.1

dane) !=

(dane) != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3594 times by 1 test Evaluated by: libcrypto.so.1.1

3-3594

3144

((void *)0)

(dane) != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3594 times by 1 test Evaluated by: libcrypto.so.1.1

3-3594

3145

&& sk_danetls_record_num((dane)->trecs) > 0

sk_danetls_rec...e)->trecs) > 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) &&

0-3

3146

(!((

(dane)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

dane)

(dane)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

&& ((

((dane)->umask..._t)1) << 1))))	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

dane)->umask & (((((uint32_t)1) << 0)) | ((((uint32_t)1) << 1))))

((dane)->umask..._t)1) << 1))))	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

) || dane->pdpth >= 0

dane->pdpth >= 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

))

0-3

3147

return

executed 2 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 65);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx,

executed 2 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 65);

Executed by:

libcrypto.so.1.1

2

3148

((void *)0)

executed 2 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 65);

Executed by:

libcrypto.so.1.1

2

3149

, num-1, 65);

executed 2 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 65);

Executed by:

libcrypto.so.1.1

2

3150

if (ss

ss	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3489 times by 1 test Evaluated by: libcrypto.so.1.1

&& sk_X509_num(ctx->chain) == 1

sk_X509_num(ctx->chain) == 1	Description
TRUE	evaluated 38 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 68 times by 1 test Evaluated by: libcrypto.so.1.1

)

38-3489

3151

return

executed 38 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 18);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx,

executed 38 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 18);

Executed by:

libcrypto.so.1.1

38

3152

((void *)0)

executed 38 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 18);

Executed by:

libcrypto.so.1.1

38

3153

, num-1,

executed 38 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 18);

Executed by:

libcrypto.so.1.1

38

3154

18);

executed 38 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 18);

Executed by:

libcrypto.so.1.1

38

3155

if (ss

ss	Description
TRUE	evaluated 68 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3489 times by 1 test Evaluated by: libcrypto.so.1.1

)

68-3489

3156

return

executed 68 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 19);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx,

executed 68 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 19);

Executed by:

libcrypto.so.1.1

68

3157

((void *)0)

executed 68 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 19);

Executed by:

libcrypto.so.1.1

68

3158

, num-1,

executed 68 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 19);

Executed by:

libcrypto.so.1.1

68

3159

19);

executed 68 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 19);

Executed by:

libcrypto.so.1.1

68

3160

if (ctx->num_untrusted < num

ctx->num_untrusted < num	Description
TRUE	never evaluated
FALSE	evaluated 3489 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-3489

3161

return

never executed: return verify_cb_cert(ctx, ((void *)0) , num-1, 2);

verify_cb_cert(ctx,

never executed: return verify_cb_cert(ctx, ((void *)0) , num-1, 2);

0

3162

((void *)0)

never executed: return verify_cb_cert(ctx, ((void *)0) , num-1, 2);

0

3163

, num-1,

never executed: return verify_cb_cert(ctx, ((void *)0) , num-1, 2);

0

3164

2);

never executed: return verify_cb_cert(ctx, ((void *)0) , num-1, 2);

0

3165

return

executed 3489 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 20);

Executed by:

libcrypto.so.1.1

verify_cb_cert(ctx,

executed 3489 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 20);

Executed by:

libcrypto.so.1.1

3489

3166

((void *)0)

executed 3489 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 20);

Executed by:

libcrypto.so.1.1

3489

3167

, num-1,

executed 3489 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 20);

Executed by:

libcrypto.so.1.1

3489

3168

20);

executed 3489 times by 1 test: return verify_cb_cert(ctx, ((void *)0) , num-1, 20);

Executed by:

libcrypto.so.1.1

3489

3169

}

-

3170

}

-

3171

-

3172

static const int minbits_table[] = { 80, 112, 128, 192, 256 };

-

3173

static const int NUM_AUTH_LEVELS = (sizeof(minbits_table)/sizeof((minbits_table)[0]));

-

-

-

-

-

-

-

-

static int check_key_level(X509_STORE_CTX *ctx, X509 *cert)

-

3182

{

-

3183

EVP_PKEY *pkey = X509_get0_pubkey(cert);

-

3184

int level = ctx->param->auth_level;

-

3185

-

3186

-

3187

if (pkey ==

pkey == ((void *)0)	Description
TRUE	evaluated 154 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5999 times by 1 test Evaluated by: libcrypto.so.1.1

154-5999

3188

((void *)0)

pkey == ((void *)0)	Description
TRUE	evaluated 154 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5999 times by 1 test Evaluated by: libcrypto.so.1.1

154-5999

3189

)

-

3190

return

executed 154 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

0;

executed 154 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

154

3191

-

3192

if (level <= 0

level <= 0	Description
TRUE	evaluated 3396 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2603 times by 1 test Evaluated by: libcrypto.so.1.1

)

2603-3396

3193

return

executed 3396 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1;

executed 3396 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

3396

3194

if (level > NUM_AUTH_LEVELS

level > NUM_AUTH_LEVELS	Description
TRUE	never evaluated
FALSE	evaluated 2603 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-2603

3195

level = NUM_AUTH_LEVELS;

never executed: level = NUM_AUTH_LEVELS;

0

3196

-

3197

return

executed 2603 times by 1 test: return EVP_PKEY_security_bits(pkey) >= minbits_table[level - 1];

Executed by:

libcrypto.so.1.1

EVP_PKEY_security_bits(pkey) >= minbits_table[level - 1];

executed 2603 times by 1 test: return EVP_PKEY_security_bits(pkey) >= minbits_table[level - 1];

Executed by:

libcrypto.so.1.1

2603

3198

}

-

3199

static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)

-

3200

{

-

3201

int secbits = -1;

-

3202

int level = ctx->param->auth_level;

-

3203

-

3204

if (level <= 0

level <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1138

3205

return

never executed: return 1;

1;

never executed: return 1;

0

3206

if (level > NUM_AUTH_LEVELS

level > NUM_AUTH_LEVELS	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1138

3207

level = NUM_AUTH_LEVELS;

never executed: level = NUM_AUTH_LEVELS;

0

3208

-

3209

if (!X509_get_signature_info(cert,

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3210

((void *)0)

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3211

,

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3212

((void *)0)

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3213

, &secbits,

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3214

((void *)0)

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

0-1138

3215

)

!X509_get_sign... ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 1138 times by 1 test Evaluated by: libcrypto.so.1.1

)

0-1138

3216

return

never executed: return 0;

0;

never executed: return 0;

0

3217

-

3218

return

executed 1138 times by 1 test: return secbits >= minbits_table[level - 1];

Executed by:

libcrypto.so.1.1

secbits >= minbits_table[level - 1];

executed 1138 times by 1 test: return secbits >= minbits_table[level - 1];

Executed by:

libcrypto.so.1.1

1138

3219

}

-