OpenCoverage

pk7_doit.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/pkcs7/pk7_doit.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10#include <stdio.h>-
11#include "internal/cryptlib.h"-
12#include <openssl/rand.h>-
13#include <openssl/objects.h>-
14#include <openssl/x509.h>-
15#include <openssl/x509v3.h>-
16#include <openssl/err.h>-
17-
18static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,-
19 void *value);-
20static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);-
21-
22static int PKCS7_type_is_other(PKCS7 *p7)-
23{-
24 int isOther = 1;-
25-
26 int nid = OBJ_obj2nid(p7->type);-
27-
28 switch (nid) {-
29 case NID_pkcs7_data:
never executed: case 21:
0
30 case NID_pkcs7_signed:
never executed: case 22:
0
31 case NID_pkcs7_enveloped:
never executed: case 23:
0
32 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
33 case NID_pkcs7_digest:
never executed: case 25:
0
34 case NID_pkcs7_encrypted:
never executed: case 26:
0
35 isOther = 0;-
36 break;
never executed: break;
0
37 default:
never executed: default:
0
38 isOther = 1;-
39 }
never executed: end of block
0
40-
41 return isOther;
never executed: return isOther;
0
42-
43}-
44-
45static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)-
46{-
47 if (PKCS7_type_is_data(p7))
(OBJ_obj2nid((...->type) == 21)Description
TRUEevaluated 34 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-34
48 return p7->d.data;
executed 34 times by 1 test: return p7->d.data;
Executed by:
  • libcrypto.so.1.1
34
49 if (PKCS7_type_is_other(p7) && p7->d.other
PKCS7_type_is_other(p7)Description
TRUEnever evaluated
FALSEnever evaluated
p7->d.otherDescription
TRUEnever evaluated
FALSEnever evaluated
0
50 && (p7->d.other->type == V_ASN1_OCTET_STRING))
(p7->d.other->type == 4)Description
TRUEnever evaluated
FALSEnever evaluated
0
51 return p7->d.other->value.octet_string;
never executed: return p7->d.other->value.octet_string;
0
52 return NULL;
never executed: return ((void *)0) ;
0
53}-
54-
55static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)-
56{-
57 BIO *btmp;-
58 const EVP_MD *md;-
59 if ((btmp = BIO_new(BIO_f_md())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
60 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);-
61 goto err;
never executed: goto err;
0
62 }-
63-
64 md = EVP_get_digestbyobj(alg->algorithm);-
65 if (md == NULL) {
md == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
66 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);-
67 goto err;
never executed: goto err;
0
68 }-
69-
70 BIO_set_md(btmp, md);-
71 if (*pbio == NULL)
*pbio == ((void *)0)Description
TRUEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-23
72 *pbio = btmp;
executed 23 times by 1 test: *pbio = btmp;
Executed by:
  • libcrypto.so.1.1
23
73 else if (!BIO_push(*pbio, btmp)) {
!BIO_push(*pbio, btmp)Description
TRUEnever evaluated
FALSEnever evaluated
0
74 PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);-
75 goto err;
never executed: goto err;
0
76 }-
77 btmp = NULL;-
78-
79 return 1;
executed 23 times by 1 test: return 1;
Executed by:
  • libcrypto.so.1.1
23
80-
81 err:-
82 BIO_free(btmp);-
83 return 0;
never executed: return 0;
0
84-
85}-
86-
87static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,-
88 unsigned char *key, int keylen)-
89{-
90 EVP_PKEY_CTX *pctx = NULL;-
91 EVP_PKEY *pkey = NULL;-
92 unsigned char *ek = NULL;-
93 int ret = 0;-
94 size_t eklen;-
95-
96 pkey = X509_get0_pubkey(ri->cert);-
97-
98 if (!pkey)
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
99 return 0;
never executed: return 0;
0
100-
101 pctx = EVP_PKEY_CTX_new(pkey, NULL);-
102 if (!pctx)
!pctxDescription
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
103 return 0;
never executed: return 0;
0
104-
105 if (EVP_PKEY_encrypt_init(pctx) <= 0)
EVP_PKEY_encry...nit(pctx) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
106 goto err;
never executed: goto err;
0
107-
108 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
EVP_PKEY_CTX_c...3, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
109 EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
EVP_PKEY_CTX_c...3, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
110 PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);-
111 goto err;
never executed: goto err;
0
112 }-
113-
114 if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
EVP_PKEY_encry..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
115 goto err;
never executed: goto err;
0
116-
117 ek = OPENSSL_malloc(eklen);-
118-
119 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
120 PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);-
121 goto err;
never executed: goto err;
0
122 }-
123-
124 if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
EVP_PKEY_encry..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
125 goto err;
never executed: goto err;
0
126-
127 ASN1_STRING_set0(ri->enc_key, ek, eklen);-
128 ek = NULL;-
129-
130 ret = 1;-
131-
132 err:
code before this statement executed 12 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
12
133 EVP_PKEY_CTX_free(pctx);-
134 OPENSSL_free(ek);-
135 return ret;
executed 12 times by 1 test: return ret;
Executed by:
  • libcrypto.so.1.1
12
136-
137}-
138-
139static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,-
140 PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)-
141{-
142 EVP_PKEY_CTX *pctx = NULL;-
143 unsigned char *ek = NULL;-
144 size_t eklen;-
145-
146 int ret = -1;-
147-
148 pctx = EVP_PKEY_CTX_new(pkey, NULL);-
149 if (!pctx)
!pctxDescription
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
150 return -1;
never executed: return -1;
0
151-
152 if (EVP_PKEY_decrypt_init(pctx) <= 0)
EVP_PKEY_decry...nit(pctx) <= 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
153 goto err;
never executed: goto err;
0
154-
155 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
EVP_PKEY_CTX_c...4, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
156 EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
EVP_PKEY_CTX_c...4, 0, ri) <= 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
157 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);-
158 goto err;
never executed: goto err;
0
159 }-
160-
161 if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
162 ri->enc_key->data, ri->enc_key->length) <= 0)
EVP_PKEY_decry...->length) <= 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
163 goto err;
never executed: goto err;
0
164-
165 ek = OPENSSL_malloc(eklen);-
166-
167 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-6
168 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);-
169 goto err;
never executed: goto err;
0
170 }-
171-
172 if (EVP_PKEY_decrypt(pctx, ek, &eklen,
EVP_PKEY_decry...->length) <= 0Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
2-4
173 ri->enc_key->data, ri->enc_key->length) <= 0) {
EVP_PKEY_decry...->length) <= 0Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
2-4
174 ret = 0;-
175 PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);-
176 goto err;
executed 2 times by 1 test: goto err;
Executed by:
  • libcrypto.so.1.1
2
177 }-
178-
179 ret = 1;-
180-
181 OPENSSL_clear_free(*pek, *peklen);-
182 *pek = ek;-
183 *peklen = eklen;-
184-
185 err:
code before this statement executed 4 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
4
186 EVP_PKEY_CTX_free(pctx);-
187 if (!ret)
!retDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
2-4
188 OPENSSL_free(ek);
executed 2 times by 1 test: CRYPTO_free(ek, __FILE__, 188);
Executed by:
  • libcrypto.so.1.1
2
189-
190 return ret;
executed 6 times by 1 test: return ret;
Executed by:
  • libcrypto.so.1.1
6
191}-
192-
193BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)-
194{-
195 int i;-
196 BIO *out = NULL, *btmp = NULL;-
197 X509_ALGOR *xa = NULL;-
198 const EVP_CIPHER *evp_cipher = NULL;-
199 STACK_OF(X509_ALGOR) *md_sk = NULL;-
200 STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;-
201 X509_ALGOR *xalg = NULL;-
202 PKCS7_RECIP_INFO *ri = NULL;-
203 ASN1_OCTET_STRING *os = NULL;-
204-
205 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 27 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-27
206 PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);-
207 return NULL;
never executed: return ((void *)0) ;
0
208 }-
209 /*-
210 * The content field in the PKCS7 ContentInfo is optional, but that really-
211 * only applies to inner content (precisely, detached signatures).-
212 *-
213 * When reading content, missing outer content is therefore treated as an-
214 * error.-
215 *-
216 * When creating content, PKCS7_content_new() must be called before-
217 * calling this method, so a NULL p7->d is always an error.-
218 */-
219 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 27 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-27
220 PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);-
221 return NULL;
never executed: return ((void *)0) ;
0
222 }-
223-
224 i = OBJ_obj2nid(p7->type);-
225 p7->state = PKCS7_S_HEADER;-
226-
227 switch (i) {-
228 case NID_pkcs7_signed:
executed 23 times by 1 test: case 22:
Executed by:
  • libcrypto.so.1.1
23
229 md_sk = p7->d.sign->md_algs;-
230 os = PKCS7_get_octet_string(p7->d.sign->contents);-
231 break;
executed 23 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
23
232 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
233 rsk = p7->d.signed_and_enveloped->recipientinfo;-
234 md_sk = p7->d.signed_and_enveloped->md_algs;-
235 xalg = p7->d.signed_and_enveloped->enc_data->algorithm;-
236 evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;-
237 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
238 PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);-
239 goto err;
never executed: goto err;
0
240 }-
241 break;
never executed: break;
0
242 case NID_pkcs7_enveloped:
executed 4 times by 1 test: case 23:
Executed by:
  • libcrypto.so.1.1
4
243 rsk = p7->d.enveloped->recipientinfo;-
244 xalg = p7->d.enveloped->enc_data->algorithm;-
245 evp_cipher = p7->d.enveloped->enc_data->cipher;-
246 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
247 PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);-
248 goto err;
never executed: goto err;
0
249 }-
250 break;
executed 4 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
4
251 case NID_pkcs7_digest:
never executed: case 25:
0
252 xa = p7->d.digest->md;-
253 os = PKCS7_get_octet_string(p7->d.digest->contents);-
254 break;
never executed: break;
0
255 case NID_pkcs7_data:
never executed: case 21:
0
256 break;
never executed: break;
0
257 default:
never executed: default:
0
258 PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
259 goto err;
never executed: goto err;
0
260 }-
261-
262 for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
i < sk_X509_ALGOR_num(md_sk)Description
TRUEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 27 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
23-27
263 if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
!PKCS7_bio_add...lue(md_sk, i))Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
264 goto err;
never executed: goto err;
0
265-
266 if (xa && !PKCS7_bio_add_digest(&out, xa))
xaDescription
TRUEnever evaluated
FALSEevaluated 27 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
!PKCS7_bio_add...gest(&out, xa)Description
TRUEnever evaluated
FALSEnever evaluated
0-27
267 goto err;
never executed: goto err;
0
268-
269 if (evp_cipher != NULL) {
evp_cipher != ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4-23
270 unsigned char key[EVP_MAX_KEY_LENGTH];-
271 unsigned char iv[EVP_MAX_IV_LENGTH];-
272 int keylen, ivlen;-
273 EVP_CIPHER_CTX *ctx;-
274-
275 if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
276 PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);-
277 goto err;
never executed: goto err;
0
278 }-
279 BIO_get_cipher_ctx(btmp, &ctx);-
280 keylen = EVP_CIPHER_key_length(evp_cipher);-
281 ivlen = EVP_CIPHER_iv_length(evp_cipher);-
282 xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));-
283 if (ivlen > 0)
ivlen > 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
284 if (RAND_bytes(iv, ivlen) <= 0)
RAND_bytes(iv, ivlen) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
285 goto err;
never executed: goto err;
0
286 if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
EVP_CipherInit...*)0) , 1) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
287 goto err;
never executed: goto err;
0
288 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
EVP_CIPHER_CTX...ctx, key) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
289 goto err;
never executed: goto err;
0
290 if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
EVP_CipherInit...y, iv, 1) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
291 goto err;
never executed: goto err;
0
292-
293 if (ivlen > 0) {
ivlen > 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
294 if (xalg->parameter == NULL) {
xalg->parameter == ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
295 xalg->parameter = ASN1_TYPE_new();-
296 if (xalg->parameter == NULL)
xalg->parameter == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
297 goto err;
never executed: goto err;
0
298 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
299 if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
EVP_CIPHER_par...parameter) < 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
300 goto err;
never executed: goto err;
0
301 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
302-
303 /* Lets do the pub key stuff :-) */-
304 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_PKCS7_R..._INFO_num(rsk)Description
TRUEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4-12
305 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
306 if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
pkcs7_encode_r..., keylen) <= 0Description
TRUEnever evaluated
FALSEevaluated 12 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-12
307 goto err;
never executed: goto err;
0
308 }
executed 12 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
12
309 OPENSSL_cleanse(key, keylen);-
310-
311 if (out == NULL)
out == ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
312 out = btmp;
executed 4 times by 1 test: out = btmp;
Executed by:
  • libcrypto.so.1.1
4
313 else-
314 BIO_push(out, btmp);
never executed: BIO_push(out, btmp);
0
315 btmp = NULL;-
316 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
317-
318 if (bio == NULL) {
bio == ((void *)0)Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 16 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
11-16
319 if (PKCS7_is_detached(p7)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-11
320 bio = BIO_new(BIO_s_null());-
321 } else if (os && os->length > 0) {
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
osDescription
TRUEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
os->length > 0Description
TRUEevaluated 7 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-9
322 bio = BIO_new_mem_buf(os->data, os->length);-
323 } else {
executed 7 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
7
324 bio = BIO_new(BIO_s_mem());-
325 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
326 goto err;
never executed: goto err;
0
327 BIO_set_mem_eof_return(bio, 0);-
328 }
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
2
329 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-11
330 goto err;
never executed: goto err;
0
331 }
executed 11 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
11
332 if (out)
outDescription
TRUEevaluated 27 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-27
333 BIO_push(out, bio);
executed 27 times by 1 test: BIO_push(out, bio);
Executed by:
  • libcrypto.so.1.1
27
334 else-
335 out = bio;
never executed: out = bio;
0
336 return out;
executed 27 times by 1 test: return out;
Executed by:
  • libcrypto.so.1.1
27
337-
338 err:-
339 BIO_free_all(out);-
340 BIO_free_all(btmp);-
341 return NULL;
never executed: return ((void *)0) ;
0
342}-
343-
344static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)-
345{-
346 int ret;-
347 ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,-
348 X509_get_issuer_name(pcert));-
349 if (ret)
retDescription
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-5
350 return ret;
never executed: return ret;
0
351 return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert),
executed 5 times by 1 test: return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert), ri->issuer_and_serial->serial);
Executed by:
  • libcrypto.so.1.1
5
352 ri->issuer_and_serial->serial);
executed 5 times by 1 test: return ASN1_INTEGER_cmp(X509_get_serialNumber(pcert), ri->issuer_and_serial->serial);
Executed by:
  • libcrypto.so.1.1
5
353}-
354-
355/* int */-
356BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)-
357{-
358 int i, j;-
359 BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;-
360 X509_ALGOR *xa;-
361 ASN1_OCTET_STRING *data_body = NULL;-
362 const EVP_MD *evp_md;-
363 const EVP_CIPHER *evp_cipher = NULL;-
364 EVP_CIPHER_CTX *evp_ctx = NULL;-
365 X509_ALGOR *enc_alg = NULL;-
366 STACK_OF(X509_ALGOR) *md_sk = NULL;-
367 STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;-
368 PKCS7_RECIP_INFO *ri = NULL;-
369 unsigned char *ek = NULL, *tkey = NULL;-
370 int eklen = 0, tkeylen = 0;-
371-
372 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
373 PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);-
374 return NULL;
never executed: return ((void *)0) ;
0
375 }-
376-
377 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
378 PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);-
379 return NULL;
never executed: return ((void *)0) ;
0
380 }-
381-
382 i = OBJ_obj2nid(p7->type);-
383 p7->state = PKCS7_S_HEADER;-
384-
385 switch (i) {-
386 case NID_pkcs7_signed:
never executed: case 22:
0
387 /*-
388 * p7->d.sign->contents is a PKCS7 structure consisting of a contentType-
389 * field and optional content.-
390 * data_body is NULL if that structure has no (=detached) content-
391 * or if the contentType is wrong (i.e., not "data").-
392 */-
393 data_body = PKCS7_get_octet_string(p7->d.sign->contents);-
394 if (!PKCS7_is_detached(p7) && data_body == NULL) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEnever evaluated
FALSEnever evaluated
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
data_body == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
395 PKCS7err(PKCS7_F_PKCS7_DATADECODE,-
396 PKCS7_R_INVALID_SIGNED_DATA_TYPE);-
397 goto err;
never executed: goto err;
0
398 }-
399 md_sk = p7->d.sign->md_algs;-
400 break;
never executed: break;
0
401 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
402 rsk = p7->d.signed_and_enveloped->recipientinfo;-
403 md_sk = p7->d.signed_and_enveloped->md_algs;-
404 /* data_body is NULL if the optional EncryptedContent is missing. */-
405 data_body = p7->d.signed_and_enveloped->enc_data->enc_data;-
406 enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;-
407 evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);-
408 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
409 PKCS7err(PKCS7_F_PKCS7_DATADECODE,-
410 PKCS7_R_UNSUPPORTED_CIPHER_TYPE);-
411 goto err;
never executed: goto err;
0
412 }-
413 break;
never executed: break;
0
414 case NID_pkcs7_enveloped:
executed 4 times by 1 test: case 23:
Executed by:
  • libcrypto.so.1.1
4
415 rsk = p7->d.enveloped->recipientinfo;-
416 enc_alg = p7->d.enveloped->enc_data->algorithm;-
417 /* data_body is NULL if the optional EncryptedContent is missing. */-
418 data_body = p7->d.enveloped->enc_data->enc_data;-
419 evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);-
420 if (evp_cipher == NULL) {
evp_cipher == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
421 PKCS7err(PKCS7_F_PKCS7_DATADECODE,-
422 PKCS7_R_UNSUPPORTED_CIPHER_TYPE);-
423 goto err;
never executed: goto err;
0
424 }-
425 break;
executed 4 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
4
426 default:
never executed: default:
0
427 PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
428 goto err;
never executed: goto err;
0
429 }-
430-
431 /* Detached content must be supplied via in_bio instead. */-
432 if (data_body == NULL && in_bio == NULL) {
data_body == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
in_bio == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0-4
433 PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);-
434 goto err;
never executed: goto err;
0
435 }-
436-
437 /* We will be checking the signature */-
438 if (md_sk != NULL) {
md_sk != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
439 for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
i < sk_X509_ALGOR_num(md_sk)Description
TRUEnever evaluated
FALSEnever evaluated
0
440 xa = sk_X509_ALGOR_value(md_sk, i);-
441 if ((btmp = BIO_new(BIO_f_md())) == NULL) {
(btmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
442 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);-
443 goto err;
never executed: goto err;
0
444 }-
445-
446 j = OBJ_obj2nid(xa->algorithm);-
447 evp_md = EVP_get_digestbynid(j);-
448 if (evp_md == NULL) {
evp_md == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
449 PKCS7err(PKCS7_F_PKCS7_DATADECODE,-
450 PKCS7_R_UNKNOWN_DIGEST_TYPE);-
451 goto err;
never executed: goto err;
0
452 }-
453-
454 BIO_set_md(btmp, evp_md);-
455 if (out == NULL)
out == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
456 out = btmp;
never executed: out = btmp;
0
457 else-
458 BIO_push(out, btmp);
never executed: BIO_push(out, btmp);
0
459 btmp = NULL;-
460 }
never executed: end of block
0
461 }
never executed: end of block
0
462-
463 if (evp_cipher != NULL) {
evp_cipher != ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
464 if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
(etmp = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
465 PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);-
466 goto err;
never executed: goto err;
0
467 }-
468-
469 /*-
470 * It was encrypted, we need to decrypt the secret key with the-
471 * private key-
472 */-
473-
474 /*-
475 * Find the recipientInfo which matches the passed certificate (if-
476 * any)-
477 */-
478-
479 if (pcert) {
pcertDescription
TRUEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
1-3
480 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_PKCS7_R..._INFO_num(rsk)Description
TRUEevaluated 5 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-5
481 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
482 if (!pkcs7_cmp_ri(ri, pcert))
!pkcs7_cmp_ri(ri, pcert)Description
TRUEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
2-3
483 break;
executed 3 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
3
484 ri = NULL;-
485 }
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
2
486 if (ri == NULL) {
ri == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-3
487 PKCS7err(PKCS7_F_PKCS7_DATADECODE,-
488 PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);-
489 goto err;
never executed: goto err;
0
490 }-
491 }
executed 3 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
3
492-
493 /* If we haven't got a certificate try each ri in turn */-
494 if (pcert == NULL) {
pcert == ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
1-3
495 /*-
496 * Always attempt to decrypt all rinfo even after success as a-
497 * defence against MMA timing attacks.-
498 */-
499 for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
i < sk_PKCS7_R..._INFO_num(rsk)Description
TRUEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
1-3
500 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);-
501-
502 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
pkcs7_decrypt_... ri, pkey) < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-3
503 goto err;
never executed: goto err;
0
504 ERR_clear_error();-
505 }
executed 3 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
3
506 } else {
executed 1 time by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
1
507 /* Only exit on fatal errors, not decrypt failure */-
508 if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
pkcs7_decrypt_... ri, pkey) < 0Description
TRUEnever evaluated
FALSEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-3
509 goto err;
never executed: goto err;
0
510 ERR_clear_error();-
511 }
executed 3 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
3
512-
513 evp_ctx = NULL;-
514 BIO_get_cipher_ctx(etmp, &evp_ctx);-
515 if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
EVP_CipherInit...*)0) , 0) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
516 goto err;
never executed: goto err;
0
517 if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
EVP_CIPHER_asn...parameter) < 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
518 goto err;
never executed: goto err;
0
519 /* Generate random key as MMA defence */-
520 tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);-
521 tkey = OPENSSL_malloc(tkeylen);-
522 if (tkey == NULL)
tkey == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
523 goto err;
never executed: goto err;
0
524 if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
EVP_CIPHER_CTX...tx, tkey) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
525 goto err;
never executed: goto err;
0
526 if (ek == NULL) {
ek == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
527 ek = tkey;-
528 eklen = tkeylen;-
529 tkey = NULL;-
530 }
never executed: end of block
0
531-
532 if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
eklen != EVP_C...ength(evp_ctx)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
533 /*-
534 * Some S/MIME clients don't use the same key and effective key-
535 * length. The key length is determined by the size of the-
536 * decrypted RSA key.-
537 */-
538 if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
!EVP_CIPHER_CT...vp_ctx, eklen)Description
TRUEnever evaluated
FALSEnever evaluated
0
539 /* Use random key as MMA defence */-
540 OPENSSL_clear_free(ek, eklen);-
541 ek = tkey;-
542 eklen = tkeylen;-
543 tkey = NULL;-
544 }
never executed: end of block
0
545 }
never executed: end of block
0
546 /* Clear errors so we don't leak information useful in MMA */-
547 ERR_clear_error();-
548 if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
EVP_CipherInit...*)0) , 0) <= 0Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
549 goto err;
never executed: goto err;
0
550-
551 OPENSSL_clear_free(ek, eklen);-
552 ek = NULL;-
553 OPENSSL_clear_free(tkey, tkeylen);-
554 tkey = NULL;-
555-
556 if (out == NULL)
out == ((void *)0)Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
557 out = etmp;
executed 4 times by 1 test: out = etmp;
Executed by:
  • libcrypto.so.1.1
4
558 else-
559 BIO_push(out, etmp);
never executed: BIO_push(out, etmp);
0
560 etmp = NULL;-
561 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
562 if (in_bio != NULL) {
in_bio != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
563 bio = in_bio;-
564 } else {
never executed: end of block
0
565 if (data_body->length > 0)
data_body->length > 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4
566 bio = BIO_new_mem_buf(data_body->data, data_body->length);
executed 4 times by 1 test: bio = BIO_new_mem_buf(data_body->data, data_body->length);
Executed by:
  • libcrypto.so.1.1
4
567 else {-
568 bio = BIO_new(BIO_s_mem());-
569 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
570 goto err;
never executed: goto err;
0
571 BIO_set_mem_eof_return(bio, 0);-
572 }
never executed: end of block
0
573 if (bio == NULL)
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
574 goto err;
never executed: goto err;
0
575 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
576 BIO_push(out, bio);-
577 bio = NULL;-
578 return out;
executed 4 times by 1 test: return out;
Executed by:
  • libcrypto.so.1.1
4
579-
580 err:-
581 OPENSSL_clear_free(ek, eklen);-
582 OPENSSL_clear_free(tkey, tkeylen);-
583 BIO_free_all(out);-
584 BIO_free_all(btmp);-
585 BIO_free_all(etmp);-
586 BIO_free_all(bio);-
587 return NULL;
never executed: return ((void *)0) ;
0
588}-
589-
590static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)-
591{-
592 for (;;) {-
593 bio = BIO_find_type(bio, BIO_TYPE_MD);-
594 if (bio == NULL) {
bio == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
595 PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,-
596 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
597 return NULL;
never executed: return ((void *)0) ;
0
598 }-
599 BIO_get_md_ctx(bio, pmd);-
600 if (*pmd == NULL) {
*pmd == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
601 PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST, ERR_R_INTERNAL_ERROR);-
602 return NULL;
never executed: return ((void *)0) ;
0
603 }-
604 if (EVP_MD_CTX_type(*pmd) == nid)
EVP_MD_type(EV...(*pmd)) == nidDescription
TRUEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-23
605 return bio;
executed 23 times by 1 test: return bio;
Executed by:
  • libcrypto.so.1.1
23
606 bio = BIO_next(bio);-
607 }
never executed: end of block
0
608 return NULL;
never executed: return ((void *)0) ;
0
609}-
610-
611static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)-
612{-
613 unsigned char md_data[EVP_MAX_MD_SIZE];-
614 unsigned int md_len;-
615-
616 /* Add signing time if not already present */-
617 if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
!PKCS7_get_sig...ribute(si, 52)Description
TRUEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-19
618 if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
!PKCS7_add0_at... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-19
619 PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);-
620 return 0;
never executed: return 0;
0
621 }-
622 }
executed 19 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
19
623-
624 /* Add digest */-
625 if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
!EVP_DigestFin...data, &md_len)Description
TRUEnever evaluated
FALSEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-19
626 PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);-
627 return 0;
never executed: return 0;
0
628 }-
629 if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
!PKCS7_add1_at..._data, md_len)Description
TRUEnever evaluated
FALSEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-19
630 PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);-
631 return 0;
never executed: return 0;
0
632 }-
633-
634 /* Now sign the attributes */-
635 if (!PKCS7_SIGNER_INFO_sign(si))
!PKCS7_SIGNER_INFO_sign(si)Description
TRUEnever evaluated
FALSEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-19
636 return 0;
never executed: return 0;
0
637-
638 return 1;
executed 19 times by 1 test: return 1;
Executed by:
  • libcrypto.so.1.1
19
639}-
640-
641int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)-
642{-
643 int ret = 0;-
644 int i, j;-
645 BIO *btmp;-
646 PKCS7_SIGNER_INFO *si;-
647 EVP_MD_CTX *mdc, *ctx_tmp;-
648 STACK_OF(X509_ATTRIBUTE) *sk;-
649 STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;-
650 ASN1_OCTET_STRING *os = NULL;-
651-
652 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 15 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-15
653 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);-
654 return 0;
never executed: return 0;
0
655 }-
656-
657 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 15 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-15
658 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);-
659 return 0;
never executed: return 0;
0
660 }-
661-
662 ctx_tmp = EVP_MD_CTX_new();-
663 if (ctx_tmp == NULL) {
ctx_tmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 15 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-15
664 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);-
665 return 0;
never executed: return 0;
0
666 }-
667-
668 i = OBJ_obj2nid(p7->type);-
669 p7->state = PKCS7_S_HEADER;-
670-
671 switch (i) {-
672 case NID_pkcs7_data:
never executed: case 21:
0
673 os = p7->d.data;-
674 break;
never executed: break;
0
675 case NID_pkcs7_signedAndEnveloped:
never executed: case 24:
0
676 /* XXXXXXXXXXXXXXXX */-
677 si_sk = p7->d.signed_and_enveloped->signer_info;-
678 os = p7->d.signed_and_enveloped->enc_data->enc_data;-
679 if (os == NULL) {
os == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
680 os = ASN1_OCTET_STRING_new();-
681 if (os == NULL) {
os == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
682 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);-
683 goto err;
never executed: goto err;
0
684 }-
685 p7->d.signed_and_enveloped->enc_data->enc_data = os;-
686 }
never executed: end of block
0
687 break;
never executed: break;
0
688 case NID_pkcs7_enveloped:
executed 4 times by 1 test: case 23:
Executed by:
  • libcrypto.so.1.1
4
689 /* XXXXXXXXXXXXXXXX */-
690 os = p7->d.enveloped->enc_data->enc_data;-
691 if (os == NULL) {
os == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
692 os = ASN1_OCTET_STRING_new();-
693 if (os == NULL) {
os == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
694 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);-
695 goto err;
never executed: goto err;
0
696 }-
697 p7->d.enveloped->enc_data->enc_data = os;-
698 }
never executed: end of block
0
699 break;
executed 4 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
4
700 case NID_pkcs7_signed:
executed 11 times by 1 test: case 22:
Executed by:
  • libcrypto.so.1.1
11
701 si_sk = p7->d.sign->signer_info;-
702 os = PKCS7_get_octet_string(p7->d.sign->contents);-
703 /* If detached data then the content is excluded */-
704 if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
(OBJ_obj2nid((...->type) == 21)Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
p7->detachedDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 7 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-11
705 ASN1_OCTET_STRING_free(os);-
706 os = NULL;-
707 p7->d.sign->contents->d.data = NULL;-
708 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
709 break;
executed 11 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
11
710-
711 case NID_pkcs7_digest:
never executed: case 25:
0
712 os = PKCS7_get_octet_string(p7->d.digest->contents);-
713 /* If detached data then the content is excluded */-
714 if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
(OBJ_obj2nid((...->type) == 21)Description
TRUEnever evaluated
FALSEnever evaluated
p7->detachedDescription
TRUEnever evaluated
FALSEnever evaluated
0
715 ASN1_OCTET_STRING_free(os);-
716 os = NULL;-
717 p7->d.digest->contents->d.data = NULL;-
718 }
never executed: end of block
0
719 break;
never executed: break;
0
720-
721 default:
never executed: default:
0
722 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);-
723 goto err;
never executed: goto err;
0
724 }-
725-
726 if (si_sk != NULL) {
si_sk != ((void *)0)Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4-11
727 for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
i < sk_PKCS7_S...NFO_num(si_sk)Description
TRUEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
11-23
728 si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);-
729 if (si->pkey == NULL)
si->pkey == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
730 continue;
never executed: continue;
0
731-
732 j = OBJ_obj2nid(si->digest_alg->algorithm);-
733-
734 btmp = bio;-
735-
736 btmp = PKCS7_find_digest(&mdc, btmp, j);-
737-
738 if (btmp == NULL)
btmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
739 goto err;
never executed: goto err;
0
740-
741 /*-
742 * We now have the EVP_MD_CTX, lets do the signing.-
743 */-
744 if (!EVP_MD_CTX_copy_ex(ctx_tmp, mdc))
!EVP_MD_CTX_co...(ctx_tmp, mdc)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-23
745 goto err;
never executed: goto err;
0
746-
747 sk = si->auth_attr;-
748-
749 /*-
750 * If there are attributes, we add the digest attribute and only-
751 * sign the attributes-
752 */-
753 if (sk_X509_ATTRIBUTE_num(sk) > 0) {
sk_X509_ATTRIBUTE_num(sk) > 0Description
TRUEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4-19
754 if (!do_pkcs7_signed_attrib(si, ctx_tmp))
!do_pkcs7_sign...b(si, ctx_tmp)Description
TRUEnever evaluated
FALSEevaluated 19 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-19
755 goto err;
never executed: goto err;
0
756 } else {
executed 19 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
19
757 unsigned char *abuf = NULL;-
758 unsigned int abuflen;-
759 abuflen = EVP_PKEY_size(si->pkey);-
760 abuf = OPENSSL_malloc(abuflen);-
761 if (abuf == NULL)
abuf == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
762 goto err;
never executed: goto err;
0
763-
764 if (!EVP_SignFinal(ctx_tmp, abuf, &abuflen, si->pkey)) {
!EVP_SignFinal...len, si->pkey)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-4
765 OPENSSL_free(abuf);-
766 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);-
767 goto err;
never executed: goto err;
0
768 }-
769 ASN1_STRING_set0(si->enc_digest, abuf, abuflen);-
770 }
executed 4 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
4
771 }-
772 } else if (i == NID_pkcs7_digest) {
executed 11 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
i == 25Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-11
773 unsigned char md_data[EVP_MAX_MD_SIZE];-
774 unsigned int md_len;-
775 if (!PKCS7_find_digest(&mdc, bio,
!PKCS7_find_di...d->algorithm))Description
TRUEnever evaluated
FALSEnever evaluated
0
776 OBJ_obj2nid(p7->d.digest->md->algorithm)))
!PKCS7_find_di...d->algorithm))Description
TRUEnever evaluated
FALSEnever evaluated
0
777 goto err;
never executed: goto err;
0
778 if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
!EVP_DigestFin...data, &md_len)Description
TRUEnever evaluated
FALSEnever evaluated
0
779 goto err;
never executed: goto err;
0
780 if (!ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len))
!ASN1_OCTET_ST..._data, md_len)Description
TRUEnever evaluated
FALSEnever evaluated
0
781 goto err;
never executed: goto err;
0
782 }
never executed: end of block
0
783-
784 if (!PKCS7_is_detached(p7)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
PKCS7_ctrl(p7,... ((void *)0) )Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 7 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4-11
785 /*-
786 * NOTE(emilia): I think we only reach os == NULL here because detached-
787 * digested data support is broken.-
788 */-
789 if (os == NULL)
os == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 11 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-11
790 goto err;
never executed: goto err;
0
791 if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
!(os->flags & 0x010)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
2-9
792 char *cont;-
793 long contlen;-
794 btmp = BIO_find_type(bio, BIO_TYPE_MEM);-
795 if (btmp == NULL) {
btmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
796 PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);-
797 goto err;
never executed: goto err;
0
798 }-
799 contlen = BIO_get_mem_data(btmp, &cont);-
800 /*-
801 * Mark the BIO read only then we can use its copy of the data-
802 * instead of making an extra copy.-
803 */-
804 BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);-
805 BIO_set_mem_eof_return(btmp, 0);-
806 ASN1_STRING_set0(os, (unsigned char *)cont, contlen);-
807 }
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
2
808 }
executed 11 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
11
809 ret = 1;-
810 err:
code before this statement executed 15 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
15
811 EVP_MD_CTX_free(ctx_tmp);-
812 return ret;
executed 15 times by 1 test: return ret;
Executed by:
  • libcrypto.so.1.1
15
813}-
814-
815int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)-
816{-
817 EVP_MD_CTX *mctx;-
818 EVP_PKEY_CTX *pctx = NULL;-
819 unsigned char *abuf = NULL;-
820 int alen;-
821 size_t siglen;-
822 const EVP_MD *md = NULL;-
823-
824 md = EVP_get_digestbyobj(si->digest_alg->algorithm);-
825 if (md == NULL)
md == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
826 return 0;
never executed: return 0;
0
827-
828 mctx = EVP_MD_CTX_new();-
829 if (mctx == NULL) {
mctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
830 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, ERR_R_MALLOC_FAILURE);-
831 goto err;
never executed: goto err;
0
832 }-
833-
834 if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
EVP_DigestSign...si->pkey) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
835 goto err;
never executed: goto err;
0
836-
837 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTX_c...5, 0, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
838 EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
EVP_PKEY_CTX_c...5, 0, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
839 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);-
840 goto err;
never executed: goto err;
0
841 }-
842-
843 alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,-
844 ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));-
845 if (!abuf)
!abufDescription
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
846 goto err;
never executed: goto err;
0
847 if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
EVP_DigestUpda...buf,alen) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
848 goto err;
never executed: goto err;
0
849 OPENSSL_free(abuf);-
850 abuf = NULL;-
851 if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
EVP_DigestSign... &siglen) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
852 goto err;
never executed: goto err;
0
853 abuf = OPENSSL_malloc(siglen);-
854 if (abuf == NULL)
abuf == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
855 goto err;
never executed: goto err;
0
856 if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
EVP_DigestSign... &siglen) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
857 goto err;
never executed: goto err;
0
858-
859 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
EVP_PKEY_CTX_c...5, 1, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
860 EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
EVP_PKEY_CTX_c...5, 1, si) <= 0Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
861 PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);-
862 goto err;
never executed: goto err;
0
863 }-
864-
865 EVP_MD_CTX_free(mctx);-
866-
867 ASN1_STRING_set0(si->enc_digest, abuf, siglen);-
868-
869 return 1;
executed 20 times by 1 test: return 1;
Executed by:
  • libcrypto.so.1.1
20
870-
871 err:-
872 OPENSSL_free(abuf);-
873 EVP_MD_CTX_free(mctx);-
874 return 0;
never executed: return 0;
0
875-
876}-
877-
878int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,-
879 PKCS7 *p7, PKCS7_SIGNER_INFO *si)-
880{-
881 PKCS7_ISSUER_AND_SERIAL *ias;-
882 int ret = 0, i;-
883 STACK_OF(X509) *cert;-
884 X509 *x509;-
885-
886 if (p7 == NULL) {
p7 == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
887 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);-
888 return 0;
never executed: return 0;
0
889 }-
890-
891 if (p7->d.ptr == NULL) {
p7->d.ptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
892 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);-
893 return 0;
never executed: return 0;
0
894 }-
895-
896 if (PKCS7_type_is_signed(p7)) {
(OBJ_obj2nid((...->type) == 22)Description
TRUEnever evaluated
FALSEnever evaluated
0
897 cert = p7->d.sign->cert;-
898 } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
never executed: end of block
(OBJ_obj2nid((...->type) == 24)Description
TRUEnever evaluated
FALSEnever evaluated
0
899 cert = p7->d.signed_and_enveloped->cert;-
900 } else {
never executed: end of block
0
901 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);-
902 goto err;
never executed: goto err;
0
903 }-
904 /* XXXXXXXXXXXXXXXXXXXXXXX */-
905 ias = si->issuer_and_serial;-
906-
907 x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);-
908-
909 /* were we able to find the cert in passed to us */-
910 if (x509 == NULL) {
x509 == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
911 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,-
912 PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);-
913 goto err;
never executed: goto err;
0
914 }-
915-
916 /* Lets verify */-
917 if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
!X509_STORE_CT...e, x509, cert)Description
TRUEnever evaluated
FALSEnever evaluated
0
918 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);-
919 goto err;
never executed: goto err;
0
920 }-
921 X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);-
922 i = X509_verify_cert(ctx);-
923 if (i <= 0) {
i <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
924 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);-
925 X509_STORE_CTX_cleanup(ctx);-
926 goto err;
never executed: goto err;
0
927 }-
928 X509_STORE_CTX_cleanup(ctx);-
929-
930 return PKCS7_signatureVerify(bio, p7, si, x509);
never executed: return PKCS7_signatureVerify(bio, p7, si, x509);
0
931 err:-
932 return ret;
never executed: return ret;
0
933}-
934-
935int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,-
936 X509 *x509)-
937{-
938 ASN1_OCTET_STRING *os;-
939 EVP_MD_CTX *mdc_tmp, *mdc;-
940 int ret = 0, i;-
941 int md_type;-
942 STACK_OF(X509_ATTRIBUTE) *sk;-
943 BIO *btmp;-
944 EVP_PKEY *pkey;-
945-
946 mdc_tmp = EVP_MD_CTX_new();-
947 if (mdc_tmp == NULL) {
mdc_tmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
948 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_MALLOC_FAILURE);-
949 goto err;
never executed: goto err;
0
950 }-
951-
952 if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
!(OBJ_obj2nid(...->type) == 22)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
!(OBJ_obj2nid(...->type) == 24)Description
TRUEnever evaluated
FALSEnever evaluated
0-25
953 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);-
954 goto err;
never executed: goto err;
0
955 }-
956-
957 md_type = OBJ_obj2nid(si->digest_alg->algorithm);-
958-
959 btmp = bio;-
960 for (;;) {-
961 if ((btmp == NULL) ||
(btmp == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
962 ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
((btmp = BIO_f... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
963 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,-
964 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
965 goto err;
never executed: goto err;
0
966 }-
967 BIO_get_md_ctx(btmp, &mdc);-
968 if (mdc == NULL) {
mdc == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
969 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_INTERNAL_ERROR);-
970 goto err;
never executed: goto err;
0
971 }-
972 if (EVP_MD_CTX_type(mdc) == md_type)
EVP_MD_type(EV...c)) == md_typeDescription
TRUEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-25
973 break;
executed 25 times by 1 test: break;
Executed by:
  • libcrypto.so.1.1
25
974 /*-
975 * Workaround for some broken clients that put the signature OID-
976 * instead of the digest OID in digest_alg->algorithm-
977 */-
978 if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
EVP_MD_pkey_ty...c)) == md_typeDescription
TRUEnever evaluated
FALSEnever evaluated
0
979 break;
never executed: break;
0
980 btmp = BIO_next(btmp);-
981 }
never executed: end of block
0
982-
983 /*-
984 * mdc is the digest ctx that we want, unless there are attributes, in-
985 * which case the digest is the signed attributes-
986 */-
987 if (!EVP_MD_CTX_copy_ex(mdc_tmp, mdc))
!EVP_MD_CTX_co...(mdc_tmp, mdc)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
988 goto err;
never executed: goto err;
0
989-
990 sk = si->auth_attr;-
991 if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
(sk != ((void *)0) )Description
TRUEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
(sk_X509_ATTRI..._num(sk) != 0)Description
TRUEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-21
992 unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;-
993 unsigned int md_len;-
994 int alen;-
995 ASN1_OCTET_STRING *message_digest;-
996-
997 if (!EVP_DigestFinal_ex(mdc_tmp, md_dat, &md_len))
!EVP_DigestFin..._dat, &md_len)Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
998 goto err;
never executed: goto err;
0
999 message_digest = PKCS7_digest_from_attributes(sk);-
1000 if (!message_digest) {
!message_digestDescription
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1001 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,-
1002 PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);-
1003 goto err;
never executed: goto err;
0
1004 }-
1005 if ((message_digest->length != (int)md_len) ||
(message_diges...= (int)md_len)Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1006 (memcmp(message_digest->data, md_dat, md_len))) {
(memcmp(messag..._dat, md_len))Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1007 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);-
1008 ret = -1;-
1009 goto err;
never executed: goto err;
0
1010 }-
1011-
1012 if (!EVP_VerifyInit_ex(mdc_tmp, EVP_get_digestbynid(md_type), NULL))
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1013 goto err;
never executed: goto err;
0
1014-
1015 alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,-
1016 ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));-
1017 if (alen <= 0) {
alen <= 0Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1018 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);-
1019 ret = -1;-
1020 goto err;
never executed: goto err;
0
1021 }-
1022 if (!EVP_VerifyUpdate(mdc_tmp, abuf, alen))
!EVP_DigestUpd...tmp,abuf,alen)Description
TRUEnever evaluated
FALSEevaluated 21 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-21
1023 goto err;
never executed: goto err;
0
1024-
1025 OPENSSL_free(abuf);-
1026 }
executed 21 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
21
1027-
1028 os = si->enc_digest;-
1029 pkey = X509_get0_pubkey(x509);-
1030 if (!pkey) {
!pkeyDescription
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
1031 ret = -1;-
1032 goto err;
never executed: goto err;
0
1033 }-
1034-
1035 i = EVP_VerifyFinal(mdc_tmp, os->data, os->length, pkey);-
1036 if (i <= 0) {
i <= 0Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-25
1037 PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);-
1038 ret = -1;-
1039 goto err;
never executed: goto err;
0
1040 }-
1041 ret = 1;-
1042 err:
code before this statement executed 25 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
25
1043 EVP_MD_CTX_free(mdc_tmp);-
1044 return ret;
executed 25 times by 1 test: return ret;
Executed by:
  • libcrypto.so.1.1
25
1045}-
1046-
1047PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)-
1048{-
1049 STACK_OF(PKCS7_RECIP_INFO) *rsk;-
1050 PKCS7_RECIP_INFO *ri;-
1051 int i;-
1052-
1053 i = OBJ_obj2nid(p7->type);-
1054 if (i != NID_pkcs7_signedAndEnveloped)
i != 24Description
TRUEnever evaluated
FALSEnever evaluated
0
1055 return NULL;
never executed: return ((void *)0) ;
0
1056 if (p7->d.signed_and_enveloped == NULL)
p7->d.signed_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1057 return NULL;
never executed: return ((void *)0) ;
0
1058 rsk = p7->d.signed_and_enveloped->recipientinfo;-
1059 if (rsk == NULL)
rsk == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1060 return NULL;
never executed: return ((void *)0) ;
0
1061 if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
sk_PKCS7_RECIP...um(rsk) <= idxDescription
TRUEnever evaluated
FALSEnever evaluated
0
1062 return NULL;
never executed: return ((void *)0) ;
0
1063 ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);-
1064 return ri->issuer_and_serial;
never executed: return ri->issuer_and_serial;
0
1065}-
1066-
1067ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)-
1068{-
1069 return get_attribute(si->auth_attr, nid);
executed 39 times by 1 test: return get_attribute(si->auth_attr, nid);
Executed by:
  • libcrypto.so.1.1
39
1070}-
1071-
1072ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)-
1073{-
1074 return get_attribute(si->unauth_attr, nid);
never executed: return get_attribute(si->unauth_attr, nid);
0
1075}-
1076-
1077static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)-
1078{-
1079 int idx;-
1080 X509_ATTRIBUTE *xa;-
1081 idx = X509at_get_attr_by_NID(sk, nid, -1);-
1082 xa = X509at_get_attr(sk, idx);-
1083 return X509_ATTRIBUTE_get0_type(xa, 0);
executed 61 times by 1 test: return X509_ATTRIBUTE_get0_type(xa, 0);
Executed by:
  • libcrypto.so.1.1
61
1084}-
1085-
1086ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)-
1087{-
1088 ASN1_TYPE *astype;-
1089 if ((astype = get_attribute(sk, NID_pkcs9_messageDigest)) == NULL)
(astype = get_...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 22 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-22
1090 return NULL;
never executed: return ((void *)0) ;
0
1091 return astype->value.octet_string;
executed 22 times by 1 test: return astype->value.octet_string;
Executed by:
  • libcrypto.so.1.1
22
1092}-
1093-
1094int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,-
1095 STACK_OF(X509_ATTRIBUTE) *sk)-
1096{-
1097 int i;-
1098-
1099 sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);-
1100 p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);-
1101 if (p7si->auth_attr == NULL)
p7si->auth_attr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1102 return 0;
never executed: return 0;
0
1103 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
i < sk_X509_ATTRIBUTE_num(sk)Description
TRUEnever evaluated
FALSEnever evaluated
0
1104 if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1105 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1106 (sk, i))))
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1107 == NULL)
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1108 return 0;
never executed: return 0;
0
1109 }
never executed: end of block
0
1110 return 1;
never executed: return 1;
0
1111}-
1112-
1113int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,-
1114 STACK_OF(X509_ATTRIBUTE) *sk)-
1115{-
1116 int i;-
1117-
1118 sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);-
1119 p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);-
1120 if (p7si->unauth_attr == NULL)
p7si->unauth_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1121 return 0;
never executed: return 0;
0
1122 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
i < sk_X509_ATTRIBUTE_num(sk)Description
TRUEnever evaluated
FALSEnever evaluated
0
1123 if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1124 X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1125 (sk, i))))
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1126 == NULL)
(sk_X509_ATTRI...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1127 return 0;
never executed: return 0;
0
1128 }
never executed: end of block
0
1129 return 1;
never executed: return 1;
0
1130}-
1131-
1132int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,-
1133 void *value)-
1134{-
1135 return add_attribute(&(p7si->auth_attr), nid, atrtype, value);
executed 79 times by 1 test: return add_attribute(&(p7si->auth_attr), nid, atrtype, value);
Executed by:
  • libcrypto.so.1.1
79
1136}-
1137-
1138int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,-
1139 void *value)-
1140{-
1141 return add_attribute(&(p7si->unauth_attr), nid, atrtype, value);
never executed: return add_attribute(&(p7si->unauth_attr), nid, atrtype, value);
0
1142}-
1143-
1144static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,-
1145 void *value)-
1146{-
1147 X509_ATTRIBUTE *attr = NULL;-
1148-
1149 if (*sk == NULL) {
*sk == ((void *)0)Description
TRUEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 59 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
20-59
1150 if ((*sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
(*sk = sk_X509...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 20 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-20
1151 return 0;
never executed: return 0;
0
1152 new_attrib:
code before this statement executed 20 times by 1 test: new_attrib:
Executed by:
  • libcrypto.so.1.1
20
1153 if ((attr = X509_ATTRIBUTE_create(nid, atrtype, value)) == NULL)
(attr = X509_A...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 79 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-79
1154 return 0;
never executed: return 0;
0
1155 if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
!sk_X509_ATTRI...ush(*sk, attr)Description
TRUEnever evaluated
FALSEevaluated 79 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-79
1156 X509_ATTRIBUTE_free(attr);-
1157 return 0;
never executed: return 0;
0
1158 }-
1159 } else {
executed 79 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
79
1160 int i;-
1161-
1162 for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
i < sk_X509_ATTRIBUTE_num(*sk)Description
TRUEevaluated 117 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 59 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
59-117
1163 attr = sk_X509_ATTRIBUTE_value(*sk, i);-
1164 if (OBJ_obj2nid(X509_ATTRIBUTE_get0_object(attr)) == nid) {
OBJ_obj2nid(X5...(attr)) == nidDescription
TRUEnever evaluated
FALSEevaluated 117 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-117
1165 X509_ATTRIBUTE_free(attr);-
1166 attr = X509_ATTRIBUTE_create(nid, atrtype, value);-
1167 if (attr == NULL)
attr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1168 return 0;
never executed: return 0;
0
1169 if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
!sk_X509_ATTRI...(*sk, i, attr)Description
TRUEnever evaluated
FALSEnever evaluated
0
1170 X509_ATTRIBUTE_free(attr);-
1171 return 0;
never executed: return 0;
0
1172 }-
1173 goto end;
never executed: goto end;
0
1174 }-
1175 }
executed 117 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
117
1176 goto new_attrib;
executed 59 times by 1 test: goto new_attrib;
Executed by:
  • libcrypto.so.1.1
59
1177 }-
1178 end:
code before this statement executed 79 times by 1 test: end:
Executed by:
  • libcrypto.so.1.1
79
1179 return 1;
executed 79 times by 1 test: return 1;
Executed by:
  • libcrypto.so.1.1
79
1180}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2