OpenCoverage

x509_txt.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509/x509_txt.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: x509_txt.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */-
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)-
3 * All rights reserved.-
4 *-
5 * This package is an SSL implementation written-
6 * by Eric Young (eay@cryptsoft.com).-
7 * The implementation was written so as to conform with Netscapes SSL.-
8 *-
9 * This library is free for commercial and non-commercial use as long as-
10 * the following conditions are aheared to. The following conditions-
11 * apply to all code found in this distribution, be it the RC4, RSA,-
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation-
13 * included with this distribution is covered by the same copyright terms-
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).-
15 *-
16 * Copyright remains Eric Young's, and as such any Copyright notices in-
17 * the code are not to be removed.-
18 * If this package is used in a product, Eric Young should be given attribution-
19 * as the author of the parts of the library used.-
20 * This can be in the form of a textual message at program startup or-
21 * in documentation (online or textual) provided with the package.-
22 *-
23 * Redistribution and use in source and binary forms, with or without-
24 * modification, are permitted provided that the following conditions-
25 * are met:-
26 * 1. Redistributions of source code must retain the copyright-
27 * notice, this list of conditions and the following disclaimer.-
28 * 2. Redistributions in binary form must reproduce the above copyright-
29 * notice, this list of conditions and the following disclaimer in the-
30 * documentation and/or other materials provided with the distribution.-
31 * 3. All advertising materials mentioning features or use of this software-
32 * must display the following acknowledgement:-
33 * "This product includes cryptographic software written by-
34 * Eric Young (eay@cryptsoft.com)"-
35 * The word 'cryptographic' can be left out if the rouines from the library-
36 * being used are not cryptographic related :-).-
37 * 4. If you include any Windows specific code (or a derivative thereof) from-
38 * the apps directory (application code) you must include an acknowledgement:-
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"-
40 *-
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND-
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE-
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE-
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL-
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS-
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT-
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY-
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF-
51 * SUCH DAMAGE.-
52 *-
53 * The licence and distribution terms for any publically available version or-
54 * derivative of this code cannot be changed. i.e. this code cannot simply be-
55 * copied and put under another distribution licence-
56 * [including the GNU Public Licence.]-
57 */-
58-
59#include <errno.h>-
60#include <stdio.h>-
61#include <time.h>-
62-
63#include <openssl/asn1.h>-
64#include <openssl/buffer.h>-
65#include <openssl/evp.h>-
66#include <openssl/lhash.h>-
67#include <openssl/objects.h>-
68#include <openssl/x509.h>-
69-
70const char *-
71X509_verify_cert_error_string(long n)-
72{-
73 static char buf[100];-
74-
75 switch ((int)n) {-
76 case X509_V_OK:
never executed: case 0:
0
77 return("ok");
never executed: return("ok");
0
78 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
never executed: case 2:
0
79 return("unable to get issuer certificate");
never executed: return("unable to get issuer certificate");
0
80 case X509_V_ERR_UNABLE_TO_GET_CRL:
never executed: case 3:
0
81 return("unable to get certificate CRL");
never executed: return("unable to get certificate CRL");
0
82 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
never executed: case 4:
0
83 return("unable to decrypt certificate's signature");
never executed: return("unable to decrypt certificate's signature");
0
84 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
never executed: case 5:
0
85 return("unable to decrypt CRL's signature");
never executed: return("unable to decrypt CRL's signature");
0
86 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
never executed: case 6:
0
87 return("unable to decode issuer public key");
never executed: return("unable to decode issuer public key");
0
88 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
never executed: case 7:
0
89 return("certificate signature failure");
never executed: return("certificate signature failure");
0
90 case X509_V_ERR_CRL_SIGNATURE_FAILURE:
never executed: case 8:
0
91 return("CRL signature failure");
never executed: return("CRL signature failure");
0
92 case X509_V_ERR_CERT_NOT_YET_VALID:
never executed: case 9:
0
93 return("certificate is not yet valid");
never executed: return("certificate is not yet valid");
0
94 case X509_V_ERR_CRL_NOT_YET_VALID:
never executed: case 11:
0
95 return("CRL is not yet valid");
never executed: return("CRL is not yet valid");
0
96 case X509_V_ERR_CERT_HAS_EXPIRED:
never executed: case 10:
0
97 return("certificate has expired");
never executed: return("certificate has expired");
0
98 case X509_V_ERR_CRL_HAS_EXPIRED:
never executed: case 12:
0
99 return("CRL has expired");
never executed: return("CRL has expired");
0
100 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
never executed: case 13:
0
101 return("format error in certificate's notBefore field");
never executed: return("format error in certificate's notBefore field");
0
102 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
never executed: case 14:
0
103 return("format error in certificate's notAfter field");
never executed: return("format error in certificate's notAfter field");
0
104 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
never executed: case 15:
0
105 return("format error in CRL's lastUpdate field");
never executed: return("format error in CRL's lastUpdate field");
0
106 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
never executed: case 16:
0
107 return("format error in CRL's nextUpdate field");
never executed: return("format error in CRL's nextUpdate field");
0
108 case X509_V_ERR_OUT_OF_MEM:
never executed: case 17:
0
109 return("out of memory");
never executed: return("out of memory");
0
110 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
never executed: case 18:
0
111 return("self signed certificate");
never executed: return("self signed certificate");
0
112 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
never executed: case 19:
0
113 return("self signed certificate in certificate chain");
never executed: return("self signed certificate in certificate chain");
0
114 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
never executed: case 20:
0
115 return("unable to get local issuer certificate");
never executed: return("unable to get local issuer certificate");
0
116 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
never executed: case 21:
0
117 return("unable to verify the first certificate");
never executed: return("unable to verify the first certificate");
0
118 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
never executed: case 22:
0
119 return("certificate chain too long");
never executed: return("certificate chain too long");
0
120 case X509_V_ERR_CERT_REVOKED:
never executed: case 23:
0
121 return("certificate revoked");
never executed: return("certificate revoked");
0
122 case X509_V_ERR_INVALID_CA:
never executed: case 24:
0
123 return ("invalid CA certificate");
never executed: return ("invalid CA certificate");
0
124 case X509_V_ERR_INVALID_NON_CA:
never executed: case 37:
0
125 return ("invalid non-CA certificate (has CA markings)");
never executed: return ("invalid non-CA certificate (has CA markings)");
0
126 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
never executed: case 25:
0
127 return ("path length constraint exceeded");
never executed: return ("path length constraint exceeded");
0
128 case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
never executed: case 38:
0
129 return("proxy path length constraint exceeded");
never executed: return("proxy path length constraint exceeded");
0
130 case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
never executed: case 40:
0
131 return("proxy certificates not allowed, please set the appropriate flag");
never executed: return("proxy certificates not allowed, please set the appropriate flag");
0
132 case X509_V_ERR_INVALID_PURPOSE:
never executed: case 26:
0
133 return ("unsupported certificate purpose");
never executed: return ("unsupported certificate purpose");
0
134 case X509_V_ERR_CERT_UNTRUSTED:
never executed: case 27:
0
135 return ("certificate not trusted");
never executed: return ("certificate not trusted");
0
136 case X509_V_ERR_CERT_REJECTED:
never executed: case 28:
0
137 return ("certificate rejected");
never executed: return ("certificate rejected");
0
138 case X509_V_ERR_APPLICATION_VERIFICATION:
never executed: case 50:
0
139 return("application verification failure");
never executed: return("application verification failure");
0
140 case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
never executed: case 29:
0
141 return("subject issuer mismatch");
never executed: return("subject issuer mismatch");
0
142 case X509_V_ERR_AKID_SKID_MISMATCH:
never executed: case 30:
0
143 return("authority and subject key identifier mismatch");
never executed: return("authority and subject key identifier mismatch");
0
144 case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
never executed: case 31:
0
145 return("authority and issuer serial number mismatch");
never executed: return("authority and issuer serial number mismatch");
0
146 case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
never executed: case 32:
0
147 return("key usage does not include certificate signing");
never executed: return("key usage does not include certificate signing");
0
148 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
never executed: case 33:
0
149 return("unable to get CRL issuer certificate");
never executed: return("unable to get CRL issuer certificate");
0
150 case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
never executed: case 34:
0
151 return("unhandled critical extension");
never executed: return("unhandled critical extension");
0
152 case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
never executed: case 35:
0
153 return("key usage does not include CRL signing");
never executed: return("key usage does not include CRL signing");
0
154 case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
never executed: case 39:
0
155 return("key usage does not include digital signature");
never executed: return("key usage does not include digital signature");
0
156 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
never executed: case 36:
0
157 return("unhandled critical CRL extension");
never executed: return("unhandled critical CRL extension");
0
158 case X509_V_ERR_INVALID_EXTENSION:
never executed: case 41:
0
159 return("invalid or inconsistent certificate extension");
never executed: return("invalid or inconsistent certificate extension");
0
160 case X509_V_ERR_INVALID_POLICY_EXTENSION:
never executed: case 42:
0
161 return("invalid or inconsistent certificate policy extension");
never executed: return("invalid or inconsistent certificate policy extension");
0
162 case X509_V_ERR_NO_EXPLICIT_POLICY:
never executed: case 43:
0
163 return("no explicit policy");
never executed: return("no explicit policy");
0
164 case X509_V_ERR_DIFFERENT_CRL_SCOPE:
never executed: case 44:
0
165 return("Different CRL scope");
never executed: return("Different CRL scope");
0
166 case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
never executed: case 45:
0
167 return("Unsupported extension feature");
never executed: return("Unsupported extension feature");
0
168 case X509_V_ERR_UNNESTED_RESOURCE:
never executed: case 46:
0
169 return("RFC 3779 resource not subset of parent's resources");
never executed: return("RFC 3779 resource not subset of parent's resources");
0
170 case X509_V_ERR_PERMITTED_VIOLATION:
never executed: case 47:
0
171 return("permitted subtree violation");
never executed: return("permitted subtree violation");
0
172 case X509_V_ERR_EXCLUDED_VIOLATION:
never executed: case 48:
0
173 return("excluded subtree violation");
never executed: return("excluded subtree violation");
0
174 case X509_V_ERR_SUBTREE_MINMAX:
never executed: case 49:
0
175 return("name constraints minimum and maximum not supported");
never executed: return("name constraints minimum and maximum not supported");
0
176 case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
never executed: case 51:
0
177 return("unsupported name constraint type");
never executed: return("unsupported name constraint type");
0
178 case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
never executed: case 52:
0
179 return("unsupported or invalid name constraint syntax");
never executed: return("unsupported or invalid name constraint syntax");
0
180 case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
never executed: case 53:
0
181 return("unsupported or invalid name syntax");
never executed: return("unsupported or invalid name syntax");
0
182 case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
never executed: case 54:
0
183 return("CRL path validation error");
never executed: return("CRL path validation error");
0
184-
185 default:
never executed: default:
0
186 (void) snprintf(buf, sizeof buf, "error number %ld", n);-
187 return(buf);
never executed: return(buf);
0
188 }-
189}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2