Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | #include <stdio.h> | - |
11 | #include "internal/cryptlib.h" | - |
12 | #include <openssl/conf.h> | - |
13 | #include <openssl/asn1.h> | - |
14 | #include <openssl/asn1t.h> | - |
15 | #include <openssl/x509v3.h> | - |
16 | #include "ext_dat.h" | - |
17 | | - |
18 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
19 | AUTHORITY_KEYID *akeyid, | - |
20 | STACK_OF(CONF_VALUE) | - |
21 | *extlist); | - |
22 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
23 | X509V3_CTX *ctx, | - |
24 | STACK_OF(CONF_VALUE) *values); | - |
25 | | - |
26 | const X509V3_EXT_METHOD v3_akey_id = { | - |
27 | NID_authority_key_identifier, | - |
28 | X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), | - |
29 | 0, 0, 0, 0, | - |
30 | 0, 0, | - |
31 | (X509V3_EXT_I2V) i2v_AUTHORITY_KEYID, | - |
32 | (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, | - |
33 | 0, 0, | - |
34 | NULL | - |
35 | }; | - |
36 | | - |
37 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
38 | AUTHORITY_KEYID *akeyid, | - |
39 | STACK_OF(CONF_VALUE) | - |
40 | *extlist) | - |
41 | { | - |
42 | char *tmp; | - |
43 | if (akeyid->keyid) {TRUE | evaluated 728 times by 1 test | FALSE | evaluated 1787 times by 1 test |
| 728-1787 |
44 | tmp = OPENSSL_buf2hexstr(akeyid->keyid->data, akeyid->keyid->length); | - |
45 | X509V3_add_value("keyid", tmp, &extlist); | - |
46 | OPENSSL_free(tmp); | - |
47 | }executed 728 times by 1 test: end of block | 728 |
48 | if (akeyid->issuer)TRUE | evaluated 1356 times by 1 test | FALSE | evaluated 1159 times by 1 test |
| 1159-1356 |
49 | extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);executed 1356 times by 1 test: extlist = i2v_GENERAL_NAMES( ((void *)0) , akeyid->issuer, extlist); | 1356 |
50 | if (akeyid->serial) {TRUE | evaluated 501 times by 1 test | FALSE | evaluated 2014 times by 1 test |
| 501-2014 |
51 | tmp = OPENSSL_buf2hexstr(akeyid->serial->data, akeyid->serial->length); | - |
52 | X509V3_add_value("serial", tmp, &extlist); | - |
53 | OPENSSL_free(tmp); | - |
54 | }executed 501 times by 1 test: end of block | 501 |
55 | return extlist;executed 2515 times by 1 test: return extlist; | 2515 |
56 | } | - |
57 | | - |
58 | | - |
59 | | - |
60 | | - |
61 | | - |
62 | | - |
63 | | - |
64 | | - |
65 | | - |
66 | | - |
67 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | - |
68 | X509V3_CTX *ctx, | - |
69 | STACK_OF(CONF_VALUE) *values) | - |
70 | { | - |
71 | char keyid = 0, issuer = 0; | - |
72 | int i; | - |
73 | CONF_VALUE *cnf; | - |
74 | ASN1_OCTET_STRING *ikeyid = NULL; | - |
75 | X509_NAME *isname = NULL; | - |
76 | GENERAL_NAMES *gens = NULL; | - |
77 | GENERAL_NAME *gen = NULL; | - |
78 | ASN1_INTEGER *serial = NULL; | - |
79 | X509_EXTENSION *ext; | - |
80 | X509 *cert; | - |
81 | AUTHORITY_KEYID *akeyid; | - |
82 | | - |
83 | for (i = 0; i < sk_CONF_VALUE_num(values); i++) {TRUE | evaluated 60 times by 1 test | FALSE | evaluated 32 times by 1 test |
| 32-60 |
84 | cnf = sk_CONF_VALUE_value(values, i); | - |
85 | if (strcmp(cnf->name, "keyid") == 0) { never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "keyid" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 32 times by 1 test | FALSE | evaluated 28 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-32 |
86 | keyid = 1; | - |
87 | if (cnf->value && strcmp(cnf->value, "always") == 0) never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 24 times by 1 test | FALSE | evaluated 8 times by 1 test |
TRUE | evaluated 24 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-24 |
88 | keyid = 2;executed 24 times by 1 test: keyid = 2; | 24 |
89 | } else if (strcmp(cnf->name, "issuer") == 0) {executed 32 times by 1 test: end of block never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "issuer" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 28 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-32 |
90 | issuer = 1; | - |
91 | if (cnf->value && strcmp(cnf->value, "always") == 0) never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 10 times by 1 test | FALSE | evaluated 18 times by 1 test |
TRUE | evaluated 10 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-18 |
92 | issuer = 2;executed 10 times by 1 test: issuer = 2; | 10 |
93 | } else {executed 28 times by 1 test: end of block | 28 |
94 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION); | - |
95 | ERR_add_error_data(2, "name=", cnf->name); | - |
96 | return NULL; never executed: return ((void *)0) ; | 0 |
97 | } | - |
98 | } | - |
99 | | - |
100 | if (!ctx || !ctx->issuer_cert) {TRUE | never evaluated | FALSE | evaluated 32 times by 1 test |
TRUE | evaluated 24 times by 1 test | FALSE | evaluated 8 times by 1 test |
| 0-32 |
101 | if (ctx && (ctx->flags == CTX_TEST))TRUE | evaluated 24 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 24 times by 1 test | FALSE | never evaluated |
| 0-24 |
102 | return AUTHORITY_KEYID_new();executed 24 times by 1 test: return AUTHORITY_KEYID_new(); | 24 |
103 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, | - |
104 | X509V3_R_NO_ISSUER_CERTIFICATE); | - |
105 | return NULL; never executed: return ((void *)0) ; | 0 |
106 | } | - |
107 | | - |
108 | cert = ctx->issuer_cert; | - |
109 | | - |
110 | if (keyid) {TRUE | evaluated 8 times by 1 test | FALSE | never evaluated |
| 0-8 |
111 | i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); | - |
112 | if ((i >= 0) && (ext = X509_get_ext(cert, i)))TRUE | evaluated 8 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 8 times by 1 test | FALSE | never evaluated |
| 0-8 |
113 | ikeyid = X509V3_EXT_d2i(ext);executed 8 times by 1 test: ikeyid = X509V3_EXT_d2i(ext); | 8 |
114 | if (keyid == 2 && !ikeyid) {TRUE | evaluated 4 times by 1 test | FALSE | evaluated 4 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 4 times by 1 test |
| 0-4 |
115 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, | - |
116 | X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); | - |
117 | return NULL; never executed: return ((void *)0) ; | 0 |
118 | } | - |
119 | }executed 8 times by 1 test: end of block | 8 |
120 | | - |
121 | if ((issuer && !ikeyid) || (issuer == 2)) {TRUE | evaluated 6 times by 1 test | FALSE | evaluated 2 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 6 times by 1 test |
TRUE | evaluated 5 times by 1 test | FALSE | evaluated 3 times by 1 test |
| 0-6 |
122 | isname = X509_NAME_dup(X509_get_issuer_name(cert)); | - |
123 | serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert)); | - |
124 | if (!isname || !serial) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
125 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, | - |
126 | X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); | - |
127 | goto err; never executed: goto err; | 0 |
128 | } | - |
129 | }executed 5 times by 1 test: end of block | 5 |
130 | | - |
131 | if ((akeyid = AUTHORITY_KEYID_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 8 times by 1 test |
| 0-8 |
132 | goto err; never executed: goto err; | 0 |
133 | | - |
134 | if (isname) {TRUE | evaluated 5 times by 1 test | FALSE | evaluated 3 times by 1 test |
| 3-5 |
135 | if ((gens = sk_GENERAL_NAME_new_null()) == NULLTRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
136 | || (gen = GENERAL_NAME_new()) == NULLTRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
137 | || !sk_GENERAL_NAME_push(gens, gen)) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
138 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE); | - |
139 | goto err; never executed: goto err; | 0 |
140 | } | - |
141 | gen->type = GEN_DIRNAME; | - |
142 | gen->d.dirn = isname; | - |
143 | }executed 5 times by 1 test: end of block | 5 |
144 | | - |
145 | akeyid->issuer = gens; | - |
146 | gen = NULL; | - |
147 | gens = NULL; | - |
148 | akeyid->serial = serial; | - |
149 | akeyid->keyid = ikeyid; | - |
150 | | - |
151 | return akeyid;executed 8 times by 1 test: return akeyid; | 8 |
152 | | - |
153 | err: | - |
154 | sk_GENERAL_NAME_free(gens); | - |
155 | GENERAL_NAME_free(gen); | - |
156 | X509_NAME_free(isname); | - |
157 | ASN1_INTEGER_free(serial); | - |
158 | ASN1_OCTET_STRING_free(ikeyid); | - |
159 | return NULL; never executed: return ((void *)0) ; | 0 |
160 | } | - |
| | |