OpenCoverage

ssl_ciph.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssl/src/ssl/ssl_ciph.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* -

5 * -

6 * Licensed under the OpenSSL license (the "License"). You may not use -

7 * this file except in compliance with the License. You can obtain a copy -

8 * in the file LICENSE in the source distribution or at -

9 * https://www.openssl.org/source/license.html -

10 */ -

11 -

12 #include <stdio.h> -

13 #include <ctype.h> -

14 #include <openssl/objects.h> -

15 #include <openssl/comp.h> -

16 #include <openssl/engine.h> -

17 #include <openssl/crypto.h> -

18 #include <openssl/conf.h> -

19 #include "internal/nelem.h" -

20 #include "ssl_locl.h" -

21 #include "internal/thread_once.h" -

22 #include "internal/cryptlib.h" -

23 -

24 #define SSL_ENC_DES_IDX 0 -

25 #define SSL_ENC_3DES_IDX 1 -

26 #define SSL_ENC_RC4_IDX 2 -

27 #define SSL_ENC_RC2_IDX 3 -

28 #define SSL_ENC_IDEA_IDX 4 -

29 #define SSL_ENC_NULL_IDX 5 -

30 #define SSL_ENC_AES128_IDX 6 -

31 #define SSL_ENC_AES256_IDX 7 -

32 #define SSL_ENC_CAMELLIA128_IDX 8 -

33 #define SSL_ENC_CAMELLIA256_IDX 9 -

34 #define SSL_ENC_GOST89_IDX 10 -

35 #define SSL_ENC_SEED_IDX 11 -

36 #define SSL_ENC_AES128GCM_IDX 12 -

37 #define SSL_ENC_AES256GCM_IDX 13 -

38 #define SSL_ENC_AES128CCM_IDX 14 -

39 #define SSL_ENC_AES256CCM_IDX 15 -

40 #define SSL_ENC_AES128CCM8_IDX 16 -

41 #define SSL_ENC_AES256CCM8_IDX 17 -

42 #define SSL_ENC_GOST8912_IDX 18 -

43 #define SSL_ENC_CHACHA_IDX 19 -

44 #define SSL_ENC_ARIA128GCM_IDX 20 -

45 #define SSL_ENC_ARIA256GCM_IDX 21 -

46 #define SSL_ENC_NUM_IDX 22 -

47 -

48 /* NB: make sure indices in these tables match values above */ -

49 -

50 typedef struct { -

51 uint32_t mask; -

52 int nid; -

53 } ssl_cipher_table; -

54 -

55 /* Table of NIDs for each cipher */ -

56 static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { -

57 {SSL_DES, NID_des_cbc}, /* SSL_ENC_DES_IDX 0 */ -

58 {SSL_3DES, NID_des_ede3_cbc}, /* SSL_ENC_3DES_IDX 1 */ -

59 {SSL_RC4, NID_rc4}, /* SSL_ENC_RC4_IDX 2 */ -

60 {SSL_RC2, NID_rc2_cbc}, /* SSL_ENC_RC2_IDX 3 */ -

61 {SSL_IDEA, NID_idea_cbc}, /* SSL_ENC_IDEA_IDX 4 */ -

62 {SSL_eNULL, NID_undef}, /* SSL_ENC_NULL_IDX 5 */ -

63 {SSL_AES128, NID_aes_128_cbc}, /* SSL_ENC_AES128_IDX 6 */ -

64 {SSL_AES256, NID_aes_256_cbc}, /* SSL_ENC_AES256_IDX 7 */ -

65 {SSL_CAMELLIA128, NID_camellia_128_cbc}, /* SSL_ENC_CAMELLIA128_IDX 8 */ -

66 {SSL_CAMELLIA256, NID_camellia_256_cbc}, /* SSL_ENC_CAMELLIA256_IDX 9 */ -

67 {SSL_eGOST2814789CNT, NID_gost89_cnt}, /* SSL_ENC_GOST89_IDX 10 */ -

68 {SSL_SEED, NID_seed_cbc}, /* SSL_ENC_SEED_IDX 11 */ -

69 {SSL_AES128GCM, NID_aes_128_gcm}, /* SSL_ENC_AES128GCM_IDX 12 */ -

70 {SSL_AES256GCM, NID_aes_256_gcm}, /* SSL_ENC_AES256GCM_IDX 13 */ -

71 {SSL_AES128CCM, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM_IDX 14 */ -

72 {SSL_AES256CCM, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM_IDX 15 */ -

73 {SSL_AES128CCM8, NID_aes_128_ccm}, /* SSL_ENC_AES128CCM8_IDX 16 */ -

74 {SSL_AES256CCM8, NID_aes_256_ccm}, /* SSL_ENC_AES256CCM8_IDX 17 */ -

75 {SSL_eGOST2814789CNT12, NID_gost89_cnt_12}, /* SSL_ENC_GOST8912_IDX 18 */ -

76 {SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, /* SSL_ENC_CHACHA_IDX 19 */ -

77 {SSL_ARIA128GCM, NID_aria_128_gcm}, /* SSL_ENC_ARIA128GCM_IDX 20 */ -

78 {SSL_ARIA256GCM, NID_aria_256_gcm}, /* SSL_ENC_ARIA256GCM_IDX 21 */ -

79 }; -

80 -

81 static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]; -

82 -

83 #define SSL_COMP_NULL_IDX 0 -

84 #define SSL_COMP_ZLIB_IDX 1 -

85 #define SSL_COMP_NUM_IDX 2 -

86 -

87 static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; -

88 -

89 #ifndef OPENSSL_NO_COMP -

90 static CRYPTO_ONCE ssl_load_builtin_comp_once = CRYPTO_ONCE_STATIC_INIT; -

91 #endif -

92 -

93 /* -

94 * Constant SSL_MAX_DIGEST equal to size of digests array should be defined -

95 * in the ssl_locl.h -

96 */ -

97 -

98 #define SSL_MD_NUM_IDX SSL_MAX_DIGEST -

99 -

100 /* NB: make sure indices in this table matches values above */ -

101 static const ssl_cipher_table ssl_cipher_table_mac[SSL_MD_NUM_IDX] = { -

102 {SSL_MD5, NID_md5}, /* SSL_MD_MD5_IDX 0 */ -

103 {SSL_SHA1, NID_sha1}, /* SSL_MD_SHA1_IDX 1 */ -

104 {SSL_GOST94, NID_id_GostR3411_94}, /* SSL_MD_GOST94_IDX 2 */ -

105 {SSL_GOST89MAC, NID_id_Gost28147_89_MAC}, /* SSL_MD_GOST89MAC_IDX 3 */ -

106 {SSL_SHA256, NID_sha256}, /* SSL_MD_SHA256_IDX 4 */ -

107 {SSL_SHA384, NID_sha384}, /* SSL_MD_SHA384_IDX 5 */ -

108 {SSL_GOST12_256, NID_id_GostR3411_2012_256}, /* SSL_MD_GOST12_256_IDX 6 */ -

109 {SSL_GOST89MAC12, NID_gost_mac_12}, /* SSL_MD_GOST89MAC12_IDX 7 */ -

110 {SSL_GOST12_512, NID_id_GostR3411_2012_512}, /* SSL_MD_GOST12_512_IDX 8 */ -

111 {0, NID_md5_sha1}, /* SSL_MD_MD5_SHA1_IDX 9 */ -

112 {0, NID_sha224}, /* SSL_MD_SHA224_IDX 10 */ -

113 {0, NID_sha512} /* SSL_MD_SHA512_IDX 11 */ -

114 }; -

115 -

116 static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = { -

117 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL -

118 }; -

119 -

120 /* *INDENT-OFF* */ -

121 static const ssl_cipher_table ssl_cipher_table_kx[] = { -

122 {SSL_kRSA, NID_kx_rsa}, -

123 {SSL_kECDHE, NID_kx_ecdhe}, -

124 {SSL_kDHE, NID_kx_dhe}, -

125 {SSL_kECDHEPSK, NID_kx_ecdhe_psk}, -

126 {SSL_kDHEPSK, NID_kx_dhe_psk}, -

127 {SSL_kRSAPSK, NID_kx_rsa_psk}, -

128 {SSL_kPSK, NID_kx_psk}, -

129 {SSL_kSRP, NID_kx_srp}, -

130 {SSL_kGOST, NID_kx_gost}, -

131 {SSL_kANY, NID_kx_any} -

132 }; -

133 -

134 static const ssl_cipher_table ssl_cipher_table_auth[] = { -

135 {SSL_aRSA, NID_auth_rsa}, -

136 {SSL_aECDSA, NID_auth_ecdsa}, -

137 {SSL_aPSK, NID_auth_psk}, -

138 {SSL_aDSS, NID_auth_dss}, -

139 {SSL_aGOST01, NID_auth_gost01}, -

140 {SSL_aGOST12, NID_auth_gost12}, -

141 {SSL_aSRP, NID_auth_srp}, -

142 {SSL_aNULL, NID_auth_null}, -

143 {SSL_aANY, NID_auth_any} -

144 }; -

145 /* *INDENT-ON* */ -

146 -

147 /* Utility function for table lookup */ -

148 static int ssl_cipher_info_find(const ssl_cipher_table * table, -

149 size_t table_cnt, uint32_t mask) -

150 { -

151 size_t i; -

152

for (i = 0; i < table_cnt; i++, table++) {

i < table_cnt	Description
TRUE	evaluated 91966 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1

2646-91966

153

if (table->mask == mask)

table->mask == mask	Description
TRUE	evaluated 6668 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 85298 times by 1 test Evaluated by: libssl.so.1.1

6668-85298

154

return (int)i;

executed 6668 times by 1 test: return (int)i;

Executed by:

libssl.so.1.1

6668

155

}

executed 85298 times by 1 test: end of block

Executed by:

libssl.so.1.1

85298

156

return -1;

executed 2646 times by 1 test: return -1;

Executed by:

libssl.so.1.1

2646

157 } -

158 -

159 #define ssl_cipher_info_lookup(table, x) \ -

160 ssl_cipher_info_find(table, OSSL_NELEM(table), x) -

161 -

162 /* -

163 * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation -

164 * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is -

165 * found -

166 */ -

167 static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = { -

168 /* MD5, SHA, GOST94, MAC89 */ -

169 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, -

170 /* SHA256, SHA384, GOST2012_256, MAC89-12 */ -

171 EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef, -

172 /* GOST2012_512 */ -

173 EVP_PKEY_HMAC, -

174 }; -

175 -

176 static size_t ssl_mac_secret_size[SSL_MD_NUM_IDX]; -

177 -

178 #define CIPHER_ADD 1 -

179 #define CIPHER_KILL 2 -

180 #define CIPHER_DEL 3 -

181 #define CIPHER_ORD 4 -

182 #define CIPHER_SPECIAL 5 -

183 /* -

184 * Bump the ciphers to the top of the list. -

185 * This rule isn't currently supported by the public cipherstring API. -

186 */ -

187 #define CIPHER_BUMP 6 -

188 -

189 typedef struct cipher_order_st { -

190 const SSL_CIPHER *cipher; -

191 int active; -

192 int dead; -

193 struct cipher_order_st *next, *prev; -

194 } CIPHER_ORDER; -

195 -

196 static const SSL_CIPHER cipher_aliases[] = { -

197 /* "ALL" doesn't include eNULL (must be specifically enabled) */ -

198 {0, SSL_TXT_ALL, NULL, 0, 0, 0, ~SSL_eNULL}, -

199 /* "COMPLEMENTOFALL" */ -

200 {0, SSL_TXT_CMPALL, NULL, 0, 0, 0, SSL_eNULL}, -

201 -

202 /* -

203 * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in -

204 * ALL!) -

205 */ -

206 {0, SSL_TXT_CMPDEF, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT}, -

207 -

208 /* -

209 * key exchange aliases (some of those using only a single bit here -

210 * combine multiple key exchange algs according to the RFCs, e.g. kDHE -

211 * combines DHE_DSS and DHE_RSA) -

212 */ -

213 {0, SSL_TXT_kRSA, NULL, 0, SSL_kRSA}, -

214 -

215 {0, SSL_TXT_kEDH, NULL, 0, SSL_kDHE}, -

216 {0, SSL_TXT_kDHE, NULL, 0, SSL_kDHE}, -

217 {0, SSL_TXT_DH, NULL, 0, SSL_kDHE}, -

218 -

219 {0, SSL_TXT_kEECDH, NULL, 0, SSL_kECDHE}, -

220 {0, SSL_TXT_kECDHE, NULL, 0, SSL_kECDHE}, -

221 {0, SSL_TXT_ECDH, NULL, 0, SSL_kECDHE}, -

222 -

223 {0, SSL_TXT_kPSK, NULL, 0, SSL_kPSK}, -

224 {0, SSL_TXT_kRSAPSK, NULL, 0, SSL_kRSAPSK}, -

225 {0, SSL_TXT_kECDHEPSK, NULL, 0, SSL_kECDHEPSK}, -

226 {0, SSL_TXT_kDHEPSK, NULL, 0, SSL_kDHEPSK}, -

227 {0, SSL_TXT_kSRP, NULL, 0, SSL_kSRP}, -

228 {0, SSL_TXT_kGOST, NULL, 0, SSL_kGOST}, -

229 -

230 /* server authentication aliases */ -

231 {0, SSL_TXT_aRSA, NULL, 0, 0, SSL_aRSA}, -

232 {0, SSL_TXT_aDSS, NULL, 0, 0, SSL_aDSS}, -

233 {0, SSL_TXT_DSS, NULL, 0, 0, SSL_aDSS}, -

234 {0, SSL_TXT_aNULL, NULL, 0, 0, SSL_aNULL}, -

235 {0, SSL_TXT_aECDSA, NULL, 0, 0, SSL_aECDSA}, -

236 {0, SSL_TXT_ECDSA, NULL, 0, 0, SSL_aECDSA}, -

237 {0, SSL_TXT_aPSK, NULL, 0, 0, SSL_aPSK}, -

238 {0, SSL_TXT_aGOST01, NULL, 0, 0, SSL_aGOST01}, -

239 {0, SSL_TXT_aGOST12, NULL, 0, 0, SSL_aGOST12}, -

240 {0, SSL_TXT_aGOST, NULL, 0, 0, SSL_aGOST01 | SSL_aGOST12}, -

241 {0, SSL_TXT_aSRP, NULL, 0, 0, SSL_aSRP}, -

242 -

243 /* aliases combining key exchange and server authentication */ -

244 {0, SSL_TXT_EDH, NULL, 0, SSL_kDHE, ~SSL_aNULL}, -

245 {0, SSL_TXT_DHE, NULL, 0, SSL_kDHE, ~SSL_aNULL}, -

246 {0, SSL_TXT_EECDH, NULL, 0, SSL_kECDHE, ~SSL_aNULL}, -

247 {0, SSL_TXT_ECDHE, NULL, 0, SSL_kECDHE, ~SSL_aNULL}, -

248 {0, SSL_TXT_NULL, NULL, 0, 0, 0, SSL_eNULL}, -

249 {0, SSL_TXT_RSA, NULL, 0, SSL_kRSA, SSL_aRSA}, -

250 {0, SSL_TXT_ADH, NULL, 0, SSL_kDHE, SSL_aNULL}, -

251 {0, SSL_TXT_AECDH, NULL, 0, SSL_kECDHE, SSL_aNULL}, -

252 {0, SSL_TXT_PSK, NULL, 0, SSL_PSK}, -

253 {0, SSL_TXT_SRP, NULL, 0, SSL_kSRP}, -

254 -

255 /* symmetric encryption aliases */ -

256 {0, SSL_TXT_3DES, NULL, 0, 0, 0, SSL_3DES}, -

257 {0, SSL_TXT_RC4, NULL, 0, 0, 0, SSL_RC4}, -

258 {0, SSL_TXT_RC2, NULL, 0, 0, 0, SSL_RC2}, -

259 {0, SSL_TXT_IDEA, NULL, 0, 0, 0, SSL_IDEA}, -

260 {0, SSL_TXT_SEED, NULL, 0, 0, 0, SSL_SEED}, -

261 {0, SSL_TXT_eNULL, NULL, 0, 0, 0, SSL_eNULL}, -

262 {0, SSL_TXT_GOST, NULL, 0, 0, 0, SSL_eGOST2814789CNT | SSL_eGOST2814789CNT12}, -

263 {0, SSL_TXT_AES128, NULL, 0, 0, 0, -

264 SSL_AES128 | SSL_AES128GCM | SSL_AES128CCM | SSL_AES128CCM8}, -

265 {0, SSL_TXT_AES256, NULL, 0, 0, 0, -

266 SSL_AES256 | SSL_AES256GCM | SSL_AES256CCM | SSL_AES256CCM8}, -

267 {0, SSL_TXT_AES, NULL, 0, 0, 0, SSL_AES}, -

268 {0, SSL_TXT_AES_GCM, NULL, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM}, -

269 {0, SSL_TXT_AES_CCM, NULL, 0, 0, 0, -

270 SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8}, -

271 {0, SSL_TXT_AES_CCM_8, NULL, 0, 0, 0, SSL_AES128CCM8 | SSL_AES256CCM8}, -

272 {0, SSL_TXT_CAMELLIA128, NULL, 0, 0, 0, SSL_CAMELLIA128}, -

273 {0, SSL_TXT_CAMELLIA256, NULL, 0, 0, 0, SSL_CAMELLIA256}, -

274 {0, SSL_TXT_CAMELLIA, NULL, 0, 0, 0, SSL_CAMELLIA}, -

275 {0, SSL_TXT_CHACHA20, NULL, 0, 0, 0, SSL_CHACHA20}, -

276 -

277 {0, SSL_TXT_ARIA, NULL, 0, 0, 0, SSL_ARIA}, -

278 {0, SSL_TXT_ARIA_GCM, NULL, 0, 0, 0, SSL_ARIA128GCM | SSL_ARIA256GCM}, -

279 {0, SSL_TXT_ARIA128, NULL, 0, 0, 0, SSL_ARIA128GCM}, -

280 {0, SSL_TXT_ARIA256, NULL, 0, 0, 0, SSL_ARIA256GCM}, -

281 -

282 /* MAC aliases */ -

283 {0, SSL_TXT_MD5, NULL, 0, 0, 0, 0, SSL_MD5}, -

284 {0, SSL_TXT_SHA1, NULL, 0, 0, 0, 0, SSL_SHA1}, -

285 {0, SSL_TXT_SHA, NULL, 0, 0, 0, 0, SSL_SHA1}, -

286 {0, SSL_TXT_GOST94, NULL, 0, 0, 0, 0, SSL_GOST94}, -

287 {0, SSL_TXT_GOST89MAC, NULL, 0, 0, 0, 0, SSL_GOST89MAC | SSL_GOST89MAC12}, -

288 {0, SSL_TXT_SHA256, NULL, 0, 0, 0, 0, SSL_SHA256}, -

289 {0, SSL_TXT_SHA384, NULL, 0, 0, 0, 0, SSL_SHA384}, -

290 {0, SSL_TXT_GOST12, NULL, 0, 0, 0, 0, SSL_GOST12_256}, -

291 -

292 /* protocol version aliases */ -

293 {0, SSL_TXT_SSLV3, NULL, 0, 0, 0, 0, 0, SSL3_VERSION}, -

294 {0, SSL_TXT_TLSV1, NULL, 0, 0, 0, 0, 0, TLS1_VERSION}, -

295 {0, "TLSv1.0", NULL, 0, 0, 0, 0, 0, TLS1_VERSION}, -

296 {0, SSL_TXT_TLSV1_2, NULL, 0, 0, 0, 0, 0, TLS1_2_VERSION}, -

297 -

298 /* strength classes */ -

299 {0, SSL_TXT_LOW, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_LOW}, -

300 {0, SSL_TXT_MEDIUM, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_MEDIUM}, -

301 {0, SSL_TXT_HIGH, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, SSL_HIGH}, -

302 /* FIPS 140-2 approved ciphersuite */ -

303 {0, SSL_TXT_FIPS, NULL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, SSL_FIPS}, -

304 -

305 /* "EDH-" aliases to "DHE-" labels (for backward compatibility) */ -

306 {0, SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, NULL, 0, -

307 SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, 0, 0, 0, 0, SSL_HIGH | SSL_FIPS}, -

308 {0, SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, NULL, 0, -

309 SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, 0, 0, 0, 0, SSL_HIGH | SSL_FIPS}, -

310 -

311 }; -

312 -

313 /* -

314 * Search for public key algorithm with given name and return its pkey_id if -

315 * it is available. Otherwise return 0 -

316 */ -

317 #ifdef OPENSSL_NO_ENGINE -

318 -

319 static int get_optional_pkey_id(const char *pkey_name) -

320 { -

321 const EVP_PKEY_ASN1_METHOD *ameth; -

322 int pkey_id = 0; -

323 ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1); -

324 if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, -

325 ameth) > 0) -

326 return pkey_id; -

327 return 0; -

328 } -

329 -

330 #else -

331 -

332 static int get_optional_pkey_id(const char *pkey_name) -

333 { -

334 const EVP_PKEY_ASN1_METHOD *ameth; -

335 ENGINE *tmpeng = NULL; -

336 int pkey_id = 0; -

337 ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1); -

338

if (ameth) {

ameth	Description
TRUE	never evaluated
FALSE	evaluated 9790 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-9790

339

if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,

EVP_PKEY_asn1_... , ameth) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

340

ameth) <= 0)

EVP_PKEY_asn1_... , ameth) <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

341

pkey_id = 0;

never executed: pkey_id = 0;

342

}

never executed: end of block

343 ENGINE_finish(tmpeng); -

344

return pkey_id;

executed 9790 times by 2 tests: return pkey_id;

Executed by:

libssl.so.1.1
tls13encryptiontest

9790

345 } -

346 -

347 #endif -

348 -

349 /* masks of disabled algorithms */ -

350 static uint32_t disabled_enc_mask; -

351 static uint32_t disabled_mac_mask; -

352 static uint32_t disabled_mkey_mask; -

353 static uint32_t disabled_auth_mask; -

354 -

355 int ssl_load_ciphers(void) -

356 { -

357 size_t i; -

358 const ssl_cipher_table *t; -

359 -

360 disabled_enc_mask = 0; -

361 ssl_sort_cipher_list(); -

362

for (i = 0, t = ssl_cipher_table_cipher; i < SSL_ENC_NUM_IDX; i++, t++) {

i < 22	Description
TRUE	evaluated 43076 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1958-43076

363

if (t->nid == NID_undef) {

t->nid == 0	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 41118 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1958-41118

364 ssl_cipher_methods[i] = NULL; -

365

} else {

executed 1958 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

366 const EVP_CIPHER *cipher = EVP_get_cipherbynid(t->nid); -

367 ssl_cipher_methods[i] = cipher; -

368

if (cipher == NULL)

cipher == ((void *)0)	Description
TRUE	evaluated 3916 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 37202 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

3916-37202

369

disabled_enc_mask |= t->mask;

executed 3916 times by 2 tests: disabled_enc_mask |= t->mask;

Executed by:

libssl.so.1.1
tls13encryptiontest

3916

370

}

executed 41118 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

41118

371 } -

372 disabled_mac_mask = 0; -

373

for (i = 0, t = ssl_cipher_table_mac; i < SSL_MD_NUM_IDX; i++, t++) {

i < 12	Description
TRUE	evaluated 23496 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1958-23496

374 const EVP_MD *md = EVP_get_digestbynid(t->nid); -

375 ssl_digest_methods[i] = md; -

376

if (md == NULL) {

md == ((void *)0)	Description
TRUE	evaluated 9790 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 13706 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

9790-13706

377 disabled_mac_mask |= t->mask; -

378

} else {

executed 9790 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

9790

379 int tmpsize = EVP_MD_size(md); -

380

if (!ossl_assert(tmpsize >= 0))

!((tmpsize >= 0) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 13706 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-13706

381

return 0;

never executed: return 0;

382 ssl_mac_secret_size[i] = tmpsize; -

383

}

executed 13706 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

13706

384 } -

385 /* Make sure we can access MD5 and SHA1 */ -

386

if (!ossl_assert(ssl_digest_methods[SSL_MD_MD5_IDX] != NULL))

!((ssl_digest_...d *)0) ) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-1958

387

return 0;

never executed: return 0;

388

if (!ossl_assert(ssl_digest_methods[SSL_MD_SHA1_IDX] != NULL))

!((ssl_digest_...d *)0) ) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-1958

389

return 0;

never executed: return 0;

390 -

391 disabled_mkey_mask = 0; -

392 disabled_auth_mask = 0; -

393 -

394 #ifdef OPENSSL_NO_RSA -

395 disabled_mkey_mask |= SSL_kRSA | SSL_kRSAPSK; -

396 disabled_auth_mask |= SSL_aRSA; -

397 #endif -

398 #ifdef OPENSSL_NO_DSA -

399 disabled_auth_mask |= SSL_aDSS; -

400 #endif -

401 #ifdef OPENSSL_NO_DH -

402 disabled_mkey_mask |= SSL_kDHE | SSL_kDHEPSK; -

403 #endif -

404 #ifdef OPENSSL_NO_EC -

405 disabled_mkey_mask |= SSL_kECDHE | SSL_kECDHEPSK; -

406 disabled_auth_mask |= SSL_aECDSA; -

407 #endif -

408 #ifdef OPENSSL_NO_PSK -

409 disabled_mkey_mask |= SSL_PSK; -

410 disabled_auth_mask |= SSL_aPSK; -

411 #endif -

412 #ifdef OPENSSL_NO_SRP -

413 disabled_mkey_mask |= SSL_kSRP; -

414 #endif -

415 -

416 /* -

417 * Check for presence of GOST 34.10 algorithms, and if they are not -

418 * present, disable appropriate auth and key exchange -

419 */ -

420 ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac"); -

421

if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX])

ssl_mac_pkey_id[3]	Description
TRUE	never evaluated
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-1958

422

ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;

never executed: ssl_mac_secret_size[3] = 32;

423 else -

424

disabled_mac_mask |= SSL_GOST89MAC;

executed 1958 times by 2 tests: disabled_mac_mask |= 0x00000008U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

425 -

426 ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX] = -

427 get_optional_pkey_id("gost-mac-12"); -

428

if (ssl_mac_pkey_id[SSL_MD_GOST89MAC12_IDX])

ssl_mac_pkey_id[7]	Description
TRUE	never evaluated
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-1958

429

ssl_mac_secret_size[SSL_MD_GOST89MAC12_IDX] = 32;

never executed: ssl_mac_secret_size[7] = 32;

430 else -

431

disabled_mac_mask |= SSL_GOST89MAC12;

executed 1958 times by 2 tests: disabled_mac_mask |= 0x00000100U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

432 -

433

if (!get_optional_pkey_id("gost2001"))

!get_optional_...id("gost2001")	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-1958

434

disabled_auth_mask |= SSL_aGOST01 | SSL_aGOST12;

executed 1958 times by 2 tests: disabled_auth_mask |= 0x00000020U | 0x00000080U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

435

if (!get_optional_pkey_id("gost2012_256"))

!get_optional_...gost2012_256")	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-1958

436

disabled_auth_mask |= SSL_aGOST12;

executed 1958 times by 2 tests: disabled_auth_mask |= 0x00000080U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

437

if (!get_optional_pkey_id("gost2012_512"))

!get_optional_...gost2012_512")	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-1958

438

disabled_auth_mask |= SSL_aGOST12;

executed 1958 times by 2 tests: disabled_auth_mask |= 0x00000080U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

439 /* -

440 * Disable GOST key exchange if no GOST signature algs are available * -

441 */ -

442

if ((disabled_auth_mask & (SSL_aGOST01 | SSL_aGOST12)) ==

(disabled_auth...\| 0x00000080U)	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-1958

443

(SSL_aGOST01 | SSL_aGOST12))

(disabled_auth...\| 0x00000080U)	Description
TRUE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-1958

444

disabled_mkey_mask |= SSL_kGOST;

executed 1958 times by 2 tests: disabled_mkey_mask |= 0x00000010U;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

445 -

446

return 1;

executed 1958 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

447 } -

448 -

449 #ifndef OPENSSL_NO_COMP -

450 -

451 static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b) -

452 { -

453

return ((*a)->id - (*b)->id);

never executed: return ((*a)->id - (*b)->id);

454 } -

455 -

456

DEFINE_RUN_ONCE_STATIC(do_load_builtin_compressions)

executed 1958 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

457 { -

458 SSL_COMP *comp = NULL; -

459 COMP_METHOD *method = COMP_zlib(); -

460 -

461 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); -

462 ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); -

463 -

464

if (COMP_get_type(method) != NID_undef && ssl_comp_methods != NULL) {

COMP_get_type(method) != 0	Description
TRUE	never evaluated
FALSE	evaluated 1958 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

ssl_comp_metho...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0-1958

465 comp = OPENSSL_malloc(sizeof(*comp)); -

466

if (comp != NULL) {

comp != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

467 comp->method = method; -

468 comp->id = SSL_COMP_ZLIB_IDX; -

469 comp->name = COMP_get_name(method); -

470 sk_SSL_COMP_push(ssl_comp_methods, comp); -

471 sk_SSL_COMP_sort(ssl_comp_methods); -

472

}

never executed: end of block

473

}

never executed: end of block

474 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); -

475

return 1;

executed 1958 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

476 } -

477 -

478 static int load_builtin_compressions(void) -

479 { -

480

return RUN_ONCE(&ssl_load_builtin_comp_once, do_load_builtin_compressions);

executed 12476 times by 2 tests:

return (CRYPTO_THREAD_run_once(&ssl_load_builtin_comp_once, do_load_builtin_compressions_ossl_) ? do_load_builtin_compressions_ossl_ret_ : 0);

Executed by:

libssl.so.1.1
tls13encryptiontest

CRYPTO_THREAD_...essions_ossl_)	Description
TRUE	evaluated 12476 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-12476

481 } -

482 #endif -

483 -

484 int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc, -

485 const EVP_MD **md, int *mac_pkey_type, -

486 size_t *mac_secret_size, SSL_COMP **comp, int use_etm) -

487 { -

488 int i; -

489 const SSL_CIPHER *c; -

490 -

491 c = s->cipher; -

492

if (c == NULL)

c == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 4156 times by 1 test Evaluated by: libssl.so.1.1

0-4156

493

return 0;

never executed: return 0;

494

if (comp != NULL) {

comp != ((void *)0)	Description
TRUE	evaluated 2685 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1471 times by 1 test Evaluated by: libssl.so.1.1

1471-2685

495 SSL_COMP ctmp; -

496 #ifndef OPENSSL_NO_COMP -

497

if (!load_builtin_compressions()) {

!load_builtin_compressions()	Description
TRUE	never evaluated
FALSE	evaluated 2685 times by 1 test Evaluated by: libssl.so.1.1

0-2685

498 /* -

499 * Currently don't care, since a failure only means that -

500 * ssl_comp_methods is NULL, which is perfectly OK -

501 */ -

502

}

never executed: end of block

503 #endif -

504 *comp = NULL; -

505 ctmp.id = s->compress_meth; -

506

if (ssl_comp_methods != NULL) {

ssl_comp_metho...!= ((void *)0)	Description
TRUE	evaluated 2685 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2685

507 i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp); -

508 *comp = sk_SSL_COMP_value(ssl_comp_methods, i); -

509

}

executed 2685 times by 1 test: end of block

Executed by:

libssl.so.1.1

2685

510 /* If were only interested in comp then return success */ -

511

if ((enc == NULL) && (md == NULL))

(enc == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 2685 times by 1 test Evaluated by: libssl.so.1.1

(md == ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

0-2685

512

return 1;

never executed: return 1;

513

}

executed 2685 times by 1 test: end of block

Executed by:

libssl.so.1.1

2685

514 -

515

if ((enc == NULL) || (md == NULL))

(enc == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4156 times by 1 test Evaluated by: libssl.so.1.1

(md == ((void *)0) )	Description
TRUE	never evaluated
FALSE	evaluated 4156 times by 1 test Evaluated by: libssl.so.1.1

0-4156

516

return 0;

never executed: return 0;

517 -

518 i = ssl_cipher_info_lookup(ssl_cipher_table_cipher, c->algorithm_enc); -

519 -

520

if (i == -1) {

i == -1	Description
TRUE	never evaluated
FALSE	evaluated 4156 times by 1 test Evaluated by: libssl.so.1.1

0-4156

521 *enc = NULL; -

522

} else {

never executed: end of block

523

if (i == SSL_ENC_NULL_IDX)

i == 5	Description
TRUE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4105 times by 1 test Evaluated by: libssl.so.1.1

51-4105

524

*enc = EVP_enc_null();

executed 51 times by 1 test: *enc = EVP_enc_null();

Executed by:

libssl.so.1.1

525 else -

526

*enc = ssl_cipher_methods[i];

executed 4105 times by 1 test: *enc = ssl_cipher_methods[i];

Executed by:

libssl.so.1.1

4105

527 } -

528 -

529 i = ssl_cipher_info_lookup(ssl_cipher_table_mac, c->algorithm_mac); -

530

if (i == -1) {

i == -1	Description
TRUE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

1510-2646

531 *md = NULL; -

532

if (mac_pkey_type != NULL)

mac_pkey_type != ((void *)0)	Description
TRUE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2646

533

*mac_pkey_type = NID_undef;

executed 2646 times by 1 test: *mac_pkey_type = 0;

Executed by:

libssl.so.1.1

2646

534

if (mac_secret_size != NULL)

mac_secret_size != ((void *)0)	Description
TRUE	evaluated 1175 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1471 times by 1 test Evaluated by: libssl.so.1.1

1175-1471

535

*mac_secret_size = 0;

executed 1175 times by 1 test: *mac_secret_size = 0;

Executed by:

libssl.so.1.1

1175

536

if (c->algorithm_mac == SSL_AEAD)

c->algorithm_m...== 0x00000040U	Description
TRUE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2646

537

mac_pkey_type = NULL;

executed 2646 times by 1 test: mac_pkey_type = ((void *)0) ;

Executed by:

libssl.so.1.1

2646

538

} else {

executed 2646 times by 1 test: end of block

Executed by:

libssl.so.1.1

2646

539 *md = ssl_digest_methods[i]; -

540

if (mac_pkey_type != NULL)

mac_pkey_type != ((void *)0)	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1510

541

*mac_pkey_type = ssl_mac_pkey_id[i];

executed 1510 times by 1 test: *mac_pkey_type = ssl_mac_pkey_id[i];

Executed by:

libssl.so.1.1

1510

542

if (mac_secret_size != NULL)

mac_secret_size != ((void *)0)	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1510

543

*mac_secret_size = ssl_mac_secret_size[i];

executed 1510 times by 1 test: *mac_secret_size = ssl_mac_secret_size[i];

Executed by:

libssl.so.1.1

1510

544

}

executed 1510 times by 1 test: end of block

Executed by:

libssl.so.1.1

1510

545 -

546

if ((*enc != NULL) &&

(enc != ((void )0) )	Description
TRUE	evaluated 4156 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-4156

547

(*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))

md != ((void )0)	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1

(EVP_CIPHER_fl...c) & 0x200000)	Description
TRUE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2646

548

&& (!mac_pkey_type || *mac_pkey_type != NID_undef)) {

!mac_pkey_type	Description
TRUE	evaluated 2646 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

*mac_pkey_type != 0	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2646

549 const EVP_CIPHER *evp; -

550 -

551

if (use_etm)

use_etm	Description
TRUE	evaluated 1161 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2995 times by 1 test Evaluated by: libssl.so.1.1

1161-2995

552

return 1;

executed 1161 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1161

553 -

554

if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||

s->ssl_version >> 8 != 0x03	Description
TRUE	evaluated 247 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2748 times by 1 test Evaluated by: libssl.so.1.1

247-2748

555

s->ssl_version < TLS1_VERSION)

s->ssl_version < 0x0301	Description
TRUE	never evaluated
FALSE	evaluated 2748 times by 1 test Evaluated by: libssl.so.1.1

0-2748

556

return 1;

executed 247 times by 1 test: return 1;

Executed by:

libssl.so.1.1

247

557 -

558

if (c->algorithm_enc == SSL_RC4 &&

c->algorithm_e...== 0x00000004U	Description
TRUE	never evaluated
FALSE	evaluated 2748 times by 1 test Evaluated by: libssl.so.1.1

0-2748

559

c->algorithm_mac == SSL_MD5 &&

c->algorithm_m...== 0x00000001U	Description
TRUE	never evaluated
FALSE	never evaluated

560

(evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))

(evp = EVP_get...C4-HMAC-MD5"))	Description
TRUE	never evaluated
FALSE	never evaluated

561

*enc = evp, *md = NULL;

never executed: *enc = evp, *md = ((void *)0) ;

562

else if (c->algorithm_enc == SSL_AES128 &&

c->algorithm_e...== 0x00000040U	Description
TRUE	evaluated 70 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2678 times by 1 test Evaluated by: libssl.so.1.1

70-2678

563

c->algorithm_mac == SSL_SHA1 &&

c->algorithm_m...== 0x00000002U	Description
TRUE	evaluated 49 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

21-49

564

(evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))

(evp = EVP_get...C-HMAC-SHA1"))	Description
TRUE	never evaluated
FALSE	evaluated 49 times by 1 test Evaluated by: libssl.so.1.1

0-49

565

*enc = evp, *md = NULL;

never executed: *enc = evp, *md = ((void *)0) ;

566

else if (c->algorithm_enc == SSL_AES256 &&

c->algorithm_e...== 0x00000080U	Description
TRUE	evaluated 41 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2707 times by 1 test Evaluated by: libssl.so.1.1

41-2707

567

c->algorithm_mac == SSL_SHA1 &&

c->algorithm_m...== 0x00000002U	Description
TRUE	evaluated 19 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

19-22

568

(evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))

(evp = EVP_get...C-HMAC-SHA1"))	Description
TRUE	never evaluated
FALSE	evaluated 19 times by 1 test Evaluated by: libssl.so.1.1

0-19

569

*enc = evp, *md = NULL;

never executed: *enc = evp, *md = ((void *)0) ;

570

else if (c->algorithm_enc == SSL_AES128 &&

c->algorithm_e...== 0x00000040U	Description
TRUE	evaluated 70 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2678 times by 1 test Evaluated by: libssl.so.1.1

70-2678

571

c->algorithm_mac == SSL_SHA256 &&

c->algorithm_m...== 0x00000010U	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 49 times by 1 test Evaluated by: libssl.so.1.1

21-49

572

(evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))

(evp = EVP_get...HMAC-SHA256"))	Description
TRUE	never evaluated
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

0-21

573

*enc = evp, *md = NULL;

never executed: *enc = evp, *md = ((void *)0) ;

574

else if (c->algorithm_enc == SSL_AES256 &&

c->algorithm_e...== 0x00000080U	Description
TRUE	evaluated 41 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2707 times by 1 test Evaluated by: libssl.so.1.1

41-2707

575

c->algorithm_mac == SSL_SHA256 &&

c->algorithm_m...== 0x00000010U	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

14-27

576

(evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))

(evp = EVP_get...HMAC-SHA256"))	Description
TRUE	never evaluated
FALSE	evaluated 14 times by 1 test Evaluated by: libssl.so.1.1

0-14

577

*enc = evp, *md = NULL;

never executed: *enc = evp, *md = ((void *)0) ;

578

return 1;

executed 2748 times by 1 test: return 1;

Executed by:

libssl.so.1.1

2748

579 } else { -

580

return 0;

never executed: return 0;

581 } -

582 } -

583 -

584 const EVP_MD *ssl_md(int idx) -

585 { -

586 idx &= SSL_HANDSHAKE_MAC_MASK; -

587

if (idx < 0 || idx >= SSL_MD_NUM_IDX)

idx < 0	Description
TRUE	never evaluated
FALSE	evaluated 412103 times by 1 test Evaluated by: libssl.so.1.1

idx >= 12	Description
TRUE	never evaluated
FALSE	evaluated 412103 times by 1 test Evaluated by: libssl.so.1.1

0-412103

588

return NULL;

never executed: return ((void *)0) ;

589

return ssl_digest_methods[idx];

executed 412103 times by 1 test: return ssl_digest_methods[idx];

Executed by:

libssl.so.1.1

412103

590 } -

591 -

592 const EVP_MD *ssl_handshake_md(SSL *s) -

593 { -

594

return ssl_md(ssl_get_algorithm2(s));

executed 28559 times by 1 test: return ssl_md(ssl_get_algorithm2(s));

Executed by:

libssl.so.1.1

28559

595 } -

596 -

597 const EVP_MD *ssl_prf_md(SSL *s) -

598 { -

599

return ssl_md(ssl_get_algorithm2(s) >> TLS1_PRF_DGST_SHIFT);

executed 9903 times by 1 test: return ssl_md(ssl_get_algorithm2(s) >> 8);

Executed by:

libssl.so.1.1

9903

600 } -

601 -

602 #define ITEM_SEP(a) \ -

603 (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) -

604 -

605 static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, -

606 CIPHER_ORDER **tail) -

607 { -

608

if (curr == *tail)

curr == *tail	Description
TRUE	evaluated 15200 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 8274348 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15200-8274348

609

return;

executed 15200 times by 2 tests: return;

Executed by:

libssl.so.1.1
tls13encryptiontest

15200

610

if (curr == *head)

curr == *head	Description
TRUE	evaluated 2942865 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 5331483 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2942865-5331483

611

*head = curr->next;

executed 2942865 times by 2 tests: *head = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

2942865

612

if (curr->prev != NULL)

curr->prev != ((void *)0)	Description
TRUE	evaluated 5331483 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2942865 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2942865-5331483

613

curr->prev->next = curr->next;

executed 5331483 times by 2 tests: curr->prev->next = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

5331483

614

if (curr->next != NULL)

curr->next != ((void *)0)	Description
TRUE	evaluated 8274348 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-8274348

615

curr->next->prev = curr->prev;

executed 8274348 times by 2 tests: curr->next->prev = curr->prev;

Executed by:

libssl.so.1.1
tls13encryptiontest

8274348

616 (*tail)->next = curr; -

617 curr->prev = *tail; -

618 curr->next = NULL; -

619 *tail = curr; -

620

}

executed 8274348 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

8274348

621 -

622 static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr, -

623 CIPHER_ORDER **tail) -

624 { -

625

if (curr == *head)

curr == *head	Description
TRUE	never evaluated
FALSE	evaluated 6686402 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-6686402

626

return;

never executed: return;

627

if (curr == *tail)

curr == *tail	Description
TRUE	evaluated 2902445 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 3783957 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2902445-3783957

628

*tail = curr->prev;

executed 2902445 times by 2 tests: *tail = curr->prev;

Executed by:

libssl.so.1.1
tls13encryptiontest

2902445

629

if (curr->next != NULL)

curr->next != ((void *)0)	Description
TRUE	evaluated 3783957 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2902445 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2902445-3783957

630

curr->next->prev = curr->prev;

executed 3783957 times by 2 tests: curr->next->prev = curr->prev;

Executed by:

libssl.so.1.1
tls13encryptiontest

3783957

631

if (curr->prev != NULL)

curr->prev != ((void *)0)	Description
TRUE	evaluated 6686402 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-6686402

632

curr->prev->next = curr->next;

executed 6686402 times by 2 tests: curr->prev->next = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

6686402

633 (*head)->prev = curr; -

634 curr->next = *head; -

635 curr->prev = NULL; -

636 *head = curr; -

637

}

executed 6686402 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

6686402

638 -

639 static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, -

640 int num_of_ciphers, -

641 uint32_t disabled_mkey, -

642 uint32_t disabled_auth, -

643 uint32_t disabled_enc, -

644 uint32_t disabled_mac, -

645 CIPHER_ORDER *co_list, -

646 CIPHER_ORDER **head_p, -

647 CIPHER_ORDER **tail_p) -

648 { -

649 int i, co_list_num; -

650 const SSL_CIPHER *c; -

651 -

652 /* -

653 * We have num_of_ciphers descriptions compiled in, depending on the -

654 * method selected (SSLv3, TLSv1 etc). -

655 * These will later be sorted in a linked list with at most num -

656 * entries. -

657 */ -

658 -

659 /* Get the initial list of ciphers */ -

660 co_list_num = 0; /* actual count of ciphers */ -

661

for (i = 0; i < num_of_ciphers; i++) {

i < num_of_ciphers	Description
TRUE	evaluated 2492144 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-2492144

662 c = ssl_method->get_cipher(i); -

663 /* drop those that use any of that is not available */ -

664

if (c == NULL || !c->valid)

c == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2492144 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

!c->valid	Description
TRUE	never evaluated
FALSE	evaluated 2492144 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2492144

665

continue;

never executed: continue;

666

if ((c->algorithm_mkey & disabled_mkey) ||

(c->algorithm_...disabled_mkey)	Description
TRUE	evaluated 60784 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

60784-2431360

667

(c->algorithm_auth & disabled_auth) ||

(c->algorithm_...disabled_auth)	Description
TRUE	never evaluated
FALSE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2431360

668

(c->algorithm_enc & disabled_enc) ||

(c->algorithm_... disabled_enc)	Description
TRUE	never evaluated
FALSE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2431360

669

(c->algorithm_mac & disabled_mac))

(c->algorithm_... disabled_mac)	Description
TRUE	never evaluated
FALSE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2431360

670

continue;

executed 60784 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

60784

671

if (((ssl_method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) == 0) &&

((ssl_method->...s & 0x8) == 0)	Description
TRUE	evaluated 2334560 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 96800 times by 1 test Evaluated by: libssl.so.1.1

96800-2334560

672

c->min_tls == 0)

c->min_tls == 0	Description
TRUE	never evaluated
FALSE	evaluated 2334560 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2334560

673

continue;

never executed: continue;

674

if (((ssl_method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS) != 0) &&

((ssl_method->...s & 0x8) != 0)	Description
TRUE	evaluated 96800 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2334560 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

96800-2334560

675

c->min_dtls == 0)

c->min_dtls == 0	Description
TRUE	never evaluated
FALSE	evaluated 96800 times by 1 test Evaluated by: libssl.so.1.1

0-96800

676

continue;

never executed: continue;

677 -

678 co_list[co_list_num].cipher = c; -

679 co_list[co_list_num].next = NULL; -

680 co_list[co_list_num].prev = NULL; -

681 co_list[co_list_num].active = 0; -

682 co_list_num++; -

683

}

executed 2431360 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

684 -

685 /* -

686 * Prepare linked list from list entries -

687 */ -

688

if (co_list_num > 0) {

co_list_num > 0	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-15196

689 co_list[0].prev = NULL; -

690 -

691

if (co_list_num > 1) {

co_list_num > 1	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-15196

692 co_list[0].next = &co_list[1]; -

693 -

694

for (i = 1; i < co_list_num - 1; i++) {

i < co_list_num - 1	Description
TRUE	evaluated 2400968 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-2400968

695 co_list[i].prev = &co_list[i - 1]; -

696 co_list[i].next = &co_list[i + 1]; -

697

}

executed 2400968 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2400968

698 -

699 co_list[co_list_num - 1].prev = &co_list[co_list_num - 2]; -

700

}

executed 15196 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

701 -

702 co_list[co_list_num - 1].next = NULL; -

703 -

704 *head_p = &co_list[0]; -

705 *tail_p = &co_list[co_list_num - 1]; -

706

}

executed 15196 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

707

}

executed 15196 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

708 -

709 static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, -

710 int num_of_group_aliases, -

711 uint32_t disabled_mkey, -

712 uint32_t disabled_auth, -

713 uint32_t disabled_enc, -

714 uint32_t disabled_mac, -

715 CIPHER_ORDER *head) -

716 { -

717 CIPHER_ORDER *ciph_curr; -

718 const SSL_CIPHER **ca_curr; -

719 int i; -

720 uint32_t mask_mkey = ~disabled_mkey; -

721 uint32_t mask_auth = ~disabled_auth; -

722 uint32_t mask_enc = ~disabled_enc; -

723 uint32_t mask_mac = ~disabled_mac; -

724 -

725 /* -

726 * First, add the real ciphers as already collected -

727 */ -

728 ciph_curr = head; -

729 ca_curr = ca_list; -

730

while (ciph_curr != NULL) {

ciph_curr != ((void *)0)	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-2431360

731 *ca_curr = ciph_curr->cipher; -

732 ca_curr++; -

733 ciph_curr = ciph_curr->next; -

734

}

executed 2431360 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

735 -

736 /* -

737 * Now we add the available ones from the cipher_aliases[] table. -

738 * They represent either one or more algorithms, some of which -

739 * in any affected category must be supported (set in enabled_mask), -

740 * or represent a cipher strength value (will be added in any case because algorithms=0). -

741 */ -

742

for (i = 0; i < num_of_group_aliases; i++) {

i < num_of_group_aliases	Description
TRUE	evaluated 1154896 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-1154896

743 uint32_t algorithm_mkey = cipher_aliases[i].algorithm_mkey; -

744 uint32_t algorithm_auth = cipher_aliases[i].algorithm_auth; -

745 uint32_t algorithm_enc = cipher_aliases[i].algorithm_enc; -

746 uint32_t algorithm_mac = cipher_aliases[i].algorithm_mac; -

747 -

748

if (algorithm_mkey)

algorithm_mkey	Description
TRUE	evaluated 364704 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 790192 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

364704-790192

749

if ((algorithm_mkey & mask_mkey) == 0)

(algorithm_mke...ask_mkey) == 0	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 349508 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-349508

750

continue;

executed 15196 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

751 -

752

if (algorithm_auth)

algorithm_auth	Description
TRUE	evaluated 303920 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 835780 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

303920-835780

753

if ((algorithm_auth & mask_auth) == 0)

(algorithm_aut...ask_auth) == 0	Description
TRUE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 258332 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

45588-258332

754

continue;

executed 45588 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

45588

755 -

756

if (algorithm_enc)

algorithm_enc	Description
TRUE	evaluated 410292 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 683820 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

410292-683820

757

if ((algorithm_enc & mask_enc) == 0)

(algorithm_enc...mask_enc) == 0	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 395096 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-395096

758

continue;

executed 15196 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

759 -

760

if (algorithm_mac)

algorithm_mac	Description
TRUE	evaluated 151960 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 926956 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

151960-926956

761

if ((algorithm_mac & mask_mac) == 0)

(algorithm_mac...mask_mac) == 0	Description
TRUE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 106372 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

45588-106372

762

continue;

executed 45588 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

45588

763 -

764 *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); -

765 ca_curr++; -

766

}

executed 1033328 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1033328

767 -

768 *ca_curr = NULL; /* end of list */ -

769

}

executed 15196 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

770 -

771 static void ssl_cipher_apply_rule(uint32_t cipher_id, uint32_t alg_mkey, -

772 uint32_t alg_auth, uint32_t alg_enc, -

773 uint32_t alg_mac, int min_tls, -

774 uint32_t algo_strength, int rule, -

775 int32_t strength_bits, CIPHER_ORDER **head_p, -

776 CIPHER_ORDER **tail_p) -

777 { -

778 CIPHER_ORDER *head, *tail, *curr, *next, *last; -

779 const SSL_CIPHER *cp; -

780 int reverse = 0; -

781 -

782 #ifdef CIPHER_DEBUG -

783 fprintf(stderr, -

784 "Applying rule %d with %08x/%08x/%08x/%08x/%08x %08x (%d)\n", -

785 rule, alg_mkey, alg_auth, alg_enc, alg_mac, min_tls, -

786 algo_strength, strength_bits); -

787 #endif -

788 -

789

if (rule == CIPHER_DEL || rule == CIPHER_BUMP)

rule == 3	Description
TRUE	evaluated 30398 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 313611 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

rule == 6	Description
TRUE	evaluated 60784 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 252827 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

30398-313611

790

reverse = 1; /* needed to maintain sorting between currently

executed 91182 times by 2 tests: reverse = 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

91182

791 * deleted ciphers */ -

792 -

793 head = *head_p; -

794 tail = *tail_p; -

795 -

796

if (reverse) {

reverse	Description
TRUE	evaluated 91182 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 252827 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

91182-252827

797 next = tail; -

798 last = head; -

799

} else {

executed 91182 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

91182

800 next = head; -

801 last = tail; -

802

}

executed 252827 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

252827

803 -

804 curr = NULL; -

805 for (;;) { -

806

if (curr == last)

curr == last	Description
TRUE	evaluated 344009 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 54159650 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

344009-54159650

807

break;

executed 344009 times by 2 tests: break;

Executed by:

libssl.so.1.1
tls13encryptiontest

344009

808 -

809 curr = next; -

810 -

811

if (curr == NULL)

curr == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 54159650 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-54159650

812

break;

never executed: break;

813 -

814

next = reverse ? curr->prev : curr->next;

reverse	Description
TRUE	evaluated 14589120 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 39570530 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

14589120-39570530

815 -

816 cp = curr->cipher; -

817 -

818 /* -

819 * Selection criteria is either the value of strength_bits -

820 * or the algorithms used. -

821 */ -

822

if (strength_bits >= 0) {

strength_bits >= 0	Description
TRUE	evaluated 7294080 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 46865570 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

7294080-46865570

823

if (strength_bits != cp->strength_bits)

strength_bits ...>strength_bits	Description
TRUE	evaluated 4862720 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2431360-4862720

824

continue;

executed 4862720 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

4862720

825

} else {

executed 2431360 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

826 #ifdef CIPHER_DEBUG -

827 fprintf(stderr, -

828 "\nName: %s:\nAlgo = %08x/%08x/%08x/%08x/%08x Algo_strength = %08x\n", -

829 cp->name, cp->algorithm_mkey, cp->algorithm_auth, -

830 cp->algorithm_enc, cp->algorithm_mac, cp->min_tls, -

831 cp->algo_strength); -

832 #endif -

833

if (cipher_id != 0 && (cipher_id != cp->id))

cipher_id != 0	Description
TRUE	evaluated 104640 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 46760930 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(cipher_id != cp->id)	Description
TRUE	evaluated 103986 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1

654-46760930

834

continue;

executed 103986 times by 1 test: continue;

Executed by:

libssl.so.1.1

103986

835

if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))

alg_mkey	Description
TRUE	evaluated 17029614 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 29731970 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

!(alg_mkey & c...lgorithm_mkey)	Description
TRUE	evaluated 12802459 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 4227155 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

4227155-29731970

836

continue;

executed 12802459 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

12802459

837

if (alg_auth && !(alg_auth & cp->algorithm_auth))

alg_auth	Description
TRUE	evaluated 2906819 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 31052306 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

!(alg_auth & c...lgorithm_auth)	Description
TRUE	evaluated 2448919 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 457900 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

457900-31052306

838

continue;

executed 2448919 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

2448919

839

if (alg_enc && !(alg_enc & cp->algorithm_enc))

alg_enc	Description
TRUE	evaluated 13482224 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 18027982 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

!(alg_enc & cp->algorithm_enc)	Description
TRUE	evaluated 9748948 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 3733276 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

3733276-18027982

840

continue;

executed 9748948 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

9748948

841

if (alg_mac && !(alg_mac & cp->algorithm_mac))

alg_mac	Description
TRUE	evaluated 5972682 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15788576 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

!(alg_mac & cp->algorithm_mac)	Description
TRUE	evaluated 4589192 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1383490 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1383490-15788576

842

continue;

executed 4589192 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

4589192

843

if (min_tls && (min_tls != cp->min_tls))

min_tls	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 14740706 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(min_tls != cp->min_tls)	Description
TRUE	evaluated 1124504 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1306856 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1124504-14740706

844

continue;

executed 1124504 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

1124504

845

if ((algo_strength & SSL_STRONG_MASK)

(algo_strength & 0x0000001FU)	Description
TRUE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16046908 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

654-16046908

846

&& !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))

!(algo_strengt...algo_strength)	Description
TRUE	never evaluated
FALSE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1

0-654

847

continue;

never executed: continue;

848

if ((algo_strength & SSL_DEFAULT_MASK)

(algo_strength & 0X00000020U)	Description
TRUE	evaluated 1660039 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 14387523 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1660039-14387523

849

&& !(algo_strength & SSL_DEFAULT_MASK & cp->algo_strength))

!(algo_strengt...algo_strength)	Description
TRUE	evaluated 778050 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 881989 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

778050-881989

850

continue;

executed 778050 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

778050

851

}

executed 15269512 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15269512

852 -

853 #ifdef CIPHER_DEBUG -

854 fprintf(stderr, "Action = %d\n", rule); -

855 #endif -

856 -

857 /* add the cipher if it has not been added yet. */ -

858

if (rule == CIPHER_ADD) {

rule == 1	Description
TRUE	evaluated 6693968 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 11006904 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

6693968-11006904

859 /* reverse == 0 */ -

860

if (!curr->active) {

!curr->active	Description
TRUE	evaluated 5037604 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1656364 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1656364-5037604

861 ll_append_tail(&head, curr, &tail); -

862 curr->active = 1; -

863

}

executed 5037604 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

5037604

864

}

executed 6693968 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

6693968

865 /* Move the added cipher to this location */ -

866

else if (rule == CIPHER_ORD) {

rule == 4	Description
TRUE	evaluated 3251944 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 7754960 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

3251944-7754960

867 /* reverse == 0 */ -

868

if (curr->active) {

curr->active	Description
TRUE	evaluated 3251944 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-3251944

869 ll_append_tail(&head, curr, &tail); -

870

}

executed 3251944 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

3251944

871

} else if (rule == CIPHER_DEL) {

executed 3251944 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

rule == 3	Description
TRUE	evaluated 2902634 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 4852326 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2902634-4852326

872 /* reverse == 1 */ -

873

if (curr->active) {

curr->active	Description
TRUE	evaluated 2902598 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 36 times by 1 test Evaluated by: libssl.so.1.1

36-2902598

874 /* -

875 * most recently deleted ciphersuites get best positions for -

876 * any future CIPHER_ADD (note that the CIPHER_DEL loop works -

877 * in reverse to maintain the order) -

878 */ -

879 ll_append_head(&head, curr, &tail); -

880 curr->active = 0; -

881

}

executed 2902598 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2902598

882

} else if (rule == CIPHER_BUMP) {

executed 2902634 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

rule == 6	Description
TRUE	evaluated 3783804 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1068522 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

1068522-3783804

883

if (curr->active)

curr->active	Description
TRUE	evaluated 3783804 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-3783804

884

ll_append_head(&head, curr, &tail);

executed 3783804 times by 2 tests: ll_append_head(&head, curr, &tail);

Executed by:

libssl.so.1.1
tls13encryptiontest

3783804

885

} else if (rule == CIPHER_KILL) {

executed 3783804 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

rule == 2	Description
TRUE	evaluated 1068522 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-3783804

886 /* reverse == 0 */ -

887

if (head == curr)

head == curr	Description
TRUE	evaluated 186732 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 881790 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

186732-881790

888

head = curr->next;

executed 186732 times by 2 tests: head = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

186732

889 else -

890

curr->prev->next = curr->next;

executed 881790 times by 2 tests: curr->prev->next = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

881790

891

if (tail == curr)

tail == curr	Description
TRUE	evaluated 10374 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1058148 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

10374-1058148

892

tail = curr->prev;

executed 10374 times by 2 tests: tail = curr->prev;

Executed by:

libssl.so.1.1
tls13encryptiontest

10374

893 curr->active = 0; -

894

if (curr->next != NULL)

curr->next != ((void *)0)	Description
TRUE	evaluated 1058148 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 10374 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

10374-1058148

895

curr->next->prev = curr->prev;

executed 1058148 times by 2 tests: curr->next->prev = curr->prev;

Executed by:

libssl.so.1.1
tls13encryptiontest

1058148

896

if (curr->prev != NULL)

curr->prev != ((void *)0)	Description
TRUE	evaluated 881790 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 186732 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

186732-881790

897

curr->prev->next = curr->next;

executed 881790 times by 2 tests: curr->prev->next = curr->next;

Executed by:

libssl.so.1.1
tls13encryptiontest

881790

898 curr->next = NULL; -

899 curr->prev = NULL; -

900

}

executed 1068522 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1068522

901

}

executed 17700872 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

17700872

902 -

903 *head_p = head; -

904 *tail_p = tail; -

905

}

executed 344009 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

344009

906 -

907 static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p, -

908 CIPHER_ORDER **tail_p) -

909 { -

910 int32_t max_strength_bits; -

911 int i, *number_uses; -

912 CIPHER_ORDER *curr; -

913 -

914 /* -

915 * This routine sorts the ciphers with descending strength. The sorting -

916 * must keep the pre-sorted sequence, so we apply the normal sorting -

917 * routine as '+' movement to the end of the list. -

918 */ -

919 max_strength_bits = 0; -

920 curr = *head_p; -

921

while (curr != NULL) {

curr != ((void *)0)	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-2431360

922

if (curr->active && (curr->cipher->strength_bits > max_strength_bits))

curr->active	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

(curr->cipher-...strength_bits)	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2416164 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-2431360

923

max_strength_bits = curr->cipher->strength_bits;

executed 15196 times by 2 tests: max_strength_bits = curr->cipher->strength_bits;

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

924 curr = curr->next; -

925

}

executed 2431360 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

926 -

927 number_uses = OPENSSL_zalloc(sizeof(int) * (max_strength_bits + 1)); -

928

if (number_uses == NULL) {

number_uses == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

929 SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); -

930

return 0;

never executed: return 0;

931 } -

932 -

933 /* -

934 * Now find the strength_bits values actually used -

935 */ -

936 curr = *head_p; -

937

while (curr != NULL) {

curr != ((void *)0)	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-2431360

938

if (curr->active)

curr->active	Description
TRUE	evaluated 2431360 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-2431360

939

number_uses[curr->cipher->strength_bits]++;

executed 2431360 times by 2 tests: number_uses[curr->cipher->strength_bits]++;

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

940 curr = curr->next; -

941

}

executed 2431360 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

2431360

942 /* -

943 * Go through the list of used strength_bits values in descending -

944 * order. -

945 */ -

946

for (i = max_strength_bits; i >= 0; i--)

i >= 0	Description
TRUE	evaluated 3905372 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-3905372

947

if (number_uses[i] > 0)

number_uses[i] > 0	Description
TRUE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 3859784 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

45588-3859784

948

ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,

executed 45588 times by 2 tests: ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, 4, i, head_p, tail_p);

Executed by:

libssl.so.1.1
tls13encryptiontest

45588

949

tail_p);

executed 45588 times by 2 tests: ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, 4, i, head_p, tail_p);

Executed by:

libssl.so.1.1
tls13encryptiontest

45588

950 -

951 OPENSSL_free(number_uses); -

952

return 1;

executed 15196 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

953 } -

954 -

955 static int ssl_cipher_process_rulestr(const char *rule_str, -

956 CIPHER_ORDER **head_p, -

957 CIPHER_ORDER **tail_p, -

958 const SSL_CIPHER **ca_list, CERT *c) -

959 { -

960 uint32_t alg_mkey, alg_auth, alg_enc, alg_mac, algo_strength; -

961 int min_tls; -

962 const char *l, *buf; -

963 int j, multi, found, rule, retval, ok, buflen; -

964 uint32_t cipher_id = 0; -

965 char ch; -

966 -

967 retval = 1; -

968 l = rule_str; -

969 for ( ; ; ) { -

970 ch = *l; -

971 -

972

if (ch == '\0')

ch == '\0'	Description
TRUE	never evaluated
FALSE	evaluated 73230 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-73230

973

break; /* done */

never executed: break;

974

if (ch == '-') {

ch == '-'	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 73224 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

6-73224

975 rule = CIPHER_DEL; -

976 l++; -

977

} else if (ch == '+') {

executed 6 times by 1 test: end of block

Executed by:

libssl.so.1.1

ch == '+'	Description
TRUE	never evaluated
FALSE	evaluated 73224 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-73224

978 rule = CIPHER_ORD; -

979 l++; -

980

} else if (ch == '!') {

never executed: end of block

ch == '!'	Description
TRUE	evaluated 20748 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 52476 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-52476

981 rule = CIPHER_KILL; -

982 l++; -

983

} else if (ch == '@') {

executed 20748 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

ch == '@'	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 48357 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

4119-48357

984 rule = CIPHER_SPECIAL; -

985 l++; -

986

} else {

executed 4119 times by 1 test: end of block

Executed by:

libssl.so.1.1

4119

987 rule = CIPHER_ADD; -

988

}

executed 48357 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

48357

989 -

990

if (ITEM_SEP(ch)) {

((ch) == ':')	Description
TRUE	evaluated 29022 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

((ch) == ' ')	Description
TRUE	never evaluated
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

((ch) == ';')	Description
TRUE	never evaluated
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

((ch) == ',')	Description
TRUE	never evaluated
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-44208

991 l++; -

992

continue;

executed 29022 times by 2 tests: continue;

Executed by:

libssl.so.1.1
tls13encryptiontest

29022

993 } -

994 -

995 alg_mkey = 0; -

996 alg_auth = 0; -

997 alg_enc = 0; -

998 alg_mac = 0; -

999 min_tls = 0; -

1000 algo_strength = 0; -

1001 -

1002 for (;;) { -

1003 ch = *l; -

1004 buf = l; -

1005 buflen = 0; -

1006 #ifndef CHARSET_EBCDIC -

1007

while (((ch >= 'A') && (ch <= 'Z')) ||

(ch >= 'A')	Description
TRUE	evaluated 353408 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 56464 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(ch <= 'Z')	Description
TRUE	evaluated 338901 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 14507 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

14507-353408

1008

((ch >= '0') && (ch <= '9')) ||

(ch >= '0')	Description
TRUE	evaluated 54378 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 16593 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(ch <= '9')	Description
TRUE	evaluated 6730 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 47648 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

6730-54378

1009

((ch >= 'a') && (ch <= 'z')) ||

(ch >= 'a')	Description
TRUE	evaluated 14507 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 49734 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(ch <= 'z')	Description
TRUE	evaluated 14507 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-49734

1010

(ch == '-') || (ch == '.') || (ch == '='))

(ch == '-')	Description
TRUE	evaluated 1407 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 48327 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(ch == '.')	Description
TRUE	never evaluated
FALSE	evaluated 48327 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

(ch == '=')	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-48327

1011 #else -

1012 while (isalnum((unsigned char)ch) || (ch == '-') || (ch == '.') -

1013 || (ch == '=')) -

1014 #endif -

1015 { -

1016 ch = *(++l); -

1017 buflen++; -

1018

}

executed 365664 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

365664

1019 -

1020

if (buflen == 0) {

buflen == 0	Description
TRUE	never evaluated
FALSE	evaluated 44208 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-44208

1021 /* -

1022 * We hit something we cannot deal with, -

1023 * it is no command or separator nor -

1024 * alphanumeric, so we call this an error. -

1025 */ -

1026 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND); -

1027 retval = found = 0; -

1028 l++; -

1029

break;

never executed: break;

1030 } -

1031 -

1032

if (rule == CIPHER_SPECIAL) {

rule == 5	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

4119-40089

1033 found = 0; /* unused -- avoid compiler warning */ -

1034

break; /* special treatment */

executed 4119 times by 1 test: break;

Executed by:

libssl.so.1.1

4119

1035 } -

1036 -

1037 /* check for multi-part specification */ -

1038

if (ch == '+') {

ch == '+'	Description
TRUE	never evaluated
FALSE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-40089

1039 multi = 1; -

1040 l++; -

1041

} else {

never executed: end of block

1042 multi = 0; -

1043

}

executed 40089 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

40089

1044 -

1045 /* -

1046 * Now search for the cipher alias in the ca_list. Be careful -

1047 * with the strncmp, because the "buflen" limitation -

1048 * will make the rule "ADH:SOME" and the cipher -

1049 * "ADH-MY-CIPHER" look like a match for buflen=3. -

1050 * So additionally check whether the cipher name found -

1051 * has the correct length. We can save a strlen() call: -

1052 * just checking for the '\0' at the right place is -

1053 * sufficient, we have to strncmp() anyway. (We cannot -

1054 * use strcmp(), because buf is not '\0' terminated.) -

1055 */ -

1056 j = found = 0; -

1057 cipher_id = 0; -

1058

while (ca_list[j]) {

ca_list[j]	Description
TRUE	evaluated 6980356 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-6980356

1059

if (strncmp(buf, ca_list[j]->name, buflen) == 0

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( ca_list[j]->name ))[3] - __s2[3]);

never executed: end of block

(__extension__...uflen ))) == 0	Description
TRUE	evaluated 41865 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 6938491 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_cons...t_p ( buflen )	Description
TRUE	never evaluated
FALSE	evaluated 6980356 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	never evaluated

strlen ( buf )...t) ( buflen ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...ist[j]->name )	Description
TRUE	never evaluated
FALSE	never evaluated

strlen ( ca_li...t) ( buflen ))	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-6980356

1060

&& (ca_list[j]->name[buflen] == '\0')) {

(ca_list[j]->n...flen] == '\0')	Description
TRUE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 1776 times by 1 test Evaluated by: libssl.so.1.1

1776-40089

1061 found = 1; -

1062

break;

executed 40089 times by 2 tests: break;

Executed by:

libssl.so.1.1
tls13encryptiontest

40089

1063 } else -

1064

j++;

executed 6940267 times by 2 tests: j++;

Executed by:

libssl.so.1.1
tls13encryptiontest

6940267

1065 } -

1066 -

1067

if (!found)

!found	Description
TRUE	never evaluated
FALSE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-40089

1068

break; /* ignore this entry */

never executed: break;

1069 -

1070

if (ca_list[j]->algorithm_mkey) {

ca_list[j]->algorithm_mkey	Description
TRUE	evaluated 713 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39376 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

713-39376

1071

if (alg_mkey) {

alg_mkey	Description
TRUE	never evaluated
FALSE	evaluated 713 times by 1 test Evaluated by: libssl.so.1.1

0-713

1072 alg_mkey &= ca_list[j]->algorithm_mkey; -

1073

if (!alg_mkey) {

!alg_mkey	Description
TRUE	never evaluated
FALSE	never evaluated

1074 found = 0; -

1075

break;

never executed: break;

1076 } -

1077

} else {

never executed: end of block

1078 alg_mkey = ca_list[j]->algorithm_mkey; -

1079

}

executed 713 times by 1 test: end of block

Executed by:

libssl.so.1.1

713

1080 } -

1081 -

1082

if (ca_list[j]->algorithm_auth) {

ca_list[j]->algorithm_auth	Description
TRUE	evaluated 709 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39380 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

709-39380

1083

if (alg_auth) {

alg_auth	Description
TRUE	never evaluated
FALSE	evaluated 709 times by 1 test Evaluated by: libssl.so.1.1

0-709

1084 alg_auth &= ca_list[j]->algorithm_auth; -

1085

if (!alg_auth) {

!alg_auth	Description
TRUE	never evaluated
FALSE	never evaluated

1086 found = 0; -

1087

break;

never executed: break;

1088 } -

1089

} else {

never executed: end of block

1090 alg_auth = ca_list[j]->algorithm_auth; -

1091

}

executed 709 times by 1 test: end of block

Executed by:

libssl.so.1.1

709

1092 } -

1093 -

1094

if (ca_list[j]->algorithm_enc) {

ca_list[j]->algorithm_enc	Description
TRUE	evaluated 29641 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 10448 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

10448-29641

1095

if (alg_enc) {

alg_enc	Description
TRUE	never evaluated
FALSE	evaluated 29641 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-29641

1096 alg_enc &= ca_list[j]->algorithm_enc; -

1097

if (!alg_enc) {

!alg_enc	Description
TRUE	never evaluated
FALSE	never evaluated

1098 found = 0; -

1099

break;

never executed: break;

1100 } -

1101

} else {

never executed: end of block

1102 alg_enc = ca_list[j]->algorithm_enc; -

1103

}

executed 29641 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

29641

1104 } -

1105 -

1106

if (ca_list[j]->algorithm_mac) {

ca_list[j]->algorithm_mac	Description
TRUE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39435 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

654-39435

1107

if (alg_mac) {

alg_mac	Description
TRUE	never evaluated
FALSE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1

0-654

1108 alg_mac &= ca_list[j]->algorithm_mac; -

1109

if (!alg_mac) {

!alg_mac	Description
TRUE	never evaluated
FALSE	never evaluated

1110 found = 0; -

1111

break;

never executed: break;

1112 } -

1113

} else {

never executed: end of block

1114 alg_mac = ca_list[j]->algorithm_mac; -

1115

}

executed 654 times by 1 test: end of block

Executed by:

libssl.so.1.1

654

1116 } -

1117 -

1118

if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {

ca_list[j]->al... & 0x0000001FU	Description
TRUE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39435 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

654-39435

1119

if (algo_strength & SSL_STRONG_MASK) {

algo_strength & 0x0000001FU	Description
TRUE	never evaluated
FALSE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1

0-654

1120 algo_strength &= -

1121 (ca_list[j]->algo_strength & SSL_STRONG_MASK) | -

1122 ~SSL_STRONG_MASK; -

1123

if (!(algo_strength & SSL_STRONG_MASK)) {

!(algo_strength & 0x0000001FU)	Description
TRUE	never evaluated
FALSE	never evaluated

1124 found = 0; -

1125

break;

never executed: break;

1126 } -

1127

} else {

never executed: end of block

1128 algo_strength = ca_list[j]->algo_strength & SSL_STRONG_MASK; -

1129

}

executed 654 times by 1 test: end of block

Executed by:

libssl.so.1.1

654

1130 } -

1131 -

1132

if (ca_list[j]->algo_strength & SSL_DEFAULT_MASK) {

ca_list[j]->al... & 0X00000020U	Description
TRUE	evaluated 10573 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 29516 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

10573-29516

1133

if (algo_strength & SSL_DEFAULT_MASK) {

algo_strength & 0X00000020U	Description
TRUE	never evaluated
FALSE	evaluated 10573 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-10573

1134 algo_strength &= -

1135 (ca_list[j]->algo_strength & SSL_DEFAULT_MASK) | -

1136 ~SSL_DEFAULT_MASK; -

1137

if (!(algo_strength & SSL_DEFAULT_MASK)) {

!(algo_strength & 0X00000020U)	Description
TRUE	never evaluated
FALSE	never evaluated

1138 found = 0; -

1139

break;

never executed: break;

1140 } -

1141

} else {

never executed: end of block

1142 algo_strength |= -

1143 ca_list[j]->algo_strength & SSL_DEFAULT_MASK; -

1144

}

executed 10573 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

10573

1145 } -

1146 -

1147

if (ca_list[j]->valid) {

ca_list[j]->valid	Description
TRUE	evaluated 654 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 39435 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

654-39435

1148 /* -

1149 * explicit ciphersuite found; its protocol version does not -

1150 * become part of the search pattern! -

1151 */ -

1152 -

1153 cipher_id = ca_list[j]->id; -

1154

} else {

executed 654 times by 1 test: end of block

Executed by:

libssl.so.1.1

654

1155 /* -

1156 * not an explicit ciphersuite; only in this case, the -

1157 * protocol version is considered part of the search pattern -

1158 */ -

1159 -

1160

if (ca_list[j]->min_tls) {

ca_list[j]->min_tls	Description
TRUE	never evaluated
FALSE	evaluated 39435 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-39435

1161

if (min_tls != 0 && min_tls != ca_list[j]->min_tls) {

min_tls != 0	Description
TRUE	never evaluated
FALSE	never evaluated

min_tls != ca_list[j]->min_tls	Description
TRUE	never evaluated
FALSE	never evaluated

1162 found = 0; -

1163

break;

never executed: break;

1164 } else { -

1165 min_tls = ca_list[j]->min_tls; -

1166

}

never executed: end of block

1167 } -

1168

}

executed 39435 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

39435

1169 -

1170

if (!multi)

!multi	Description
TRUE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-40089

1171

break;

executed 40089 times by 2 tests: break;

Executed by:

libssl.so.1.1
tls13encryptiontest

40089

1172

}

never executed: end of block

1173 -

1174 /* -

1175 * Ok, we have the rule, now apply it -

1176 */ -

1177

if (rule == CIPHER_SPECIAL) { /* special command */

rule == 5	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

4119-40089

1178 ok = 0; -

1179

if ((buflen == 8) && strncmp(buf, "STRENGTH", 8) == 0) {

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "STRENGTH" ))[3] - __s2[3]);

never executed: end of block

(buflen == 8)	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

(__extension__..." , 8 ))) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_constant_p ( 8 )	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	never evaluated

strlen ( buf )...size_t) ( 8 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...( "STRENGTH" )	Description
TRUE	never evaluated
FALSE	never evaluated

strlen ( "STRE...size_t) ( 8 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-4119

1180 ok = ssl_cipher_strength_sort(head_p, tail_p); -

1181

} else if (buflen == 10 && strncmp(buf, "SECLEVEL=", 9) == 0) {

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SECLEVEL=" ))[3] - __s2[3]);

never executed: end of block

buflen == 10	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(__extension__..." , 9 ))) == 0	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

__builtin_constant_p ( 9 )	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

__builtin_constant_p ( buf )	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

strlen ( buf )...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons... "SECLEVEL=" )	Description
TRUE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

strlen ( "SECL...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-4119

1182 int level = buf[9] - '0'; -

1183

if (level < 0 || level > 5) {

level < 0	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

level > 5	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

0-4119

1184 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, -

1185 SSL_R_INVALID_COMMAND); -

1186

} else {

never executed: end of block

1187 c->sec_level = level; -

1188 ok = 1; -

1189

}

executed 4119 times by 1 test: end of block

Executed by:

libssl.so.1.1

4119

1190 } else { -

1191 SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, SSL_R_INVALID_COMMAND); -

1192

}

never executed: end of block

1193

if (ok == 0)

ok == 0	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

0-4119

1194

retval = 0;

never executed: retval = 0;

1195 /* -

1196 * We do not support any "multi" options -

1197 * together with "@", so throw away the -

1198 * rest of the command, if any left, until -

1199 * end or ':' is found. -

1200 */ -

1201

while ((*l != '\0') && !ITEM_SEP(*l))

(*l != '\0')	Description
TRUE	never evaluated
FALSE	evaluated 4119 times by 1 test Evaluated by: libssl.so.1.1

((*l) == ':')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ' ')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ';')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ',')	Description
TRUE	never evaluated
FALSE	never evaluated

0-4119

1202

l++;

never executed: l++;

1203

} else if (found) {

executed 4119 times by 1 test: end of block

Executed by:

libssl.so.1.1

found	Description
TRUE	evaluated 40089 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

0-40089

1204 ssl_cipher_apply_rule(cipher_id, -

1205 alg_mkey, alg_auth, alg_enc, alg_mac, -

1206 min_tls, algo_strength, rule, -1, head_p, -

1207 tail_p); -

1208

} else {

executed 40089 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

40089

1209

while ((*l != '\0') && !ITEM_SEP(*l))

(*l != '\0')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ':')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ' ')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ';')	Description
TRUE	never evaluated
FALSE	never evaluated

((*l) == ',')	Description
TRUE	never evaluated
FALSE	never evaluated

1210

l++;

never executed: l++;

1211

}

never executed: end of block

1212

if (*l == '\0')

*l == '\0'	Description
TRUE	evaluated 15186 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 29022 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15186-29022

1213

break; /* done */

executed 15186 times by 2 tests: break;

Executed by:

libssl.so.1.1
tls13encryptiontest

15186

1214

}

executed 29022 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

29022

1215 -

1216

return retval;

executed 15186 times by 2 tests: return retval;

Executed by:

libssl.so.1.1
tls13encryptiontest

15186

1217 } -

1218 -

1219 #ifndef OPENSSL_NO_EC -

1220 static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c, -

1221 const char **prule_str) -

1222 { -

1223 unsigned int suiteb_flags = 0, suiteb_comb2 = 0; -

1224

if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) {

never executed: __result = (((const unsigned char *) (const char *) ( *prule_str ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SUITEB128ONLY" ))[3] - __s2[3]);

never executed: end of block

(__extension__... , 13 ))) == 0	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( 13 )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

__builtin_cons...( *prule_str )	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

strlen ( *prul...ize_t) ( 13 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...ITEB128ONLY" )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

strlen ( "SUIT...ize_t) ( 13 ))	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-15196

1225 suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY; -

1226

} else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) {

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( *prule_str ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SUITEB128C2" ))[3] - __s2[3]);

never executed: end of block

(__extension__... , 11 ))) == 0	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( 11 )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

__builtin_cons...( *prule_str )	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

strlen ( *prul...ize_t) ( 11 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons...SUITEB128C2" )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

strlen ( "SUIT...ize_t) ( 11 ))	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-15196

1227 suiteb_comb2 = 1; -

1228 suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; -

1229

} else if (strncmp(*prule_str, "SUITEB128", 9) == 0) {

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( *prule_str ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SUITEB128" ))[3] - __s2[3]);

never executed: end of block

(__extension__..." , 9 ))) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( 9 )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

__builtin_cons...( *prule_str )	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

strlen ( *prul...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons... "SUITEB128" )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

strlen ( "SUIT...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-15196

1230 suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS; -

1231

} else if (strncmp(*prule_str, "SUITEB192", 9) == 0) {

executed 2 times by 1 test: end of block

Executed by:

libssl.so.1.1

never executed: __result = (((const unsigned char *) (const char *) ( *prule_str ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "SUITEB192" ))[3] - __s2[3]);

never executed: end of block

(__extension__..." , 9 ))) == 0	Description
TRUE	never evaluated
FALSE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( 9 )	Description
TRUE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

__builtin_cons...( *prule_str )	Description
TRUE	never evaluated
FALSE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

strlen ( *prul...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons... "SUITEB192" )	Description
TRUE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

strlen ( "SUIT...size_t) ( 9 ))	Description
TRUE	never evaluated
FALSE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-15194

1232 suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS; -

1233

}

never executed: end of block

1234 -

1235

if (suiteb_flags) {

suiteb_flags	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

2-15194

1236 c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS; -

1237 c->cert_flags |= suiteb_flags; -

1238

} else {

executed 2 times by 1 test: end of block

Executed by:

libssl.so.1.1

1239 suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS; -

1240

}

executed 15194 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

15194

1241 -

1242

if (!suiteb_flags)

!suiteb_flags	Description
TRUE	evaluated 15194 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-15194

1243

return 1;

executed 15194 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

15194

1244 /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */ -

1245 -

1246

if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) {

!(meth->ssl3_e..._flags & 0x10)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1247 SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, -

1248 SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE); -

1249

return 0;

never executed: return 0;

1250 } -

1251 # ifndef OPENSSL_NO_EC -

1252 switch (suiteb_flags) { -

1253

case SSL_CERT_FLAG_SUITEB_128_LOS:

executed 2 times by 1 test: case 0x30000:

Executed by:

libssl.so.1.1

1254

if (suiteb_comb2)

suiteb_comb2	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1255

*prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";

never executed: *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";

1256 else -

1257

*prule_str =

executed 2 times by 1 test: *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";

Executed by:

libssl.so.1.1

1258

"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";

executed 2 times by 1 test: *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";

Executed by:

libssl.so.1.1

1259

break;

executed 2 times by 1 test: break;

Executed by:

libssl.so.1.1

1260

case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:

never executed: case 0x10000:

1261 *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256"; -

1262

break;

never executed: break;

1263

case SSL_CERT_FLAG_SUITEB_192_LOS:

never executed: case 0x20000:

1264 *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384"; -

1265

break;

never executed: break;

1266 } -

1267

return 1;

executed 2 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1268 # else -

1269 SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE); -

1270 return 0; -

1271 # endif -

1272 } -

1273 #endif -

1274 -

1275 static int ciphersuite_cb(const char *elem, int len, void *arg) -

1276 { -

1277 STACK_OF(SSL_CIPHER) *ciphersuites = (STACK_OF(SSL_CIPHER) *)arg; -

1278 const SSL_CIPHER *cipher; -

1279 /* Arbitrary sized temp buffer for the cipher name. Should be big enough */ -

1280 char name[80]; -

1281 -

1282

if (len > (int)(sizeof(name) - 1)) {

len > (int)(sizeof(name) - 1)	Description
TRUE	never evaluated
FALSE	evaluated 24293 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-24293

1283 SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH); -

1284

return 0;

never executed: return 0;

1285 } -

1286 -

1287 memcpy(name, elem, len); -

1288 name[len] = '\0'; -

1289 -

1290 cipher = ssl3_get_cipher_by_std_name(name); -

1291

if (cipher == NULL) {

cipher == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 24293 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-24293

1292 SSLerr(SSL_F_CIPHERSUITE_CB, SSL_R_NO_CIPHER_MATCH); -

1293

return 0;

never executed: return 0;

1294 } -

1295 -

1296

if (!sk_SSL_CIPHER_push(ciphersuites, cipher)) {

!sk_SSL_CIPHER...uites, cipher)	Description
TRUE	never evaluated
FALSE	evaluated 24293 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-24293

1297 SSLerr(SSL_F_CIPHERSUITE_CB, ERR_R_INTERNAL_ERROR); -

1298

return 0;

never executed: return 0;

1299 } -

1300 -

1301

return 1;

executed 24293 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

24293

1302 } -

1303 -

1304 static __owur int set_ciphersuites(STACK_OF(SSL_CIPHER) **currciphers, const char *str) -

1305 { -

1306 STACK_OF(SSL_CIPHER) *newciphers = sk_SSL_CIPHER_new_null(); -

1307 -

1308

if (newciphers == NULL)

newciphers == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 8549 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-8549

1309

return 0;

never executed: return 0;

1310 -

1311 /* Parse the list. We explicitly allow an empty list */ -

1312

if (*str != '\0'

*str != '\0'	Description
TRUE	evaluated 8245 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 304 times by 1 test Evaluated by: libssl.so.1.1

304-8245

1313

&& !CONF_parse_list(str, ':', 1, ciphersuite_cb, newciphers)) {

!CONF_parse_li...b, newciphers)	Description
TRUE	never evaluated
FALSE	evaluated 8245 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-8245

1314 sk_SSL_CIPHER_free(newciphers); -

1315

return 0;

never executed: return 0;

1316 } -

1317 sk_SSL_CIPHER_free(*currciphers); -

1318 *currciphers = newciphers; -

1319 -

1320

return 1;

executed 8549 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

8549

1321 } -

1322 -

1323 static int update_cipher_list_by_id(STACK_OF(SSL_CIPHER) **cipher_list_by_id, -

1324 STACK_OF(SSL_CIPHER) *cipherstack) -

1325 { -

1326 STACK_OF(SSL_CIPHER) *tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); -

1327 -

1328

if (tmp_cipher_list == NULL) {

tmp_cipher_list == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15724 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15724

1329

return 0;

never executed: return 0;

1330 } -

1331 -

1332 sk_SSL_CIPHER_free(*cipher_list_by_id); -

1333 *cipher_list_by_id = tmp_cipher_list; -

1334 -

1335 (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, ssl_cipher_ptr_id_cmp); -

1336 sk_SSL_CIPHER_sort(*cipher_list_by_id); -

1337 -

1338

return 1;

executed 15724 times by 2 tests: return 1;

Executed by:

libssl.so.1.1
tls13encryptiontest

15724

1339 } -

1340 -

1341 static int update_cipher_list(STACK_OF(SSL_CIPHER) **cipher_list, -

1342 STACK_OF(SSL_CIPHER) **cipher_list_by_id, -

1343 STACK_OF(SSL_CIPHER) *tls13_ciphersuites) -

1344 { -

1345 int i; -

1346 STACK_OF(SSL_CIPHER) *tmp_cipher_list = sk_SSL_CIPHER_dup(*cipher_list); -

1347 -

1348

if (tmp_cipher_list == NULL)

tmp_cipher_list == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 528 times by 1 test Evaluated by: libssl.so.1.1

0-528

1349

return 0;

never executed: return 0;

1350 -

1351 /* -

1352 * Delete any existing TLSv1.3 ciphersuites. These are always first in the -

1353 * list. -

1354 */ -

1355

while (sk_SSL_CIPHER_num(tmp_cipher_list) > 0

sk_SSL_CIPHER_...pher_list) > 0	Description
TRUE	evaluated 2095 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

9-2095

1356

&& sk_SSL_CIPHER_value(tmp_cipher_list, 0)->min_tls

sk_SSL_CIPHER_..._tls == 0x0304	Description
TRUE	evaluated 1576 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 519 times by 1 test Evaluated by: libssl.so.1.1

519-1576

1357

== TLS1_3_VERSION)

sk_SSL_CIPHER_..._tls == 0x0304	Description
TRUE	evaluated 1576 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 519 times by 1 test Evaluated by: libssl.so.1.1

519-1576

1358

sk_SSL_CIPHER_delete(tmp_cipher_list, 0);

executed 1576 times by 1 test: sk_SSL_CIPHER_delete(tmp_cipher_list, 0);

Executed by:

libssl.so.1.1

1576

1359 -

1360 /* Insert the new TLSv1.3 ciphersuites */ -

1361

for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++)

i < sk_SSL_CIP..._ciphersuites)	Description
TRUE	evaluated 238 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 528 times by 1 test Evaluated by: libssl.so.1.1

238-528

1362

sk_SSL_CIPHER_insert(tmp_cipher_list,

executed 238 times by 1 test: sk_SSL_CIPHER_insert(tmp_cipher_list, sk_SSL_CIPHER_value(tls13_ciphersuites, i), i);

Executed by:

libssl.so.1.1

238

1363

sk_SSL_CIPHER_value(tls13_ciphersuites, i), i);

executed 238 times by 1 test: sk_SSL_CIPHER_insert(tmp_cipher_list, sk_SSL_CIPHER_value(tls13_ciphersuites, i), i);

Executed by:

libssl.so.1.1

238

1364 -

1365

if (!update_cipher_list_by_id(cipher_list_by_id, tmp_cipher_list))

!update_cipher...p_cipher_list)	Description
TRUE	never evaluated
FALSE	evaluated 528 times by 1 test Evaluated by: libssl.so.1.1

0-528

1366

return 0;

never executed: return 0;

1367 -

1368 sk_SSL_CIPHER_free(*cipher_list); -

1369 *cipher_list = tmp_cipher_list; -

1370 -

1371

return 1;

executed 528 times by 1 test: return 1;

Executed by:

libssl.so.1.1

528

1372 } -

1373 -

1374 int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str) -

1375 { -

1376 int ret = set_ciphersuites(&(ctx->tls13_ciphersuites), str); -

1377 -

1378

if (ret && ctx->cipher_list != NULL) {

ret	Description
TRUE	evaluated 8543 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

ctx->cipher_li...!= ((void *)0)	Description
TRUE	evaluated 526 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 8017 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-8543

1379 /* We already have a cipher_list, so we need to update it */ -

1380

return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id,

executed 526 times by 1 test: return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id, ctx->tls13_ciphersuites);

Executed by:

libssl.so.1.1

526

1381

ctx->tls13_ciphersuites);

executed 526 times by 1 test: return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id, ctx->tls13_ciphersuites);

Executed by:

libssl.so.1.1

526

1382 } -

1383 -

1384

return ret;

executed 8017 times by 2 tests: return ret;

Executed by:

libssl.so.1.1
tls13encryptiontest

8017

1385 } -

1386 -

1387 int SSL_set_ciphersuites(SSL *s, const char *str) -

1388 { -

1389 int ret = set_ciphersuites(&(s->tls13_ciphersuites), str); -

1390 -

1391

if (ret && s->cipher_list != NULL) {

ret	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

s->cipher_list != ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1

0-6

1392 /* We already have a cipher_list, so we need to update it */ -

1393

return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id,

executed 2 times by 1 test: return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id, s->tls13_ciphersuites);

Executed by:

libssl.so.1.1

1394

s->tls13_ciphersuites);

executed 2 times by 1 test: return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id, s->tls13_ciphersuites);

Executed by:

libssl.so.1.1

1395 } -

1396 -

1397

return ret;

executed 4 times by 1 test: return ret;

Executed by:

libssl.so.1.1

1398 } -

1399 -

1400 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, -

1401 STACK_OF(SSL_CIPHER) *tls13_ciphersuites, -

1402 STACK_OF(SSL_CIPHER) **cipher_list, -

1403 STACK_OF(SSL_CIPHER) **cipher_list_by_id, -

1404 const char *rule_str, -

1405 CERT *c) -

1406 { -

1407 int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases, i; -

1408 uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac; -

1409 STACK_OF(SSL_CIPHER) *cipherstack; -

1410 const char *rule_p; -

1411 CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr; -

1412 const SSL_CIPHER **ca_list = NULL; -

1413 -

1414 /* -

1415 * Return with error if nothing to do. -

1416 */ -

1417

if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)

rule_str == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

cipher_list == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

cipher_list_by...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1418

return NULL;

never executed: return ((void *)0) ;

1419 #ifndef OPENSSL_NO_EC -

1420

if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))

!check_suiteb_... c, &rule_str)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1421

return NULL;

never executed: return ((void *)0) ;

1422 #endif -

1423 -

1424 /* -

1425 * To reduce the work to do we only want to process the compiled -

1426 * in algorithms, so we first get the mask of disabled ciphers. -

1427 */ -

1428 -

1429 disabled_mkey = disabled_mkey_mask; -

1430 disabled_auth = disabled_auth_mask; -

1431 disabled_enc = disabled_enc_mask; -

1432 disabled_mac = disabled_mac_mask; -

1433 -

1434 /* -

1435 * Now we have to collect the available ciphers from the compiled -

1436 * in ciphers. We cannot get more than the number compiled in, so -

1437 * it is used for allocation. -

1438 */ -

1439 num_of_ciphers = ssl_method->num_ciphers(); -

1440 -

1441 co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers); -

1442

if (co_list == NULL) {

co_list == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1443 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); -

1444

return NULL; /* Failure */

never executed: return ((void *)0) ;

1445 } -

1446 -

1447 ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, -

1448 disabled_mkey, disabled_auth, disabled_enc, -

1449 disabled_mac, co_list, &head, &tail); -

1450 -

1451 /* Now arrange all ciphers by preference. */ -

1452 -

1453 /* -

1454 * Everything else being equal, prefer ephemeral ECDH over other key -

1455 * exchange mechanisms. -

1456 * For consistency, prefer ECDSA over RSA (though this only matters if the -

1457 * server has both certificates, and is using the DEFAULT, or a client -

1458 * preference). -

1459 */ -

1460 ssl_cipher_apply_rule(0, SSL_kECDHE, SSL_aECDSA, 0, 0, 0, 0, CIPHER_ADD, -

1461 -1, &head, &tail); -

1462 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, -

1463 &tail); -

1464 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, -

1465 &tail); -

1466 -

1467 /* Within each strength group, we prefer GCM over CHACHA... */ -

1468 ssl_cipher_apply_rule(0, 0, 0, SSL_AESGCM, 0, 0, 0, CIPHER_ADD, -1, -

1469 &head, &tail); -

1470 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20, 0, 0, 0, CIPHER_ADD, -1, -

1471 &head, &tail); -

1472 -

1473 /* -

1474 * ...and generally, our preferred cipher is AES. -

1475 * Note that AEADs will be bumped to take preference after sorting by -

1476 * strength. -

1477 */ -

1478 ssl_cipher_apply_rule(0, 0, 0, SSL_AES ^ SSL_AESGCM, 0, 0, 0, CIPHER_ADD, -

1479 -1, &head, &tail); -

1480 -

1481 /* Temporarily enable everything else for sorting */ -

1482 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail); -

1483 -

1484 /* Low priority for MD5 */ -

1485 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, -

1486 &tail); -

1487 -

1488 /* -

1489 * Move anonymous ciphers to the end. Usually, these will remain -

1490 * disabled. (For applications that allow them, they aren't too bad, but -

1491 * we prefer authenticated ciphers.) -

1492 */ -

1493 ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, -

1494 &tail); -

1495 -

1496 ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, -

1497 &tail); -

1498 ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, -

1499 &tail); -

1500 -

1501 /* RC4 is sort-of broken -- move to the end */ -

1502 ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, -

1503 &tail); -

1504 -

1505 /* -

1506 * Now sort by symmetric encryption strength. The above ordering remains -

1507 * in force within each class -

1508 */ -

1509

if (!ssl_cipher_strength_sort(&head, &tail)) {

!ssl_cipher_st...(&head, &tail)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1510 OPENSSL_free(co_list); -

1511

return NULL;

never executed: return ((void *)0) ;

1512 } -

1513 -

1514 /* -

1515 * Partially overrule strength sort to prefer TLS 1.2 ciphers/PRFs. -

1516 * TODO(openssl-team): is there an easier way to accomplish all this? -

1517 */ -

1518 ssl_cipher_apply_rule(0, 0, 0, 0, 0, TLS1_2_VERSION, 0, CIPHER_BUMP, -1, -

1519 &head, &tail); -

1520 -

1521 /* -

1522 * Irrespective of strength, enforce the following order: -

1523 * (EC)DHE + AEAD > (EC)DHE > rest of AEAD > rest. -

1524 * Within each group, ciphers remain sorted by strength and previous -

1525 * preference, i.e., -

1526 * 1) ECDHE > DHE -

1527 * 2) GCM > CHACHA -

1528 * 3) AES > rest -

1529 * 4) TLS 1.2 > legacy -

1530 * -

1531 * Because we now bump ciphers to the top of the list, we proceed in -

1532 * reverse order of preference. -

1533 */ -

1534 ssl_cipher_apply_rule(0, 0, 0, 0, SSL_AEAD, 0, 0, CIPHER_BUMP, -1, -

1535 &head, &tail); -

1536 ssl_cipher_apply_rule(0, SSL_kDHE | SSL_kECDHE, 0, 0, 0, 0, 0, -

1537 CIPHER_BUMP, -1, &head, &tail); -

1538 ssl_cipher_apply_rule(0, SSL_kDHE | SSL_kECDHE, 0, 0, SSL_AEAD, 0, 0, -

1539 CIPHER_BUMP, -1, &head, &tail); -

1540 -

1541 /* Now disable everything (maintaining the ordering!) */ -

1542 ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail); -

1543 -

1544 /* -

1545 * We also need cipher aliases for selecting based on the rule_str. -

1546 * There might be two types of entries in the rule_str: 1) names -

1547 * of ciphers themselves 2) aliases for groups of ciphers. -

1548 * For 1) we need the available ciphers and for 2) the cipher -

1549 * groups of cipher_aliases added together in one list (otherwise -

1550 * we would be happy with just the cipher_aliases table). -

1551 */ -

1552 num_of_group_aliases = OSSL_NELEM(cipher_aliases); -

1553 num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; -

1554 ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max); -

1555

if (ca_list == NULL) {

ca_list == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1556 OPENSSL_free(co_list); -

1557 SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); -

1558

return NULL; /* Failure */

never executed: return ((void *)0) ;

1559 } -

1560 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, -

1561 disabled_mkey, disabled_auth, disabled_enc, -

1562 disabled_mac, head); -

1563 -

1564 /* -

1565 * If the rule_string begins with DEFAULT, apply the default rule -

1566 * before using the (possibly available) additional rules. -

1567 */ -

1568 ok = 1; -

1569 rule_p = rule_str; -

1570

if (strncmp(rule_str, "DEFAULT", 7) == 0) {

never executed: __result = (((const unsigned char *) (const char *) ( rule_str ))[3] - __s2[3]);

never executed: end of block

never executed: __result = (((const unsigned char *) (const char *) ( "DEFAULT" ))[3] - __s2[3]);

never executed: end of block

(__extension__..." , 7 ))) == 0	Description
TRUE	evaluated 2357 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 12839 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__builtin_constant_p ( 7 )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

__builtin_cons...p ( rule_str )	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

strlen ( rule_...size_t) ( 7 ))	Description
TRUE	never evaluated
FALSE	never evaluated

__builtin_cons... ( "DEFAULT" )	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

strlen ( "DEFA...size_t) ( 7 ))	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

__s1_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s1_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 0	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 1	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

__s2_len > 2	Description
TRUE	never evaluated
FALSE	never evaluated

__result == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-15196

1571 ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, -

1572 &head, &tail, ca_list, c); -

1573 rule_p += 7; -

1574

if (*rule_p == ':')

*rule_p == ':'	Description
TRUE	never evaluated
FALSE	evaluated 2357 times by 1 test Evaluated by: libssl.so.1.1

0-2357

1575

rule_p++;

never executed: rule_p++;

1576

}

executed 2357 times by 1 test: end of block

Executed by:

libssl.so.1.1

2357

1577 -

1578

if (ok && (strlen(rule_p) > 0))

ok	Description
TRUE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	never evaluated

(strlen(rule_p) > 0)	Description
TRUE	evaluated 12829 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 2367 times by 1 test Evaluated by: libssl.so.1.1

0-15196

1579

ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list, c);

executed 12829 times by 2 tests: ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list, c);

Executed by:

libssl.so.1.1
tls13encryptiontest

12829

1580 -

1581 OPENSSL_free(ca_list); /* Not needed anymore */ -

1582 -

1583

if (!ok) { /* Rule processing failure */

!ok	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1584 OPENSSL_free(co_list); -

1585

return NULL;

never executed: return ((void *)0) ;

1586 } -

1587 -

1588 /* -

1589 * Allocate new "cipherstack" for the result, return with error -

1590 * if we cannot get one. -

1591 */ -

1592

if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {

(cipherstack =...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1593 OPENSSL_free(co_list); -

1594

return NULL;

never executed: return ((void *)0) ;

1595 } -

1596 -

1597 /* Add TLSv1.3 ciphers first - we always prefer those if possible */ -

1598

for (i = 0; i < sk_SSL_CIPHER_num(tls13_ciphersuites); i++) {

i < sk_SSL_CIP..._ciphersuites)	Description
TRUE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-45588

1599

if (!sk_SSL_CIPHER_push(cipherstack,

!sk_SSL_CIPHER...hersuites, i))	Description
TRUE	never evaluated
FALSE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-45588

1600

sk_SSL_CIPHER_value(tls13_ciphersuites, i))) {

!sk_SSL_CIPHER...hersuites, i))	Description
TRUE	never evaluated
FALSE	evaluated 45588 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-45588

1601 sk_SSL_CIPHER_free(cipherstack); -

1602

return NULL;

never executed: return ((void *)0) ;

1603 } -

1604

}

executed 45588 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

45588

1605 -

1606 /* -

1607 * The cipher selection for the list is done. The ciphers are added -

1608 * to the resulting precedence to the STACK_OF(SSL_CIPHER). -

1609 */ -

1610

for (curr = head; curr != NULL; curr = curr->next) {

curr != ((void *)0)	Description
TRUE	evaluated 1362838 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

15196-1362838

1611

if (curr->active) {

curr->active	Description
TRUE	evaluated 1253216 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest
FALSE	evaluated 109622 times by 1 test Evaluated by: libssl.so.1.1

109622-1253216

1612

if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) {

!sk_SSL_CIPHER... curr->cipher)	Description
TRUE	never evaluated
FALSE	evaluated 1253216 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-1253216

1613 OPENSSL_free(co_list); -

1614 sk_SSL_CIPHER_free(cipherstack); -

1615

return NULL;

never executed: return ((void *)0) ;

1616 } -

1617 #ifdef CIPHER_DEBUG -

1618 fprintf(stderr, "<%s>\n", curr->cipher->name); -

1619 #endif -

1620

}

executed 1253216 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1253216

1621

}

executed 1362838 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1362838

1622 OPENSSL_free(co_list); /* Not needed any longer */ -

1623 -

1624

if (!update_cipher_list_by_id(cipher_list_by_id, cipherstack)) {

!update_cipher..., cipherstack)	Description
TRUE	never evaluated
FALSE	evaluated 15196 times by 2 tests Evaluated by: libssl.so.1.1 tls13encryptiontest

0-15196

1625 sk_SSL_CIPHER_free(cipherstack); -

1626

return NULL;

never executed: return ((void *)0) ;

1627 } -

1628 sk_SSL_CIPHER_free(*cipher_list); -

1629 *cipher_list = cipherstack; -

1630 -

1631

return cipherstack;

executed 15196 times by 2 tests: return cipherstack;

Executed by:

libssl.so.1.1
tls13encryptiontest

15196

1632 } -

1633 -

1634 char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len) -

1635 { -

1636 const char *ver; -

1637 const char *kx, *au, *enc, *mac; -

1638 uint32_t alg_mkey, alg_auth, alg_enc, alg_mac; -

1639 static const char *format = "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n"; -

1640 -

1641

if (buf == NULL) {

buf == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1642 len = 128; -

1643

if ((buf = OPENSSL_malloc(len)) == NULL) {

(buf = CRYPTO_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1644 SSLerr(SSL_F_SSL_CIPHER_DESCRIPTION, ERR_R_MALLOC_FAILURE); -

1645

return NULL;

never executed: return ((void *)0) ;

1646 } -

1647

} else if (len < 128) {

never executed: end of block

len < 128	Description
TRUE	never evaluated
FALSE	never evaluated

1648

return NULL;

never executed: return ((void *)0) ;

1649 } -

1650 -

1651 alg_mkey = cipher->algorithm_mkey; -

1652 alg_auth = cipher->algorithm_auth; -

1653 alg_enc = cipher->algorithm_enc; -

1654 alg_mac = cipher->algorithm_mac; -

1655 -

1656 ver = ssl_protocol_to_string(cipher->min_tls); -

1657 -

1658 switch (alg_mkey) { -

1659

case SSL_kRSA:

never executed: case 0x00000001U:

1660 kx = "RSA"; -

1661

break;

never executed: break;

1662

case SSL_kDHE:

never executed: case 0x00000002U:

1663 kx = "DH"; -

1664

break;

never executed: break;

1665

case SSL_kECDHE:

never executed: case 0x00000004U:

1666 kx = "ECDH"; -

1667

break;

never executed: break;

1668

case SSL_kPSK:

never executed: case 0x00000008U:

1669 kx = "PSK"; -

1670

break;

never executed: break;

1671

case SSL_kRSAPSK:

never executed: case 0x00000040U:

1672 kx = "RSAPSK"; -

1673

break;

never executed: break;

1674

case SSL_kECDHEPSK:

never executed: case 0x00000080U:

1675 kx = "ECDHEPSK"; -

1676

break;

never executed: break;

1677

case SSL_kDHEPSK:

never executed: case 0x00000100U:

1678 kx = "DHEPSK"; -

1679

break;

never executed: break;

1680

case SSL_kSRP:

never executed: case 0x00000020U:

1681 kx = "SRP"; -

1682

break;

never executed: break;

1683

case SSL_kGOST:

never executed: case 0x00000010U:

1684 kx = "GOST"; -

1685

break;

never executed: break;

1686

case SSL_kANY:

never executed: case 0x00000000U:

1687 kx = "any"; -

1688

break;

never executed: break;

1689

default:

never executed: default:

1690 kx = "unknown"; -

1691

}

never executed: end of block

1692 -

1693 switch (alg_auth) { -

1694

case SSL_aRSA:

never executed: case 0x00000001U:

1695 au = "RSA"; -

1696

break;

never executed: break;

1697

case SSL_aDSS:

never executed: case 0x00000002U:

1698 au = "DSS"; -

1699

break;

never executed: break;

1700

case SSL_aNULL:

never executed: case 0x00000004U:

1701 au = "None"; -

1702

break;

never executed: break;

1703

case SSL_aECDSA:

never executed: case 0x00000008U:

1704 au = "ECDSA"; -

1705

break;

never executed: break;

1706

case SSL_aPSK:

never executed: case 0x00000010U:

1707 au = "PSK"; -

1708

break;

never executed: break;

1709

case SSL_aSRP:

never executed: case 0x00000040U:

1710 au = "SRP"; -

1711

break;

never executed: break;

1712

case SSL_aGOST01:

never executed: case 0x00000020U:

1713 au = "GOST01"; -

1714

break;

never executed: break;

1715 /* New GOST ciphersuites have both SSL_aGOST12 and SSL_aGOST01 bits */ -

1716

case (SSL_aGOST12 | SSL_aGOST01):

never executed: case (0x00000080U | 0x00000020U):

1717 au = "GOST12"; -

1718

break;

never executed: break;

1719

case SSL_aANY:

never executed: case 0x00000000U:

1720 au = "any"; -

1721

break;

never executed: break;

1722

default:

never executed: default:

1723 au = "unknown"; -

1724

break;

never executed: break;

1725 } -

1726 -

1727 switch (alg_enc) { -

1728

case SSL_DES:

never executed: case 0x00000001U:

1729 enc = "DES(56)"; -

1730

break;

never executed: break;

1731

case SSL_3DES:

never executed: case 0x00000002U:

1732 enc = "3DES(168)"; -

1733

break;

never executed: break;

1734

case SSL_RC4:

never executed: case 0x00000004U:

1735 enc = "RC4(128)"; -

1736

break;

never executed: break;

1737

case SSL_RC2:

never executed: case 0x00000008U:

1738 enc = "RC2(128)"; -

1739

break;

never executed: break;

1740

case SSL_IDEA:

never executed: case 0x00000010U:

1741 enc = "IDEA(128)"; -

1742

break;

never executed: break;

1743

case SSL_eNULL:

never executed: case 0x00000020U:

1744 enc = "None"; -

1745

break;

never executed: break;

1746

case SSL_AES128:

never executed: case 0x00000040U:

1747 enc = "AES(128)"; -

1748

break;

never executed: break;

1749

case SSL_AES256:

never executed: case 0x00000080U:

1750 enc = "AES(256)"; -

1751

break;

never executed: break;

1752

case SSL_AES128GCM:

never executed: case 0x00001000U:

1753 enc = "AESGCM(128)"; -

1754

break;

never executed: break;

1755

case SSL_AES256GCM:

never executed: case 0x00002000U:

1756 enc = "AESGCM(256)"; -

1757

break;

never executed: break;

1758

case SSL_AES128CCM:

never executed: case 0x00004000U:

1759 enc = "AESCCM(128)"; -

1760

break;

never executed: break;

1761

case SSL_AES256CCM:

never executed: case 0x00008000U:

1762 enc = "AESCCM(256)"; -

1763

break;

never executed: break;

1764

case SSL_AES128CCM8:

never executed: case 0x00010000U:

1765 enc = "AESCCM8(128)"; -

1766

break;

never executed: break;

1767

case SSL_AES256CCM8:

never executed: case 0x00020000U:

1768 enc = "AESCCM8(256)"; -

1769

break;

never executed: break;

1770

case SSL_CAMELLIA128:

never executed: case 0x00000100U:

1771 enc = "Camellia(128)"; -

1772

break;

never executed: break;

1773

case SSL_CAMELLIA256:

never executed: case 0x00000200U:

1774 enc = "Camellia(256)"; -

1775

break;

never executed: break;

1776

case SSL_ARIA128GCM:

never executed: case 0x00100000U:

1777 enc = "ARIAGCM(128)"; -

1778

break;

never executed: break;

1779

case SSL_ARIA256GCM:

never executed: case 0x00200000U:

1780 enc = "ARIAGCM(256)"; -

1781

break;

never executed: break;

1782

case SSL_SEED:

never executed: case 0x00000800U:

1783 enc = "SEED(128)"; -

1784

break;

never executed: break;

1785

case SSL_eGOST2814789CNT:

never executed: case 0x00000400U:

1786

case SSL_eGOST2814789CNT12:

never executed: case 0x00040000U:

1787 enc = "GOST89(256)"; -

1788

break;

never executed: break;

1789

case SSL_CHACHA20POLY1305:

never executed: case 0x00080000U:

1790 enc = "CHACHA20/POLY1305(256)"; -

1791

break;

never executed: break;

1792

default:

never executed: default:

1793 enc = "unknown"; -

1794

break;

never executed: break;

1795 } -

1796 -

1797 switch (alg_mac) { -

1798

case SSL_MD5:

never executed: case 0x00000001U:

1799 mac = "MD5"; -

1800

break;

never executed: break;

1801

case SSL_SHA1:

never executed: case 0x00000002U:

1802 mac = "SHA1"; -

1803

break;

never executed: break;

1804

case SSL_SHA256:

never executed: case 0x00000010U:

1805 mac = "SHA256"; -

1806

break;

never executed: break;

1807

case SSL_SHA384:

never executed: case 0x00000020U:

1808 mac = "SHA384"; -

1809

break;

never executed: break;

1810

case SSL_AEAD:

never executed: case 0x00000040U:

1811 mac = "AEAD"; -

1812

break;

never executed: break;

1813

case SSL_GOST89MAC:

never executed: case 0x00000008U:

1814

case SSL_GOST89MAC12:

never executed: case 0x00000100U:

1815 mac = "GOST89"; -

1816

break;

never executed: break;

1817

case SSL_GOST94:

never executed: case 0x00000004U:

1818 mac = "GOST94"; -

1819

break;

never executed: break;

1820

case SSL_GOST12_256:

never executed: case 0x00000080U:

1821

case SSL_GOST12_512:

never executed: case 0x00000200U:

1822 mac = "GOST2012"; -

1823

break;

never executed: break;

1824

default:

never executed: default:

1825 mac = "unknown"; -

1826

break;

never executed: break;

1827 } -

1828 -

1829 BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac); -

1830 -

1831

return buf;

never executed: return buf;

1832 } -

1833 -

1834 const char *SSL_CIPHER_get_version(const SSL_CIPHER *c) -

1835 { -

1836

if (c == NULL)

c == ((void *)0)	Description
TRUE	evaluated 55 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 282 times by 1 test Evaluated by: libssl.so.1.1

55-282

1837

return "(NONE)";

executed 55 times by 1 test: return "(NONE)";

Executed by:

libssl.so.1.1

1838 -

1839 /* -

1840 * Backwards-compatibility crutch. In almost all contexts we report TLS -

1841 * 1.0 as "TLSv1", but for ciphers we report "TLSv1.0". -

1842 */ -

1843

if (c->min_tls == TLS1_VERSION)

c->min_tls == 0x0301	Description
TRUE	evaluated 42 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 240 times by 1 test Evaluated by: libssl.so.1.1

42-240

1844

return "TLSv1.0";

executed 42 times by 1 test: return "TLSv1.0";

Executed by:

libssl.so.1.1

1845

return ssl_protocol_to_string(c->min_tls);

executed 240 times by 1 test: return ssl_protocol_to_string(c->min_tls);

Executed by:

libssl.so.1.1

240

1846 } -

1847 -

1848 /* return the actual cipher being used */ -

1849 const char *SSL_CIPHER_get_name(const SSL_CIPHER *c) -

1850 { -

1851

if (c != NULL)

c != ((void *)0)	Description
TRUE	evaluated 5308 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 294 times by 1 test Evaluated by: libssl.so.1.1

294-5308

1852

return c->name;

executed 5308 times by 1 test: return c->name;

Executed by:

libssl.so.1.1

5308

1853

return "(NONE)";

executed 294 times by 1 test: return "(NONE)";

Executed by:

libssl.so.1.1

294

1854 } -

1855 -

1856 /* return the actual cipher being used in RFC standard name */ -

1857 const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c) -

1858 { -

1859

if (c != NULL)

c != ((void *)0)	Description
TRUE	evaluated 163 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-163

1860

return c->stdname;

executed 163 times by 1 test: return c->stdname;

Executed by:

libssl.so.1.1

163

1861

return "(NONE)";

executed 1 time by 1 test: return "(NONE)";

Executed by:

libssl.so.1.1

1862 } -

1863 -

1864 /* return the OpenSSL name based on given RFC standard name */ -

1865 const char *OPENSSL_cipher_name(const char *stdname) -

1866 { -

1867 const SSL_CIPHER *c; -

1868 -

1869

if (stdname == NULL)

stdname == ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 164 times by 1 test Evaluated by: libssl.so.1.1

1-164

1870

return "(NONE)";

executed 1 time by 1 test: return "(NONE)";

Executed by:

libssl.so.1.1

1871 c = ssl3_get_cipher_by_std_name(stdname); -

1872

return SSL_CIPHER_get_name(c);

executed 164 times by 1 test: return SSL_CIPHER_get_name(c);

Executed by:

libssl.so.1.1

164

1873 } -

1874 -

1875 /* number of bits for symmetric cipher */ -

1876 int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits) -

1877 { -

1878 int ret = 0; -

1879 -

1880

if (c != NULL) {

c != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1881

if (alg_bits != NULL)

alg_bits != ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1882

*alg_bits = (int)c->alg_bits;

never executed: *alg_bits = (int)c->alg_bits;

1883 ret = (int)c->strength_bits; -

1884

}

never executed: end of block

1885

return ret;

never executed: return ret;

1886 } -

1887 -

1888 uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c) -

1889 { -

1890

return c->id;

executed 2735 times by 1 test: return c->id;

Executed by:

libssl.so.1.1

2735

1891 } -

1892 -

1893 uint16_t SSL_CIPHER_get_protocol_id(const SSL_CIPHER *c) -

1894 { -

1895

return c->id & 0xFFFF;

never executed: return c->id & 0xFFFF;

1896 } -

1897 -

1898 SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) -

1899 { -

1900 SSL_COMP *ctmp; -

1901 int i, nn; -

1902 -

1903

if ((n == 0) || (sk == NULL))

(n == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

(sk == ((void *)0) )	Description
TRUE	never evaluated
FALSE	never evaluated

1904

return NULL;

never executed: return ((void *)0) ;

1905 nn = sk_SSL_COMP_num(sk); -

1906

for (i = 0; i < nn; i++) {

i < nn	Description
TRUE	never evaluated
FALSE	never evaluated

1907 ctmp = sk_SSL_COMP_value(sk, i); -

1908

if (ctmp->id == n)

ctmp->id == n	Description
TRUE	never evaluated
FALSE	never evaluated

1909

return ctmp;

never executed: return ctmp;

1910

}

never executed: end of block

1911

return NULL;

never executed: return ((void *)0) ;

1912 } -

1913 -

1914 #ifdef OPENSSL_NO_COMP -

1915 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) -

1916 { -

1917 return NULL; -

1918 } -

1919 -

1920 STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) -

1921 *meths) -

1922 { -

1923 return meths; -

1924 } -

1925 -

1926 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) -

1927 { -

1928 return 1; -

1929 } -

1930 -

1931 #else -

1932 STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) -

1933 { -

1934 load_builtin_compressions(); -

1935

return ssl_comp_methods;

executed 9791 times by 2 tests: return ssl_comp_methods;

Executed by:

libssl.so.1.1
tls13encryptiontest

9791

1936 } -

1937 -

1938 STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP) -

1939 *meths) -

1940 { -

1941 STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; -

1942 ssl_comp_methods = meths; -

1943

return old_meths;

never executed: return old_meths;

1944 } -

1945 -

1946 static void cmeth_free(SSL_COMP *cm) -

1947 { -

1948 OPENSSL_free(cm); -

1949

}

never executed: end of block

1950 -

1951 void ssl_comp_free_compression_methods_int(void) -

1952 { -

1953 STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods; -

1954 ssl_comp_methods = NULL; -

1955 sk_SSL_COMP_pop_free(old_meths, cmeth_free); -

1956

}

executed 1958 times by 2 tests: end of block

Executed by:

libssl.so.1.1
tls13encryptiontest

1958

1957 -

1958 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) -

1959 { -

1960 SSL_COMP *comp; -

1961 -

1962

if (cm == NULL || COMP_get_type(cm) == NID_undef)

cm == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

COMP_get_type(cm) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1963

return 1;

never executed: return 1;

1964 -

1965 /*- -

1966 * According to draft-ietf-tls-compression-04.txt, the -

1967 * compression number ranges should be the following: -

1968 * -

1969 * 0 to 63: methods defined by the IETF -

1970 * 64 to 192: external party methods assigned by IANA -

1971 * 193 to 255: reserved for private use -

1972 */ -

1973

if (id < 193 || id > 255) {

id < 193	Description
TRUE	never evaluated
FALSE	never evaluated

id > 255	Description
TRUE	never evaluated
FALSE	never evaluated

1974 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, -

1975 SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE); -

1976

return 1;

never executed: return 1;

1977 } -

1978 -

1979 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); -

1980 comp = OPENSSL_malloc(sizeof(*comp)); -

1981

if (comp == NULL) {

comp == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

1982 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); -

1983 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); -

1984

return 1;

never executed: return 1;

1985 } -

1986 -

1987 comp->id = id; -

1988 comp->method = cm; -

1989 load_builtin_compressions(); -

1990

if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {

ssl_comp_methods	Description
TRUE	never evaluated
FALSE	never evaluated

sk_SSL_COMP_fi...ds, comp) >= 0	Description
TRUE	never evaluated
FALSE	never evaluated

1991 OPENSSL_free(comp); -

1992 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); -

1993 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, -

1994 SSL_R_DUPLICATE_COMPRESSION_ID); -

1995

return 1;

never executed: return 1;

1996 } -

1997

if (ssl_comp_methods == NULL || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {

ssl_comp_metho...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

!sk_SSL_COMP_p...methods, comp)	Description
TRUE	never evaluated
FALSE	never evaluated

1998 OPENSSL_free(comp); -

1999 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); -

2000 SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); -

2001

return 1;

never executed: return 1;

2002 } -

2003 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); -

2004

return 0;

never executed: return 0;

2005 } -

2006 #endif -

2007 -

2008 const char *SSL_COMP_get_name(const COMP_METHOD *comp) -

2009 { -

2010 #ifndef OPENSSL_NO_COMP -

2011

return comp ? COMP_get_name(comp) : NULL;

never executed: return comp ? COMP_get_name(comp) : ((void *)0) ;

comp	Description
TRUE	never evaluated
FALSE	never evaluated

2012 #else -

2013 return NULL; -

2014 #endif -

2015 } -

2016 -

2017 const char *SSL_COMP_get0_name(const SSL_COMP *comp) -

2018 { -

2019 #ifndef OPENSSL_NO_COMP -

2020

return comp->name;

never executed: return comp->name;

2021 #else -

2022 return NULL; -

2023 #endif -

2024 } -

2025 -

2026 int SSL_COMP_get_id(const SSL_COMP *comp) -

2027 { -

2028 #ifndef OPENSSL_NO_COMP -

2029

return comp->id;

never executed: return comp->id;

2030 #else -

2031 return -1; -

2032 #endif -

2033 } -

2034 -

2035 const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr, -

2036 int all) -

2037 { -

2038 const SSL_CIPHER *c = ssl->method->get_cipher_by_char(ptr); -

2039 -

2040

if (c == NULL || (!all && c->valid == 0))

c == ((void *)0)	Description
TRUE	evaluated 17433 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 62388 times by 1 test Evaluated by: libssl.so.1.1

!all	Description
TRUE	evaluated 4124 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 58264 times by 1 test Evaluated by: libssl.so.1.1

c->valid == 0	Description
TRUE	never evaluated
FALSE	evaluated 4124 times by 1 test Evaluated by: libssl.so.1.1

0-62388

2041

return NULL;

executed 17433 times by 1 test: return ((void *)0) ;

Executed by:

libssl.so.1.1

17433

2042

return c;

executed 62388 times by 1 test: return c;

Executed by:

libssl.so.1.1

62388

2043 } -

2044 -

2045 const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr) -

2046 { -

2047

return ssl->method->get_cipher_by_char(ptr);

executed 3456 times by 2 tests: return ssl->method->get_cipher_by_char(ptr);

Executed by:

libssl.so.1.1
tls13encryptiontest

3456

2048 } -

2049 -

2050 int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c) -

2051 { -

2052 int i; -

2053

if (c == NULL)

c == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 432 times by 1 test Evaluated by: libssl.so.1.1

0-432

2054

return NID_undef;

never executed: return 0;

2055 i = ssl_cipher_info_lookup(ssl_cipher_table_cipher, c->algorithm_enc); -

2056

if (i == -1)

i == -1	Description
TRUE	never evaluated
FALSE	evaluated 432 times by 1 test Evaluated by: libssl.so.1.1

0-432

2057

return NID_undef;

never executed: return 0;

2058

return ssl_cipher_table_cipher[i].nid;

executed 432 times by 1 test: return ssl_cipher_table_cipher[i].nid;

Executed by:

libssl.so.1.1

432

2059 } -

2060 -

2061 int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c) -

2062 { -

2063 int i = ssl_cipher_info_lookup(ssl_cipher_table_mac, c->algorithm_mac); -

2064 -

2065

if (i == -1)

i == -1	Description
TRUE	never evaluated
FALSE	evaluated 540 times by 1 test Evaluated by: libssl.so.1.1

0-540

2066

return NID_undef;

never executed: return 0;

2067

return ssl_cipher_table_mac[i].nid;

executed 540 times by 1 test: return ssl_cipher_table_mac[i].nid;

Executed by:

libssl.so.1.1

540

2068 } -

2069 -

2070 int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *c) -

2071 { -

2072 int i = ssl_cipher_info_lookup(ssl_cipher_table_kx, c->algorithm_mkey); -

2073 -

2074

if (i == -1)

i == -1	Description
TRUE	never evaluated
FALSE	never evaluated

2075

return NID_undef;

never executed: return 0;

2076

return ssl_cipher_table_kx[i].nid;

never executed: return ssl_cipher_table_kx[i].nid;

2077 } -

2078 -

2079 int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c) -

2080 { -

2081 int i = ssl_cipher_info_lookup(ssl_cipher_table_auth, c->algorithm_auth); -

2082 -

2083

if (i == -1)

i == -1	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 1 test Evaluated by: libssl.so.1.1

0-30

2084

return NID_undef;

never executed: return 0;

2085

return ssl_cipher_table_auth[i].nid;

executed 30 times by 1 test: return ssl_cipher_table_auth[i].nid;

Executed by:

libssl.so.1.1

2086 } -

2087 -

2088 const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c) -

2089 { -

2090 int idx = c->algorithm2 & SSL_HANDSHAKE_MAC_MASK; -

2091 -

2092

if (idx < 0 || idx >= SSL_MD_NUM_IDX)

idx < 0	Description
TRUE	never evaluated
FALSE	never evaluated

idx >= 12	Description
TRUE	never evaluated
FALSE	never evaluated

2093

return NULL;

never executed: return ((void *)0) ;

2094

return ssl_digest_methods[idx];

never executed: return ssl_digest_methods[idx];

2095 } -

2096 -

2097 int SSL_CIPHER_is_aead(const SSL_CIPHER *c) -

2098 { -

2099

return (c->algorithm_mac & SSL_AEAD) ? 1 : 0;

never executed: return (c->algorithm_mac & 0x00000040U) ? 1 : 0;

(c->algorithm_...& 0x00000040U)	Description
TRUE	never evaluated
FALSE	never evaluated

2100 } -

2101 -

2102 int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead, -

2103 size_t *int_overhead, size_t *blocksize, -

2104 size_t *ext_overhead) -

2105 { -

2106 size_t mac = 0, in = 0, blk = 0, out = 0; -

2107 -

2108 /* Some hard-coded numbers for the CCM/Poly1305 MAC overhead -

2109 * because there are no handy #defines for those. */ -

2110

if (c->algorithm_enc & (SSL_AESGCM | SSL_ARIAGCM)) {

c->algorithm_e... 0x00200000U))	Description
TRUE	evaluated 120 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 690 times by 1 test Evaluated by: libssl.so.1.1

120-690

2111 out = EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; -

2112

} else if (c->algorithm_enc & (SSL_AES128CCM | SSL_AES256CCM)) {

executed 120 times by 1 test: end of block

Executed by:

libssl.so.1.1

c->algorithm_e...\| 0x00008000U)	Description
TRUE	evaluated 60 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 630 times by 1 test Evaluated by: libssl.so.1.1

60-630

2113 out = EVP_CCM_TLS_EXPLICIT_IV_LEN + 16; -

2114

} else if (c->algorithm_enc & (SSL_AES128CCM8 | SSL_AES256CCM8)) {

executed 60 times by 1 test: end of block

Executed by:

libssl.so.1.1

c->algorithm_e...\| 0x00020000U)	Description
TRUE	evaluated 60 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 570 times by 1 test Evaluated by: libssl.so.1.1

60-570

2115 out = EVP_CCM_TLS_EXPLICIT_IV_LEN + 8; -

2116

} else if (c->algorithm_enc & SSL_CHACHA20POLY1305) {

executed 60 times by 1 test: end of block

Executed by:

libssl.so.1.1

c->algorithm_enc & 0x00080000U	Description
TRUE	evaluated 30 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 540 times by 1 test Evaluated by: libssl.so.1.1

30-540

2117 out = 16; -

2118

} else if (c->algorithm_mac & SSL_AEAD) {

executed 30 times by 1 test: end of block

Executed by:

libssl.so.1.1

c->algorithm_mac & 0x00000040U	Description
TRUE	never evaluated
FALSE	evaluated 540 times by 1 test Evaluated by: libssl.so.1.1

0-540

2119 /* We're supposed to have handled all the AEAD modes above */ -

2120

return 0;

never executed: return 0;

2121 } else { -

2122 /* Non-AEAD modes. Calculate MAC/cipher overhead separately */ -

2123 int digest_nid = SSL_CIPHER_get_digest_nid(c); -

2124 const EVP_MD *e_md = EVP_get_digestbynid(digest_nid); -

2125 -

2126

if (e_md == NULL)

e_md == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 540 times by 1 test Evaluated by: libssl.so.1.1

0-540

2127

return 0;

never executed: return 0;

2128 -

2129 mac = EVP_MD_size(e_md); -

2130

if (c->algorithm_enc != SSL_eNULL) {

c->algorithm_e...!= 0x00000020U	Description
TRUE	evaluated 360 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 180 times by 1 test Evaluated by: libssl.so.1.1

180-360

2131 int cipher_nid = SSL_CIPHER_get_cipher_nid(c); -

2132 const EVP_CIPHER *e_ciph = EVP_get_cipherbynid(cipher_nid); -

2133 -

2134 /* If it wasn't AEAD or SSL_eNULL, we expect it to be a -

2135 known CBC cipher. */ -

2136

if (e_ciph == NULL ||

e_ciph == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 360 times by 1 test Evaluated by: libssl.so.1.1

0-360

2137

EVP_CIPHER_mode(e_ciph) != EVP_CIPH_CBC_MODE)

(EVP_CIPHER_fl...xF0007) != 0x2	Description
TRUE	never evaluated
FALSE	evaluated 360 times by 1 test Evaluated by: libssl.so.1.1

0-360

2138

return 0;

never executed: return 0;

2139 -

2140 in = 1; /* padding length byte */ -

2141 out = EVP_CIPHER_iv_length(e_ciph); -

2142 blk = EVP_CIPHER_block_size(e_ciph); -

2143

}

executed 360 times by 1 test: end of block

Executed by:

libssl.so.1.1

360

2144

}

executed 540 times by 1 test: end of block

Executed by:

libssl.so.1.1

540

2145 -

2146 *mac_overhead = mac; -

2147 *int_overhead = in; -

2148 *blocksize = blk; -

2149 *ext_overhead = out; -

2150 -

2151

return 1;

executed 810 times by 1 test: return 1;

Executed by:

libssl.so.1.1

810

2152 } -

2153 -

2154 int ssl_cert_is_disabled(size_t idx) -

2155 { -

2156 const SSL_CERT_LOOKUP *cl = ssl_cert_lookup_by_idx(idx); -

2157 -

2158

if (cl == NULL || (cl->amask & disabled_auth_mask) != 0)

cl == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 190736 times by 1 test Evaluated by: libssl.so.1.1

(cl->amask & d...uth_mask) != 0	Description
TRUE	never evaluated
FALSE	evaluated 190736 times by 1 test Evaluated by: libssl.so.1.1

0-190736

2159

return 1;

never executed: return 1;

2160

return 0;

executed 190736 times by 1 test: return 0;

Executed by:

libssl.so.1.1

190736

2161 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2