OpenCoverage

v3_lib.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/x509v3/v3_lib.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10/* X509 v3 extension utilities */-
11-
12#include <stdio.h>-
13#include "internal/cryptlib.h"-
14#include <openssl/conf.h>-
15#include <openssl/x509v3.h>-
16-
17#include "ext_dat.h"-
18-
19static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;-
20-
21static int ext_cmp(const X509V3_EXT_METHOD *const *a,-
22 const X509V3_EXT_METHOD *const *b);-
23static void ext_list_free(X509V3_EXT_METHOD *ext);-
24-
25int X509V3_EXT_add(X509V3_EXT_METHOD *ext)-
26{-
27 if (ext_list == NULL
ext_list == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
28 && (ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp)) == NULL) {
(ext_list = sk...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
29 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);-
30 return 0;
never executed: return 0;
0
31 }-
32 if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
!sk_X509V3_EXT...ext_list, ext)Description
TRUEnever evaluated
FALSEnever evaluated
0
33 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);-
34 return 0;
never executed: return 0;
0
35 }-
36 return 1;
never executed: return 1;
0
37}-
38-
39static int ext_cmp(const X509V3_EXT_METHOD *const *a,-
40 const X509V3_EXT_METHOD *const *b)-
41{-
42 return ((*a)->ext_nid - (*b)->ext_nid);
executed 920369 times by 1 test: return ((*a)->ext_nid - (*b)->ext_nid);
Executed by:
  • libcrypto.so.1.1
920369
43}-
44-
45DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,-
46 const X509V3_EXT_METHOD *, ext);-
47IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
executed 920369 times by 1 test: return ext_cmp(a,b);
Executed by:
  • libcrypto.so.1.1
executed 190374 times by 1 test: return (const X509V3_EXT_METHOD * *)OBJ_bsearch_(key, base, num, sizeof(const X509V3_EXT_METHOD *), ext_cmp_BSEARCH_CMP_FN);
Executed by:
  • libcrypto.so.1.1
190374-920369
48 const X509V3_EXT_METHOD *, ext);-
49-
50#include "standard_exts.h"-
51-
52const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)-
53{-
54 X509V3_EXT_METHOD tmp;-
55 const X509V3_EXT_METHOD *t = &tmp, *const *ret;-
56 int idx;-
57-
58 if (nid < 0)
nid < 0Description
TRUEnever evaluated
FALSEevaluated 190374 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-190374
59 return NULL;
never executed: return ((void *)0) ;
0
60 tmp.ext_nid = nid;-
61 ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);-
62 if (ret)
retDescription
TRUEevaluated 185970 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 4404 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
4404-185970
63 return *ret;
executed 185970 times by 1 test: return *ret;
Executed by:
  • libcrypto.so.1.1
185970
64 if (!ext_list)
!ext_listDescription
TRUEevaluated 4404 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-4404
65 return NULL;
executed 4404 times by 1 test: return ((void *)0) ;
Executed by:
  • libcrypto.so.1.1
4404
66 idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);-
67 return sk_X509V3_EXT_METHOD_value(ext_list, idx);
never executed: return sk_X509V3_EXT_METHOD_value(ext_list, idx);
0
68}-
69-
70const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)-
71{-
72 int nid;-
73 if ((nid = OBJ_obj2nid(X509_EXTENSION_get_object(ext))) == NID_undef)
(nid = OBJ_obj...ct(ext))) == 0Description
TRUEevaluated 9295 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 190153 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
9295-190153
74 return NULL;
executed 9295 times by 1 test: return ((void *)0) ;
Executed by:
  • libcrypto.so.1.1
9295
75 return X509V3_EXT_get_nid(nid);
executed 190153 times by 1 test: return X509V3_EXT_get_nid(nid);
Executed by:
  • libcrypto.so.1.1
190153
76}-
77-
78int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)-
79{-
80 for (; extlist->ext_nid != -1; extlist++)
extlist->ext_nid != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
81 if (!X509V3_EXT_add(extlist))
!X509V3_EXT_add(extlist)Description
TRUEnever evaluated
FALSEnever evaluated
0
82 return 0;
never executed: return 0;
0
83 return 1;
never executed: return 1;
0
84}-
85-
86int X509V3_EXT_add_alias(int nid_to, int nid_from)-
87{-
88 const X509V3_EXT_METHOD *ext;-
89 X509V3_EXT_METHOD *tmpext;-
90-
91 if ((ext = X509V3_EXT_get_nid(nid_from)) == NULL) {
(ext = X509V3_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
92 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, X509V3_R_EXTENSION_NOT_FOUND);-
93 return 0;
never executed: return 0;
0
94 }-
95 if ((tmpext = OPENSSL_malloc(sizeof(*tmpext))) == NULL) {
(tmpext = CRYP...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
96 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);-
97 return 0;
never executed: return 0;
0
98 }-
99 *tmpext = *ext;-
100 tmpext->ext_nid = nid_to;-
101 tmpext->ext_flags |= X509V3_EXT_DYNAMIC;-
102 return X509V3_EXT_add(tmpext);
never executed: return X509V3_EXT_add(tmpext);
0
103}-
104-
105void X509V3_EXT_cleanup(void)-
106{-
107 sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);-
108 ext_list = NULL;-
109}
never executed: end of block
0
110-
111static void ext_list_free(X509V3_EXT_METHOD *ext)-
112{-
113 if (ext->ext_flags & X509V3_EXT_DYNAMIC)
ext->ext_flags & 0x1Description
TRUEnever evaluated
FALSEnever evaluated
0
114 OPENSSL_free(ext);
never executed: CRYPTO_free(ext, __FILE__, 114);
0
115}
never executed: end of block
0
116-
117/*-
118 * Legacy function: we don't need to add standard extensions any more because-
119 * they are now kept in ext_dat.h.-
120 */-
121-
122int X509V3_add_standard_extensions(void)-
123{-
124 return 1;
never executed: return 1;
0
125}-
126-
127/* Return an extension internal structure */-
128-
129void *X509V3_EXT_d2i(X509_EXTENSION *ext)-
130{-
131 const X509V3_EXT_METHOD *method;-
132 const unsigned char *p;-
133 ASN1_STRING *extvalue;-
134 int extlen;-
135-
136 if ((method = X509V3_EXT_get(ext)) == NULL)
(method = X509...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 100504 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-100504
137 return NULL;
never executed: return ((void *)0) ;
0
138 extvalue = X509_EXTENSION_get_data(ext);-
139 p = ASN1_STRING_get0_data(extvalue);-
140 extlen = ASN1_STRING_length(extvalue);-
141 if (method->it)
method->itDescription
TRUEevaluated 100495 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
9-100495
142 return ASN1_item_d2i(NULL, &p, extlen, ASN1_ITEM_ptr(method->it));
executed 100495 times by 1 test: return ASN1_item_d2i( ((void *)0) , &p, extlen, (method->it));
Executed by:
  • libcrypto.so.1.1
100495
143 return method->d2i(NULL, &p, extlen);
executed 9 times by 1 test: return method->d2i( ((void *)0) , &p, extlen);
Executed by:
  • libcrypto.so.1.1
9
144}-
145-
146/*--
147 * Get critical flag and decoded version of extension from a NID.-
148 * The "idx" variable returns the last found extension and can-
149 * be used to retrieve multiple extensions of the same NID.-
150 * However multiple extensions with the same NID is usually-
151 * due to a badly encoded certificate so if idx is NULL we-
152 * choke if multiple extensions exist.-
153 * The "crit" variable is set to the critical value.-
154 * The return value is the decoded extension or NULL on-
155 * error. The actual error can have several different causes,-
156 * the value of *crit reflects the cause:-
157 * >= 0, extension found but not decoded (reflects critical value).-
158 * -1 extension not found.-
159 * -2 extension occurs more than once.-
160 */-
161-
162void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit,-
163 int *idx)-
164{-
165 int lastpos, i;-
166 X509_EXTENSION *ex, *found_ex = NULL;-
167-
168 if (!x) {
!xDescription
TRUEevaluated 99539 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 294133 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
99539-294133
169 if (idx)
idxDescription
TRUEnever evaluated
FALSEevaluated 99539 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-99539
170 *idx = -1;
never executed: *idx = -1;
0
171 if (crit)
critDescription
TRUEevaluated 14114 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 85425 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
14114-85425
172 *crit = -1;
executed 14114 times by 1 test: *crit = -1;
Executed by:
  • libcrypto.so.1.1
14114
173 return NULL;
executed 99539 times by 1 test: return ((void *)0) ;
Executed by:
  • libcrypto.so.1.1
99539
174 }-
175 if (idx)
idxDescription
TRUEnever evaluated
FALSEevaluated 294133 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-294133
176 lastpos = *idx + 1;
never executed: lastpos = *idx + 1;
0
177 else-
178 lastpos = 0;
executed 294133 times by 1 test: lastpos = 0;
Executed by:
  • libcrypto.so.1.1
294133
179 if (lastpos < 0)
lastpos < 0Description
TRUEnever evaluated
FALSEevaluated 294133 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-294133
180 lastpos = 0;
never executed: lastpos = 0;
0
181 for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
i < sk_X509_EXTENSION_num(x)Description
TRUEevaluated 920576 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 292772 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
292772-920576
182 ex = sk_X509_EXTENSION_value(x, i);-
183 if (OBJ_obj2nid(X509_EXTENSION_get_object(ex)) == nid) {
OBJ_obj2nid(X5...ct(ex)) == nidDescription
TRUEevaluated 103213 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 817363 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
103213-817363
184 if (idx) {
idxDescription
TRUEnever evaluated
FALSEevaluated 103213 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103213
185 *idx = i;-
186 found_ex = ex;-
187 break;
never executed: break;
0
188 } else if (found_ex) {
found_exDescription
TRUEevaluated 1361 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 101852 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
1361-101852
189 /* Found more than one */-
190 if (crit)
critDescription
TRUEevaluated 418 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 943 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
418-943
191 *crit = -2;
executed 418 times by 1 test: *crit = -2;
Executed by:
  • libcrypto.so.1.1
418
192 return NULL;
executed 1361 times by 1 test: return ((void *)0) ;
Executed by:
  • libcrypto.so.1.1
1361
193 }-
194 found_ex = ex;-
195 }
executed 101852 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
101852
196 }
executed 919215 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
919215
197 if (found_ex) {
found_exDescription
TRUEevaluated 100491 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 192281 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
100491-192281
198 /* Found it */-
199 if (crit)
critDescription
TRUEevaluated 5850 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 94641 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
5850-94641
200 *crit = X509_EXTENSION_get_critical(found_ex);
executed 5850 times by 1 test: *crit = X509_EXTENSION_get_critical(found_ex);
Executed by:
  • libcrypto.so.1.1
5850
201 return X509V3_EXT_d2i(found_ex);
executed 100491 times by 1 test: return X509V3_EXT_d2i(found_ex);
Executed by:
  • libcrypto.so.1.1
100491
202 }-
203-
204 /* Extension not found */-
205 if (idx)
idxDescription
TRUEnever evaluated
FALSEevaluated 192281 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-192281
206 *idx = -1;
never executed: *idx = -1;
0
207 if (crit)
critDescription
TRUEevaluated 20272 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 172009 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
20272-172009
208 *crit = -1;
executed 20272 times by 1 test: *crit = -1;
Executed by:
  • libcrypto.so.1.1
20272
209 return NULL;
executed 192281 times by 1 test: return ((void *)0) ;
Executed by:
  • libcrypto.so.1.1
192281
210}-
211-
212/*-
213 * This function is a general extension append, replace and delete utility.-
214 * The precise operation is governed by the 'flags' value. The 'crit' and-
215 * 'value' arguments (if relevant) are the extensions internal structure.-
216 */-
217-
218int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,-
219 int crit, unsigned long flags)-
220{-
221 int errcode, extidx = -1;-
222 X509_EXTENSION *ext = NULL, *extmp;-
223 STACK_OF(X509_EXTENSION) *ret = NULL;-
224 unsigned long ext_op = flags & X509V3_ADD_OP_MASK;-
225-
226 /*-
227 * If appending we don't care if it exists, otherwise look for existing-
228 * extension.-
229 */-
230 if (ext_op != X509V3_ADD_APPEND)
ext_op != 1LDescription
TRUEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-103
231 extidx = X509v3_get_ext_by_NID(*x, nid, -1);
executed 103 times by 1 test: extidx = X509v3_get_ext_by_NID(*x, nid, -1);
Executed by:
  • libcrypto.so.1.1
103
232-
233 /* See if extension exists */-
234 if (extidx >= 0) {
extidx >= 0Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
235 /* If keep existing, nothing to do */-
236 if (ext_op == X509V3_ADD_KEEP_EXISTING)
ext_op == 4LDescription
TRUEnever evaluated
FALSEnever evaluated
0
237 return 1;
never executed: return 1;
0
238 /* If default then its an error */-
239 if (ext_op == X509V3_ADD_DEFAULT) {
ext_op == 0LDescription
TRUEnever evaluated
FALSEnever evaluated
0
240 errcode = X509V3_R_EXTENSION_EXISTS;-
241 goto err;
never executed: goto err;
0
242 }-
243 /* If delete, just delete it */-
244 if (ext_op == X509V3_ADD_DELETE) {
ext_op == 5LDescription
TRUEnever evaluated
FALSEnever evaluated
0
245 if (!sk_X509_EXTENSION_delete(*x, extidx))
!sk_X509_EXTEN...te(*x, extidx)Description
TRUEnever evaluated
FALSEnever evaluated
0
246 return -1;
never executed: return -1;
0
247 return 1;
never executed: return 1;
0
248 }-
249 } else {
never executed: end of block
0
250 /*-
251 * If replace existing or delete, error since extension must exist-
252 */-
253 if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
(ext_op == 3L)Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
254 (ext_op == X509V3_ADD_DELETE)) {
(ext_op == 5L)Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
255 errcode = X509V3_R_EXTENSION_NOT_FOUND;-
256 goto err;
never executed: goto err;
0
257 }-
258 }
executed 103 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
103
259-
260 /*-
261 * If we get this far then we have to create an extension: could have-
262 * some flags for alternative encoding schemes...-
263 */-
264-
265 ext = X509V3_EXT_i2d(nid, crit, value);-
266-
267 if (!ext) {
!extDescription
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
268 X509V3err(X509V3_F_X509V3_ADD1_I2D,-
269 X509V3_R_ERROR_CREATING_EXTENSION);-
270 return 0;
never executed: return 0;
0
271 }-
272-
273 /* If extension exists replace it.. */-
274 if (extidx >= 0) {
extidx >= 0Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
275 extmp = sk_X509_EXTENSION_value(*x, extidx);-
276 X509_EXTENSION_free(extmp);-
277 if (!sk_X509_EXTENSION_set(*x, extidx, ext))
!sk_X509_EXTEN..., extidx, ext)Description
TRUEnever evaluated
FALSEnever evaluated
0
278 return -1;
never executed: return -1;
0
279 return 1;
never executed: return 1;
0
280 }-
281-
282 ret = *x;-
283 if (*x == NULL
*x == ((void *)0)Description
TRUEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-103
284 && (ret = sk_X509_EXTENSION_new_null()) == NULL)
(ret = sk_X509...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
285 goto m_fail;
never executed: goto m_fail;
0
286 if (!sk_X509_EXTENSION_push(ret, ext))
!sk_X509_EXTEN...push(ret, ext)Description
TRUEnever evaluated
FALSEevaluated 103 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-103
287 goto m_fail;
never executed: goto m_fail;
0
288-
289 *x = ret;-
290 return 1;
executed 103 times by 1 test: return 1;
Executed by:
  • libcrypto.so.1.1
103
291-
292 m_fail:-
293 /* X509V3err(X509V3_F_X509V3_ADD1_I2D, ERR_R_MALLOC_FAILURE); */-
294 if (ret != *x)
ret != *xDescription
TRUEnever evaluated
FALSEnever evaluated
0
295 sk_X509_EXTENSION_free(ret);
never executed: sk_X509_EXTENSION_free(ret);
0
296 X509_EXTENSION_free(ext);-
297 return -1;
never executed: return -1;
0
298-
299 err:-
300 if (!(flags & X509V3_ADD_SILENT))
!(flags & 0x10)Description
TRUEnever evaluated
FALSEnever evaluated
0
301 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
never executed: ERR_put_error(34,(140),(errcode),__FILE__,301);
0
302 return 0;
never executed: return 0;
0
303}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2