OpenCoverage

x_crl.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/x509/x_crl.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* -

3 * -

4 * Licensed under the OpenSSL license (the "License"). You may not use -

5 * this file except in compliance with the License. You can obtain a copy -

6 * in the file LICENSE in the source distribution or at -

7 * https://www.openssl.org/source/license.html -

8 */ -

9 -

10 #include <stdio.h> -

11 #include "internal/cryptlib.h" -

12 #include <openssl/asn1t.h> -

13 #include <openssl/x509.h> -

14 #include "internal/x509_int.h" -

15 #include <openssl/x509v3.h> -

16 #include "x509_lcl.h" -

17 -

18 static int X509_REVOKED_cmp(const X509_REVOKED *const *a, -

19 const X509_REVOKED *const *b); -

20 static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); -

21 -

22 ASN1_SEQUENCE(X509_REVOKED) = { -

23 ASN1_EMBED(X509_REVOKED,serialNumber, ASN1_INTEGER), -

24 ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME), -

25 ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) -

26 } ASN1_SEQUENCE_END(X509_REVOKED) -

27 -

28 static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r); -

29 static int def_crl_lookup(X509_CRL *crl, -

30 X509_REVOKED **ret, ASN1_INTEGER *serial, -

31 X509_NAME *issuer); -

32 -

33 static X509_CRL_METHOD int_crl_meth = { -

34 0, -

35 0, 0, -

36 def_crl_lookup, -

37 def_crl_verify -

38 }; -

39 -

40 static const X509_CRL_METHOD *default_crl_method = &int_crl_meth; -

41 -

42 /* -

43 * The X509_CRL_INFO structure needs a bit of customisation. Since we cache -

44 * the original encoding the signature won't be affected by reordering of the -

45 * revoked field. -

46 */ -

47 static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, -

48 void *exarg) -

49 { -

50 X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; -

51 -

if (!a || !a->revoked)

!a	Description
TRUE	evaluated 2962 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 233918 times by 1 test Evaluated by: libcrypto.so.1.1

!a->revoked	Description
TRUE	evaluated 228338 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 5580 times by 1 test Evaluated by: libcrypto.so.1.1

2962-233918

return 1;

executed 231300 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

231300

54 switch (operation) { -

55 /* -

56 * Just set cmp function here. We don't sort because that would -

57 * affect the output of X509_CRL_print(). -

58 */ -

case ASN1_OP_D2I_POST:

executed 2745 times by 1 test: case 5:

Executed by:

libcrypto.so.1.1

2745

60 (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp); -

break;

executed 2745 times by 1 test: break;

Executed by:

libcrypto.so.1.1

2745

62 } -

return 1;

executed 5580 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

5580

64 } -

65 -

66 -

67 ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = { -

68 ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER), -

69 ASN1_EMBED(X509_CRL_INFO, sig_alg, X509_ALGOR), -

70 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME), -

71 ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME), -

72 ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME), -

73 ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED), -

74 ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0) -

75 } ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO) -

76 -

77 /* -

78 * Set CRL entry issuer according to CRL certificate issuer extension. Check -

79 * for unhandled critical CRL entry extensions. -

80 */ -

81 -

82 static int crl_set_issuers(X509_CRL *crl) -

83 { -

84 -

85 int i, j; -

86 GENERAL_NAMES *gens, *gtmp; -

87 STACK_OF(X509_REVOKED) *revoked; -

88 -

89 revoked = X509_CRL_get_REVOKED(crl); -

90 -

91 gens = NULL; -

for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {

i < sk_X509_RE...D_num(revoked)	Description
TRUE	evaluated 14717 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 32581 times by 1 test Evaluated by: libcrypto.so.1.1

14717-32581

93 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i); -

94 STACK_OF(X509_EXTENSION) *exts; -

95 ASN1_ENUMERATED *reason; -

96 X509_EXTENSION *ext; -

97 gtmp = X509_REVOKED_get_ext_d2i(rev, -

98 NID_certificate_issuer, &j, NULL); -

if (!gtmp && (j != -1)) {

!gtmp	Description
TRUE	evaluated 13740 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 977 times by 1 test Evaluated by: libcrypto.so.1.1

(j != -1)	Description
TRUE	evaluated 1281 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 12459 times by 1 test Evaluated by: libcrypto.so.1.1

977-13740

100 crl->flags |= EXFLAG_INVALID; -

101

return 1;

executed 1281 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

1281

102 } -

103 -

104

if (gtmp) {

gtmp	Description
TRUE	evaluated 977 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 12459 times by 1 test Evaluated by: libcrypto.so.1.1

977-12459

105 gens = gtmp; -

106

if (!crl->issuers) {

!crl->issuers	Description
TRUE	evaluated 163 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 814 times by 1 test Evaluated by: libcrypto.so.1.1

163-814

107 crl->issuers = sk_GENERAL_NAMES_new_null(); -

108

if (!crl->issuers)

!crl->issuers	Description
TRUE	never evaluated
FALSE	evaluated 163 times by 1 test Evaluated by: libcrypto.so.1.1

0-163

109

return 0;

never executed: return 0;

110

}

executed 163 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

163

111

if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))

!sk_GENERAL_NA...issuers, gtmp)	Description
TRUE	never evaluated
FALSE	evaluated 977 times by 1 test Evaluated by: libcrypto.so.1.1

0-977

112

return 0;

never executed: return 0;

113

}

executed 977 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

977

114 rev->issuer = gens; -

115 -

116 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &j, NULL); -

117

if (!reason && (j != -1)) {

!reason	Description
TRUE	evaluated 10059 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 3377 times by 1 test Evaluated by: libcrypto.so.1.1

(j != -1)	Description
TRUE	evaluated 492 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9567 times by 1 test Evaluated by: libcrypto.so.1.1

492-10059

118 crl->flags |= EXFLAG_INVALID; -

119

return 1;

executed 492 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

492

120 } -

121 -

122

if (reason) {

reason	Description
TRUE	evaluated 3377 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9567 times by 1 test Evaluated by: libcrypto.so.1.1

3377-9567

123 rev->reason = ASN1_ENUMERATED_get(reason); -

124 ASN1_ENUMERATED_free(reason); -

125

} else

executed 3377 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

3377

126

rev->reason = CRL_REASON_NONE;

executed 9567 times by 1 test: rev->reason = -1;

Executed by:

libcrypto.so.1.1

9567

127 -

128 /* Check for critical CRL entry extensions */ -

129 -

130 exts = rev->extensions; -

131 -

132

for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {

j < sk_X509_EX...SION_num(exts)	Description
TRUE	evaluated 5909 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 10689 times by 1 test Evaluated by: libcrypto.so.1.1

5909-10689

133 ext = sk_X509_EXTENSION_value(exts, j); -

134

if (X509_EXTENSION_get_critical(ext)) {

X509_EXTENSION..._critical(ext)	Description
TRUE	evaluated 2949 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2960 times by 1 test Evaluated by: libcrypto.so.1.1

2949-2960

135

if (OBJ_obj2nid(X509_EXTENSION_get_object(ext)) == NID_certificate_issuer)

OBJ_obj2nid(X5...t(ext)) == 771	Description
TRUE	evaluated 694 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 2255 times by 1 test Evaluated by: libcrypto.so.1.1

694-2255

136

continue;

executed 694 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

694

137 crl->flags |= EXFLAG_CRITICAL; -

138

break;

executed 2255 times by 1 test: break;

Executed by:

libcrypto.so.1.1

2255

139 } -

140

}

executed 2960 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

2960

141 -

142

}

executed 12944 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

12944

143 -

144

return 1;

executed 32581 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

32581

145 -

146 } -

147 -

148 /* -

149 * The X509_CRL structure needs a bit of customisation. Cache some extensions -

150 * and hash of the whole CRL. -

151 */ -

152 static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, -

153 void *exarg) -

154 { -

155 X509_CRL *crl = (X509_CRL *)*pval; -

156 STACK_OF(X509_EXTENSION) *exts; -

157 X509_EXTENSION *ext; -

158 int idx; -

159 -

160 switch (operation) { -

161

case ASN1_OP_NEW_POST:

executed 38050 times by 1 test: case 1:

Executed by:

libcrypto.so.1.1

38050

162 crl->idp = NULL; -

163 crl->akid = NULL; -

164 crl->flags = 0; -

165 crl->idp_flags = 0; -

166 crl->idp_reasons = CRLDP_ALL_REASONS; -

167 crl->meth = default_crl_method; -

168 crl->meth_data = NULL; -

169 crl->issuers = NULL; -

170 crl->crl_number = NULL; -

171 crl->base_crl_number = NULL; -

172

break;

executed 38050 times by 1 test: break;

Executed by:

libcrypto.so.1.1

38050

173 -

174

case ASN1_OP_D2I_POST:

executed 34354 times by 1 test: case 5:

Executed by:

libcrypto.so.1.1

34354

175 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); -

176 crl->idp = X509_CRL_get_ext_d2i(crl, -

177 NID_issuing_distribution_point, NULL, -

178 NULL); -

179

if (crl->idp)

crl->idp	Description
TRUE	evaluated 9609 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 24745 times by 1 test Evaluated by: libcrypto.so.1.1

9609-24745

180

setup_idp(crl, crl->idp);

executed 9609 times by 1 test: setup_idp(crl, crl->idp);

Executed by:

libcrypto.so.1.1

9609

181 -

182 crl->akid = X509_CRL_get_ext_d2i(crl, -

183 NID_authority_key_identifier, NULL, -

184 NULL); -

185 -

186 crl->crl_number = X509_CRL_get_ext_d2i(crl, -

187 NID_crl_number, NULL, NULL); -

188 -

189 crl->base_crl_number = X509_CRL_get_ext_d2i(crl, -

190 NID_delta_crl, NULL, -

191 NULL); -

192 /* Delta CRLs must have CRL number */ -

193

if (crl->base_crl_number && !crl->crl_number)

crl->base_crl_number	Description
TRUE	evaluated 883 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33471 times by 1 test Evaluated by: libcrypto.so.1.1

!crl->crl_number	Description
TRUE	evaluated 398 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 485 times by 1 test Evaluated by: libcrypto.so.1.1

398-33471

194

crl->flags |= EXFLAG_INVALID;

executed 398 times by 1 test: crl->flags |= 0x80;

Executed by:

libcrypto.so.1.1

398

195 -

196 /* -

197 * See if we have any unhandled critical CRL extensions and indicate -

198 * this in a flag. We only currently handle IDP so anything else -

199 * critical sets the flag. This code accesses the X509_CRL structure -

200 * directly: applications shouldn't do this. -

201 */ -

202 -

203 exts = crl->crl.extensions; -

204 -

205

for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {

idx < sk_X509_...SION_num(exts)	Description
TRUE	evaluated 69211 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 33868 times by 1 test Evaluated by: libcrypto.so.1.1

33868-69211

206 int nid; -

207 ext = sk_X509_EXTENSION_value(exts, idx); -

208 nid = OBJ_obj2nid(X509_EXTENSION_get_object(ext)); -

209

if (nid == NID_freshest_crl)

nid == 857	Description
TRUE	evaluated 2728 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 66483 times by 1 test Evaluated by: libcrypto.so.1.1

2728-66483

210

crl->flags |= EXFLAG_FRESHEST;

executed 2728 times by 1 test: crl->flags |= 0x1000;

Executed by:

libcrypto.so.1.1

2728

211

if (X509_EXTENSION_get_critical(ext)) {

X509_EXTENSION..._critical(ext)	Description
TRUE	evaluated 3094 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 66117 times by 1 test Evaluated by: libcrypto.so.1.1

3094-66117

212 /* We handle IDP and deltas */ -

213

if ((nid == NID_issuing_distribution_point)

(nid == 770)	Description
TRUE	evaluated 1190 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1904 times by 1 test Evaluated by: libcrypto.so.1.1

1190-1904

214

|| (nid == NID_authority_key_identifier)

(nid == 90)	Description
TRUE	evaluated 836 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1068 times by 1 test Evaluated by: libcrypto.so.1.1

836-1068

215

|| (nid == NID_delta_crl))

(nid == 140)	Description
TRUE	evaluated 582 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 486 times by 1 test Evaluated by: libcrypto.so.1.1

486-582

216

continue;

executed 2608 times by 1 test: continue;

Executed by:

libcrypto.so.1.1

2608

217 crl->flags |= EXFLAG_CRITICAL; -

218

break;

executed 486 times by 1 test: break;

Executed by:

libcrypto.so.1.1

486

219 } -

220

}

executed 66117 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

66117

221 -

222

if (!crl_set_issuers(crl))

!crl_set_issuers(crl)	Description
TRUE	never evaluated
FALSE	evaluated 34354 times by 1 test Evaluated by: libcrypto.so.1.1

0-34354

223

return 0;

never executed: return 0;

224 -

225

if (crl->meth->crl_init) {

crl->meth->crl_init	Description
TRUE	never evaluated
FALSE	evaluated 34354 times by 1 test Evaluated by: libcrypto.so.1.1

0-34354

226

if (crl->meth->crl_init(crl) == 0)

crl->meth->crl_init(crl) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

227

return 0;

never executed: return 0;

228

}

never executed: end of block

229 -

230 crl->flags |= EXFLAG_SET; -

231

break;

executed 34354 times by 1 test: break;

Executed by:

libcrypto.so.1.1

34354

232 -

233

case ASN1_OP_FREE_POST:

executed 38050 times by 1 test: case 3:

Executed by:

libcrypto.so.1.1

38050

234

if (crl->meth->crl_free) {

crl->meth->crl_free	Description
TRUE	never evaluated
FALSE	evaluated 38050 times by 1 test Evaluated by: libcrypto.so.1.1

0-38050

235

if (!crl->meth->crl_free(crl))

!crl->meth->crl_free(crl)	Description
TRUE	never evaluated
FALSE	never evaluated

236

return 0;

never executed: return 0;

237

}

never executed: end of block

238 AUTHORITY_KEYID_free(crl->akid); -

239 ISSUING_DIST_POINT_free(crl->idp); -

240 ASN1_INTEGER_free(crl->crl_number); -

241 ASN1_INTEGER_free(crl->base_crl_number); -

242 sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free); -

243

break;

executed 38050 times by 1 test: break;

Executed by:

libcrypto.so.1.1

38050

244 } -

245

return 1;

executed 333946 times by 1 test: return 1;

Executed by:

libcrypto.so.1.1

333946

246 } -

247 -

248 /* Convert IDP into a more convenient form */ -

249 -

250 static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) -

251 { -

252 int idp_only = 0; -

253 /* Set various flags according to IDP */ -

254 crl->idp_flags |= IDP_PRESENT; -

255

if (idp->onlyuser > 0) {

idp->onlyuser > 0	Description
TRUE	evaluated 398 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9211 times by 1 test Evaluated by: libcrypto.so.1.1

398-9211

256 idp_only++; -

257 crl->idp_flags |= IDP_ONLYUSER; -

258

}

executed 398 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

398

259

if (idp->onlyCA > 0) {

idp->onlyCA > 0	Description
TRUE	evaluated 390 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9219 times by 1 test Evaluated by: libcrypto.so.1.1

390-9219

260 idp_only++; -

261 crl->idp_flags |= IDP_ONLYCA; -

262

}

executed 390 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

390

263

if (idp->onlyattr > 0) {

idp->onlyattr > 0	Description
TRUE	evaluated 401 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9208 times by 1 test Evaluated by: libcrypto.so.1.1

401-9208

264 idp_only++; -

265 crl->idp_flags |= IDP_ONLYATTR; -

266

}

executed 401 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

401

267 -

268

if (idp_only > 1)

idp_only > 1	Description
TRUE	evaluated 398 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9211 times by 1 test Evaluated by: libcrypto.so.1.1

398-9211

269

crl->idp_flags |= IDP_INVALID;

executed 398 times by 1 test: crl->idp_flags |= 0x2;

Executed by:

libcrypto.so.1.1

398

270 -

271

if (idp->indirectCRL > 0)

idp->indirectCRL > 0	Description
TRUE	evaluated 399 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 9210 times by 1 test Evaluated by: libcrypto.so.1.1

399-9210

272

crl->idp_flags |= IDP_INDIRECT;

executed 399 times by 1 test: crl->idp_flags |= 0x20;

Executed by:

libcrypto.so.1.1

399

273 -

274

if (idp->onlysomereasons) {

idp->onlysomereasons	Description
TRUE	evaluated 1042 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 8567 times by 1 test Evaluated by: libcrypto.so.1.1

1042-8567

275 crl->idp_flags |= IDP_REASONS; -

276

if (idp->onlysomereasons->length > 0)

idp->onlysomer...ns->length > 0	Description
TRUE	evaluated 653 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 389 times by 1 test Evaluated by: libcrypto.so.1.1

389-653

277

crl->idp_reasons = idp->onlysomereasons->data[0];

executed 653 times by 1 test: crl->idp_reasons = idp->onlysomereasons->data[0];

Executed by:

libcrypto.so.1.1

653

278

if (idp->onlysomereasons->length > 1)

idp->onlysomer...ns->length > 1	Description
TRUE	evaluated 390 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 652 times by 1 test Evaluated by: libcrypto.so.1.1

390-652

279

crl->idp_reasons |= (idp->onlysomereasons->data[1] << 8);

executed 390 times by 1 test: crl->idp_reasons |= (idp->onlysomereasons->data[1] << 8);

Executed by:

libcrypto.so.1.1

390

280 crl->idp_reasons &= CRLDP_ALL_REASONS; -

281

}

executed 1042 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

1042

282 -

283 DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); -

284

}

executed 9609 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

9609

285 -

286 ASN1_SEQUENCE_ref(X509_CRL, crl_cb) = { -

287 ASN1_EMBED(X509_CRL, crl, X509_CRL_INFO), -

288 ASN1_EMBED(X509_CRL, sig_alg, X509_ALGOR), -

289 ASN1_EMBED(X509_CRL, signature, ASN1_BIT_STRING) -

290 } ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL) -

291 -

292

IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)

never executed: end of block

never executed: return (X509_REVOKED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(X509_REVOKED_it)));

never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(X509_REVOKED_it)));

never executed: return (X509_REVOKED *)ASN1_item_new((&(X509_REVOKED_it)));

293 -

294

IMPLEMENT_ASN1_DUP_FUNCTION(X509_REVOKED)

never executed: return ASN1_item_dup((&(X509_REVOKED_it)), x);

295 -

296

IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)

never executed: end of block

never executed: return (X509_CRL_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(X509_CRL_INFO_it)));

never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(X509_CRL_INFO_it)));

never executed: return (X509_CRL_INFO *)ASN1_item_new((&(X509_CRL_INFO_it)));

297 -

298

IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)

executed 3617 times by 1 test: end of block

Executed by:

libcrypto.so.1.1

executed 2076 times by 1 test: return (X509_CRL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(X509_CRL_it)));

Executed by:

libcrypto.so.1.1

executed 1846 times by 1 test: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(X509_CRL_it)));

Executed by:

libcrypto.so.1.1

never executed: return (X509_CRL *)ASN1_item_new((&(X509_CRL_it)));

0-3617

299 -

300

IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)

never executed: return ASN1_item_dup((&(X509_CRL_it)), x);

301 -

302 static int X509_REVOKED_cmp(const X509_REVOKED *const *a, -

303 const X509_REVOKED *const *b) -

304 { -

305

return (ASN1_STRING_cmp((ASN1_STRING *)&(*a)->serialNumber,

executed 1 time by 1 test: return (ASN1_STRING_cmp((ASN1_STRING *)&(*a)->serialNumber, (ASN1_STRING *)&(*b)->serialNumber));

Executed by:

libcrypto.so.1.1

306

(ASN1_STRING *)&(*b)->serialNumber));

executed 1 time by 1 test: return (ASN1_STRING_cmp((ASN1_STRING *)&(*a)->serialNumber, (ASN1_STRING *)&(*b)->serialNumber));

Executed by:

libcrypto.so.1.1

307 } -

308 -

309 int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) -

310 { -

311 X509_CRL_INFO *inf; -

312 -

313 inf = &crl->crl; -

314

if (inf->revoked == NULL)

inf->revoked == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

315

inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);

never executed: inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);

316

if (inf->revoked == NULL || !sk_X509_REVOKED_push(inf->revoked, rev)) {

inf->revoked == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

!sk_X509_REVOK...>revoked, rev)	Description
TRUE	never evaluated
FALSE	never evaluated

317 ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE); -

318

return 0;

never executed: return 0;

319 } -

320 inf->enc.modified = 1; -

321

return 1;

never executed: return 1;

322 } -

323 -

324 int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r) -

325 { -

326

if (crl->meth->crl_verify)

crl->meth->crl_verify	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-5

327

return crl->meth->crl_verify(crl, r);

executed 5 times by 1 test: return crl->meth->crl_verify(crl, r);

Executed by:

libcrypto.so.1.1

328

return 0;

never executed: return 0;

329 } -

330 -

331 int X509_CRL_get0_by_serial(X509_CRL *crl, -

332 X509_REVOKED **ret, ASN1_INTEGER *serial) -

333 { -

334

if (crl->meth->crl_lookup)

crl->meth->crl_lookup	Description
TRUE	never evaluated
FALSE	never evaluated

335

return crl->meth->crl_lookup(crl, ret, serial, NULL);

never executed: return crl->meth->crl_lookup(crl, ret, serial, ((void *)0) );

336

return 0;

never executed: return 0;

337 } -

338 -

339 int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x) -

340 { -

341

if (crl->meth->crl_lookup)

crl->meth->crl_lookup	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-3

342

return crl->meth->crl_lookup(crl, ret,

executed 3 times by 1 test: return crl->meth->crl_lookup(crl, ret, X509_get_serialNumber(x), X509_get_issuer_name(x));

Executed by:

libcrypto.so.1.1

343

X509_get_serialNumber(x),

executed 3 times by 1 test: return crl->meth->crl_lookup(crl, ret, X509_get_serialNumber(x), X509_get_issuer_name(x));

Executed by:

libcrypto.so.1.1

344

X509_get_issuer_name(x));

executed 3 times by 1 test: return crl->meth->crl_lookup(crl, ret, X509_get_serialNumber(x), X509_get_issuer_name(x));

Executed by:

libcrypto.so.1.1

345

return 0;

never executed: return 0;

346 } -

347 -

348 static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r) -

349 { -

350

return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),

executed 5 times by 1 test: return (ASN1_item_verify((&(X509_CRL_INFO_it)), &crl->sig_alg, &crl->signature, &crl->crl, r));

Executed by:

libcrypto.so.1.1

351

&crl->sig_alg, &crl->signature, &crl->crl, r));

executed 5 times by 1 test: return (ASN1_item_verify((&(X509_CRL_INFO_it)), &crl->sig_alg, &crl->signature, &crl->crl, r));

Executed by:

libcrypto.so.1.1

352 } -

353 -

354 static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, -

355 X509_REVOKED *rev) -

356 { -

357 int i; -

358 -

359

if (!rev->issuer) {

!rev->issuer	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

360

if (!nm)

!nm	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

0-1

361

return 1;

never executed: return 1;

362

if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))

!X509_NAME_cmp...t_issuer(crl))	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

363

return 1;

executed 1 time by 1 test: return 1;

Executed by:

libcrypto.so.1.1

364

return 0;

never executed: return 0;

365 } -

366 -

367

if (!nm)

!nm	Description
TRUE	never evaluated
FALSE	never evaluated

368

nm = X509_CRL_get_issuer(crl);

never executed: nm = X509_CRL_get_issuer(crl);

369 -

370

for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {

i < sk_GENERAL...m(rev->issuer)	Description
TRUE	never evaluated
FALSE	never evaluated

371 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); -

372

if (gen->type != GEN_DIRNAME)

gen->type != 4	Description
TRUE	never evaluated
FALSE	never evaluated

373

continue;

never executed: continue;

374

if (!X509_NAME_cmp(nm, gen->d.directoryName))

!X509_NAME_cmp...directoryName)	Description
TRUE	never evaluated
FALSE	never evaluated

375

return 1;

never executed: return 1;

376

}

never executed: end of block

377

return 0;

never executed: return 0;

378 -

379 } -

380 -

381 static int def_crl_lookup(X509_CRL *crl, -

382 X509_REVOKED **ret, ASN1_INTEGER *serial, -

383 X509_NAME *issuer) -

384 { -

385 X509_REVOKED rtmp, *rev; -

386 int idx, num; -

387 -

388

if (crl->crl.revoked == NULL)

crl->crl.revok...== ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libcrypto.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

1-2

389

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libcrypto.so.1.1

390 -

391 /* -

392 * Sort revoked into serial number order if not already sorted. Do this -

393 * under a lock to avoid race condition. -

394 */ -

395

if (!sk_X509_REVOKED_is_sorted(crl->crl.revoked)) {

!sk_X509_REVOK...->crl.revoked)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

396 CRYPTO_THREAD_write_lock(crl->lock); -

397 sk_X509_REVOKED_sort(crl->crl.revoked); -

398 CRYPTO_THREAD_unlock(crl->lock); -

399

}

executed 1 time by 1 test: end of block

Executed by:

libcrypto.so.1.1

400 rtmp.serialNumber = *serial; -

401 idx = sk_X509_REVOKED_find(crl->crl.revoked, &rtmp); -

402

if (idx < 0)

idx < 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

0-1

403

return 0;

never executed: return 0;

404 /* Need to look for matching name */ -

405

for (num = sk_X509_REVOKED_num(crl->crl.revoked); idx < num; idx++) {

idx < num	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

406 rev = sk_X509_REVOKED_value(crl->crl.revoked, idx); -

407

if (ASN1_INTEGER_cmp(&rev->serialNumber, serial))

ASN1_INTEGER_c...umber, serial)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

0-1

408

return 0;

never executed: return 0;

409

if (crl_revoked_issuer_match(crl, issuer, rev)) {

crl_revoked_is..., issuer, rev)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

410

if (ret)

ret	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1
FALSE	never evaluated

0-1

411

*ret = rev;

executed 1 time by 1 test: *ret = rev;

Executed by:

libcrypto.so.1.1

412

if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)

rev->reason == 8	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libcrypto.so.1.1

0-1

413

return 2;

never executed: return 2;

414

return 1;

executed 1 time by 1 test: return 1;

Executed by:

libcrypto.so.1.1

415 } -

416

}

never executed: end of block

417

return 0;

never executed: return 0;

418 } -

419 -

420 void X509_CRL_set_default_method(const X509_CRL_METHOD *meth) -

421 { -

422

if (meth == NULL)

meth == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

423

default_crl_method = &int_crl_meth;

never executed: default_crl_method = &int_crl_meth;

424 else -

425

default_crl_method = meth;

never executed: default_crl_method = meth;

426 } -

427 -

428 X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl), -

429 int (*crl_free) (X509_CRL *crl), -

430 int (*crl_lookup) (X509_CRL *crl, -

431 X509_REVOKED **ret, -

432 ASN1_INTEGER *ser, -

433 X509_NAME *issuer), -

434 int (*crl_verify) (X509_CRL *crl, -

435 EVP_PKEY *pk)) -

436 { -

437 X509_CRL_METHOD *m = OPENSSL_malloc(sizeof(*m)); -

438 -

439

if (m == NULL) {

m == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

440 X509err(X509_F_X509_CRL_METHOD_NEW, ERR_R_MALLOC_FAILURE); -

441

return NULL;

never executed: return ((void *)0) ;

442 } -

443 m->crl_init = crl_init; -

444 m->crl_free = crl_free; -

445 m->crl_lookup = crl_lookup; -

446 m->crl_verify = crl_verify; -

447 m->flags = X509_CRL_METHOD_DYNAMIC; -

448

return m;

never executed: return m;

449 } -

450 -

451 void X509_CRL_METHOD_free(X509_CRL_METHOD *m) -

452 { -

453

if (m == NULL || !(m->flags & X509_CRL_METHOD_DYNAMIC))

m == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

!(m->flags & 1)	Description
TRUE	never evaluated
FALSE	never evaluated

454

return;

never executed: return;

455 OPENSSL_free(m); -

456

}

never executed: end of block

457 -

458 void X509_CRL_set_meth_data(X509_CRL *crl, void *dat) -

459 { -

460 crl->meth_data = dat; -

461

}

never executed: end of block

462 -

463 void *X509_CRL_get_meth_data(X509_CRL *crl) -

464 { -

465

return crl->meth_data;

never executed: return crl->meth_data;

466 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2