OpenCoverage

rsa_pss.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/rsa/rsa_pss.c
Switch to Source codePreprocessed file
LineSourceCount
1-
2-
3static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 };-
4-
5int-
6RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, const EVP_MD *Hash,-
7 const unsigned char *EM, int sLen)-
8{-
9 return
never executed: return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, ((void *)0) , EM, sLen);
 RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash,
never executed: return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, ((void *)0) , EM, sLen);
0
10 ((void *)0)
never executed: return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, ((void *)0) , EM, sLen);
0
11 , EM, sLen);
never executed: return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, ((void *)0) , EM, sLen);
0
12}-
13-
14int-
15RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,-
16 const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM,-
17 int sLen)-
18{-
19 int i;-
20 int ret = 0;-
21 int hLen, maskedDBLen, MSBits, emLen;-
22 const unsigned char *H;-
23 unsigned char *DB = -
24 ((void *)0)-
25 ;-
26 EVP_MD_CTX ctx;-
27 unsigned char H_[64];-
28-
29 EVP_MD_CTX_init(&ctx);-
30-
31 if (mgf1Hash ==
mgf1Hash == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
32 ((void *)0)
mgf1Hash == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
33 )-
34 mgf1Hash = Hash;
never executed: mgf1Hash = Hash;
0
35-
36 hLen = EVP_MD_size(Hash);-
37 if (hLen < 0
hLen < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
38 goto
never executed: goto err;
 err;
never executed: goto err;
0
39-
40-
41-
42-
43-
44-
45 if (sLen == -1
sLen == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
46 sLen = hLen;
never executed: sLen = hLen;
0
47 else if (sLen == -2
sLen == -2Description
TRUEnever evaluated
FALSEnever evaluated
)		0
48 sLen = -2;
never executed: sLen = -2;
0
49 else if (sLen < -2
sLen < -2Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
50 ERR_put_error(4,(0xfff),(136),__FILE__,110);-
51 goto
never executed: goto err;
 err;
never executed: goto err;
0
52 }-
53-
54 MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;-
55 emLen = RSA_size(rsa);-
56 if (EM[0] & (0xFF << MSBits)
EM[0] & (0xFF << MSBits)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
57 ERR_put_error(4,(0xfff),(133),__FILE__,117);-
58 goto
never executed: goto err;
 err;
never executed: goto err;
0
59 }-
60 if (MSBits == 0
MSBits == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
61 EM++;-
62 emLen--;-
63 }
never executed: end of block
0
64 if (emLen < (hLen + sLen + 2)
emLen < (hLen + sLen + 2)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
65-
66 ERR_put_error(4,(0xfff),(109),__FILE__,126);-
67 goto
never executed: goto err;
 err;
never executed: goto err;
0
68 }-
69 if (EM[emLen - 1] != 0xbc
EM[emLen - 1] != 0xbcDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
70 ERR_put_error(4,(0xfff),(134),__FILE__,130);-
71 goto
never executed: goto err;
 err;
never executed: goto err;
0
72 }-
73 maskedDBLen = emLen - hLen - 1;-
74 H = EM + maskedDBLen;-
75 DB = malloc(maskedDBLen);-
76 if (!DB
!DBDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
77 ERR_put_error(4,(0xfff),((1|64)),__FILE__,137);-
78 goto
never executed: goto err;
 err;
never executed: goto err;
0
79 }-
80 if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0
PKCS1_MGF1(DB,... mgf1Hash) < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
81 goto
never executed: goto err;
 err;
never executed: goto err;
0
82 for (i = 0; i < maskedDBLen
i < maskedDBLenDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
83 DB[i] ^= EM[i];
never executed: DB[i] ^= EM[i];
0
84 if (MSBits
MSBitsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
85 DB[0] &= 0xFF >> (8 - MSBits);
never executed: DB[0] &= 0xFF >> (8 - MSBits);
0
86 for (i = 0; DB[i] == 0
DB[i] == 0Description
TRUEnever evaluated
FALSEnever evaluated
 && i < (maskedDBLen - 1)
i < (maskedDBLen - 1)Description
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
87 ;
never executed: ;
0
88 if (DB[i++] != 0x1
DB[i++] != 0x1Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
89 ERR_put_error(4,(0xfff),(135),__FILE__,149);-
90 goto
never executed: goto err;
 err;
never executed: goto err;
0
91 }-
92 if (sLen >= 0
sLen >= 0Description
TRUEnever evaluated
FALSEnever evaluated
 && (
(maskedDBLen - i) != sLenDescription
TRUEnever evaluated
FALSEnever evaluated
maskedDBLen - i) != sLen
(maskedDBLen - i) != sLenDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
93 ERR_put_error(4,(0xfff),(136),__FILE__,153);-
94 goto
never executed: goto err;
 err;
never executed: goto err;
0
95 }-
96 if (!EVP_DigestInit_ex(&ctx, Hash,
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
97 ((void *)0)
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
98 )
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
99 !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
!EVP_DigestUpd...sizeof zeroes)Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
100 !EVP_DigestUpdate(&ctx, mHash, hLen)
!EVP_DigestUpd..., mHash, hLen)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
101 goto
never executed: goto err;
 err;
never executed: goto err;
0
102 if (maskedDBLen - i
maskedDBLen - iDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
103 if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i)
!EVP_DigestUpd...skedDBLen - i)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
104 goto
never executed: goto err;
 err;
never executed: goto err;
0
105 }
never executed: end of block
0
106 if (!EVP_DigestFinal_ex(&ctx, H_,
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
107 ((void *)0)
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
108 )
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
109 goto
never executed: goto err;
 err;
never executed: goto err;
0
110 if (timingsafe_bcmp(H_, H, hLen)
timingsafe_bcmp(H_, H, hLen)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
111 ERR_put_error(4,(0xfff),(104),__FILE__,167);-
112 ret = 0;-
113 }
never executed: end of block
 else		0
114 ret = 1;
never executed: ret = 1;
0
115-
116err:
code before this statement never executed: err:
0
117 free(DB);-
118 EVP_MD_CTX_cleanup(&ctx);-
119-
120 return
never executed: return ret;
 ret;
never executed: return ret;
0
121}-
122-
123int-
124RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,-
125 const unsigned char *mHash, const EVP_MD *Hash, int sLen)-
126{-
127 return
never executed: return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, ((void *)0) , sLen);
 RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash,
never executed: return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, ((void *)0) , sLen);
0
128 ((void *)0)
never executed: return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, ((void *)0) , sLen);
0
129 , sLen);
never executed: return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, ((void *)0) , sLen);
0
130}-
131-
132int-
133RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,-
134 const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash,-
135 int sLen)-
136{-
137 int i;-
138 int ret = 0;-
139 int hLen, maskedDBLen, MSBits, emLen;-
140 unsigned char *H, *salt = -
141 ((void *)0)-
142 , *p;-
143 EVP_MD_CTX ctx;-
144-
145 EVP_MD_CTX_init(&ctx);-
146-
147 if (mgf1Hash ==
mgf1Hash == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
148 ((void *)0)
mgf1Hash == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
149 )-
150 mgf1Hash = Hash;
never executed: mgf1Hash = Hash;
0
151-
152 hLen = EVP_MD_size(Hash);-
153 if (hLen < 0
hLen < 0Description
TRUEnever evaluated
FALSEnever evaluated
)		0
154 goto
never executed: goto err;
 err;
never executed: goto err;
0
155-
156-
157-
158-
159-
160-
161 if (sLen == -1
sLen == -1Description
TRUEnever evaluated
FALSEnever evaluated
)		0
162 sLen = hLen;
never executed: sLen = hLen;
0
163 else if (sLen == -2
sLen == -2Description
TRUEnever evaluated
FALSEnever evaluated
)		0
164 sLen = -2;
never executed: sLen = -2;
0
165 else if (sLen < -2
sLen < -2Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
166 ERR_put_error(4,(0xfff),(136),__FILE__,216);-
167 goto
never executed: goto err;
 err;
never executed: goto err;
0
168 }-
169-
170 MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;-
171 emLen = RSA_size(rsa);-
172 if (MSBits == 0
MSBits == 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
173 *EM++ = 0;-
174 emLen--;-
175 }
never executed: end of block
0
176 if (sLen == -2
sLen == -2Description
TRUEnever evaluated
FALSEnever evaluated
)		0
177 sLen = emLen - hLen - 2;
never executed: sLen = emLen - hLen - 2;
0
178 else if (emLen < (hLen + sLen + 2)
emLen < (hLen + sLen + 2)Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
179 ERR_put_error(4,(0xfff),(110),__FILE__,229);-
180 goto
never executed: goto err;
 err;
never executed: goto err;
0
181 }-
182 if (sLen > 0
sLen > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
183 salt = malloc(sLen);-
184 if (!salt
!saltDescription
TRUEnever evaluated
FALSEnever evaluated
) {		0
185 ERR_put_error(4,(0xfff),((1|64)),__FILE__,235);-
186 goto
never executed: goto err;
 err;
never executed: goto err;
0
187 }-
188 arc4random_buf(salt, sLen);-
189 }
never executed: end of block
0
190 maskedDBLen = emLen - hLen - 1;-
191 H = EM + maskedDBLen;-
192 if (!EVP_DigestInit_ex(&ctx, Hash,
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
193 ((void *)0)
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
194 )
!EVP_DigestIni... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
195 !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
!EVP_DigestUpd...sizeof zeroes)Description
TRUEnever evaluated
FALSEnever evaluated
 ||		0
196 !EVP_DigestUpdate(&ctx, mHash, hLen)
!EVP_DigestUpd..., mHash, hLen)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
197 goto
never executed: goto err;
 err;
never executed: goto err;
0
198 if (sLen
sLenDescription
TRUEnever evaluated
FALSEnever evaluated
 && !EVP_DigestUpdate(&ctx, salt, sLen)
!EVP_DigestUpd...x, salt, sLen)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
199 goto
never executed: goto err;
 err;
never executed: goto err;
0
200 if (!EVP_DigestFinal_ex(&ctx, H,
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
201 ((void *)0)
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
0
202 )
!EVP_DigestFin... ((void *)0) )Description
TRUEnever evaluated
FALSEnever evaluated
)		0
203 goto
never executed: goto err;
 err;
never executed: goto err;
0
204-
205-
206 if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)
PKCS1_MGF1(EM,...Len, mgf1Hash)Description
TRUEnever evaluated
FALSEnever evaluated
)		0
207 goto
never executed: goto err;
 err;
never executed: goto err;
0
208-
209 p = EM;-
210-
211-
212-
213-
214-
215-
216 p += emLen - sLen - hLen - 2;-
217 *p++ ^= 0x1;-
218 if (sLen > 0
sLen > 0Description
TRUEnever evaluated
FALSEnever evaluated
) {		0
219 for (i = 0; i < sLen
i < sLenDescription
TRUEnever evaluated
FALSEnever evaluated
; i++)		0
220 *
never executed: *p++ ^= salt[i];
p++ ^= salt[i];
never executed: *p++ ^= salt[i];
0
221 }
never executed: end of block
0
222 if (MSBits
MSBitsDescription
TRUEnever evaluated
FALSEnever evaluated
)		0
223 EM[0] &= 0xFF >> (8 - MSBits);
never executed: EM[0] &= 0xFF >> (8 - MSBits);
0
224-
225-
226 EM[emLen - 1] = 0xbc;-
227-
228 ret = 1;-
229-
230err:
code before this statement never executed: err:
0
231 free(salt);-
232 EVP_MD_CTX_cleanup(&ctx);-
233-
234 return
never executed: return ret;
 ret;
never executed: return ret;
0
235}-
Switch to Source codePreprocessed file
Generated by Squish Coco 4.2.2