OpenCoverage

loader_file.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/store/loader_file.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10#include "e_os.h"-
11#include <string.h>-
12#include <sys/stat.h>-
13#include <ctype.h>-
14#include <assert.h>-
15-
16#include <openssl/bio.h>-
17#include <openssl/dsa.h> /* For d2i_DSAPrivateKey */-
18#include <openssl/err.h>-
19#include <openssl/evp.h>-
20#include <openssl/pem.h>-
21#include <openssl/pkcs12.h> /* For the PKCS8 stuff o.O */-
22#include <openssl/rsa.h> /* For d2i_RSAPrivateKey */-
23#include <openssl/safestack.h>-
24#include <openssl/store.h>-
25#include <openssl/ui.h>-
26#include <openssl/x509.h> /* For the PKCS8 stuff o.O */-
27#include "internal/asn1_int.h"-
28#include "internal/ctype.h"-
29#include "internal/o_dir.h"-
30#include "internal/cryptlib.h"-
31#include "internal/store_int.h"-
32#include "store_locl.h"-
33-
34#ifdef _WIN32-
35# define stat _stat-
36#endif-
37-
38#ifndef S_ISDIR-
39# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)-
40#endif-
41-
42/*--
43 * Password prompting-
44 * -------------------
45 */-
46-
47static char *file_get_pass(const UI_METHOD *ui_method, char *pass,-
48 size_t maxsize, const char *prompt_info, void *data)-
49{-
50 UI *ui = UI_new();-
51 char *prompt = NULL;-
52-
53 if (ui == NULL) {
ui == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
54 OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_MALLOC_FAILURE);-
55 return NULL;
never executed: return ((void *)0) ;
0
56 }-
57-
58 if (ui_method != NULL)
ui_method != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
59 UI_set_method(ui, ui_method);
never executed: UI_set_method(ui, ui_method);
0
60 UI_add_user_data(ui, data);-
61-
62 if ((prompt = UI_construct_prompt(ui, "pass phrase",
(prompt = UI_c...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
63 prompt_info)) == NULL) {
(prompt = UI_c...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
64 OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_MALLOC_FAILURE);-
65 pass = NULL;-
66 } else if (!UI_add_input_string(ui, prompt, UI_INPUT_FLAG_DEFAULT_PWD,
never executed: end of block
!UI_add_input_..., maxsize - 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
67 pass, 0, maxsize - 1)) {
!UI_add_input_..., maxsize - 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
68 OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_UI_LIB);-
69 pass = NULL;-
70 } else {
never executed: end of block
0
71 switch (UI_process(ui)) {-
72 case -2:
never executed: case -2:
0
73 OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS,-
74 OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED);-
75 pass = NULL;-
76 break;
never executed: break;
0
77 case -1:
never executed: case -1:
0
78 OSSL_STOREerr(OSSL_STORE_F_FILE_GET_PASS, ERR_R_UI_LIB);-
79 pass = NULL;-
80 break;
never executed: break;
0
81 default:
never executed: default:
0
82 break;
never executed: break;
0
83 }-
84 }-
85-
86 OPENSSL_free(prompt);-
87 UI_free(ui);-
88 return pass;
never executed: return pass;
0
89}-
90-
91struct pem_pass_data {-
92 const UI_METHOD *ui_method;-
93 void *data;-
94 const char *prompt_info;-
95};-
96-
97static int file_fill_pem_pass_data(struct pem_pass_data *pass_data,-
98 const char *prompt_info,-
99 const UI_METHOD *ui_method, void *ui_data)-
100{-
101 if (pass_data == NULL)
pass_data == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
102 return 0;
never executed: return 0;
0
103 pass_data->ui_method = ui_method;-
104 pass_data->data = ui_data;-
105 pass_data->prompt_info = prompt_info;-
106 return 1;
never executed: return 1;
0
107}-
108-
109/* This is used anywhere a pem_password_cb is needed */-
110static int file_get_pem_pass(char *buf, int num, int w, void *data)-
111{-
112 struct pem_pass_data *pass_data = data;-
113 char *pass = file_get_pass(pass_data->ui_method, buf, num,-
114 pass_data->prompt_info, pass_data->data);-
115-
116 return pass == NULL ? 0 : strlen(pass);
never executed: return pass == ((void *)0) ? 0 : strlen(pass);
pass == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
117}-
118-
119/*--
120 * The file scheme decoders-
121 * -------------------------
122 *-
123 * Each possible data type has its own decoder, which either operates-
124 * through a given PEM name, or attempts to decode to see if the blob-
125 * it's given is decodable for its data type. The assumption is that-
126 * only the correct data type will match the content.-
127 */-
128-
129/*--
130 * The try_decode function is called to check if the blob of data can-
131 * be used by this handler, and if it can, decodes it into a supported-
132 * OpenSSL type and returns a OSSL_STORE_INFO with the decoded data.-
133 * Input:-
134 * pem_name: If this blob comes from a PEM file, this holds-
135 * the PEM name. If it comes from another type of-
136 * file, this is NULL.-
137 * pem_header: If this blob comes from a PEM file, this holds-
138 * the PEM headers. If it comes from another type of-
139 * file, this is NULL.-
140 * blob: The blob of data to match with what this handler-
141 * can use.-
142 * len: The length of the blob.-
143 * handler_ctx: For a handler marked repeatable, this pointer can-
144 * be used to create a context for the handler. IT IS-
145 * THE HANDLER'S RESPONSIBILITY TO CREATE AND DESTROY-
146 * THIS CONTEXT APPROPRIATELY, i.e. create on first call-
147 * and destroy when about to return NULL.-
148 * matchcount: A pointer to an int to count matches for this data.-
149 * Usually becomes 0 (no match) or 1 (match!), but may-
150 * be higher in the (unlikely) event that the data matches-
151 * more than one possibility. The int will always be-
152 * zero when the function is called.-
153 * ui_method: Application UI method for getting a password, pin-
154 * or any other interactive data.-
155 * ui_data: Application data to be passed to ui_method when-
156 * it's called.-
157 * Output:-
158 * a OSSL_STORE_INFO-
159 */-
160typedef OSSL_STORE_INFO *(*file_try_decode_fn)(const char *pem_name,-
161 const char *pem_header,-
162 const unsigned char *blob,-
163 size_t len, void **handler_ctx,-
164 int *matchcount,-
165 const UI_METHOD *ui_method,-
166 void *ui_data);-
167/*-
168 * The eof function should return 1 if there's no more data to be found-
169 * with the handler_ctx, otherwise 0. This is only used when the handler is-
170 * marked repeatable.-
171 */-
172typedef int (*file_eof_fn)(void *handler_ctx);-
173/*-
174 * The destroy_ctx function is used to destroy the handler_ctx that was-
175 * intiated by a repeatable try_decode fuction. This is only used when-
176 * the handler is marked repeatable.-
177 */-
178typedef void (*file_destroy_ctx_fn)(void **handler_ctx);-
179-
180typedef struct file_handler_st {-
181 const char *name;-
182 file_try_decode_fn try_decode;-
183 file_eof_fn eof;-
184 file_destroy_ctx_fn destroy_ctx;-
185-
186 /* flags */-
187 int repeatable;-
188} FILE_HANDLER;-
189-
190/*-
191 * PKCS#12 decoder. It operates by decoding all of the blob content,-
192 * extracting all the interesting data from it and storing them internally,-
193 * then serving them one piece at a time.-
194 */-
195static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name,-
196 const char *pem_header,-
197 const unsigned char *blob,-
198 size_t len, void **pctx,-
199 int *matchcount,-
200 const UI_METHOD *ui_method,-
201 void *ui_data)-
202{-
203 OSSL_STORE_INFO *store_info = NULL;-
204 STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;-
205-
206 if (ctx == NULL) {
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
207 /* Initial parsing */-
208 PKCS12 *p12;-
209 int ok = 0;-
210-
211 if (pem_name != NULL)
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
212 /* No match, there is no PEM PKCS12 tag */-
213 return NULL;
never executed: return ((void *)0) ;
0
214-
215 if ((p12 = d2i_PKCS12(NULL, &blob, len)) != NULL) {
(p12 = d2i_PKC...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
216 char *pass = NULL;-
217 char tpass[PEM_BUFSIZE];-
218 EVP_PKEY *pkey = NULL;-
219 X509 *cert = NULL;-
220 STACK_OF(X509) *chain = NULL;-
221-
222 *matchcount = 1;-
223-
224 if (PKCS12_verify_mac(p12, "", 0)
PKCS12_verify_mac(p12, "", 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
225 || PKCS12_verify_mac(p12, NULL, 0)) {
PKCS12_verify_...void *)0) , 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
226 pass = "";-
227 } else {
never executed: end of block
0
228 if ((pass = file_get_pass(ui_method, tpass, PEM_BUFSIZE,
(pass = file_g...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
229 "PKCS12 import password",
(pass = file_g...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
230 ui_data)) == NULL) {
(pass = file_g...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
231 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS12,-
232 OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR);-
233 goto p12_end;
never executed: goto p12_end;
0
234 }-
235 if (!PKCS12_verify_mac(p12, pass, strlen(pass))) {
!PKCS12_verify... strlen(pass))Description
TRUEnever evaluated
FALSEnever evaluated
0
236 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS12,-
237 OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC);-
238 goto p12_end;
never executed: goto p12_end;
0
239 }-
240 }
never executed: end of block
0
241-
242 if (PKCS12_parse(p12, pass, &pkey, &cert, &chain)) {
PKCS12_parse(p...&cert, &chain)Description
TRUEnever evaluated
FALSEnever evaluated
0
243 OSSL_STORE_INFO *osi_pkey = NULL;-
244 OSSL_STORE_INFO *osi_cert = NULL;-
245 OSSL_STORE_INFO *osi_ca = NULL;-
246-
247 if ((ctx = sk_OSSL_STORE_INFO_new_null()) != NULL
(ctx = sk_OSSL...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
248 && (osi_pkey = OSSL_STORE_INFO_new_PKEY(pkey)) != NULL
(osi_pkey = OS...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
249 && sk_OSSL_STORE_INFO_push(ctx, osi_pkey) != 0
sk_OSSL_STORE_...osi_pkey) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
250 && (osi_cert = OSSL_STORE_INFO_new_CERT(cert)) != NULL
(osi_cert = OS...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
251 && sk_OSSL_STORE_INFO_push(ctx, osi_cert) != 0) {
sk_OSSL_STORE_...osi_cert) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
252 ok = 1;-
253 osi_pkey = NULL;-
254 osi_cert = NULL;-
255-
256 while(sk_X509_num(chain) > 0) {
sk_X509_num(chain) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
257 X509 *ca = sk_X509_value(chain, 0);-
258-
259 if ((osi_ca = OSSL_STORE_INFO_new_CERT(ca)) == NULL
(osi_ca = OSSL...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
260 || sk_OSSL_STORE_INFO_push(ctx, osi_ca) == 0) {
sk_OSSL_STORE_..., osi_ca) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
261 ok = 0;-
262 break;
never executed: break;
0
263 }-
264 osi_ca = NULL;-
265 (void)sk_X509_shift(chain);-
266 }
never executed: end of block
0
267 }
never executed: end of block
0
268 if (!ok) {
!okDescription
TRUEnever evaluated
FALSEnever evaluated
0
269 OSSL_STORE_INFO_free(osi_ca);-
270 OSSL_STORE_INFO_free(osi_cert);-
271 OSSL_STORE_INFO_free(osi_pkey);-
272 sk_OSSL_STORE_INFO_pop_free(ctx, OSSL_STORE_INFO_free);-
273 EVP_PKEY_free(pkey);-
274 X509_free(cert);-
275 sk_X509_pop_free(chain, X509_free);-
276 ctx = NULL;-
277 }
never executed: end of block
0
278 *pctx = ctx;-
279 }
never executed: end of block
0
280 }
never executed: end of block
0
281 p12_end:
code before this statement never executed: p12_end:
0
282 PKCS12_free(p12);-
283 if (!ok)
!okDescription
TRUEnever evaluated
FALSEnever evaluated
0
284 return NULL;
never executed: return ((void *)0) ;
0
285 }
never executed: end of block
0
286-
287 if (ctx != NULL) {
ctx != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
288 *matchcount = 1;-
289 store_info = sk_OSSL_STORE_INFO_shift(ctx);-
290 }
never executed: end of block
0
291-
292 return store_info;
never executed: return store_info;
0
293}-
294-
295static int eof_PKCS12(void *ctx_)-
296{-
297 STACK_OF(OSSL_STORE_INFO) *ctx = ctx_;-
298-
299 return ctx == NULL || sk_OSSL_STORE_INFO_num(ctx) == 0;
never executed: return ctx == ((void *)0) || sk_OSSL_STORE_INFO_num(ctx) == 0;
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
sk_OSSL_STORE_..._num(ctx) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
300}-
301-
302static void destroy_ctx_PKCS12(void **pctx)-
303{-
304 STACK_OF(OSSL_STORE_INFO) *ctx = *pctx;-
305-
306 sk_OSSL_STORE_INFO_pop_free(ctx, OSSL_STORE_INFO_free);-
307 *pctx = NULL;-
308}
never executed: end of block
0
309-
310static FILE_HANDLER PKCS12_handler = {-
311 "PKCS12",-
312 try_decode_PKCS12,-
313 eof_PKCS12,-
314 destroy_ctx_PKCS12,-
315 1 /* repeatable */-
316};-
317-
318/*-
319 * Encrypted PKCS#8 decoder. It operates by just decrypting the given blob-
320 * into a new blob, which is returned as an EMBEDDED STORE_INFO. The whole-
321 * decoding process will then start over with the new blob.-
322 */-
323static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name,-
324 const char *pem_header,-
325 const unsigned char *blob,-
326 size_t len, void **pctx,-
327 int *matchcount,-
328 const UI_METHOD *ui_method,-
329 void *ui_data)-
330{-
331 X509_SIG *p8 = NULL;-
332 char kbuf[PEM_BUFSIZE];-
333 char *pass = NULL;-
334 const X509_ALGOR *dalg = NULL;-
335 const ASN1_OCTET_STRING *doct = NULL;-
336 OSSL_STORE_INFO *store_info = NULL;-
337 BUF_MEM *mem = NULL;-
338 unsigned char *new_data = NULL;-
339 int new_data_len;-
340-
341 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
342 if (strcmp(pem_name, PEM_STRING_PKCS8) != 0)
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "ENCRYPTED PRIVATE KEY" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
343 return NULL;
never executed: return ((void *)0) ;
0
344 *matchcount = 1;-
345 }
never executed: end of block
0
346-
347 if ((p8 = d2i_X509_SIG(NULL, &blob, len)) == NULL)
(p8 = d2i_X509...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
348 return NULL;
never executed: return ((void *)0) ;
0
349-
350 *matchcount = 1;-
351-
352 if ((mem = BUF_MEM_new()) == NULL) {
(mem = BUF_MEM...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
353 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,-
354 ERR_R_MALLOC_FAILURE);-
355 goto nop8;
never executed: goto nop8;
0
356 }-
357-
358 if ((pass = file_get_pass(ui_method, kbuf, PEM_BUFSIZE,
(pass = file_g...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
359 "PKCS8 decrypt password", ui_data)) == NULL) {
(pass = file_g...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
360 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,-
361 OSSL_STORE_R_BAD_PASSWORD_READ);-
362 goto nop8;
never executed: goto nop8;
0
363 }-
364-
365 X509_SIG_get0(p8, &dalg, &doct);-
366 if (!PKCS12_pbe_crypt(dalg, pass, strlen(pass), doct->data, doct->length,
!PKCS12_pbe_cr...w_data_len, 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
367 &new_data, &new_data_len, 0))
!PKCS12_pbe_cr...w_data_len, 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
368 goto nop8;
never executed: goto nop8;
0
369-
370 mem->data = (char *)new_data;-
371 mem->max = mem->length = (size_t)new_data_len;-
372 X509_SIG_free(p8);-
373-
374 store_info = ossl_store_info_new_EMBEDDED(PEM_STRING_PKCS8INF, mem);-
375 if (store_info == NULL) {
store_info == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
376 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED,-
377 ERR_R_MALLOC_FAILURE);-
378 goto nop8;
never executed: goto nop8;
0
379 }-
380-
381 return store_info;
never executed: return store_info;
0
382 nop8:-
383 X509_SIG_free(p8);-
384 BUF_MEM_free(mem);-
385 return NULL;
never executed: return ((void *)0) ;
0
386}-
387-
388static FILE_HANDLER PKCS8Encrypted_handler = {-
389 "PKCS8Encrypted",-
390 try_decode_PKCS8Encrypted-
391};-
392-
393/*-
394 * Private key decoder. Decodes all sorts of private keys, both PKCS#8-
395 * encoded ones and old style PEM ones (with the key type is encoded into-
396 * the PEM name).-
397 */-
398int pem_check_suffix(const char *pem_str, const char *suffix);-
399static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name,-
400 const char *pem_header,-
401 const unsigned char *blob,-
402 size_t len, void **pctx,-
403 int *matchcount,-
404 const UI_METHOD *ui_method,-
405 void *ui_data)-
406{-
407 OSSL_STORE_INFO *store_info = NULL;-
408 EVP_PKEY *pkey = NULL;-
409 const EVP_PKEY_ASN1_METHOD *ameth = NULL;-
410-
411 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
412 if (strcmp(pem_name, PEM_STRING_PKCS8INF) == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "PRIVATE KEY" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
413 PKCS8_PRIV_KEY_INFO *p8inf =-
414 d2i_PKCS8_PRIV_KEY_INFO(NULL, &blob, len);-
415-
416 *matchcount = 1;-
417 if (p8inf != NULL)
p8inf != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
418 pkey = EVP_PKCS82PKEY(p8inf);
never executed: pkey = EVP_PKCS82PKEY(p8inf);
0
419 PKCS8_PRIV_KEY_INFO_free(p8inf);-
420 } else {
never executed: end of block
0
421 int slen;-
422-
423 if ((slen = pem_check_suffix(pem_name, "PRIVATE KEY")) > 0
(slen = pem_ch...ATE KEY")) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
424 && (ameth = EVP_PKEY_asn1_find_str(NULL, pem_name,
(ameth = EVP_P...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
425 slen)) != NULL) {
(ameth = EVP_P...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
426 *matchcount = 1;-
427 pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &blob, len);-
428 }
never executed: end of block
0
429 }
never executed: end of block
0
430 } else {-
431 int i;-
432-
433 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
i < EVP_PKEY_asn1_get_count()Description
TRUEnever evaluated
FALSEnever evaluated
0
434 EVP_PKEY *tmp_pkey = NULL;-
435 const unsigned char *tmp_blob = blob;-
436-
437 ameth = EVP_PKEY_asn1_get0(i);-
438 if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
ameth->pkey_flags & 0x1Description
TRUEnever evaluated
FALSEnever evaluated
0
439 continue;
never executed: continue;
0
440-
441 tmp_pkey = d2i_PrivateKey(ameth->pkey_id, NULL, &tmp_blob, len);-
442 if (tmp_pkey != NULL) {
tmp_pkey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
443 if (pkey != NULL)
pkey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
444 EVP_PKEY_free(tmp_pkey);
never executed: EVP_PKEY_free(tmp_pkey);
0
445 else-
446 pkey = tmp_pkey;
never executed: pkey = tmp_pkey;
0
447 (*matchcount)++;-
448 }
never executed: end of block
0
449 }
never executed: end of block
0
450-
451 if (*matchcount > 1) {
*matchcount > 1Description
TRUEnever evaluated
FALSEnever evaluated
0
452 EVP_PKEY_free(pkey);-
453 pkey = NULL;-
454 }
never executed: end of block
0
455 }
never executed: end of block
0
456 if (pkey == NULL)
pkey == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
457 /* No match */-
458 return NULL;
never executed: return ((void *)0) ;
0
459-
460 store_info = OSSL_STORE_INFO_new_PKEY(pkey);-
461 if (store_info == NULL)
store_info == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
462 EVP_PKEY_free(pkey);
never executed: EVP_PKEY_free(pkey);
0
463-
464 return store_info;
never executed: return store_info;
0
465}-
466-
467static FILE_HANDLER PrivateKey_handler = {-
468 "PrivateKey",-
469 try_decode_PrivateKey-
470};-
471-
472/*-
473 * Public key decoder. Only supports SubjectPublicKeyInfo formated keys.-
474 */-
475static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,-
476 const char *pem_header,-
477 const unsigned char *blob,-
478 size_t len, void **pctx,-
479 int *matchcount,-
480 const UI_METHOD *ui_method,-
481 void *ui_data)-
482{-
483 OSSL_STORE_INFO *store_info = NULL;-
484 EVP_PKEY *pkey = NULL;-
485-
486 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
487 if (strcmp(pem_name, PEM_STRING_PUBLIC) != 0)
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "PUBLIC KEY" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
488 /* No match */-
489 return NULL;
never executed: return ((void *)0) ;
0
490 *matchcount = 1;-
491 }
never executed: end of block
0
492-
493 if ((pkey = d2i_PUBKEY(NULL, &blob, len)) != NULL) {
(pkey = d2i_PU...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
494 *matchcount = 1;-
495 store_info = OSSL_STORE_INFO_new_PKEY(pkey);-
496 }
never executed: end of block
0
497-
498 return store_info;
never executed: return store_info;
0
499}-
500-
501static FILE_HANDLER PUBKEY_handler = {-
502 "PUBKEY",-
503 try_decode_PUBKEY-
504};-
505-
506/*-
507 * Key parameter decoder.-
508 */-
509static OSSL_STORE_INFO *try_decode_params(const char *pem_name,-
510 const char *pem_header,-
511 const unsigned char *blob,-
512 size_t len, void **pctx,-
513 int *matchcount,-
514 const UI_METHOD *ui_method,-
515 void *ui_data)-
516{-
517 OSSL_STORE_INFO *store_info = NULL;-
518 int slen = 0;-
519 EVP_PKEY *pkey = NULL;-
520 const EVP_PKEY_ASN1_METHOD *ameth = NULL;-
521 int ok = 0;-
522-
523 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
524 if ((slen = pem_check_suffix(pem_name, "PARAMETERS")) == 0)
(slen = pem_ch...METERS")) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
525 return NULL;
never executed: return ((void *)0) ;
0
526 *matchcount = 1;-
527 }
never executed: end of block
0
528-
529 if (slen > 0) {
slen > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
530 if ((pkey = EVP_PKEY_new()) == NULL) {
(pkey = EVP_PK...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
531 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);-
532 return NULL;
never executed: return ((void *)0) ;
0
533 }-
534-
535-
536 if (EVP_PKEY_set_type_str(pkey, pem_name, slen)
EVP_PKEY_set_t...em_name, slen)Description
TRUEnever evaluated
FALSEnever evaluated
0
537 && (ameth = EVP_PKEY_get0_asn1(pkey)) != NULL
(ameth = EVP_P...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
538 && ameth->param_decode != NULL
ameth->param_d...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
539 && ameth->param_decode(pkey, &blob, len))
ameth->param_d...y, &blob, len)Description
TRUEnever evaluated
FALSEnever evaluated
0
540 ok = 1;
never executed: ok = 1;
0
541 } else {
never executed: end of block
0
542 int i;-
543 EVP_PKEY *tmp_pkey = NULL;-
544-
545 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
i < EVP_PKEY_asn1_get_count()Description
TRUEnever evaluated
FALSEnever evaluated
0
546 const unsigned char *tmp_blob = blob;-
547-
548 if (tmp_pkey == NULL && (tmp_pkey = EVP_PKEY_new()) == NULL) {
tmp_pkey == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
(tmp_pkey = EV...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
549 OSSL_STOREerr(OSSL_STORE_F_TRY_DECODE_PARAMS, ERR_R_EVP_LIB);-
550 break;
never executed: break;
0
551 }-
552-
553 ameth = EVP_PKEY_asn1_get0(i);-
554 if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
ameth->pkey_flags & 0x1Description
TRUEnever evaluated
FALSEnever evaluated
0
555 continue;
never executed: continue;
0
556-
557 if (EVP_PKEY_set_type(tmp_pkey, ameth->pkey_id)
EVP_PKEY_set_t...meth->pkey_id)Description
TRUEnever evaluated
FALSEnever evaluated
0
558 && (ameth = EVP_PKEY_get0_asn1(tmp_pkey)) != NULL
(ameth = EVP_P...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
559 && ameth->param_decode != NULL
ameth->param_d...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
560 && ameth->param_decode(tmp_pkey, &tmp_blob, len)) {
ameth->param_d...tmp_blob, len)Description
TRUEnever evaluated
FALSEnever evaluated
0
561 if (pkey != NULL)
pkey != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
562 EVP_PKEY_free(tmp_pkey);
never executed: EVP_PKEY_free(tmp_pkey);
0
563 else-
564 pkey = tmp_pkey;
never executed: pkey = tmp_pkey;
0
565 tmp_pkey = NULL;-
566 (*matchcount)++;-
567 }
never executed: end of block
0
568 }
never executed: end of block
0
569-
570 EVP_PKEY_free(tmp_pkey);-
571 if (*matchcount == 1) {
*matchcount == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
572 ok = 1;-
573 }
never executed: end of block
0
574 }
never executed: end of block
0
575-
576 if (ok)
okDescription
TRUEnever evaluated
FALSEnever evaluated
0
577 store_info = OSSL_STORE_INFO_new_PARAMS(pkey);
never executed: store_info = OSSL_STORE_INFO_new_PARAMS(pkey);
0
578 if (store_info == NULL)
store_info == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
579 EVP_PKEY_free(pkey);
never executed: EVP_PKEY_free(pkey);
0
580-
581 return store_info;
never executed: return store_info;
0
582}-
583-
584static FILE_HANDLER params_handler = {-
585 "params",-
586 try_decode_params-
587};-
588-
589/*-
590 * X.509 certificate decoder.-
591 */-
592static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name,-
593 const char *pem_header,-
594 const unsigned char *blob,-
595 size_t len, void **pctx,-
596 int *matchcount,-
597 const UI_METHOD *ui_method,-
598 void *ui_data)-
599{-
600 OSSL_STORE_INFO *store_info = NULL;-
601 X509 *cert = NULL;-
602-
603 /*-
604 * In most cases, we can try to interpret the serialized data as a trusted-
605 * cert (X509 + X509_AUX) and fall back to reading it as a normal cert-
606 * (just X509), but if the PEM name specifically declares it as a trusted-
607 * cert, then no fallback should be engaged. |ignore_trusted| tells if-
608 * the fallback can be used (1) or not (0).-
609 */-
610 int ignore_trusted = 1;-
611-
612 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
613 if (strcmp(pem_name, PEM_STRING_X509_TRUSTED) == 0)
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "TRUSTED CERTIFICATE" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
614 ignore_trusted = 0;
never executed: ignore_trusted = 0;
0
615 else if (strcmp(pem_name, PEM_STRING_X509_OLD) != 0
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "X509 CERTIFICATE" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
616 && strcmp(pem_name, PEM_STRING_X509) != 0)
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "CERTIFICATE" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
617 /* No match */-
618 return NULL;
never executed: return ((void *)0) ;
0
619 *matchcount = 1;-
620 }
never executed: end of block
0
621-
622 if ((cert = d2i_X509_AUX(NULL, &blob, len)) != NULL
(cert = d2i_X5...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
623 || (ignore_trusted && (cert = d2i_X509(NULL, &blob, len)) != NULL)) {
ignore_trustedDescription
TRUEnever evaluated
FALSEnever evaluated
(cert = d2i_X5...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
624 *matchcount = 1;-
625 store_info = OSSL_STORE_INFO_new_CERT(cert);-
626 }
never executed: end of block
0
627-
628 if (store_info == NULL)
store_info == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
629 X509_free(cert);
never executed: X509_free(cert);
0
630-
631 return store_info;
never executed: return store_info;
0
632}-
633-
634static FILE_HANDLER X509Certificate_handler = {-
635 "X509Certificate",-
636 try_decode_X509Certificate-
637};-
638-
639/*-
640 * X.509 CRL decoder.-
641 */-
642static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name,-
643 const char *pem_header,-
644 const unsigned char *blob,-
645 size_t len, void **pctx,-
646 int *matchcount,-
647 const UI_METHOD *ui_method,-
648 void *ui_data)-
649{-
650 OSSL_STORE_INFO *store_info = NULL;-
651 X509_CRL *crl = NULL;-
652-
653 if (pem_name != NULL) {
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
654 if (strcmp(pem_name, PEM_STRING_X509_CRL) != 0)
never executed: __result = (((const unsigned char *) (const char *) ( pem_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "X509 CRL" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
655 /* No match */-
656 return NULL;
never executed: return ((void *)0) ;
0
657 *matchcount = 1;-
658 }
never executed: end of block
0
659-
660 if ((crl = d2i_X509_CRL(NULL, &blob, len)) != NULL) {
(crl = d2i_X50...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
661 *matchcount = 1;-
662 store_info = OSSL_STORE_INFO_new_CRL(crl);-
663 }
never executed: end of block
0
664-
665 if (store_info == NULL)
store_info == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
666 X509_CRL_free(crl);
never executed: X509_CRL_free(crl);
0
667-
668 return store_info;
never executed: return store_info;
0
669}-
670-
671static FILE_HANDLER X509CRL_handler = {-
672 "X509CRL",-
673 try_decode_X509CRL-
674};-
675-
676/*-
677 * To finish it all off, we collect all the handlers.-
678 */-
679static const FILE_HANDLER *file_handlers[] = {-
680 &PKCS12_handler,-
681 &PKCS8Encrypted_handler,-
682 &X509Certificate_handler,-
683 &X509CRL_handler,-
684 &params_handler,-
685 &PUBKEY_handler,-
686 &PrivateKey_handler,-
687};-
688-
689-
690/*--
691 * The loader itself-
692 * ------------------
693 */-
694-
695struct ossl_store_loader_ctx_st {-
696 enum {-
697 is_raw = 0,-
698 is_pem,-
699 is_dir-
700 } type;-
701 int errcnt;-
702#define FILE_FLAG_SECMEM (1<<0)-
703 unsigned int flags;-
704 union {-
705 struct { /* Used with is_raw and is_pem */-
706 BIO *file;-
707-
708 /*-
709 * The following are used when the handler is marked as-
710 * repeatable-
711 */-
712 const FILE_HANDLER *last_handler;-
713 void *last_handler_ctx;-
714 } file;-
715 struct { /* Used with is_dir */-
716 OPENSSL_DIR_CTX *ctx;-
717 int end_reached;-
718 char *uri;-
719-
720 /*-
721 * When a search expression is given, these are filled in.-
722 * |search_name| contains the file basename to look for.-
723 * The string is exactly 8 characters long.-
724 */-
725 char search_name[9];-
726-
727 /*-
728 * The directory reading utility we have combines opening with-
729 * reading the first name. To make sure we can detect the end-
730 * at the right time, we read early and cache the name.-
731 */-
732 const char *last_entry;-
733 int last_errno;-
734 } dir;-
735 } _;-
736-
737 /* Expected object type. May be unspecified */-
738 int expected_type;-
739};-
740-
741static void OSSL_STORE_LOADER_CTX_free(OSSL_STORE_LOADER_CTX *ctx)-
742{-
743 if (ctx->type == is_dir) {
ctx->type == is_dirDescription
TRUEnever evaluated
FALSEnever evaluated
0
744 OPENSSL_free(ctx->_.dir.uri);-
745 } else {
never executed: end of block
0
746 if (ctx->_.file.last_handler != NULL) {
ctx->_.file.la...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
747 ctx->_.file.last_handler->destroy_ctx(&ctx->_.file.last_handler_ctx);-
748 ctx->_.file.last_handler_ctx = NULL;-
749 ctx->_.file.last_handler = NULL;-
750 }
never executed: end of block
0
751 }
never executed: end of block
0
752 OPENSSL_free(ctx);-
753}
never executed: end of block
0
754-
755static OSSL_STORE_LOADER_CTX *file_open(const OSSL_STORE_LOADER *loader,-
756 const char *uri,-
757 const UI_METHOD *ui_method,-
758 void *ui_data)-
759{-
760 OSSL_STORE_LOADER_CTX *ctx = NULL;-
761 struct stat st;-
762 struct {-
763 const char *path;-
764 unsigned int check_absolute:1;-
765 } path_data[2];-
766 size_t path_data_n = 0, i;-
767 const char *path;-
768-
769 /*-
770 * First step, just take the URI as is.-
771 */-
772 path_data[path_data_n].check_absolute = 0;-
773 path_data[path_data_n++].path = uri;-
774-
775 /*-
776 * Second step, if the URI appears to start with the 'file' scheme,-
777 * extract the path and make that the second path to check.-
778 * There's a special case if the URI also contains an authority, then-
779 * the full URI shouldn't be used as a path anywhere.-
780 */-
781 if (strncasecmp(uri, "file:", 5) == 0) {
strncasecmp(ur...ile:", 5) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
782 const char *p = &uri[5];-
783-
784 if (strncmp(&uri[5], "//", 2) == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( &uri[5] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "//" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 2 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 2 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( &uri[5] )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( &uri[...size_t) ( 2 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( "//" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "//" ...size_t) ( 2 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
785 path_data_n--; /* Invalidate using the full URI */-
786 if (strncasecmp(&uri[7], "localhost/", 10) == 0) {
strncasecmp(&u...st/", 10) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
787 p = &uri[16];-
788 } else if (uri[7] == '/') {
never executed: end of block
uri[7] == '/'Description
TRUEnever evaluated
FALSEnever evaluated
0
789 p = &uri[7];-
790 } else {
never executed: end of block
0
791 OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN,-
792 OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED);-
793 return NULL;
never executed: return ((void *)0) ;
0
794 }-
795 }-
796-
797 path_data[path_data_n].check_absolute = 1;-
798#ifdef _WIN32-
799 /* Windows file: URIs with a drive letter start with a / */-
800 if (p[0] == '/' && p[2] == ':' && p[3] == '/') {-
801 char c = ossl_tolower(p[1]);-
802-
803 if (c >= 'a' && c <= 'z') {-
804 p++;-
805 /* We know it's absolute, so no need to check */-
806 path_data[path_data_n].check_absolute = 0;-
807 }-
808 }-
809#endif-
810 path_data[path_data_n++].path = p;-
811 }
never executed: end of block
0
812-
813-
814 for (i = 0, path = NULL; path == NULL && i < path_data_n; i++) {
path == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
i < path_data_nDescription
TRUEnever evaluated
FALSEnever evaluated
0
815 /*-
816 * If the scheme "file" was an explicit part of the URI, the path must-
817 * be absolute. So says RFC 8089-
818 */-
819 if (path_data[i].check_absolute && path_data[i].path[0] != '/') {
path_data[i].check_absoluteDescription
TRUEnever evaluated
FALSEnever evaluated
path_data[i].path[0] != '/'Description
TRUEnever evaluated
FALSEnever evaluated
0
820 OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN,-
821 OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE);-
822 ERR_add_error_data(1, path_data[i].path);-
823 return NULL;
never executed: return ((void *)0) ;
0
824 }-
825-
826 if (stat(path_data[i].path, &st) < 0) {
stat(path_data...path, &st) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
827 SYSerr(SYS_F_STAT, errno);-
828 ERR_add_error_data(1, path_data[i].path);-
829 } else {
never executed: end of block
0
830 path = path_data[i].path;-
831 }
never executed: end of block
0
832 }-
833 if (path == NULL) {
path == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
834 return NULL;
never executed: return ((void *)0) ;
0
835 }-
836-
837 /* Successfully found a working path, clear possible collected errors */-
838 ERR_clear_error();-
839-
840 ctx = OPENSSL_zalloc(sizeof(*ctx));-
841 if (ctx == NULL) {
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
842 OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN, ERR_R_MALLOC_FAILURE);-
843 return NULL;
never executed: return ((void *)0) ;
0
844 }-
845-
846 if (S_ISDIR(st.st_mode)) {
(((( st.st_mod... == (0040000))Description
TRUEnever evaluated
FALSEnever evaluated
0
847 /*-
848 * Try to copy everything, even if we know that some of them must be-
849 * NULL for the moment. This prevents errors in the future, when more-
850 * components may be used.-
851 */-
852 ctx->_.dir.uri = OPENSSL_strdup(uri);-
853 ctx->type = is_dir;-
854-
855 if (ctx->_.dir.uri == NULL)
ctx->_.dir.uri == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
856 goto err;
never executed: goto err;
0
857-
858 ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, path);-
859 ctx->_.dir.last_errno = errno;-
860 if (ctx->_.dir.last_entry == NULL) {
ctx->_.dir.las...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
861 if (ctx->_.dir.last_errno != 0) {
ctx->_.dir.last_errno != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
862 char errbuf[256];-
863 errno = ctx->_.dir.last_errno;-
864 openssl_strerror_r(errno, errbuf, sizeof(errbuf));-
865 OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN, ERR_R_SYS_LIB);-
866 ERR_add_error_data(1, errbuf);-
867 goto err;
never executed: goto err;
0
868 }-
869 ctx->_.dir.end_reached = 1;-
870 }
never executed: end of block
0
871 } else {
never executed: end of block
0
872 BIO *buff = NULL;-
873 char peekbuf[4096] = { 0, };-
874-
875 if ((buff = BIO_new(BIO_f_buffer())) == NULL
(buff = BIO_ne...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
876 || (ctx->_.file.file = BIO_new_file(path, "rb")) == NULL) {
(ctx->_.file.f...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
877 BIO_free_all(buff);-
878 goto err;
never executed: goto err;
0
879 }-
880-
881 ctx->_.file.file = BIO_push(buff, ctx->_.file.file);-
882 if (BIO_buffer_peek(ctx->_.file.file, peekbuf, sizeof(peekbuf) - 1) > 0) {
BIO_ctrl(ctx->...(peekbuf)) > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
883 peekbuf[sizeof(peekbuf) - 1] = '\0';-
884 if (strstr(peekbuf, "-----BEGIN ") != NULL)
strstr(peekbuf...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
885 ctx->type = is_pem;
never executed: ctx->type = is_pem;
0
886 }
never executed: end of block
0
887 }
never executed: end of block
0
888-
889 return ctx;
never executed: return ctx;
0
890 err:-
891 OSSL_STORE_LOADER_CTX_free(ctx);-
892 return NULL;
never executed: return ((void *)0) ;
0
893}-
894-
895static int file_ctrl(OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args)-
896{-
897 int ret = 1;-
898-
899 switch (cmd) {-
900 case OSSL_STORE_C_USE_SECMEM:
never executed: case 1:
0
901 {-
902 int on = *(va_arg(args, int *));-
903-
904 switch (on) {-
905 case 0:
never executed: case 0:
0
906 ctx->flags &= ~FILE_FLAG_SECMEM;-
907 break;
never executed: break;
0
908 case 1:
never executed: case 1:
0
909 ctx->flags |= FILE_FLAG_SECMEM;-
910 break;
never executed: break;
0
911 default:
never executed: default:
0
912 OSSL_STOREerr(OSSL_STORE_F_FILE_CTRL,-
913 ERR_R_PASSED_INVALID_ARGUMENT);-
914 ret = 0;-
915 break;
never executed: break;
0
916 }-
917 }-
918 break;
never executed: break;
0
919 default:
never executed: default:
0
920 break;
never executed: break;
0
921 }-
922-
923 return ret;
never executed: return ret;
0
924}-
925-
926static int file_expect(OSSL_STORE_LOADER_CTX *ctx, int expected)-
927{-
928 ctx->expected_type = expected;-
929 return 1;
never executed: return 1;
0
930}-
931-
932static int file_find(OSSL_STORE_LOADER_CTX *ctx, OSSL_STORE_SEARCH *search)-
933{-
934 /*-
935 * If ctx == NULL, the library is looking to know if this loader supports-
936 * the given search type.-
937 */-
938-
939 if (OSSL_STORE_SEARCH_get_type(search) == OSSL_STORE_SEARCH_BY_NAME) {
OSSL_STORE_SEA...e(search) == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
940 unsigned long hash = 0;-
941-
942 if (ctx == NULL)
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
943 return 1;
never executed: return 1;
0
944-
945 if (ctx->type != is_dir) {
ctx->type != is_dirDescription
TRUEnever evaluated
FALSEnever evaluated
0
946 OSSL_STOREerr(OSSL_STORE_F_FILE_FIND,-
947 OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES);-
948 return 0;
never executed: return 0;
0
949 }-
950-
951 hash = X509_NAME_hash(OSSL_STORE_SEARCH_get0_name(search));-
952 BIO_snprintf(ctx->_.dir.search_name, sizeof(ctx->_.dir.search_name),-
953 "%08lx", hash);-
954 return 1;
never executed: return 1;
0
955 }-
956-
957 if (ctx != NULL)
ctx != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
958 OSSL_STOREerr(OSSL_STORE_F_FILE_FIND,
never executed: ERR_put_error(44,(138),(120),__FILE__,959) ;
0
959 OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE);
never executed: ERR_put_error(44,(138),(120),__FILE__,959) ;
0
960 return 0;
never executed: return 0;
0
961}-
962-
963/* Internal function to decode an already opened PEM file */-
964OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp)-
965{-
966 OSSL_STORE_LOADER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));-
967-
968 if (ctx == NULL) {
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
969 OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT,-
970 ERR_R_MALLOC_FAILURE);-
971 return NULL;
never executed: return ((void *)0) ;
0
972 }-
973-
974 ctx->_.file.file = bp;-
975 ctx->type = is_pem;-
976-
977 return ctx;
never executed: return ctx;
0
978}-
979-
980static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx,-
981 const char *pem_name,-
982 const char *pem_header,-
983 unsigned char *data, size_t len,-
984 const UI_METHOD *ui_method,-
985 void *ui_data, int *matchcount)-
986{-
987 OSSL_STORE_INFO *result = NULL;-
988 BUF_MEM *new_mem = NULL;-
989 char *new_pem_name = NULL;-
990 int t = 0;-
991-
992 again:
code before this statement never executed: again:
0
993 {-
994 size_t i = 0;-
995 void *handler_ctx = NULL;-
996 const FILE_HANDLER **matching_handlers =-
997 OPENSSL_zalloc(sizeof(*matching_handlers)-
998 * OSSL_NELEM(file_handlers));-
999-
1000 if (matching_handlers == NULL) {
matching_handl...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1001 OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD_TRY_DECODE,-
1002 ERR_R_MALLOC_FAILURE);-
1003 goto err;
never executed: goto err;
0
1004 }-
1005-
1006 *matchcount = 0;-
1007 for (i = 0; i < OSSL_NELEM(file_handlers); i++) {
i < (sizeof(fi...handlers)[0]))Description
TRUEnever evaluated
FALSEnever evaluated
0
1008 const FILE_HANDLER *handler = file_handlers[i];-
1009 int try_matchcount = 0;-
1010 void *tmp_handler_ctx = NULL;-
1011 OSSL_STORE_INFO *tmp_result =-
1012 handler->try_decode(pem_name, pem_header, data, len,-
1013 &tmp_handler_ctx, &try_matchcount,-
1014 ui_method, ui_data);-
1015-
1016 if (try_matchcount > 0) {
try_matchcount > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1017-
1018 matching_handlers[*matchcount] = handler;-
1019-
1020 if (handler_ctx)
handler_ctxDescription
TRUEnever evaluated
FALSEnever evaluated
0
1021 handler->destroy_ctx(&handler_ctx);
never executed: handler->destroy_ctx(&handler_ctx);
0
1022 handler_ctx = tmp_handler_ctx;-
1023-
1024 if ((*matchcount += try_matchcount) > 1) {
(*matchcount +...atchcount) > 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1025 /* more than one match => ambiguous, kill any result */-
1026 OSSL_STORE_INFO_free(result);-
1027 OSSL_STORE_INFO_free(tmp_result);-
1028 if (handler->destroy_ctx != NULL)
handler->destr...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1029 handler->destroy_ctx(&handler_ctx);
never executed: handler->destroy_ctx(&handler_ctx);
0
1030 handler_ctx = NULL;-
1031 tmp_result = NULL;-
1032 result = NULL;-
1033 }
never executed: end of block
0
1034 if (result == NULL)
result == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1035 result = tmp_result;
never executed: result = tmp_result;
0
1036 }
never executed: end of block
0
1037 }
never executed: end of block
0
1038-
1039 if (*matchcount == 1 && matching_handlers[0]->repeatable) {
*matchcount == 1Description
TRUEnever evaluated
FALSEnever evaluated
matching_handl...0]->repeatableDescription
TRUEnever evaluated
FALSEnever evaluated
0
1040 ctx->_.file.last_handler = matching_handlers[0];-
1041 ctx->_.file.last_handler_ctx = handler_ctx;-
1042 }
never executed: end of block
0
1043-
1044 OPENSSL_free(matching_handlers);-
1045 }-
1046-
1047 err:
code before this statement never executed: err:
0
1048 OPENSSL_free(new_pem_name);-
1049 BUF_MEM_free(new_mem);-
1050-
1051 if (result != NULL
result != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1052 && (t = OSSL_STORE_INFO_get_type(result)) == OSSL_STORE_INFO_EMBEDDED) {
(t = OSSL_STOR...result)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1053 pem_name = new_pem_name =-
1054 ossl_store_info_get0_EMBEDDED_pem_name(result);-
1055 new_mem = ossl_store_info_get0_EMBEDDED_buffer(result);-
1056 data = (unsigned char *)new_mem->data;-
1057 len = new_mem->length;-
1058 OPENSSL_free(result);-
1059 result = NULL;-
1060 goto again;
never executed: goto again;
0
1061 }-
1062-
1063 if (result != NULL)
result != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1064 ERR_clear_error();
never executed: ERR_clear_error();
0
1065-
1066 return result;
never executed: return result;
0
1067}-
1068-
1069static OSSL_STORE_INFO *file_load_try_repeat(OSSL_STORE_LOADER_CTX *ctx,-
1070 const UI_METHOD *ui_method,-
1071 void *ui_data)-
1072{-
1073 OSSL_STORE_INFO *result = NULL;-
1074 int try_matchcount = 0;-
1075-
1076 if (ctx->_.file.last_handler != NULL) {
ctx->_.file.la...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1077 result =-
1078 ctx->_.file.last_handler->try_decode(NULL, NULL, NULL, 0,-
1079 &ctx->_.file.last_handler_ctx,-
1080 &try_matchcount,-
1081 ui_method, ui_data);-
1082-
1083 if (result == NULL) {
result == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1084 ctx->_.file.last_handler->destroy_ctx(&ctx->_.file.last_handler_ctx);-
1085 ctx->_.file.last_handler_ctx = NULL;-
1086 ctx->_.file.last_handler = NULL;-
1087 }
never executed: end of block
0
1088 }
never executed: end of block
0
1089 return result;
never executed: return result;
0
1090}-
1091-
1092static void pem_free_flag(void *pem_data, int secure, size_t num)-
1093{-
1094 if (secure)
secureDescription
TRUEnever evaluated
FALSEnever evaluated
0
1095 OPENSSL_secure_clear_free(pem_data, num);
never executed: CRYPTO_secure_clear_free(pem_data, num, __FILE__, 1095);
0
1096 else-
1097 OPENSSL_free(pem_data);
never executed: CRYPTO_free(pem_data, __FILE__, 1097);
0
1098}-
1099static int file_read_pem(BIO *bp, char **pem_name, char **pem_header,-
1100 unsigned char **data, long *len,-
1101 const UI_METHOD *ui_method,-
1102 void *ui_data, int secure)-
1103{-
1104 int i = secure
secureDescription
TRUEnever evaluated
FALSEnever evaluated
0
1105 ? PEM_read_bio_ex(bp, pem_name, pem_header, data, len,-
1106 PEM_FLAG_SECURE | PEM_FLAG_EAY_COMPATIBLE)-
1107 : PEM_read_bio(bp, pem_name, pem_header, data, len);-
1108-
1109 if (i <= 0)
i <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1110 return 0;
never executed: return 0;
0
1111-
1112 /*-
1113 * 10 is the number of characters in "Proc-Type:", which-
1114 * PEM_get_EVP_CIPHER_INFO() requires to be present.-
1115 * If the PEM header has less characters than that, it's-
1116 * not worth spending cycles on it.-
1117 */-
1118 if (strlen(*pem_header) > 10) {
strlen(*pem_header) > 10Description
TRUEnever evaluated
FALSEnever evaluated
0
1119 EVP_CIPHER_INFO cipher;-
1120 struct pem_pass_data pass_data;-
1121-
1122 if (!PEM_get_EVP_CIPHER_INFO(*pem_header, &cipher)
!PEM_get_EVP_C...ader, &cipher)Description
TRUEnever evaluated
FALSEnever evaluated
0
1123 || !file_fill_pem_pass_data(&pass_data, "PEM", ui_method, ui_data)
!file_fill_pem...thod, ui_data)Description
TRUEnever evaluated
FALSEnever evaluated
0
1124 || !PEM_do_header(&cipher, *data, len, file_get_pem_pass,
!PEM_do_header...s, &pass_data)Description
TRUEnever evaluated
FALSEnever evaluated
0
1125 &pass_data)) {
!PEM_do_header...s, &pass_data)Description
TRUEnever evaluated
FALSEnever evaluated
0
1126 return 0;
never executed: return 0;
0
1127 }-
1128 }
never executed: end of block
0
1129 return 1;
never executed: return 1;
0
1130}-
1131-
1132static int file_read_asn1(BIO *bp, unsigned char **data, long *len)-
1133{-
1134 BUF_MEM *mem = NULL;-
1135-
1136 if (asn1_d2i_read_bio(bp, &mem) < 0)
asn1_d2i_read_...(bp, &mem) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1137 return 0;
never executed: return 0;
0
1138-
1139 *data = (unsigned char *)mem->data;-
1140 *len = (long)mem->length;-
1141 OPENSSL_free(mem);-
1142-
1143 return 1;
never executed: return 1;
0
1144}-
1145-
1146static int ends_with_dirsep(const char *uri)-
1147{-
1148 if (*uri != '\0')
*uri != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1149 uri += strlen(uri) - 1;
never executed: uri += strlen(uri) - 1;
0
1150#if defined __VMS-
1151 if (*uri == ']' || *uri == '>' || *uri == ':')-
1152 return 1;-
1153#elif defined _WIN32-
1154 if (*uri == '\\')-
1155 return 1;-
1156#endif-
1157 return *uri == '/';
never executed: return *uri == '/';
0
1158}-
1159-
1160static int file_name_to_uri(OSSL_STORE_LOADER_CTX *ctx, const char *name,-
1161 char **data)-
1162{-
1163 assert(name != NULL);-
1164 assert(data != NULL);-
1165 {-
1166 const char *pathsep = ends_with_dirsep(ctx->_.dir.uri) ? "" : "/";
ends_with_dirs...tx->_.dir.uri)Description
TRUEnever evaluated
FALSEnever evaluated
0
1167 long calculated_length = strlen(ctx->_.dir.uri) + strlen(pathsep)-
1168 + strlen(name) + 1 /* \0 */;-
1169-
1170 *data = OPENSSL_zalloc(calculated_length);-
1171 if (*data == NULL) {
*data == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1172 OSSL_STOREerr(OSSL_STORE_F_FILE_NAME_TO_URI, ERR_R_MALLOC_FAILURE);-
1173 return 0;
never executed: return 0;
0
1174 }-
1175-
1176 OPENSSL_strlcat(*data, ctx->_.dir.uri, calculated_length);-
1177 OPENSSL_strlcat(*data, pathsep, calculated_length);-
1178 OPENSSL_strlcat(*data, name, calculated_length);-
1179 }-
1180 return 1;
never executed: return 1;
0
1181}-
1182-
1183static int file_name_check(OSSL_STORE_LOADER_CTX *ctx, const char *name)-
1184{-
1185 const char *p = NULL;-
1186-
1187 /* If there are no search criteria, all names are accepted */-
1188 if (ctx->_.dir.search_name[0] == '\0')
ctx->_.dir.sea...ame[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1189 return 1;
never executed: return 1;
0
1190-
1191 /* If the expected type isn't supported, no name is accepted */-
1192 if (ctx->expected_type != 0
ctx->expected_type != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1193 && ctx->expected_type != OSSL_STORE_INFO_CERT
ctx->expected_type != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
1194 && ctx->expected_type != OSSL_STORE_INFO_CRL)
ctx->expected_type != 5Description
TRUEnever evaluated
FALSEnever evaluated
0
1195 return 0;
never executed: return 0;
0
1196-
1197 /*-
1198 * First, check the basename-
1199 */-
1200 if (strncasecmp(name, ctx->_.dir.search_name,
strncasecmp(na...ame) - 1) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1201 sizeof(ctx->_.dir.search_name) - 1) != 0
strncasecmp(na...ame) - 1) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1202 || name[sizeof(ctx->_.dir.search_name) - 1] != '.')
name[sizeof(ct...e) - 1] != '.'Description
TRUEnever evaluated
FALSEnever evaluated
0
1203 return 0;
never executed: return 0;
0
1204 p = &name[sizeof(ctx->_.dir.search_name)];-
1205-
1206 /*-
1207 * Then, if the expected type is a CRL, check that the extension starts-
1208 * with 'r'-
1209 */-
1210 if (*p == 'r') {
*p == 'r'Description
TRUEnever evaluated
FALSEnever evaluated
0
1211 p++;-
1212 if (ctx->expected_type != 0
ctx->expected_type != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1213 && ctx->expected_type != OSSL_STORE_INFO_CRL)
ctx->expected_type != 5Description
TRUEnever evaluated
FALSEnever evaluated
0
1214 return 0;
never executed: return 0;
0
1215 } else if (ctx->expected_type == OSSL_STORE_INFO_CRL) {
never executed: end of block
ctx->expected_type == 5Description
TRUEnever evaluated
FALSEnever evaluated
0
1216 return 0;
never executed: return 0;
0
1217 }-
1218-
1219 /*-
1220 * Last, check that the rest of the extension is a decimal number, at-
1221 * least one digit long.-
1222 */-
1223 if (!ossl_isdigit(*p))
!(ossl_ctype_check((*p), 0x4))Description
TRUEnever evaluated
FALSEnever evaluated
0
1224 return 0;
never executed: return 0;
0
1225 while (ossl_isdigit(*p))
(ossl_ctype_check((*p), 0x4))Description
TRUEnever evaluated
FALSEnever evaluated
0
1226 p++;
never executed: p++;
0
1227-
1228# ifdef __VMS-
1229 /*-
1230 * One extra step here, check for a possible generation number.-
1231 */-
1232 if (*p == ';')-
1233 for (p++; *p != '\0'; p++)-
1234 if (!ossl_isdigit(*p))-
1235 break;-
1236# endif-
1237-
1238 /*-
1239 * If we've reached the end of the string at this point, we've successfully-
1240 * found a fitting file name.-
1241 */-
1242 return *p == '\0';
never executed: return *p == '\0';
0
1243}-
1244-
1245static int file_eof(OSSL_STORE_LOADER_CTX *ctx);-
1246static int file_error(OSSL_STORE_LOADER_CTX *ctx);-
1247static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx,-
1248 const UI_METHOD *ui_method, void *ui_data)-
1249{-
1250 OSSL_STORE_INFO *result = NULL;-
1251-
1252 ctx->errcnt = 0;-
1253 ERR_clear_error();-
1254-
1255 if (ctx->type == is_dir) {
ctx->type == is_dirDescription
TRUEnever evaluated
FALSEnever evaluated
0
1256 do {-
1257 char *newname = NULL;-
1258-
1259 if (ctx->_.dir.last_entry == NULL) {
ctx->_.dir.las...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1260 if (!ctx->_.dir.end_reached) {
!ctx->_.dir.end_reachedDescription
TRUEnever evaluated
FALSEnever evaluated
0
1261 char errbuf[256];-
1262 assert(ctx->_.dir.last_errno != 0);-
1263 errno = ctx->_.dir.last_errno;-
1264 ctx->errcnt++;-
1265 openssl_strerror_r(errno, errbuf, sizeof(errbuf));-
1266 OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_SYS_LIB);-
1267 ERR_add_error_data(1, errbuf);-
1268 }
never executed: end of block
0
1269 return NULL;
never executed: return ((void *)0) ;
0
1270 }-
1271-
1272 if (ctx->_.dir.last_entry[0] != '.'
ctx->_.dir.las...ntry[0] != '.'Description
TRUEnever evaluated
FALSEnever evaluated
0
1273 && file_name_check(ctx, ctx->_.dir.last_entry)
file_name_chec...ir.last_entry)Description
TRUEnever evaluated
FALSEnever evaluated
0
1274 && !file_name_to_uri(ctx, ctx->_.dir.last_entry, &newname))
!file_name_to_...try, &newname)Description
TRUEnever evaluated
FALSEnever evaluated
0
1275 return NULL;
never executed: return ((void *)0) ;
0
1276-
1277 /*-
1278 * On the first call (with a NULL context), OPENSSL_DIR_read()-
1279 * cares about the second argument. On the following calls, it-
1280 * only cares that it isn't NULL. Therefore, we can safely give-
1281 * it our URI here.-
1282 */-
1283 ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx,-
1284 ctx->_.dir.uri);-
1285 ctx->_.dir.last_errno = errno;-
1286 if (ctx->_.dir.last_entry == NULL && ctx->_.dir.last_errno == 0)
ctx->_.dir.las...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ctx->_.dir.last_errno == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1287 ctx->_.dir.end_reached = 1;
never executed: ctx->_.dir.end_reached = 1;
0
1288-
1289 if (newname != NULL
newname != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1290 && (result = OSSL_STORE_INFO_new_NAME(newname)) == NULL) {
(result = OSSL...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1291 OPENSSL_free(newname);-
1292 OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_OSSL_STORE_LIB);-
1293 return NULL;
never executed: return ((void *)0) ;
0
1294 }-
1295 } while (result == NULL && !file_eof(ctx));
never executed: end of block
result == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
!file_eof(ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
1296 } else {
never executed: end of block
0
1297 int matchcount = -1;-
1298-
1299 again:
code before this statement never executed: again:
0
1300 result = file_load_try_repeat(ctx, ui_method, ui_data);-
1301 if (result != NULL)
result != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1302 return result;
never executed: return result;
0
1303-
1304 if (file_eof(ctx))
file_eof(ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
1305 return NULL;
never executed: return ((void *)0) ;
0
1306-
1307 do {-
1308 char *pem_name = NULL; /* PEM record name */-
1309 char *pem_header = NULL; /* PEM record header */-
1310 unsigned char *data = NULL; /* DER encoded data */-
1311 long len = 0; /* DER encoded data length */-
1312-
1313 matchcount = -1;-
1314 if (ctx->type == is_pem) {
ctx->type == is_pemDescription
TRUEnever evaluated
FALSEnever evaluated
0
1315 if (!file_read_pem(ctx->_.file.file, &pem_name, &pem_header,
!file_read_pem... (1<<0)) != 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1316 &data, &len, ui_method, ui_data,
!file_read_pem... (1<<0)) != 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1317 (ctx->flags & FILE_FLAG_SECMEM) != 0)) {
!file_read_pem... (1<<0)) != 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1318 ctx->errcnt++;-
1319 goto endloop;
never executed: goto endloop;
0
1320 }-
1321 } else {
never executed: end of block
0
1322 if (!file_read_asn1(ctx->_.file.file, &data, &len)) {
!file_read_asn..., &data, &len)Description
TRUEnever evaluated
FALSEnever evaluated
0
1323 ctx->errcnt++;-
1324 goto endloop;
never executed: goto endloop;
0
1325 }-
1326 }
never executed: end of block
0
1327-
1328 result = file_load_try_decode(ctx, pem_name, pem_header, data, len,-
1329 ui_method, ui_data, &matchcount);-
1330-
1331 if (result != NULL)
result != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1332 goto endloop;
never executed: goto endloop;
0
1333-
1334 /*-
1335 * If a PEM name matches more than one handler, the handlers are-
1336 * badly coded.-
1337 */-
1338 if (!ossl_assert(pem_name == NULL || matchcount <= 1)) {
!((pem_name ==...nt <= 1) != 0)Description
TRUEnever evaluated
FALSEnever evaluated
pem_name == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
matchcount <= 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1339 ctx->errcnt++;-
1340 goto endloop;
never executed: goto endloop;
0
1341 }-
1342-
1343 if (matchcount > 1) {
matchcount > 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1344 OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD,-
1345 OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE);-
1346 } else if (matchcount == 1) {
never executed: end of block
matchcount == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1347 /*-
1348 * If there are other errors on the stack, they already show-
1349 * what the problem is.-
1350 */-
1351 if (ERR_peek_error() == 0) {
ERR_peek_error() == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1352 OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD,-
1353 OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE);-
1354 if (pem_name != NULL)
pem_name != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1355 ERR_add_error_data(3, "PEM type is '", pem_name, "'");
never executed: ERR_add_error_data(3, "PEM type is '", pem_name, "'");
0
1356 }
never executed: end of block
0
1357 }
never executed: end of block
0
1358 if (matchcount > 0)
matchcount > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1359 ctx->errcnt++;
never executed: ctx->errcnt++;
0
1360-
1361 endloop:
code before this statement never executed: endloop:
0
1362 pem_free_flag(pem_name, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);-
1363 pem_free_flag(pem_header, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);-
1364 pem_free_flag(data, (ctx->flags & FILE_FLAG_SECMEM) != 0, len);-
1365 } while (matchcount == 0 && !file_eof(ctx) && !file_error(ctx));
never executed: end of block
matchcount == 0Description
TRUEnever evaluated
FALSEnever evaluated
!file_eof(ctx)Description
TRUEnever evaluated
FALSEnever evaluated
!file_error(ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
1366-
1367 /* We bail out on ambiguity */-
1368 if (matchcount > 1)
matchcount > 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1369 return NULL;
never executed: return ((void *)0) ;
0
1370-
1371 if (result != NULL
result != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1372 && ctx->expected_type != 0
ctx->expected_type != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1373 && ctx->expected_type != OSSL_STORE_INFO_get_type(result)) {
ctx->expected_...t_type(result)Description
TRUEnever evaluated
FALSEnever evaluated
0
1374 OSSL_STORE_INFO_free(result);-
1375 goto again;
never executed: goto again;
0
1376 }-
1377 }
never executed: end of block
0
1378-
1379 return result;
never executed: return result;
0
1380}-
1381-
1382static int file_error(OSSL_STORE_LOADER_CTX *ctx)-
1383{-
1384 return ctx->errcnt > 0;
never executed: return ctx->errcnt > 0;
0
1385}-
1386-
1387static int file_eof(OSSL_STORE_LOADER_CTX *ctx)-
1388{-
1389 if (ctx->type == is_dir)
ctx->type == is_dirDescription
TRUEnever evaluated
FALSEnever evaluated
0
1390 return ctx->_.dir.end_reached;
never executed: return ctx->_.dir.end_reached;
0
1391-
1392 if (ctx->_.file.last_handler != NULL
ctx->_.file.la...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1393 && !ctx->_.file.last_handler->eof(ctx->_.file.last_handler_ctx))
!ctx->_.file.l...t_handler_ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
1394 return 0;
never executed: return 0;
0
1395 return BIO_eof(ctx->_.file.file);
never executed: return (int)BIO_ctrl(ctx->_.file.file,2,0, ((void *)0) );
0
1396}-
1397-
1398static int file_close(OSSL_STORE_LOADER_CTX *ctx)-
1399{-
1400 if (ctx->type == is_dir) {
ctx->type == is_dirDescription
TRUEnever evaluated
FALSEnever evaluated
0
1401 OPENSSL_DIR_end(&ctx->_.dir.ctx);-
1402 } else {
never executed: end of block
0
1403 BIO_free_all(ctx->_.file.file);-
1404 }
never executed: end of block
0
1405 OSSL_STORE_LOADER_CTX_free(ctx);-
1406 return 1;
never executed: return 1;
0
1407}-
1408-
1409int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx)-
1410{-
1411 OSSL_STORE_LOADER_CTX_free(ctx);-
1412 return 1;
never executed: return 1;
0
1413}-
1414-
1415static OSSL_STORE_LOADER file_loader =-
1416 {-
1417 "file",-
1418 NULL,-
1419 file_open,-
1420 file_ctrl,-
1421 file_expect,-
1422 file_find,-
1423 file_load,-
1424 file_eof,-
1425 file_error,-
1426 file_close-
1427 };-
1428-
1429static void store_file_loader_deinit(void)-
1430{-
1431 ossl_store_unregister_loader_int(file_loader.scheme);-
1432}
never executed: end of block
0
1433-
1434int ossl_store_file_loader_init(void)-
1435{-
1436 int ret = ossl_store_register_loader_int(&file_loader);-
1437-
1438 OPENSSL_atexit(store_file_loader_deinit);-
1439 return ret;
never executed: return ret;
0
1440}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2