Absolute File Name: | /home/opencoverage/opencoverage/guest-scripts/libressl/src/tls/tls_keypair.c |
Source code | Switch to Preprocessed file |
Line | Source | Count | ||||||
---|---|---|---|---|---|---|---|---|
1 | /* $OpenBSD: tls_keypair.c,v 1.6 2018/04/07 16:35:34 jsing Exp $ */ | - | ||||||
2 | /* | - | ||||||
3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | - | ||||||
4 | * | - | ||||||
5 | * Permission to use, copy, modify, and distribute this software for any | - | ||||||
6 | * purpose with or without fee is hereby granted, provided that the above | - | ||||||
7 | * copyright notice and this permission notice appear in all copies. | - | ||||||
8 | * | - | ||||||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | - | ||||||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | - | ||||||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | - | ||||||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | - | ||||||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | - | ||||||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | - | ||||||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | - | ||||||
16 | */ | - | ||||||
17 | - | |||||||
18 | #include <openssl/bio.h> | - | ||||||
19 | #include <openssl/err.h> | - | ||||||
20 | #include <openssl/pem.h> | - | ||||||
21 | - | |||||||
22 | #include <tls.h> | - | ||||||
23 | - | |||||||
24 | #include "tls_internal.h" | - | ||||||
25 | - | |||||||
26 | struct tls_keypair * | - | ||||||
27 | tls_keypair_new(void) | - | ||||||
28 | { | - | ||||||
29 | return calloc(1, sizeof(struct tls_keypair)); executed 8 times by 4 tests: return calloc(1, sizeof(struct tls_keypair)); Executed by:
| 8 | ||||||
30 | } | - | ||||||
31 | - | |||||||
32 | static int | - | ||||||
33 | tls_keypair_pubkey_hash(struct tls_keypair *keypair, struct tls_error *error) | - | ||||||
34 | { | - | ||||||
35 | X509 *cert = NULL; | - | ||||||
36 | int rv = -1; | - | ||||||
37 | - | |||||||
38 | free(keypair->pubkey_hash); | - | ||||||
39 | keypair->pubkey_hash = NULL; | - | ||||||
40 | - | |||||||
41 | if (keypair->cert_mem == NULL) {
| 0-4 | ||||||
42 | rv = 0; | - | ||||||
43 | goto done; never executed: goto done; | 0 | ||||||
44 | } | - | ||||||
45 | - | |||||||
46 | if (tls_keypair_load_cert(keypair, error, &cert) == -1)
| 0-4 | ||||||
47 | goto err; never executed: goto err; | 0 | ||||||
48 | if (tls_cert_pubkey_hash(cert, &keypair->pubkey_hash) == -1)
| 0-4 | ||||||
49 | goto err; never executed: goto err; | 0 | ||||||
50 | - | |||||||
51 | rv = 0; | - | ||||||
52 | - | |||||||
53 | err: code before this statement executed 4 times by 2 tests: err: Executed by:
| 4 | ||||||
54 | X509_free(cert); | - | ||||||
55 | done: code before this statement executed 4 times by 2 tests: done: Executed by:
| 4 | ||||||
56 | return (rv); executed 4 times by 2 tests: return (rv); Executed by:
| 4 | ||||||
57 | } | - | ||||||
58 | - | |||||||
59 | void | - | ||||||
60 | tls_keypair_clear_key(struct tls_keypair *keypair) | - | ||||||
61 | { | - | ||||||
62 | freezero(keypair->key_mem, keypair->key_len); | - | ||||||
63 | keypair->key_mem = NULL; | - | ||||||
64 | keypair->key_len = 0; | - | ||||||
65 | } executed 13 times by 2 tests: end of block Executed by:
| 13 | ||||||
66 | - | |||||||
67 | int | - | ||||||
68 | tls_keypair_set_cert_file(struct tls_keypair *keypair, struct tls_error *error, | - | ||||||
69 | const char *cert_file) | - | ||||||
70 | { | - | ||||||
71 | if (tls_config_load_file(error, "certificate", cert_file,
| 0-3 | ||||||
72 | &keypair->cert_mem, &keypair->cert_len) == -1)
| 0-3 | ||||||
73 | return -1; never executed: return -1; | 0 | ||||||
74 | return tls_keypair_pubkey_hash(keypair, error); executed 3 times by 2 tests: return tls_keypair_pubkey_hash(keypair, error); Executed by:
| 3 | ||||||
75 | } | - | ||||||
76 | - | |||||||
77 | int | - | ||||||
78 | tls_keypair_set_cert_mem(struct tls_keypair *keypair, struct tls_error *error, | - | ||||||
79 | const uint8_t *cert, size_t len) | - | ||||||
80 | { | - | ||||||
81 | if (tls_set_mem(&keypair->cert_mem, &keypair->cert_len, cert, len) == -1)
| 0-1 | ||||||
82 | return -1; never executed: return -1; | 0 | ||||||
83 | return tls_keypair_pubkey_hash(keypair, error); executed 1 time by 1 test: return tls_keypair_pubkey_hash(keypair, error); Executed by:
| 1 | ||||||
84 | } | - | ||||||
85 | - | |||||||
86 | int | - | ||||||
87 | tls_keypair_set_key_file(struct tls_keypair *keypair, struct tls_error *error, | - | ||||||
88 | const char *key_file) | - | ||||||
89 | { | - | ||||||
90 | tls_keypair_clear_key(keypair); | - | ||||||
91 | return tls_config_load_file(error, "key", key_file, executed 5 times by 2 tests: return tls_config_load_file(error, "key", key_file, &keypair->key_mem, &keypair->key_len); Executed by:
| 5 | ||||||
92 | &keypair->key_mem, &keypair->key_len); executed 5 times by 2 tests: return tls_config_load_file(error, "key", key_file, &keypair->key_mem, &keypair->key_len); Executed by:
| 5 | ||||||
93 | } | - | ||||||
94 | - | |||||||
95 | int | - | ||||||
96 | tls_keypair_set_key_mem(struct tls_keypair *keypair, struct tls_error *error, | - | ||||||
97 | const uint8_t *key, size_t len) | - | ||||||
98 | { | - | ||||||
99 | tls_keypair_clear_key(keypair); | - | ||||||
100 | return tls_set_mem(&keypair->key_mem, &keypair->key_len, key, len); executed 1 time by 1 test: return tls_set_mem(&keypair->key_mem, &keypair->key_len, key, len); Executed by:
| 1 | ||||||
101 | } | - | ||||||
102 | - | |||||||
103 | int | - | ||||||
104 | tls_keypair_set_ocsp_staple_file(struct tls_keypair *keypair, | - | ||||||
105 | struct tls_error *error, const char *ocsp_file) | - | ||||||
106 | { | - | ||||||
107 | return tls_config_load_file(error, "ocsp", ocsp_file, executed 1 time by 1 test: return tls_config_load_file(error, "ocsp", ocsp_file, &keypair->ocsp_staple, &keypair->ocsp_staple_len); Executed by:
| 1 | ||||||
108 | &keypair->ocsp_staple, &keypair->ocsp_staple_len); executed 1 time by 1 test: return tls_config_load_file(error, "ocsp", ocsp_file, &keypair->ocsp_staple, &keypair->ocsp_staple_len); Executed by:
| 1 | ||||||
109 | } | - | ||||||
110 | - | |||||||
111 | int | - | ||||||
112 | tls_keypair_set_ocsp_staple_mem(struct tls_keypair *keypair, | - | ||||||
113 | struct tls_error *error, const uint8_t *staple, size_t len) | - | ||||||
114 | { | - | ||||||
115 | return tls_set_mem(&keypair->ocsp_staple, &keypair->ocsp_staple_len, executed 1 time by 1 test: return tls_set_mem(&keypair->ocsp_staple, &keypair->ocsp_staple_len, staple, len); Executed by:
| 1 | ||||||
116 | staple, len); executed 1 time by 1 test: return tls_set_mem(&keypair->ocsp_staple, &keypair->ocsp_staple_len, staple, len); Executed by:
| 1 | ||||||
117 | } | - | ||||||
118 | - | |||||||
119 | void | - | ||||||
120 | tls_keypair_free(struct tls_keypair *keypair) | - | ||||||
121 | { | - | ||||||
122 | if (keypair == NULL)
| 0-5 | ||||||
123 | return; never executed: return; | 0 | ||||||
124 | - | |||||||
125 | tls_keypair_clear_key(keypair); | - | ||||||
126 | - | |||||||
127 | free(keypair->cert_mem); | - | ||||||
128 | free(keypair->ocsp_staple); | - | ||||||
129 | free(keypair->pubkey_hash); | - | ||||||
130 | - | |||||||
131 | free(keypair); | - | ||||||
132 | } executed 5 times by 2 tests: end of block Executed by:
| 5 | ||||||
133 | - | |||||||
134 | int | - | ||||||
135 | tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, | - | ||||||
136 | X509 **cert) | - | ||||||
137 | { | - | ||||||
138 | char *errstr = "unknown"; | - | ||||||
139 | BIO *cert_bio = NULL; | - | ||||||
140 | int ssl_err; | - | ||||||
141 | int rv = -1; | - | ||||||
142 | - | |||||||
143 | X509_free(*cert); | - | ||||||
144 | *cert = NULL; | - | ||||||
145 | - | |||||||
146 | if (keypair->cert_mem == NULL) {
| 0-5 | ||||||
147 | tls_error_set(error, "keypair has no certificate"); | - | ||||||
148 | goto err; never executed: goto err; | 0 | ||||||
149 | } | - | ||||||
150 | if ((cert_bio = BIO_new_mem_buf(keypair->cert_mem,
| 0-5 | ||||||
151 | keypair->cert_len)) == NULL) {
| 0-5 | ||||||
152 | tls_error_set(error, "failed to create certificate bio"); | - | ||||||
153 | goto err; never executed: goto err; | 0 | ||||||
154 | } | - | ||||||
155 | if ((*cert = PEM_read_bio_X509(cert_bio, NULL, tls_password_cb,
| 0-5 | ||||||
156 | NULL)) == NULL) {
| 0-5 | ||||||
157 | if ((ssl_err = ERR_peek_error()) != 0)
| 0 | ||||||
158 | errstr = ERR_error_string(ssl_err, NULL); never executed: errstr = ERR_error_string(ssl_err, ((void *)0) ); | 0 | ||||||
159 | tls_error_set(error, "failed to load certificate: %s", errstr); | - | ||||||
160 | goto err; never executed: goto err; | 0 | ||||||
161 | } | - | ||||||
162 | - | |||||||
163 | rv = 0; | - | ||||||
164 | - | |||||||
165 | err: code before this statement executed 5 times by 2 tests: err: Executed by:
| 5 | ||||||
166 | BIO_free(cert_bio); | - | ||||||
167 | - | |||||||
168 | return (rv); executed 5 times by 2 tests: return (rv); Executed by:
| 5 | ||||||
169 | } | - | ||||||
Source code | Switch to Preprocessed file |