Absolute File Name: | /home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509/x509_txt.c |
Source code | Switch to Preprocessed file |
Line | Source | Count |
---|---|---|
1 | /* $OpenBSD: x509_txt.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */ | - |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | - |
3 | * All rights reserved. | - |
4 | * | - |
5 | * This package is an SSL implementation written | - |
6 | * by Eric Young (eay@cryptsoft.com). | - |
7 | * The implementation was written so as to conform with Netscapes SSL. | - |
8 | * | - |
9 | * This library is free for commercial and non-commercial use as long as | - |
10 | * the following conditions are aheared to. The following conditions | - |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | - |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | - |
13 | * included with this distribution is covered by the same copyright terms | - |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | - |
15 | * | - |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | - |
17 | * the code are not to be removed. | - |
18 | * If this package is used in a product, Eric Young should be given attribution | - |
19 | * as the author of the parts of the library used. | - |
20 | * This can be in the form of a textual message at program startup or | - |
21 | * in documentation (online or textual) provided with the package. | - |
22 | * | - |
23 | * Redistribution and use in source and binary forms, with or without | - |
24 | * modification, are permitted provided that the following conditions | - |
25 | * are met: | - |
26 | * 1. Redistributions of source code must retain the copyright | - |
27 | * notice, this list of conditions and the following disclaimer. | - |
28 | * 2. Redistributions in binary form must reproduce the above copyright | - |
29 | * notice, this list of conditions and the following disclaimer in the | - |
30 | * documentation and/or other materials provided with the distribution. | - |
31 | * 3. All advertising materials mentioning features or use of this software | - |
32 | * must display the following acknowledgement: | - |
33 | * "This product includes cryptographic software written by | - |
34 | * Eric Young (eay@cryptsoft.com)" | - |
35 | * The word 'cryptographic' can be left out if the rouines from the library | - |
36 | * being used are not cryptographic related :-). | - |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | - |
38 | * the apps directory (application code) you must include an acknowledgement: | - |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | - |
40 | * | - |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | - |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | - |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | - |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | - |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | - |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | - |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | - |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | - |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | - |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | - |
51 | * SUCH DAMAGE. | - |
52 | * | - |
53 | * The licence and distribution terms for any publically available version or | - |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | - |
55 | * copied and put under another distribution licence | - |
56 | * [including the GNU Public Licence.] | - |
57 | */ | - |
58 | - | |
59 | #include <errno.h> | - |
60 | #include <stdio.h> | - |
61 | #include <time.h> | - |
62 | - | |
63 | #include <openssl/asn1.h> | - |
64 | #include <openssl/buffer.h> | - |
65 | #include <openssl/evp.h> | - |
66 | #include <openssl/lhash.h> | - |
67 | #include <openssl/objects.h> | - |
68 | #include <openssl/x509.h> | - |
69 | - | |
70 | const char * | - |
71 | X509_verify_cert_error_string(long n) | - |
72 | { | - |
73 | static char buf[100]; | - |
74 | - | |
75 | switch ((int)n) { | - |
76 | case X509_V_OK: never executed: case 0: | 0 |
77 | return("ok"); never executed: return("ok"); | 0 |
78 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: never executed: case 2: | 0 |
79 | return("unable to get issuer certificate"); never executed: return("unable to get issuer certificate"); | 0 |
80 | case X509_V_ERR_UNABLE_TO_GET_CRL: never executed: case 3: | 0 |
81 | return("unable to get certificate CRL"); never executed: return("unable to get certificate CRL"); | 0 |
82 | case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: never executed: case 4: | 0 |
83 | return("unable to decrypt certificate's signature"); never executed: return("unable to decrypt certificate's signature"); | 0 |
84 | case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: never executed: case 5: | 0 |
85 | return("unable to decrypt CRL's signature"); never executed: return("unable to decrypt CRL's signature"); | 0 |
86 | case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: never executed: case 6: | 0 |
87 | return("unable to decode issuer public key"); never executed: return("unable to decode issuer public key"); | 0 |
88 | case X509_V_ERR_CERT_SIGNATURE_FAILURE: never executed: case 7: | 0 |
89 | return("certificate signature failure"); never executed: return("certificate signature failure"); | 0 |
90 | case X509_V_ERR_CRL_SIGNATURE_FAILURE: never executed: case 8: | 0 |
91 | return("CRL signature failure"); never executed: return("CRL signature failure"); | 0 |
92 | case X509_V_ERR_CERT_NOT_YET_VALID: never executed: case 9: | 0 |
93 | return("certificate is not yet valid"); never executed: return("certificate is not yet valid"); | 0 |
94 | case X509_V_ERR_CRL_NOT_YET_VALID: never executed: case 11: | 0 |
95 | return("CRL is not yet valid"); never executed: return("CRL is not yet valid"); | 0 |
96 | case X509_V_ERR_CERT_HAS_EXPIRED: never executed: case 10: | 0 |
97 | return("certificate has expired"); never executed: return("certificate has expired"); | 0 |
98 | case X509_V_ERR_CRL_HAS_EXPIRED: never executed: case 12: | 0 |
99 | return("CRL has expired"); never executed: return("CRL has expired"); | 0 |
100 | case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: never executed: case 13: | 0 |
101 | return("format error in certificate's notBefore field"); never executed: return("format error in certificate's notBefore field"); | 0 |
102 | case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: never executed: case 14: | 0 |
103 | return("format error in certificate's notAfter field"); never executed: return("format error in certificate's notAfter field"); | 0 |
104 | case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: never executed: case 15: | 0 |
105 | return("format error in CRL's lastUpdate field"); never executed: return("format error in CRL's lastUpdate field"); | 0 |
106 | case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: never executed: case 16: | 0 |
107 | return("format error in CRL's nextUpdate field"); never executed: return("format error in CRL's nextUpdate field"); | 0 |
108 | case X509_V_ERR_OUT_OF_MEM: never executed: case 17: | 0 |
109 | return("out of memory"); never executed: return("out of memory"); | 0 |
110 | case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: never executed: case 18: | 0 |
111 | return("self signed certificate"); never executed: return("self signed certificate"); | 0 |
112 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: never executed: case 19: | 0 |
113 | return("self signed certificate in certificate chain"); never executed: return("self signed certificate in certificate chain"); | 0 |
114 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: never executed: case 20: | 0 |
115 | return("unable to get local issuer certificate"); never executed: return("unable to get local issuer certificate"); | 0 |
116 | case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: never executed: case 21: | 0 |
117 | return("unable to verify the first certificate"); never executed: return("unable to verify the first certificate"); | 0 |
118 | case X509_V_ERR_CERT_CHAIN_TOO_LONG: never executed: case 22: | 0 |
119 | return("certificate chain too long"); never executed: return("certificate chain too long"); | 0 |
120 | case X509_V_ERR_CERT_REVOKED: never executed: case 23: | 0 |
121 | return("certificate revoked"); never executed: return("certificate revoked"); | 0 |
122 | case X509_V_ERR_INVALID_CA: never executed: case 24: | 0 |
123 | return ("invalid CA certificate"); never executed: return ("invalid CA certificate"); | 0 |
124 | case X509_V_ERR_INVALID_NON_CA: never executed: case 37: | 0 |
125 | return ("invalid non-CA certificate (has CA markings)"); never executed: return ("invalid non-CA certificate (has CA markings)"); | 0 |
126 | case X509_V_ERR_PATH_LENGTH_EXCEEDED: never executed: case 25: | 0 |
127 | return ("path length constraint exceeded"); never executed: return ("path length constraint exceeded"); | 0 |
128 | case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: never executed: case 38: | 0 |
129 | return("proxy path length constraint exceeded"); never executed: return("proxy path length constraint exceeded"); | 0 |
130 | case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: never executed: case 40: | 0 |
131 | return("proxy certificates not allowed, please set the appropriate flag"); never executed: return("proxy certificates not allowed, please set the appropriate flag"); | 0 |
132 | case X509_V_ERR_INVALID_PURPOSE: never executed: case 26: | 0 |
133 | return ("unsupported certificate purpose"); never executed: return ("unsupported certificate purpose"); | 0 |
134 | case X509_V_ERR_CERT_UNTRUSTED: never executed: case 27: | 0 |
135 | return ("certificate not trusted"); never executed: return ("certificate not trusted"); | 0 |
136 | case X509_V_ERR_CERT_REJECTED: never executed: case 28: | 0 |
137 | return ("certificate rejected"); never executed: return ("certificate rejected"); | 0 |
138 | case X509_V_ERR_APPLICATION_VERIFICATION: never executed: case 50: | 0 |
139 | return("application verification failure"); never executed: return("application verification failure"); | 0 |
140 | case X509_V_ERR_SUBJECT_ISSUER_MISMATCH: never executed: case 29: | 0 |
141 | return("subject issuer mismatch"); never executed: return("subject issuer mismatch"); | 0 |
142 | case X509_V_ERR_AKID_SKID_MISMATCH: never executed: case 30: | 0 |
143 | return("authority and subject key identifier mismatch"); never executed: return("authority and subject key identifier mismatch"); | 0 |
144 | case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: never executed: case 31: | 0 |
145 | return("authority and issuer serial number mismatch"); never executed: return("authority and issuer serial number mismatch"); | 0 |
146 | case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: never executed: case 32: | 0 |
147 | return("key usage does not include certificate signing"); never executed: return("key usage does not include certificate signing"); | 0 |
148 | case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: never executed: case 33: | 0 |
149 | return("unable to get CRL issuer certificate"); never executed: return("unable to get CRL issuer certificate"); | 0 |
150 | case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: never executed: case 34: | 0 |
151 | return("unhandled critical extension"); never executed: return("unhandled critical extension"); | 0 |
152 | case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: never executed: case 35: | 0 |
153 | return("key usage does not include CRL signing"); never executed: return("key usage does not include CRL signing"); | 0 |
154 | case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: never executed: case 39: | 0 |
155 | return("key usage does not include digital signature"); never executed: return("key usage does not include digital signature"); | 0 |
156 | case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: never executed: case 36: | 0 |
157 | return("unhandled critical CRL extension"); never executed: return("unhandled critical CRL extension"); | 0 |
158 | case X509_V_ERR_INVALID_EXTENSION: never executed: case 41: | 0 |
159 | return("invalid or inconsistent certificate extension"); never executed: return("invalid or inconsistent certificate extension"); | 0 |
160 | case X509_V_ERR_INVALID_POLICY_EXTENSION: never executed: case 42: | 0 |
161 | return("invalid or inconsistent certificate policy extension"); never executed: return("invalid or inconsistent certificate policy extension"); | 0 |
162 | case X509_V_ERR_NO_EXPLICIT_POLICY: never executed: case 43: | 0 |
163 | return("no explicit policy"); never executed: return("no explicit policy"); | 0 |
164 | case X509_V_ERR_DIFFERENT_CRL_SCOPE: never executed: case 44: | 0 |
165 | return("Different CRL scope"); never executed: return("Different CRL scope"); | 0 |
166 | case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: never executed: case 45: | 0 |
167 | return("Unsupported extension feature"); never executed: return("Unsupported extension feature"); | 0 |
168 | case X509_V_ERR_UNNESTED_RESOURCE: never executed: case 46: | 0 |
169 | return("RFC 3779 resource not subset of parent's resources"); never executed: return("RFC 3779 resource not subset of parent's resources"); | 0 |
170 | case X509_V_ERR_PERMITTED_VIOLATION: never executed: case 47: | 0 |
171 | return("permitted subtree violation"); never executed: return("permitted subtree violation"); | 0 |
172 | case X509_V_ERR_EXCLUDED_VIOLATION: never executed: case 48: | 0 |
173 | return("excluded subtree violation"); never executed: return("excluded subtree violation"); | 0 |
174 | case X509_V_ERR_SUBTREE_MINMAX: never executed: case 49: | 0 |
175 | return("name constraints minimum and maximum not supported"); never executed: return("name constraints minimum and maximum not supported"); | 0 |
176 | case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: never executed: case 51: | 0 |
177 | return("unsupported name constraint type"); never executed: return("unsupported name constraint type"); | 0 |
178 | case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: never executed: case 52: | 0 |
179 | return("unsupported or invalid name constraint syntax"); never executed: return("unsupported or invalid name constraint syntax"); | 0 |
180 | case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: never executed: case 53: | 0 |
181 | return("unsupported or invalid name syntax"); never executed: return("unsupported or invalid name syntax"); | 0 |
182 | case X509_V_ERR_CRL_PATH_VALIDATION_ERROR: never executed: case 54: | 0 |
183 | return("CRL path validation error"); never executed: return("CRL path validation error"); | 0 |
184 | - | |
185 | default: never executed: default: | 0 |
186 | (void) snprintf(buf, sizeof buf, "error number %ld", n); | - |
187 | return(buf); never executed: return(buf); | 0 |
188 | } | - |
189 | } | - |
Source code | Switch to Preprocessed file |