Absolute File Name: | /home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/ct/ct_b64.c |
Source code | Switch to Preprocessed file |
Line | Source | Count | ||||||
---|---|---|---|---|---|---|---|---|
1 | /* | - | ||||||
2 | * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. | - | ||||||
3 | * | - | ||||||
4 | * Licensed under the OpenSSL license (the "License"). You may not use | - | ||||||
5 | * this file except in compliance with the License. You can obtain a copy | - | ||||||
6 | * in the file LICENSE in the source distribution or at | - | ||||||
7 | * https://www.openssl.org/source/license.html | - | ||||||
8 | */ | - | ||||||
9 | - | |||||||
10 | #include <limits.h> | - | ||||||
11 | #include <string.h> | - | ||||||
12 | - | |||||||
13 | #include <openssl/ct.h> | - | ||||||
14 | #include <openssl/err.h> | - | ||||||
15 | #include <openssl/evp.h> | - | ||||||
16 | - | |||||||
17 | #include "ct_locl.h" | - | ||||||
18 | - | |||||||
19 | /* | - | ||||||
20 | * Decodes the base64 string |in| into |out|. | - | ||||||
21 | * A new string will be malloc'd and assigned to |out|. This will be owned by | - | ||||||
22 | * the caller. Do not provide a pre-allocated string in |out|. | - | ||||||
23 | */ | - | ||||||
24 | static int ct_base64_decode(const char *in, unsigned char **out) | - | ||||||
25 | { | - | ||||||
26 | size_t inlen = strlen(in); | - | ||||||
27 | int outlen, i; | - | ||||||
28 | unsigned char *outbuf = NULL; | - | ||||||
29 | - | |||||||
30 | if (inlen == 0) {
| 1-14701 | ||||||
31 | *out = NULL; | - | ||||||
32 | return 0; executed 1 time by 1 test: return 0; Executed by:
| 1 | ||||||
33 | } | - | ||||||
34 | - | |||||||
35 | outlen = (inlen / 4) * 3; | - | ||||||
36 | outbuf = OPENSSL_malloc(outlen); | - | ||||||
37 | if (outbuf == NULL) {
| 0-14701 | ||||||
38 | CTerr(CT_F_CT_BASE64_DECODE, ERR_R_MALLOC_FAILURE); | - | ||||||
39 | goto err; never executed: goto err; | 0 | ||||||
40 | } | - | ||||||
41 | - | |||||||
42 | outlen = EVP_DecodeBlock(outbuf, (unsigned char *)in, inlen); | - | ||||||
43 | if (outlen < 0) {
| 1-14700 | ||||||
44 | CTerr(CT_F_CT_BASE64_DECODE, CT_R_BASE64_DECODE_ERROR); | - | ||||||
45 | goto err; executed 1 time by 1 test: goto err; Executed by:
| 1 | ||||||
46 | } | - | ||||||
47 | - | |||||||
48 | /* Subtract padding bytes from |outlen|. Any more than 2 is malformed. */ | - | ||||||
49 | i = 0; | - | ||||||
50 | while (in[--inlen] == '=') {
| 14699-26132 | ||||||
51 | --outlen; | - | ||||||
52 | if (++i > 2)
| 1-26131 | ||||||
53 | goto err; executed 1 time by 1 test: goto err; Executed by:
| 1 | ||||||
54 | } executed 26131 times by 1 test: end of block Executed by:
| 26131 | ||||||
55 | - | |||||||
56 | *out = outbuf; | - | ||||||
57 | return outlen; executed 14699 times by 1 test: return outlen; Executed by:
| 14699 | ||||||
58 | err: | - | ||||||
59 | OPENSSL_free(outbuf); | - | ||||||
60 | return -1; executed 2 times by 1 test: return -1; Executed by:
| 2 | ||||||
61 | } | - | ||||||
62 | - | |||||||
63 | SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, | - | ||||||
64 | ct_log_entry_type_t entry_type, uint64_t timestamp, | - | ||||||
65 | const char *extensions_base64, | - | ||||||
66 | const char *signature_base64) | - | ||||||
67 | { | - | ||||||
68 | SCT *sct = SCT_new(); | - | ||||||
69 | unsigned char *dec = NULL; | - | ||||||
70 | const unsigned char* p = NULL; | - | ||||||
71 | int declen; | - | ||||||
72 | - | |||||||
73 | if (sct == NULL) {
| 0-1 | ||||||
74 | CTerr(CT_F_SCT_NEW_FROM_BASE64, ERR_R_MALLOC_FAILURE); | - | ||||||
75 | return NULL; never executed: return ((void *)0) ; | 0 | ||||||
76 | } | - | ||||||
77 | - | |||||||
78 | /* | - | ||||||
79 | * RFC6962 section 4.1 says we "MUST NOT expect this to be 0", but we | - | ||||||
80 | * can only construct SCT versions that have been defined. | - | ||||||
81 | */ | - | ||||||
82 | if (!SCT_set_version(sct, version)) {
| 0-1 | ||||||
83 | CTerr(CT_F_SCT_NEW_FROM_BASE64, CT_R_SCT_UNSUPPORTED_VERSION); | - | ||||||
84 | goto err; never executed: goto err; | 0 | ||||||
85 | } | - | ||||||
86 | - | |||||||
87 | declen = ct_base64_decode(logid_base64, &dec); | - | ||||||
88 | if (declen < 0) {
| 0-1 | ||||||
89 | CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR); | - | ||||||
90 | goto err; never executed: goto err; | 0 | ||||||
91 | } | - | ||||||
92 | if (!SCT_set0_log_id(sct, dec, declen))
| 0-1 | ||||||
93 | goto err; never executed: goto err; | 0 | ||||||
94 | dec = NULL; | - | ||||||
95 | - | |||||||
96 | declen = ct_base64_decode(extensions_base64, &dec); | - | ||||||
97 | if (declen < 0) {
| 0-1 | ||||||
98 | CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR); | - | ||||||
99 | goto err; never executed: goto err; | 0 | ||||||
100 | } | - | ||||||
101 | SCT_set0_extensions(sct, dec, declen); | - | ||||||
102 | dec = NULL; | - | ||||||
103 | - | |||||||
104 | declen = ct_base64_decode(signature_base64, &dec); | - | ||||||
105 | if (declen < 0) {
| 0-1 | ||||||
106 | CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR); | - | ||||||
107 | goto err; never executed: goto err; | 0 | ||||||
108 | } | - | ||||||
109 | - | |||||||
110 | p = dec; | - | ||||||
111 | if (o2i_SCT_signature(sct, &p, declen) <= 0)
| 0-1 | ||||||
112 | goto err; never executed: goto err; | 0 | ||||||
113 | OPENSSL_free(dec); | - | ||||||
114 | dec = NULL; | - | ||||||
115 | - | |||||||
116 | SCT_set_timestamp(sct, timestamp); | - | ||||||
117 | - | |||||||
118 | if (!SCT_set_log_entry_type(sct, entry_type))
| 0-1 | ||||||
119 | goto err; never executed: goto err; | 0 | ||||||
120 | - | |||||||
121 | return sct; executed 1 time by 1 test: return sct; Executed by:
| 1 | ||||||
122 | - | |||||||
123 | err: | - | ||||||
124 | OPENSSL_free(dec); | - | ||||||
125 | SCT_free(sct); | - | ||||||
126 | return NULL; never executed: return ((void *)0) ; | 0 | ||||||
127 | } | - | ||||||
128 | - | |||||||
129 | /* | - | ||||||
130 | * Allocate, build and returns a new |ct_log| from input |pkey_base64| | - | ||||||
131 | * It returns 1 on success, | - | ||||||
132 | * 0 on decoding failure, or invalid parameter if any | - | ||||||
133 | * -1 on internal (malloc) failure | - | ||||||
134 | */ | - | ||||||
135 | int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name) | - | ||||||
136 | { | - | ||||||
137 | unsigned char *pkey_der = NULL; | - | ||||||
138 | int pkey_der_len; | - | ||||||
139 | const unsigned char *p; | - | ||||||
140 | EVP_PKEY *pkey = NULL; | - | ||||||
141 | - | |||||||
142 | if (ct_log == NULL) {
| 0-14699 | ||||||
143 | CTerr(CT_F_CTLOG_NEW_FROM_BASE64, ERR_R_PASSED_INVALID_ARGUMENT); | - | ||||||
144 | return 0; never executed: return 0; | 0 | ||||||
145 | } | - | ||||||
146 | - | |||||||
147 | pkey_der_len = ct_base64_decode(pkey_base64, &pkey_der); | - | ||||||
148 | if (pkey_der_len < 0) {
| 2-14697 | ||||||
149 | CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY); | - | ||||||
150 | return 0; executed 2 times by 1 test: return 0; Executed by:
| 2 | ||||||
151 | } | - | ||||||
152 | - | |||||||
153 | p = pkey_der; | - | ||||||
154 | pkey = d2i_PUBKEY(NULL, &p, pkey_der_len); | - | ||||||
155 | OPENSSL_free(pkey_der); | - | ||||||
156 | if (pkey == NULL) {
| 0-14697 | ||||||
157 | CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY); | - | ||||||
158 | return 0; never executed: return 0; | 0 | ||||||
159 | } | - | ||||||
160 | - | |||||||
161 | *ct_log = CTLOG_new(pkey, name); | - | ||||||
162 | if (*ct_log == NULL) {
| 0-14697 | ||||||
163 | EVP_PKEY_free(pkey); | - | ||||||
164 | return 0; never executed: return 0; | 0 | ||||||
165 | } | - | ||||||
166 | - | |||||||
167 | return 1; executed 14697 times by 1 test: return 1; Executed by:
| 14697 | ||||||
168 | } | - | ||||||
Source code | Switch to Preprocessed file |