OpenCoverage

p12_crt.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/pkcs12/p12_crt.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10#include <stdio.h>-
11#include "internal/cryptlib.h"-
12#include <openssl/pkcs12.h>-
13#include "p12_lcl.h"-
14-
15static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,-
16 PKCS12_SAFEBAG *bag);-
17-
18static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)-
19{-
20 int idx;-
21 X509_ATTRIBUTE *attr;-
22 idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);-
23 if (idx < 0)
idx < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
24 return 1;
never executed: return 1;
0
25 attr = EVP_PKEY_get_attr(pkey, idx);-
26 if (!X509at_add1_attr(&bag->attrib, attr))
!X509at_add1_a...>attrib, attr)Description
TRUEnever evaluated
FALSEnever evaluated
0
27 return 0;
never executed: return 0;
0
28 return 1;
never executed: return 1;
0
29}-
30-
31PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert,-
32 STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,-
33 int mac_iter, int keytype)-
34{-
35 PKCS12 *p12 = NULL;-
36 STACK_OF(PKCS7) *safes = NULL;-
37 STACK_OF(PKCS12_SAFEBAG) *bags = NULL;-
38 PKCS12_SAFEBAG *bag = NULL;-
39 int i;-
40 unsigned char keyid[EVP_MAX_MD_SIZE];-
41 unsigned int keyidlen = 0;-
42-
43 /* Set defaults */-
44 if (!nid_cert)
!nid_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
45#ifdef OPENSSL_NO_RC2-
46 nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;-
47#else-
48 nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
never executed: nid_cert = 149;
0
49#endif-
50 if (!nid_key)
!nid_keyDescription
TRUEnever evaluated
FALSEnever evaluated
0
51 nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
never executed: nid_key = 146;
0
52 if (!iter)
!iterDescription
TRUEnever evaluated
FALSEnever evaluated
0
53 iter = PKCS12_DEFAULT_ITER;
never executed: iter = 2048;
0
54 if (!mac_iter)
!mac_iterDescription
TRUEnever evaluated
FALSEnever evaluated
0
55 mac_iter = 1;
never executed: mac_iter = 1;
0
56-
57 if (!pkey && !cert && !ca) {
!pkeyDescription
TRUEnever evaluated
FALSEnever evaluated
!certDescription
TRUEnever evaluated
FALSEnever evaluated
!caDescription
TRUEnever evaluated
FALSEnever evaluated
0
58 PKCS12err(PKCS12_F_PKCS12_CREATE, PKCS12_R_INVALID_NULL_ARGUMENT);-
59 return NULL;
never executed: return ((void *)0) ;
0
60 }-
61-
62 if (pkey && cert) {
pkeyDescription
TRUEnever evaluated
FALSEnever evaluated
certDescription
TRUEnever evaluated
FALSEnever evaluated
0
63 if (!X509_check_private_key(cert, pkey))
!X509_check_pr...ey(cert, pkey)Description
TRUEnever evaluated
FALSEnever evaluated
0
64 return NULL;
never executed: return ((void *)0) ;
0
65 X509_digest(cert, EVP_sha1(), keyid, &keyidlen);-
66 }
never executed: end of block
0
67-
68 if (cert) {
certDescription
TRUEnever evaluated
FALSEnever evaluated
0
69 bag = PKCS12_add_cert(&bags, cert);-
70 if (name && !PKCS12_add_friendlyname(bag, name, -1))
nameDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_fr...bag, name, -1)Description
TRUEnever evaluated
FALSEnever evaluated
0
71 goto err;
never executed: goto err;
0
72 if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
keyidlenDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_lo...yid, keyidlen)Description
TRUEnever evaluated
FALSEnever evaluated
0
73 goto err;
never executed: goto err;
0
74 }
never executed: end of block
0
75-
76 /* Add all other certificates */-
77 for (i = 0; i < sk_X509_num(ca); i++) {
i < sk_X509_num(ca)Description
TRUEnever evaluated
FALSEnever evaluated
0
78 if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i)))
!PKCS12_add_ce..._value(ca, i))Description
TRUEnever evaluated
FALSEnever evaluated
0
79 goto err;
never executed: goto err;
0
80 }
never executed: end of block
0
81-
82 if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass))
bagsDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_sa...t, iter, pass)Description
TRUEnever evaluated
FALSEnever evaluated
0
83 goto err;
never executed: goto err;
0
84-
85 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);-
86 bags = NULL;-
87-
88 if (pkey) {
pkeyDescription
TRUEnever evaluated
FALSEnever evaluated
0
89 bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);-
90-
91 if (!bag)
!bagDescription
TRUEnever evaluated
FALSEnever evaluated
0
92 goto err;
never executed: goto err;
0
93-
94 if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
!copy_bag_attr(bag, pkey, 417)Description
TRUEnever evaluated
FALSEnever evaluated
0
95 goto err;
never executed: goto err;
0
96 if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
!copy_bag_attr(bag, pkey, 856)Description
TRUEnever evaluated
FALSEnever evaluated
0
97 goto err;
never executed: goto err;
0
98-
99 if (name && !PKCS12_add_friendlyname(bag, name, -1))
nameDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_fr...bag, name, -1)Description
TRUEnever evaluated
FALSEnever evaluated
0
100 goto err;
never executed: goto err;
0
101 if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
keyidlenDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_lo...yid, keyidlen)Description
TRUEnever evaluated
FALSEnever evaluated
0
102 goto err;
never executed: goto err;
0
103 }
never executed: end of block
0
104-
105 if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL))
bagsDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_sa... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
106 goto err;
never executed: goto err;
0
107-
108 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);-
109 bags = NULL;-
110-
111 p12 = PKCS12_add_safes(safes, 0);-
112-
113 if (!p12)
!p12Description
TRUEnever evaluated
FALSEnever evaluated
0
114 goto err;
never executed: goto err;
0
115-
116 sk_PKCS7_pop_free(safes, PKCS7_free);-
117-
118 safes = NULL;-
119-
120 if ((mac_iter != -1) &&
(mac_iter != -1)Description
TRUEnever evaluated
FALSEnever evaluated
0
121 !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL))
!PKCS12_set_ma... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
122 goto err;
never executed: goto err;
0
123-
124 return p12;
never executed: return p12;
0
125-
126 err:-
127 PKCS12_free(p12);-
128 sk_PKCS7_pop_free(safes, PKCS7_free);-
129 sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);-
130 return NULL;
never executed: return ((void *)0) ;
0
131-
132}-
133-
134PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)-
135{-
136 PKCS12_SAFEBAG *bag = NULL;-
137 char *name;-
138 int namelen = -1;-
139 unsigned char *keyid;-
140 int keyidlen = -1;-
141-
142 /* Add user certificate */-
143 if ((bag = PKCS12_SAFEBAG_create_cert(cert)) == NULL)
(bag = PKCS12_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
144 goto err;
never executed: goto err;
0
145-
146 /*-
147 * Use friendlyName and localKeyID in certificate. (if present)-
148 */-
149-
150 name = (char *)X509_alias_get0(cert, &namelen);-
151-
152 if (name && !PKCS12_add_friendlyname(bag, name, namelen))
nameDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_fr...name, namelen)Description
TRUEnever evaluated
FALSEnever evaluated
0
153 goto err;
never executed: goto err;
0
154-
155 keyid = X509_keyid_get0(cert, &keyidlen);-
156-
157 if (keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
keyidDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS12_add_lo...yid, keyidlen)Description
TRUEnever evaluated
FALSEnever evaluated
0
158 goto err;
never executed: goto err;
0
159-
160 if (!pkcs12_add_bag(pbags, bag))
!pkcs12_add_bag(pbags, bag)Description
TRUEnever evaluated
FALSEnever evaluated
0
161 goto err;
never executed: goto err;
0
162-
163 return bag;
never executed: return bag;
0
164-
165 err:-
166 PKCS12_SAFEBAG_free(bag);-
167 return NULL;
never executed: return ((void *)0) ;
0
168-
169}-
170-
171PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,-
172 EVP_PKEY *key, int key_usage, int iter,-
173 int nid_key, const char *pass)-
174{-
175-
176 PKCS12_SAFEBAG *bag = NULL;-
177 PKCS8_PRIV_KEY_INFO *p8 = NULL;-
178-
179 /* Make a PKCS#8 structure */-
180 if ((p8 = EVP_PKEY2PKCS8(key)) == NULL)
(p8 = EVP_PKEY...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
181 goto err;
never executed: goto err;
0
182 if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
key_usageDescription
TRUEnever evaluated
FALSEnever evaluated
!PKCS8_add_key...p8, key_usage)Description
TRUEnever evaluated
FALSEnever evaluated
0
183 goto err;
never executed: goto err;
0
184 if (nid_key != -1) {
nid_key != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
185 bag = PKCS12_SAFEBAG_create_pkcs8_encrypt(nid_key, pass, -1, NULL, 0,-
186 iter, p8);-
187 PKCS8_PRIV_KEY_INFO_free(p8);-
188 } else
never executed: end of block
0
189 bag = PKCS12_SAFEBAG_create0_p8inf(p8);
never executed: bag = PKCS12_SAFEBAG_create0_p8inf(p8);
0
190-
191 if (!bag)
!bagDescription
TRUEnever evaluated
FALSEnever evaluated
0
192 goto err;
never executed: goto err;
0
193-
194 if (!pkcs12_add_bag(pbags, bag))
!pkcs12_add_bag(pbags, bag)Description
TRUEnever evaluated
FALSEnever evaluated
0
195 goto err;
never executed: goto err;
0
196-
197 return bag;
never executed: return bag;
0
198-
199 err:-
200 PKCS12_SAFEBAG_free(bag);-
201 return NULL;
never executed: return ((void *)0) ;
0
202-
203}-
204-
205int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,-
206 int nid_safe, int iter, const char *pass)-
207{-
208 PKCS7 *p7 = NULL;-
209 int free_safes = 0;-
210-
211 if (!*psafes) {
!*psafesDescription
TRUEnever evaluated
FALSEnever evaluated
0
212 *psafes = sk_PKCS7_new_null();-
213 if (!*psafes)
!*psafesDescription
TRUEnever evaluated
FALSEnever evaluated
0
214 return 0;
never executed: return 0;
0
215 free_safes = 1;-
216 } else
never executed: end of block
0
217 free_safes = 0;
never executed: free_safes = 0;
0
218-
219 if (nid_safe == 0)
nid_safe == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
220#ifdef OPENSSL_NO_RC2-
221 nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;-
222#else-
223 nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC;
never executed: nid_safe = 149;
0
224#endif-
225-
226 if (nid_safe == -1)
nid_safe == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
227 p7 = PKCS12_pack_p7data(bags);
never executed: p7 = PKCS12_pack_p7data(bags);
0
228 else-
229 p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, iter, bags);
never executed: p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, ((void *)0) , 0, iter, bags);
0
230 if (!p7)
!p7Description
TRUEnever evaluated
FALSEnever evaluated
0
231 goto err;
never executed: goto err;
0
232-
233 if (!sk_PKCS7_push(*psafes, p7))
!sk_PKCS7_push(*psafes, p7)Description
TRUEnever evaluated
FALSEnever evaluated
0
234 goto err;
never executed: goto err;
0
235-
236 return 1;
never executed: return 1;
0
237-
238 err:-
239 if (free_safes) {
free_safesDescription
TRUEnever evaluated
FALSEnever evaluated
0
240 sk_PKCS7_free(*psafes);-
241 *psafes = NULL;-
242 }
never executed: end of block
0
243 PKCS7_free(p7);-
244 return 0;
never executed: return 0;
0
245-
246}-
247-
248static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,-
249 PKCS12_SAFEBAG *bag)-
250{-
251 int free_bags;-
252 if (!pbags)
!pbagsDescription
TRUEnever evaluated
FALSEnever evaluated
0
253 return 1;
never executed: return 1;
0
254 if (!*pbags) {
!*pbagsDescription
TRUEnever evaluated
FALSEnever evaluated
0
255 *pbags = sk_PKCS12_SAFEBAG_new_null();-
256 if (!*pbags)
!*pbagsDescription
TRUEnever evaluated
FALSEnever evaluated
0
257 return 0;
never executed: return 0;
0
258 free_bags = 1;-
259 } else
never executed: end of block
0
260 free_bags = 0;
never executed: free_bags = 0;
0
261-
262 if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) {
!sk_PKCS12_SAF...h(*pbags, bag)Description
TRUEnever evaluated
FALSEnever evaluated
0
263 if (free_bags) {
free_bagsDescription
TRUEnever evaluated
FALSEnever evaluated
0
264 sk_PKCS12_SAFEBAG_free(*pbags);-
265 *pbags = NULL;-
266 }
never executed: end of block
0
267 return 0;
never executed: return 0;
0
268 }-
269-
270 return 1;
never executed: return 1;
0
271-
272}-
273-
274PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7)-
275{-
276 PKCS12 *p12;-
277 if (nid_p7 <= 0)
nid_p7 <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
278 nid_p7 = NID_pkcs7_data;
never executed: nid_p7 = 21;
0
279 p12 = PKCS12_init(nid_p7);-
280-
281 if (!p12)
!p12Description
TRUEnever evaluated
FALSEnever evaluated
0
282 return NULL;
never executed: return ((void *)0) ;
0
283-
284 if (!PKCS12_pack_authsafes(p12, safes)) {
!PKCS12_pack_a...es(p12, safes)Description
TRUEnever evaluated
FALSEnever evaluated
0
285 PKCS12_free(p12);-
286 return NULL;
never executed: return ((void *)0) ;
0
287 }-
288-
289 return p12;
never executed: return p12;
0
290-
291}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2