OpenCoverage

v3_conf.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509v3/v3_conf.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: v3_conf.c,v 1.23 2018/05/18 19:34:37 tb Exp $ */-
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL-
3 * project 1999.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58/* extension creation utilities */-
59-
60#include <ctype.h>-
61#include <stdio.h>-
62#include <string.h>-
63-
64#include <openssl/conf.h>-
65#include <openssl/err.h>-
66#include <openssl/x509.h>-
67#include <openssl/x509v3.h>-
68-
69static int v3_check_critical(const char **value);-
70static int v3_check_generic(const char **value);-
71static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,-
72 int crit, const char *value);-
73static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value,-
74 int crit, int type, X509V3_CTX *ctx);-
75static char *conf_lhash_get_string(void *db, const char *section,-
76 const char *value);-
77static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db,-
78 const char *section);-
79static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,-
80 int crit, void *ext_struc);-
81static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx,-
82 long *ext_len);-
83-
84/* CONF *conf: Config file */-
85/* char *name: Name */-
86/* char *value: Value */-
87X509_EXTENSION *-
88X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name,-
89 const char *value)-
90{-
91 int crit;-
92 int ext_type;-
93 X509_EXTENSION *ret;-
94-
95 crit = v3_check_critical(&value);-
96 if ((ext_type = v3_check_generic(&value)))
(ext_type = v3...neric(&value))Description
TRUEnever evaluated
FALSEnever evaluated
0
97 return v3_generic_extension(name, value, crit, ext_type, ctx);
never executed: return v3_generic_extension(name, value, crit, ext_type, ctx);
0
98 ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);-
99 if (!ret) {
!retDescription
TRUEnever evaluated
FALSEnever evaluated
0
100 X509V3error(X509V3_R_ERROR_IN_EXTENSION);-
101 ERR_asprintf_error_data("name=%s, value=%s", name, value);-
102 }
never executed: end of block
0
103 return ret;
never executed: return ret;
0
104}-
105-
106/* CONF *conf: Config file */-
107/* char *value: Value */-
108X509_EXTENSION *-
109X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,-
110 const char *value)-
111{-
112 int crit;-
113 int ext_type;-
114-
115 crit = v3_check_critical(&value);-
116 if ((ext_type = v3_check_generic(&value)))
(ext_type = v3...neric(&value))Description
TRUEnever evaluated
FALSEnever evaluated
0
117 return v3_generic_extension(OBJ_nid2sn(ext_nid),
never executed: return v3_generic_extension(OBJ_nid2sn(ext_nid), value, crit, ext_type, ctx);
0
118 value, crit, ext_type, ctx);
never executed: return v3_generic_extension(OBJ_nid2sn(ext_nid), value, crit, ext_type, ctx);
0
119 return do_ext_nconf(conf, ctx, ext_nid, crit, value);
never executed: return do_ext_nconf(conf, ctx, ext_nid, crit, value);
0
120}-
121-
122/* CONF *conf: Config file */-
123/* char *value: Value */-
124static X509_EXTENSION *-
125do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit,-
126 const char *value)-
127{-
128 const X509V3_EXT_METHOD *method;-
129 X509_EXTENSION *ext;-
130 void *ext_struc;-
131-
132 if (ext_nid == NID_undef) {
ext_nid == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
133 X509V3error(X509V3_R_UNKNOWN_EXTENSION_NAME);-
134 return NULL;
never executed: return ((void *)0) ;
0
135 }-
136 if (!(method = X509V3_EXT_get_nid(ext_nid))) {
!(method = X50..._nid(ext_nid))Description
TRUEnever evaluated
FALSEnever evaluated
0
137 X509V3error(X509V3_R_UNKNOWN_EXTENSION);-
138 return NULL;
never executed: return ((void *)0) ;
0
139 }-
140 /* Now get internal extension representation based on type */-
141 if (method->v2i) {
method->v2iDescription
TRUEnever evaluated
FALSEnever evaluated
0
142 STACK_OF(CONF_VALUE) *nval;-
143-
144 if (*value == '@')
*value == '@'Description
TRUEnever evaluated
FALSEnever evaluated
0
145 nval = NCONF_get_section(conf, value + 1);
never executed: nval = NCONF_get_section(conf, value + 1);
0
146 else-
147 nval = X509V3_parse_list(value);
never executed: nval = X509V3_parse_list(value);
0
148 if (sk_CONF_VALUE_num(nval) <= 0) {
sk_num(((_STAC...LUE*)0))) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
149 X509V3error(X509V3_R_INVALID_EXTENSION_STRING);-
150 ERR_asprintf_error_data("name=%s,section=%s",-
151 OBJ_nid2sn(ext_nid), value);-
152 if (*value != '@')
*value != '@'Description
TRUEnever evaluated
FALSEnever evaluated
0
153 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
never executed: sk_pop_free(((_STACK*) (1 ? (nval) : (struct stack_st_CONF_VALUE*)0)), ((void (*)(void *)) ((1 ? (X509V3_conf_free) : (void (*)(CONF_VALUE *))0))));
0
154 return NULL;
never executed: return ((void *)0) ;
0
155 }-
156 ext_struc = method->v2i(method, ctx, nval);-
157 if (*value != '@')
*value != '@'Description
TRUEnever evaluated
FALSEnever evaluated
0
158 sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
never executed: sk_pop_free(((_STACK*) (1 ? (nval) : (struct stack_st_CONF_VALUE*)0)), ((void (*)(void *)) ((1 ? (X509V3_conf_free) : (void (*)(CONF_VALUE *))0))));
0
159 } else if (method->s2i) {
never executed: end of block
method->s2iDescription
TRUEnever evaluated
FALSEnever evaluated
0
160 ext_struc = method->s2i(method, ctx, value);-
161 } else if (method->r2i) {
never executed: end of block
method->r2iDescription
TRUEnever evaluated
FALSEnever evaluated
0
162 if (!ctx->db || !ctx->db_meth) {
!ctx->dbDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->db_methDescription
TRUEnever evaluated
FALSEnever evaluated
0
163 X509V3error(X509V3_R_NO_CONFIG_DATABASE);-
164 return NULL;
never executed: return ((void *)0) ;
0
165 }-
166 ext_struc = method->r2i(method, ctx, value);-
167 } else {
never executed: end of block
0
168 X509V3error(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);-
169 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));-
170 return NULL;
never executed: return ((void *)0) ;
0
171 }-
172 if (ext_struc == NULL)
ext_struc == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
173 return NULL;
never executed: return ((void *)0) ;
0
174-
175 ext = do_ext_i2d(method, ext_nid, crit, ext_struc);-
176 if (method->it)
method->itDescription
TRUEnever evaluated
FALSEnever evaluated
0
177 ASN1_item_free(ext_struc, method->it);
never executed: ASN1_item_free(ext_struc, method->it);
0
178 else-
179 method->ext_free(ext_struc);
never executed: method->ext_free(ext_struc);
0
180 return ext;
never executed: return ext;
0
181}-
182-
183static X509_EXTENSION *-
184do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, int crit,-
185 void *ext_struc)-
186{-
187 unsigned char *ext_der;-
188 int ext_len;-
189 ASN1_OCTET_STRING *ext_oct = NULL;-
190 X509_EXTENSION *ext;-
191-
192 /* Convert internal representation to DER */-
193 if (method->it) {
method->itDescription
TRUEevaluated 13 times by 1 test
Evaluated by:
  • verifytest
FALSEnever evaluated
0-13
194 ext_der = NULL;-
195 ext_len = ASN1_item_i2d(ext_struc, &ext_der,-
196 method->it);-
197 if (ext_len < 0)
ext_len < 0Description
TRUEnever evaluated
FALSEevaluated 13 times by 1 test
Evaluated by:
  • verifytest
0-13
198 goto merr;
never executed: goto merr;
0
199 } else {
executed 13 times by 1 test: end of block
Executed by:
  • verifytest
13
200 unsigned char *p;-
201 ext_len = method->i2d(ext_struc, NULL);-
202 if (!(ext_der = malloc(ext_len)))
!(ext_der = malloc(ext_len))Description
TRUEnever evaluated
FALSEnever evaluated
0
203 goto merr;
never executed: goto merr;
0
204 p = ext_der;-
205 method->i2d(ext_struc, &p);-
206 }
never executed: end of block
0
207 if (!(ext_oct = ASN1_OCTET_STRING_new()))
!(ext_oct = AS..._STRING_new())Description
TRUEnever evaluated
FALSEevaluated 13 times by 1 test
Evaluated by:
  • verifytest
0-13
208 goto merr;
never executed: goto merr;
0
209 ext_oct->data = ext_der;-
210 ext_oct->length = ext_len;-
211-
212 ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);-
213 if (!ext)
!extDescription
TRUEnever evaluated
FALSEevaluated 13 times by 1 test
Evaluated by:
  • verifytest
0-13
214 goto merr;
never executed: goto merr;
0
215 ASN1_OCTET_STRING_free(ext_oct);-
216-
217 return ext;
executed 13 times by 1 test: return ext;
Executed by:
  • verifytest
13
218-
219merr:-
220 ASN1_OCTET_STRING_free(ext_oct);-
221 X509V3error(ERR_R_MALLOC_FAILURE);-
222 return NULL;
never executed: return ((void *)0) ;
0
223-
224}-
225-
226/* Given an internal structure, nid and critical flag create an extension */-
227-
228X509_EXTENSION *-
229X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)-
230{-
231 const X509V3_EXT_METHOD *method;-
232-
233 if (!(method = X509V3_EXT_get_nid(ext_nid))) {
!(method = X50..._nid(ext_nid))Description
TRUEnever evaluated
FALSEevaluated 13 times by 1 test
Evaluated by:
  • verifytest
0-13
234 X509V3error(X509V3_R_UNKNOWN_EXTENSION);-
235 return NULL;
never executed: return ((void *)0) ;
0
236 }-
237 return do_ext_i2d(method, ext_nid, crit, ext_struc);
executed 13 times by 1 test: return do_ext_i2d(method, ext_nid, crit, ext_struc);
Executed by:
  • verifytest
13
238}-
239-
240/* Check the extension string for critical flag */-
241static int-
242v3_check_critical(const char **value)-
243{-
244 const char *p = *value;-
245-
246 if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "critical," ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(strlen(p) < 9)Description
TRUEnever evaluated
FALSEnever evaluated
(__extension__...ical," , 9 )))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 9 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 9 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons... "critical," )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "crit...size_t) ( 9 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
247 return 0;
never executed: return 0;
0
248 p += 9;-
249 while (isspace((unsigned char)*p)) p++;
never executed: p++;
((*__ctype_b_l...int) _ISspace)Description
TRUEnever evaluated
FALSEnever evaluated
0
250 *value = p;-
251 return 1;
never executed: return 1;
0
252}-
253-
254/* Check extension string for generic extension and return the type */-
255static int-
256v3_check_generic(const char **value)-
257{-
258 int gen_type = 0;-
259 const char *p = *value;-
260-
261 if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "DER:" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(strlen(p) >= 4)Description
TRUEnever evaluated
FALSEnever evaluated
! (__extension..."DER:" , 4 )))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 4 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 4 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...t_p ( "DER:" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "DER:...size_t) ( 4 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
262 p += 4;-
263 gen_type = 1;-
264 } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "ASN1:" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(strlen(p) >= 5)Description
TRUEnever evaluated
FALSEnever evaluated
! (__extension...ASN1:" , 5 )))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 5 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( "ASN1:" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "ASN1...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
265 p += 5;-
266 gen_type = 2;-
267 } else
never executed: end of block
0
268 return 0;
never executed: return 0;
0
269-
270 while (isspace((unsigned char)*p))
((*__ctype_b_l...int) _ISspace)Description
TRUEnever evaluated
FALSEnever evaluated
0
271 p++;
never executed: p++;
0
272 *value = p;-
273 return gen_type;
never executed: return gen_type;
0
274}-
275-
276/* Create a generic extension: for now just handle DER type */-
277static X509_EXTENSION *-
278v3_generic_extension(const char *ext, const char *value, int crit, int gen_type,-
279 X509V3_CTX *ctx)-
280{-
281 unsigned char *ext_der = NULL;-
282 long ext_len = 0;-
283 ASN1_OBJECT *obj = NULL;-
284 ASN1_OCTET_STRING *oct = NULL;-
285 X509_EXTENSION *extension = NULL;-
286-
287 if (!(obj = OBJ_txt2obj(ext, 0))) {
!(obj = OBJ_txt2obj(ext, 0))Description
TRUEnever evaluated
FALSEnever evaluated
0
288 X509V3error(X509V3_R_EXTENSION_NAME_ERROR);-
289 ERR_asprintf_error_data("name=%s", ext);-
290 goto err;
never executed: goto err;
0
291 }-
292-
293 if (gen_type == 1)
gen_type == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
294 ext_der = string_to_hex(value, &ext_len);
never executed: ext_der = string_to_hex(value, &ext_len);
0
295 else if (gen_type == 2)
gen_type == 2Description
TRUEnever evaluated
FALSEnever evaluated
0
296 ext_der = generic_asn1(value, ctx, &ext_len);
never executed: ext_der = generic_asn1(value, ctx, &ext_len);
0
297 else {-
298 ERR_asprintf_error_data("Unexpected generic extension type %d", gen_type);-
299 goto err;
never executed: goto err;
0
300 }-
301-
302 if (ext_der == NULL) {
ext_der == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
303 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);-
304 ERR_asprintf_error_data("value=%s", value);-
305 goto err;
never executed: goto err;
0
306 }-
307-
308 if (!(oct = ASN1_OCTET_STRING_new())) {
!(oct = ASN1_O..._STRING_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
309 X509V3error(ERR_R_MALLOC_FAILURE);-
310 goto err;
never executed: goto err;
0
311 }-
312-
313 oct->data = ext_der;-
314 oct->length = ext_len;-
315 ext_der = NULL;-
316-
317 extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);-
318-
319err:
code before this statement never executed: err:
0
320 ASN1_OBJECT_free(obj);-
321 ASN1_OCTET_STRING_free(oct);-
322 free(ext_der);-
323 return extension;
never executed: return extension;
0
324}-
325-
326static unsigned char *-
327generic_asn1(const char *value, X509V3_CTX *ctx, long *ext_len)-
328{-
329 ASN1_TYPE *typ;-
330 unsigned char *ext_der = NULL;-
331-
332 typ = ASN1_generate_v3(value, ctx);-
333 if (typ == NULL)
typ == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
334 return NULL;
never executed: return ((void *)0) ;
0
335 *ext_len = i2d_ASN1_TYPE(typ, &ext_der);-
336 ASN1_TYPE_free(typ);-
337 return ext_der;
never executed: return ext_der;
0
338}-
339-
340/* This is the main function: add a bunch of extensions based on a config file-
341 * section to an extension STACK.-
342 */-
343-
344int-
345X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section,-
346 STACK_OF(X509_EXTENSION) **sk)-
347{-
348 X509_EXTENSION *ext;-
349 STACK_OF(CONF_VALUE) *nval;-
350 CONF_VALUE *val;-
351 int i;-
352-
353 if (!(nval = NCONF_get_section(conf, section)))
!(nval = NCONF...onf, section))Description
TRUEnever evaluated
FALSEnever evaluated
0
354 return 0;
never executed: return 0;
0
355 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
i < sk_num(((_...NF_VALUE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
356 val = sk_CONF_VALUE_value(nval, i);-
357 if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
!(ext = X509V3..., val->value))Description
TRUEnever evaluated
FALSEnever evaluated
0
358 return 0;
never executed: return 0;
0
359 if (sk)
skDescription
TRUEnever evaluated
FALSEnever evaluated
0
360 X509v3_add_ext(sk, ext, -1);
never executed: X509v3_add_ext(sk, ext, -1);
0
361 X509_EXTENSION_free(ext);-
362 }
never executed: end of block
0
363 return 1;
never executed: return 1;
0
364}-
365-
366/* Convenience functions to add extensions to a certificate, CRL and request */-
367-
368int-
369X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,-
370 X509 *cert)-
371{-
372 STACK_OF(X509_EXTENSION) **sk = NULL;-
373-
374 if (cert)
certDescription
TRUEnever evaluated
FALSEnever evaluated
0
375 sk = &cert->cert_info->extensions;
never executed: sk = &cert->cert_info->extensions;
0
376 return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
never executed: return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
0
377}-
378-
379/* Same as above but for a CRL */-
380-
381int-
382X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,-
383 X509_CRL *crl)-
384{-
385 STACK_OF(X509_EXTENSION) **sk = NULL;-
386-
387 if (crl)
crlDescription
TRUEnever evaluated
FALSEnever evaluated
0
388 sk = &crl->crl->extensions;
never executed: sk = &crl->crl->extensions;
0
389 return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
never executed: return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
0
390}-
391-
392/* Add extensions to certificate request */-
393-
394int-
395X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,-
396 X509_REQ *req)-
397{-
398 STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;-
399 int i;-
400-
401 if (req)
reqDescription
TRUEnever evaluated
FALSEnever evaluated
0
402 sk = &extlist;
never executed: sk = &extlist;
0
403 i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);-
404 if (!i || !sk)
!iDescription
TRUEnever evaluated
FALSEnever evaluated
!skDescription
TRUEnever evaluated
FALSEnever evaluated
0
405 return i;
never executed: return i;
0
406 i = X509_REQ_add_extensions(req, extlist);-
407 sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);-
408 return i;
never executed: return i;
0
409}-
410-
411/* Config database functions */-
412-
413char *-
414X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section)-
415{-
416 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
!ctx->dbDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->db_methDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->db_meth->get_stringDescription
TRUEnever evaluated
FALSEnever evaluated
0
417 X509V3error(X509V3_R_OPERATION_NOT_DEFINED);-
418 return NULL;
never executed: return ((void *)0) ;
0
419 }-
420 return ctx->db_meth->get_string(ctx->db, name, section);
never executed: return ctx->db_meth->get_string(ctx->db, name, section);
0
421}-
422-
423STACK_OF(CONF_VALUE) *-
424X509V3_get_section(X509V3_CTX *ctx, const char *section)-
425{-
426 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
!ctx->dbDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->db_methDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->db_meth->get_sectionDescription
TRUEnever evaluated
FALSEnever evaluated
0
427 X509V3error(X509V3_R_OPERATION_NOT_DEFINED);-
428 return NULL;
never executed: return ((void *)0) ;
0
429 }-
430 return ctx->db_meth->get_section(ctx->db, section);
never executed: return ctx->db_meth->get_section(ctx->db, section);
0
431}-
432-
433void-
434X509V3_string_free(X509V3_CTX *ctx, char *str)-
435{-
436 if (!str)
!strDescription
TRUEnever evaluated
FALSEnever evaluated
0
437 return;
never executed: return;
0
438 if (ctx->db_meth->free_string)
ctx->db_meth->free_stringDescription
TRUEnever evaluated
FALSEnever evaluated
0
439 ctx->db_meth->free_string(ctx->db, str);
never executed: ctx->db_meth->free_string(ctx->db, str);
0
440}
never executed: end of block
0
441-
442void-
443X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)-
444{-
445 if (!section)
!sectionDescription
TRUEnever evaluated
FALSEnever evaluated
0
446 return;
never executed: return;
0
447 if (ctx->db_meth->free_section)
ctx->db_meth->free_sectionDescription
TRUEnever evaluated
FALSEnever evaluated
0
448 ctx->db_meth->free_section(ctx->db, section);
never executed: ctx->db_meth->free_section(ctx->db, section);
0
449}
never executed: end of block
0
450-
451static char *-
452nconf_get_string(void *db, const char *section, const char *value)-
453{-
454 return NCONF_get_string(db, section, value);
never executed: return NCONF_get_string(db, section, value);
0
455}-
456-
457static STACK_OF(CONF_VALUE) *-
458nconf_get_section(void *db, const char *section)-
459{-
460 return NCONF_get_section(db, section);
never executed: return NCONF_get_section(db, section);
0
461}-
462-
463static X509V3_CONF_METHOD nconf_method = {-
464 nconf_get_string,-
465 nconf_get_section,-
466 NULL,-
467 NULL-
468};-
469-
470void-
471X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)-
472{-
473 ctx->db_meth = &nconf_method;-
474 ctx->db = conf;-
475}
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.44.0.1
2
476-
477void-
478X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,-
479 X509_CRL *crl, int flags)-
480{-
481 ctx->issuer_cert = issuer;-
482 ctx->subject_cert = subj;-
483 ctx->crl = crl;-
484 ctx->subject_req = req;-
485 ctx->flags = flags;-
486}
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.44.0.1
2
487-
488/* Old conf compatibility functions */-
489-
490X509_EXTENSION *-
491X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, const char *name,-
492 const char *value)-
493{-
494 CONF ctmp;-
495-
496 CONF_set_nconf(&ctmp, conf);-
497 return X509V3_EXT_nconf(&ctmp, ctx, name, value);
never executed: return X509V3_EXT_nconf(&ctmp, ctx, name, value);
0
498}-
499-
500/* LHASH *conf: Config file */-
501/* char *value: Value */-
502X509_EXTENSION *-
503X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int ext_nid,-
504 const char *value)-
505{-
506 CONF ctmp;-
507-
508 CONF_set_nconf(&ctmp, conf);-
509 return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
never executed: return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
0
510}-
511-
512static char *-
513conf_lhash_get_string(void *db, const char *section, const char *value)-
514{-
515 return CONF_get_string(db, section, value);
never executed: return CONF_get_string(db, section, value);
0
516}-
517-
518static STACK_OF(CONF_VALUE) *-
519conf_lhash_get_section(void *db, const char *section)-
520{-
521 return CONF_get_section(db, section);
never executed: return CONF_get_section(db, section);
0
522}-
523-
524static X509V3_CONF_METHOD conf_lhash_method = {-
525 conf_lhash_get_string,-
526 conf_lhash_get_section,-
527 NULL,-
528 NULL-
529};-
530-
531void-
532X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)-
533{-
534 ctx->db_meth = &conf_lhash_method;-
535 ctx->db = lhash;-
536}
never executed: end of block
0
537-
538int-
539X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,-
540 const char *section, X509 *cert)-
541{-
542 CONF ctmp;-
543-
544 CONF_set_nconf(&ctmp, conf);-
545 return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
never executed: return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
0
546}-
547-
548/* Same as above but for a CRL */-
549-
550int-
551X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,-
552 const char *section, X509_CRL *crl)-
553{-
554 CONF ctmp;-
555-
556 CONF_set_nconf(&ctmp, conf);-
557 return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
never executed: return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
0
558}-
559-
560/* Add extensions to certificate request */-
561-
562int-
563X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,-
564 const char *section, X509_REQ *req)-
565{-
566 CONF ctmp;-
567-
568 CONF_set_nconf(&ctmp, conf);-
569 return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
never executed: return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
0
570}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2