OpenCoverage

ocsp_lib.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/ocsp/ocsp_lib.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10#include <stdio.h>-
11#include "internal/cryptlib.h"-
12#include <openssl/objects.h>-
13#include <openssl/x509.h>-
14#include <openssl/pem.h>-
15#include <openssl/x509v3.h>-
16#include <openssl/ocsp.h>-
17#include "ocsp_lcl.h"-
18#include <openssl/asn1t.h>-
19-
20/* Convert a certificate and its issuer to an OCSP_CERTID */-
21-
22OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,-
23 const X509 *issuer)-
24{-
25 X509_NAME *iname;-
26 const ASN1_INTEGER *serial;-
27 ASN1_BIT_STRING *ikey;-
28 if (!dgst)
!dgstDescription
TRUEnever evaluated
FALSEnever evaluated
0
29 dgst = EVP_sha1();
never executed: dgst = EVP_sha1();
0
30 if (subject) {
subjectDescription
TRUEnever evaluated
FALSEnever evaluated
0
31 iname = X509_get_issuer_name(subject);-
32 serial = X509_get0_serialNumber(subject);-
33 } else {
never executed: end of block
0
34 iname = X509_get_subject_name(issuer);-
35 serial = NULL;-
36 }
never executed: end of block
0
37 ikey = X509_get0_pubkey_bitstr(issuer);-
38 return OCSP_cert_id_new(dgst, iname, ikey, serial);
never executed: return OCSP_cert_id_new(dgst, iname, ikey, serial);
0
39}-
40-
41OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,-
42 const X509_NAME *issuerName,-
43 const ASN1_BIT_STRING *issuerKey,-
44 const ASN1_INTEGER *serialNumber)-
45{-
46 int nid;-
47 unsigned int i;-
48 X509_ALGOR *alg;-
49 OCSP_CERTID *cid = NULL;-
50 unsigned char md[EVP_MAX_MD_SIZE];-
51-
52 if ((cid = OCSP_CERTID_new()) == NULL)
(cid = OCSP_CE...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
53 goto err;
never executed: goto err;
0
54-
55 alg = &cid->hashAlgorithm;-
56 ASN1_OBJECT_free(alg->algorithm);-
57 if ((nid = EVP_MD_type(dgst)) == NID_undef) {
(nid = EVP_MD_type(dgst)) == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
58 OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);-
59 goto err;
never executed: goto err;
0
60 }-
61 if ((alg->algorithm = OBJ_nid2obj(nid)) == NULL)
(alg->algorith...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
62 goto err;
never executed: goto err;
0
63 if ((alg->parameter = ASN1_TYPE_new()) == NULL)
(alg->paramete...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
64 goto err;
never executed: goto err;
0
65 alg->parameter->type = V_ASN1_NULL;-
66-
67 if (!X509_NAME_digest(issuerName, dgst, md, &i))
!X509_NAME_dig... dgst, md, &i)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
68 goto digerr;
never executed: goto digerr;
0
69 if (!(ASN1_OCTET_STRING_set(&cid->issuerNameHash, md, i)))
!(ASN1_OCTET_S...eHash, md, i))Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
70 goto err;
never executed: goto err;
0
71-
72 /* Calculate the issuerKey hash, excluding tag and length */-
73 if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
!EVP_Digest(is... ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
74 goto err;
never executed: goto err;
0
75-
76 if (!(ASN1_OCTET_STRING_set(&cid->issuerKeyHash, md, i)))
!(ASN1_OCTET_S...yHash, md, i))Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
77 goto err;
never executed: goto err;
0
78-
79 if (serialNumber) {
serialNumberDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-2
80 if (ASN1_STRING_copy(&cid->serialNumber, serialNumber) == 0)
ASN1_STRING_co...alNumber) == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-2
81 goto err;
never executed: goto err;
0
82 }
executed 2 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
2
83 return cid;
executed 2 times by 1 test: return cid;
Executed by:
  • libcrypto.so.1.1
2
84 digerr:-
85 OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);-
86 err:
code before this statement never executed: err:
0
87 OCSP_CERTID_free(cid);-
88 return NULL;
never executed: return ((void *)0) ;
0
89}-
90-
91int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b)-
92{-
93 int ret;-
94 ret = OBJ_cmp(a->hashAlgorithm.algorithm, b->hashAlgorithm.algorithm);-
95 if (ret)
retDescription
TRUEnever evaluated
FALSEnever evaluated
0
96 return ret;
never executed: return ret;
0
97 ret = ASN1_OCTET_STRING_cmp(&a->issuerNameHash, &b->issuerNameHash);-
98 if (ret)
retDescription
TRUEnever evaluated
FALSEnever evaluated
0
99 return ret;
never executed: return ret;
0
100 return ASN1_OCTET_STRING_cmp(&a->issuerKeyHash, &b->issuerKeyHash);
never executed: return ASN1_OCTET_STRING_cmp(&a->issuerKeyHash, &b->issuerKeyHash);
0
101}-
102-
103int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)-
104{-
105 int ret;-
106 ret = OCSP_id_issuer_cmp(a, b);-
107 if (ret)
retDescription
TRUEnever evaluated
FALSEnever evaluated
0
108 return ret;
never executed: return ret;
0
109 return ASN1_INTEGER_cmp(&a->serialNumber, &b->serialNumber);
never executed: return ASN1_INTEGER_cmp(&a->serialNumber, &b->serialNumber);
0
110}-
111-
112/*-
113 * Parse a URL and split it up into host, port and path components and-
114 * whether it is SSL.-
115 */-
116-
117int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,-
118 int *pssl)-
119{-
120 char *p, *buf;-
121-
122 char *host, *port;-
123-
124 *phost = NULL;-
125 *pport = NULL;-
126 *ppath = NULL;-
127-
128 /* dup the buffer since we are going to mess with it */-
129 buf = OPENSSL_strdup(url);-
130 if (!buf)
!bufDescription
TRUEnever evaluated
FALSEnever evaluated
0
131 goto mem_err;
never executed: goto mem_err;
0
132-
133 /* Check for initial colon */-
134 p = strchr(buf, ':');
__builtin_constant_p ( ':' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( buf )Description
TRUEnever evaluated
FALSEnever evaluated
( ':' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
135-
136 if (!p)
!pDescription
TRUEnever evaluated
FALSEnever evaluated
0
137 goto parse_err;
never executed: goto parse_err;
0
138-
139 *(p++) = '\0';-
140-
141 if (strcmp(buf, "http") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "http" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
142 *pssl = 0;-
143 port = "80";-
144 } else if (strcmp(buf, "https") == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "https" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
145 *pssl = 1;-
146 port = "443";-
147 } else
never executed: end of block
0
148 goto parse_err;
never executed: goto parse_err;
0
149-
150 /* Check for double slash */-
151 if ((p[0] != '/') || (p[1] != '/'))
(p[0] != '/')Description
TRUEnever evaluated
FALSEnever evaluated
(p[1] != '/')Description
TRUEnever evaluated
FALSEnever evaluated
0
152 goto parse_err;
never executed: goto parse_err;
0
153-
154 p += 2;-
155-
156 host = p;-
157-
158 /* Check for trailing part of path */-
159-
160 p = strchr(p, '/');
__builtin_constant_p ( '/' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
( '/' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
161-
162 if (!p)
!pDescription
TRUEnever evaluated
FALSEnever evaluated
0
163 *ppath = OPENSSL_strdup("/");
never executed: *ppath = CRYPTO_strdup("/", __FILE__, 163);
0
164 else {-
165 *ppath = OPENSSL_strdup(p);-
166 /* Set start of path to 0 so hostname is valid */-
167 *p = '\0';-
168 }
never executed: end of block
0
169-
170 if (!*ppath)
!*ppathDescription
TRUEnever evaluated
FALSEnever evaluated
0
171 goto mem_err;
never executed: goto mem_err;
0
172-
173 p = host;-
174 if (host[0] == '[') {
host[0] == '['Description
TRUEnever evaluated
FALSEnever evaluated
0
175 /* ipv6 literal */-
176 host++;-
177 p = strchr(host, ']');
__builtin_constant_p ( ']' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( host )Description
TRUEnever evaluated
FALSEnever evaluated
( ']' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
178 if (!p)
!pDescription
TRUEnever evaluated
FALSEnever evaluated
0
179 goto parse_err;
never executed: goto parse_err;
0
180 *p = '\0';-
181 p++;-
182 }
never executed: end of block
0
183-
184 /* Look for optional ':' for port number */-
185 if ((p = strchr(p, ':'))) {
(p = (__extens... p , ':' ))) )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ':' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
( ':' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
186 *p = 0;-
187 port = p + 1;-
188 }
never executed: end of block
0
189-
190 *pport = OPENSSL_strdup(port);-
191 if (!*pport)
!*pportDescription
TRUEnever evaluated
FALSEnever evaluated
0
192 goto mem_err;
never executed: goto mem_err;
0
193-
194 *phost = OPENSSL_strdup(host);-
195-
196 if (!*phost)
!*phostDescription
TRUEnever evaluated
FALSEnever evaluated
0
197 goto mem_err;
never executed: goto mem_err;
0
198-
199 OPENSSL_free(buf);-
200-
201 return 1;
never executed: return 1;
0
202-
203 mem_err:-
204 OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);-
205 goto err;
never executed: goto err;
0
206-
207 parse_err:-
208 OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);-
209-
210 err:
code before this statement never executed: err:
0
211 OPENSSL_free(buf);-
212 OPENSSL_free(*ppath);-
213 *ppath = NULL;-
214 OPENSSL_free(*pport);-
215 *pport = NULL;-
216 OPENSSL_free(*phost);-
217 *phost = NULL;-
218 return 0;
never executed: return 0;
0
219-
220}-
221-
222IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)
executed 2 times by 1 test: return ASN1_item_dup((&(OCSP_CERTID_it)), x);
Executed by:
  • libcrypto.so.1.1
2
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2