Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | #include <stdio.h> | - |
11 | #include "internal/cryptlib.h" | - |
12 | #include <openssl/objects.h> | - |
13 | #include <openssl/x509.h> | - |
14 | #include <openssl/pem.h> | - |
15 | #include <openssl/x509v3.h> | - |
16 | #include <openssl/ocsp.h> | - |
17 | #include "ocsp_lcl.h" | - |
18 | #include <openssl/asn1t.h> | - |
19 | | - |
20 | | - |
21 | | - |
22 | OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, | - |
23 | const X509 *issuer) | - |
24 | { | - |
25 | X509_NAME *iname; | - |
26 | const ASN1_INTEGER *serial; | - |
27 | ASN1_BIT_STRING *ikey; | - |
28 | if (!dgst)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
29 | dgst = EVP_sha1(); never executed: dgst = EVP_sha1(); | 0 |
30 | if (subject) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
31 | iname = X509_get_issuer_name(subject); | - |
32 | serial = X509_get0_serialNumber(subject); | - |
33 | } else { never executed: end of block | 0 |
34 | iname = X509_get_subject_name(issuer); | - |
35 | serial = NULL; | - |
36 | } never executed: end of block | 0 |
37 | ikey = X509_get0_pubkey_bitstr(issuer); | - |
38 | return OCSP_cert_id_new(dgst, iname, ikey, serial); never executed: return OCSP_cert_id_new(dgst, iname, ikey, serial); | 0 |
39 | } | - |
40 | | - |
41 | OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, | - |
42 | const X509_NAME *issuerName, | - |
43 | const ASN1_BIT_STRING *issuerKey, | - |
44 | const ASN1_INTEGER *serialNumber) | - |
45 | { | - |
46 | int nid; | - |
47 | unsigned int i; | - |
48 | X509_ALGOR *alg; | - |
49 | OCSP_CERTID *cid = NULL; | - |
50 | unsigned char md[EVP_MAX_MD_SIZE]; | - |
51 | | - |
52 | if ((cid = OCSP_CERTID_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
53 | goto err; never executed: goto err; | 0 |
54 | | - |
55 | alg = &cid->hashAlgorithm; | - |
56 | ASN1_OBJECT_free(alg->algorithm); | - |
57 | if ((nid = EVP_MD_type(dgst)) == NID_undef) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
58 | OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID); | - |
59 | goto err; never executed: goto err; | 0 |
60 | } | - |
61 | if ((alg->algorithm = OBJ_nid2obj(nid)) == NULL)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
62 | goto err; never executed: goto err; | 0 |
63 | if ((alg->parameter = ASN1_TYPE_new()) == NULL)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
64 | goto err; never executed: goto err; | 0 |
65 | alg->parameter->type = V_ASN1_NULL; | - |
66 | | - |
67 | if (!X509_NAME_digest(issuerName, dgst, md, &i))TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
68 | goto digerr; never executed: goto digerr; | 0 |
69 | if (!(ASN1_OCTET_STRING_set(&cid->issuerNameHash, md, i)))TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
70 | goto err; never executed: goto err; | 0 |
71 | | - |
72 | | - |
73 | if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
74 | goto err; never executed: goto err; | 0 |
75 | | - |
76 | if (!(ASN1_OCTET_STRING_set(&cid->issuerKeyHash, md, i)))TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
77 | goto err; never executed: goto err; | 0 |
78 | | - |
79 | if (serialNumber) {TRUE | evaluated 2 times by 1 test | FALSE | never evaluated |
| 0-2 |
80 | if (ASN1_STRING_copy(&cid->serialNumber, serialNumber) == 0)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
81 | goto err; never executed: goto err; | 0 |
82 | }executed 2 times by 1 test: end of block | 2 |
83 | return cid;executed 2 times by 1 test: return cid; | 2 |
84 | digerr: | - |
85 | OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR); | - |
86 | err: code before this statement never executed: err: | 0 |
87 | OCSP_CERTID_free(cid); | - |
88 | return NULL; never executed: return ((void *)0) ; | 0 |
89 | } | - |
90 | | - |
91 | int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b) | - |
92 | { | - |
93 | int ret; | - |
94 | ret = OBJ_cmp(a->hashAlgorithm.algorithm, b->hashAlgorithm.algorithm); | - |
95 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
96 | return ret; never executed: return ret; | 0 |
97 | ret = ASN1_OCTET_STRING_cmp(&a->issuerNameHash, &b->issuerNameHash); | - |
98 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
99 | return ret; never executed: return ret; | 0 |
100 | return ASN1_OCTET_STRING_cmp(&a->issuerKeyHash, &b->issuerKeyHash); never executed: return ASN1_OCTET_STRING_cmp(&a->issuerKeyHash, &b->issuerKeyHash); | 0 |
101 | } | - |
102 | | - |
103 | int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b) | - |
104 | { | - |
105 | int ret; | - |
106 | ret = OCSP_id_issuer_cmp(a, b); | - |
107 | if (ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
108 | return ret; never executed: return ret; | 0 |
109 | return ASN1_INTEGER_cmp(&a->serialNumber, &b->serialNumber); never executed: return ASN1_INTEGER_cmp(&a->serialNumber, &b->serialNumber); | 0 |
110 | } | - |
111 | | - |
112 | | - |
113 | | - |
114 | | - |
115 | | - |
116 | | - |
117 | int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath, | - |
118 | int *pssl) | - |
119 | { | - |
120 | char *p, *buf; | - |
121 | | - |
122 | char *host, *port; | - |
123 | | - |
124 | *phost = NULL; | - |
125 | *pport = NULL; | - |
126 | *ppath = NULL; | - |
127 | | - |
128 | | - |
129 | buf = OPENSSL_strdup(url); | - |
130 | if (!buf)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
131 | goto mem_err; never executed: goto mem_err; | 0 |
132 | | - |
133 | | - |
134 | p = strchr(buf, ':');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
135 | | - |
136 | if (!p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
137 | goto parse_err; never executed: goto parse_err; | 0 |
138 | | - |
139 | *(p++) = '\0'; | - |
140 | | - |
141 | if (strcmp(buf, "http") == 0) { never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "http" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
142 | *pssl = 0; | - |
143 | port = "80"; | - |
144 | } else if (strcmp(buf, "https") == 0) { never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "https" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
145 | *pssl = 1; | - |
146 | port = "443"; | - |
147 | } else never executed: end of block | 0 |
148 | goto parse_err; never executed: goto parse_err; | 0 |
149 | | - |
150 | | - |
151 | if ((p[0] != '/') || (p[1] != '/'))TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
152 | goto parse_err; never executed: goto parse_err; | 0 |
153 | | - |
154 | p += 2; | - |
155 | | - |
156 | host = p; | - |
157 | | - |
158 | | - |
159 | | - |
160 | p = strchr(p, '/');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
161 | | - |
162 | if (!p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
163 | *ppath = OPENSSL_strdup("/"); never executed: *ppath = CRYPTO_strdup("/", __FILE__, 163); | 0 |
164 | else { | - |
165 | *ppath = OPENSSL_strdup(p); | - |
166 | | - |
167 | *p = '\0'; | - |
168 | } never executed: end of block | 0 |
169 | | - |
170 | if (!*ppath)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
171 | goto mem_err; never executed: goto mem_err; | 0 |
172 | | - |
173 | p = host; | - |
174 | if (host[0] == '[') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
175 | | - |
176 | host++; | - |
177 | p = strchr(host, ']');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
178 | if (!p)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
179 | goto parse_err; never executed: goto parse_err; | 0 |
180 | *p = '\0'; | - |
181 | p++; | - |
182 | } never executed: end of block | 0 |
183 | | - |
184 | | - |
185 | if ((p = strchr(p, ':'))) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
186 | *p = 0; | - |
187 | port = p + 1; | - |
188 | } never executed: end of block | 0 |
189 | | - |
190 | *pport = OPENSSL_strdup(port); | - |
191 | if (!*pport)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
192 | goto mem_err; never executed: goto mem_err; | 0 |
193 | | - |
194 | *phost = OPENSSL_strdup(host); | - |
195 | | - |
196 | if (!*phost)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
197 | goto mem_err; never executed: goto mem_err; | 0 |
198 | | - |
199 | OPENSSL_free(buf); | - |
200 | | - |
201 | return 1; never executed: return 1; | 0 |
202 | | - |
203 | mem_err: | - |
204 | OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE); | - |
205 | goto err; never executed: goto err; | 0 |
206 | | - |
207 | parse_err: | - |
208 | OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL); | - |
209 | | - |
210 | err: code before this statement never executed: err: | 0 |
211 | OPENSSL_free(buf); | - |
212 | OPENSSL_free(*ppath); | - |
213 | *ppath = NULL; | - |
214 | OPENSSL_free(*pport); | - |
215 | *pport = NULL; | - |
216 | OPENSSL_free(*phost); | - |
217 | *phost = NULL; | - |
218 | return 0; never executed: return 0; | 0 |
219 | | - |
220 | } | - |
221 | | - |
222 | IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)executed 2 times by 1 test: return ASN1_item_dup((&(OCSP_CERTID_it)), x); | 2 |
| | |