OpenCoverage

extensions_srvr.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssl/src/ssl/statem/extensions_srvr.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* -

3 * -

4 * Licensed under the OpenSSL license (the "License"). You may not use -

5 * this file except in compliance with the License. You can obtain a copy -

6 * in the file LICENSE in the source distribution or at -

7 * https://www.openssl.org/source/license.html -

8 */ -

9 -

10 #include <openssl/ocsp.h> -

11 #include "../ssl_locl.h" -

12 #include "statem_locl.h" -

13 #include "internal/cryptlib.h" -

14 -

15 #define COOKIE_STATE_FORMAT_VERSION 0 -

16 -

17 /* -

18 * 2 bytes for packet length, 2 bytes for format version, 2 bytes for -

19 * protocol version, 2 bytes for group id, 2 bytes for cipher id, 1 byte for -

20 * key_share present flag, 4 bytes for timestamp, 2 bytes for the hashlen, -

21 * EVP_MAX_MD_SIZE for transcript hash, 1 byte for app cookie length, app cookie -

22 * length bytes, SHA256_DIGEST_LENGTH bytes for the HMAC of the whole thing. -

23 */ -

24 #define MAX_COOKIE_SIZE (2 + 2 + 2 + 2 + 2 + 1 + 4 + 2 + EVP_MAX_MD_SIZE + 1 \ -

25 + SSL_COOKIE_LENGTH + SHA256_DIGEST_LENGTH) -

26 -

27 /* -

28 * Message header + 2 bytes for protocol version + number of random bytes + -

29 * + 1 byte for legacy session id length + number of bytes in legacy session id -

30 * + 2 bytes for ciphersuite + 1 byte for legacy compression -

31 * + 2 bytes for extension block length + 6 bytes for key_share extension -

32 * + 4 bytes for cookie extension header + the number of bytes in the cookie -

33 */ -

34 #define MAX_HRR_SIZE (SSL3_HM_HEADER_LENGTH + 2 + SSL3_RANDOM_SIZE + 1 \ -

35 + SSL_MAX_SSL_SESSION_ID_LENGTH + 2 + 1 + 2 + 6 + 4 \ -

36 + MAX_COOKIE_SIZE) -

37 -

38 /* -

39 * Parse the client's renegotiation binding and abort if it's not right -

40 */ -

41 int tls_parse_ctos_renegotiate(SSL *s, PACKET *pkt, unsigned int context, -

42 X509 *x, size_t chainidx) -

43 { -

44 unsigned int ilen; -

45 const unsigned char *data; -

46 -

47 /* Parse the length byte */ -

if (!PACKET_get_1(pkt, &ilen)

!PACKET_get_1(pkt, &ilen)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 250 times by 1 test Evaluated by: libssl.so.1.1

1-250

|| !PACKET_get_bytes(pkt, &data, ilen)) {

!PACKET_get_by..., &data, ilen)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 249 times by 1 test Evaluated by: libssl.so.1.1

1-249

50 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, -

51 SSL_R_RENEGOTIATION_ENCODING_ERR); -

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

53 } -

54 -

55 /* Check that the extension matches */ -

if (ilen != s->s3->previous_client_finished_len) {

ilen != s->s3-...t_finished_len	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 248 times by 1 test Evaluated by: libssl.so.1.1

1-248

57 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, -

58 SSL_R_RENEGOTIATION_MISMATCH); -

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

60 } -

61 -

if (memcmp(data, s->s3->previous_client_finished,

memcmp(data, s..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 248 times by 1 test Evaluated by: libssl.so.1.1

0-248

s->s3->previous_client_finished_len)) {

memcmp(data, s..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 248 times by 1 test Evaluated by: libssl.so.1.1

0-248

64 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, -

65 SSL_R_RENEGOTIATION_MISMATCH); -

return 0;

never executed: return 0;

67 } -

68 -

69 s->s3->send_connection_binding = 1; -

70 -

return 1;

executed 248 times by 1 test: return 1;

Executed by:

libssl.so.1.1

248

72 } -

73 -

74 /*- -

75 * The servername extension is treated as follows: -

76 * -

77 * - Only the hostname type is supported with a maximum length of 255. -

78 * - The servername is rejected if too long or if it contains zeros, -

79 * in which case an fatal alert is generated. -

80 * - The servername field is maintained together with the session cache. -

81 * - When a session is resumed, the servername call back invoked in order -

82 * to allow the application to position itself to the right context. -

83 * - The servername is acknowledged if it is new for a session or when -

84 * it is identical to a previously used for the same session. -

85 * Applications can control the behaviour. They can at any time -

86 * set a 'desirable' servername for a new SSL object. This can be the -

87 * case for example with HTTPS when a Host: header field is received and -

88 * a renegotiation is requested. In this case, a possible servername -

89 * presented in the new client hello is only acknowledged if it matches -

90 * the value of the Host: field. -

91 * - Applications must use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION -

92 * if they provide for changing an explicit servername context for the -

93 * session, i.e. when the session has been established with a servername -

94 * extension. -

95 * - On session reconnect, the servername extension may be absent. -

96 */ -

97 int tls_parse_ctos_server_name(SSL *s, PACKET *pkt, unsigned int context, -

98 X509 *x, size_t chainidx) -

99 { -

100 unsigned int servname_type; -

101 PACKET sni, hostname; -

102 -

103

if (!PACKET_as_length_prefixed_2(pkt, &sni)

!PACKET_as_len...d_2(pkt, &sni)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 604 times by 1 test Evaluated by: libssl.so.1.1

3-604

104 /* ServerNameList must be at least 1 byte long. */ -

105

|| PACKET_remaining(&sni) == 0) {

PACKET_remaining(&sni) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 603 times by 1 test Evaluated by: libssl.so.1.1

1-603

106 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_SERVER_NAME, -

107 SSL_R_BAD_EXTENSION); -

108

return 0;

executed 4 times by 1 test: return 0;

Executed by:

libssl.so.1.1

109 } -

110 -

111 /* -

112 * Although the intent was for server_name to be extensible, RFC 4366 -

113 * was not clear about it; and so OpenSSL among other implementations, -

114 * always and only allows a 'host_name' name types. -

115 * RFC 6066 corrected the mistake but adding new name types -

116 * is nevertheless no longer feasible, so act as if no other -

117 * SNI types can exist, to simplify parsing. -

118 * -

119 * Also note that the RFC permits only one SNI value per type, -

120 * i.e., we can only have a single hostname. -

121 */ -

122

if (!PACKET_get_1(&sni, &servname_type)

!PACKET_get_1(...servname_type)	Description
TRUE	never evaluated
FALSE	evaluated 603 times by 1 test Evaluated by: libssl.so.1.1

0-603

123

|| servname_type != TLSEXT_NAMETYPE_host_name

servname_type != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 601 times by 1 test Evaluated by: libssl.so.1.1

2-601

124

|| !PACKET_as_length_prefixed_2(&sni, &hostname)) {

!PACKET_as_len...ni, &hostname)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 599 times by 1 test Evaluated by: libssl.so.1.1

2-599

125 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_SERVER_NAME, -

126 SSL_R_BAD_EXTENSION); -

127

return 0;

executed 4 times by 1 test: return 0;

Executed by:

libssl.so.1.1

128 } -

129 -

130

if (!s->hit || SSL_IS_TLS13(s)) {

!s->hit	Description
TRUE	evaluated 572 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 10 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-572

131

if (PACKET_remaining(&hostname) > TLSEXT_MAXLEN_host_name) {

PACKET_remaini...ostname) > 255	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 588 times by 1 test Evaluated by: libssl.so.1.1

1-588

132 SSLfatal(s, SSL_AD_UNRECOGNIZED_NAME, -

133 SSL_F_TLS_PARSE_CTOS_SERVER_NAME, -

134 SSL_R_BAD_EXTENSION); -

135

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

136 } -

137 -

138

if (PACKET_contains_zero_byte(&hostname)) {

PACKET_contain...yte(&hostname)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 587 times by 1 test Evaluated by: libssl.so.1.1

1-587

139 SSLfatal(s, SSL_AD_UNRECOGNIZED_NAME, -

140 SSL_F_TLS_PARSE_CTOS_SERVER_NAME, -

141 SSL_R_BAD_EXTENSION); -

142

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

143 } -

144 -

145 /* -

146 * Store the requested SNI in the SSL as temporary storage. -

147 * If we accept it, it will get stored in the SSL_SESSION as well. -

148 */ -

149 OPENSSL_free(s->ext.hostname); -

150 s->ext.hostname = NULL; -

151

if (!PACKET_strndup(&hostname, &s->ext.hostname)) {

!PACKET_strndu...>ext.hostname)	Description
TRUE	never evaluated
FALSE	evaluated 587 times by 1 test Evaluated by: libssl.so.1.1

0-587

152 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_SERVER_NAME, -

153 ERR_R_INTERNAL_ERROR); -

154

return 0;

never executed: return 0;

155 } -

156 -

157 s->servername_done = 1; -

158

}

executed 587 times by 1 test: end of block

Executed by:

libssl.so.1.1

587

159

if (s->hit) {

s->hit	Description
TRUE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 570 times by 1 test Evaluated by: libssl.so.1.1

27-570

160 /* -

161 * TODO(openssl-team): if the SNI doesn't match, we MUST -

162 * fall back to a full handshake. -

163 */ -

164

s->servername_done = (s->session->ext.hostname != NULL)

(s->session->e... ((void *)0) )	Description
TRUE	evaluated 15 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 12 times by 1 test Evaluated by: libssl.so.1.1

12-15

165

&& PACKET_equal(&hostname, s->session->ext.hostname,

PACKET_equal(&...ext.hostname))	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-13

166

strlen(s->session->ext.hostname));

PACKET_equal(&...ext.hostname))	Description
TRUE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-13

167 -

168

if (!s->servername_done && s->session->ext.hostname != NULL)

!s->servername_done	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1

s->session->ex...!= ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 12 times by 1 test Evaluated by: libssl.so.1.1

2-14

169

s->ext.early_data_ok = 0;

executed 2 times by 1 test: s->ext.early_data_ok = 0;

Executed by:

libssl.so.1.1

170

}

executed 27 times by 1 test: end of block

Executed by:

libssl.so.1.1

171 -

172

return 1;

executed 597 times by 1 test: return 1;

Executed by:

libssl.so.1.1

597

173 } -

174 -

175 int tls_parse_ctos_maxfragmentlen(SSL *s, PACKET *pkt, unsigned int context, -

176 X509 *x, size_t chainidx) -

177 { -

178 unsigned int value; -

179 -

180

if (PACKET_remaining(pkt) != 1 || !PACKET_get_1(pkt, &value)) {

PACKET_remaining(pkt) != 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 33 times by 1 test Evaluated by: libssl.so.1.1

!PACKET_get_1(pkt, &value)	Description
TRUE	never evaluated
FALSE	evaluated 33 times by 1 test Evaluated by: libssl.so.1.1

0-33

181 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN, -

182 SSL_R_BAD_EXTENSION); -

183

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

184 } -

185 -

186 /* Received |value| should be a valid max-fragment-length code. */ -

187

if (!IS_MAX_FRAGMENT_LENGTH_EXT_VALID(value)) {

((value) >= 1)	Description
TRUE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

((value) <= 4)	Description
TRUE	evaluated 31 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-32

188 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

189 SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN, -

190 SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); -

191

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

192 } -

193 -

194 /* -

195 * RFC 6066: The negotiated length applies for the duration of the session -

196 * including session resumptions. -

197 * We should receive the same code as in resumed session ! -

198 */ -

199

if (s->hit && s->session->ext.max_fragment_len_mode != value) {

s->hit	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 30 times by 1 test Evaluated by: libssl.so.1.1

s->session->ex..._mode != value	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-30

200 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

201 SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN, -

202 SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH); -

203

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

204 } -

205 -

206 /* -

207 * Store it in session, so it'll become binding for us -

208 * and we'll include it in a next Server Hello. -

209 */ -

210 s->session->ext.max_fragment_len_mode = value; -

211

return 1;

executed 30 times by 1 test: return 1;

Executed by:

libssl.so.1.1

212 } -

213 -

214 #ifndef OPENSSL_NO_SRP -

215 int tls_parse_ctos_srp(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

216 size_t chainidx) -

217 { -

218 PACKET srp_I; -

219 -

220

if (!PACKET_as_length_prefixed_1(pkt, &srp_I)

!PACKET_as_len...1(pkt, &srp_I)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 18 times by 1 test Evaluated by: libssl.so.1.1

2-18

221

|| PACKET_contains_zero_byte(&srp_I)) {

PACKET_contain...o_byte(&srp_I)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1

1-17

222 SSLfatal(s, SSL_AD_DECODE_ERROR, -

223 SSL_F_TLS_PARSE_CTOS_SRP, -

224 SSL_R_BAD_EXTENSION); -

225

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

226 } -

227 -

228 /* -

229 * TODO(openssl-team): currently, we re-authenticate the user -

230 * upon resumption. Instead, we MUST ignore the login. -

231 */ -

232

if (!PACKET_strndup(&srp_I, &s->srp_ctx.login)) {

!PACKET_strndu...srp_ctx.login)	Description
TRUE	never evaluated
FALSE	evaluated 17 times by 1 test Evaluated by: libssl.so.1.1

0-17

233 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_SRP, -

234 ERR_R_INTERNAL_ERROR); -

235

return 0;

never executed: return 0;

236 } -

237 -

238

return 1;

executed 17 times by 1 test: return 1;

Executed by:

libssl.so.1.1

239 } -

240 #endif -

241 -

242 #ifndef OPENSSL_NO_EC -

243 int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context, -

244 X509 *x, size_t chainidx) -

245 { -

246 PACKET ec_point_format_list; -

247 -

248

if (!PACKET_as_length_prefixed_1(pkt, &ec_point_format_list)

!PACKET_as_len...t_format_list)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1379 times by 1 test Evaluated by: libssl.so.1.1

3-1379

249

|| PACKET_remaining(&ec_point_format_list) == 0) {

PACKET_remaini...mat_list) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1378 times by 1 test Evaluated by: libssl.so.1.1

1-1378

250 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS, -

251 SSL_R_BAD_EXTENSION); -

252

return 0;

executed 4 times by 1 test: return 0;

Executed by:

libssl.so.1.1

253 } -

254 -

255

if (!s->hit) {

!s->hit	Description
TRUE	evaluated 1297 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 81 times by 1 test Evaluated by: libssl.so.1.1

81-1297

256

if (!PACKET_memdup(&ec_point_format_list,

!PACKET_memdup...ntformats_len)	Description
TRUE	never evaluated
FALSE	evaluated 1297 times by 1 test Evaluated by: libssl.so.1.1

0-1297

257

&s->session->ext.ecpointformats,

!PACKET_memdup...ntformats_len)	Description
TRUE	never evaluated
FALSE	evaluated 1297 times by 1 test Evaluated by: libssl.so.1.1

0-1297

258

&s->session->ext.ecpointformats_len)) {

!PACKET_memdup...ntformats_len)	Description
TRUE	never evaluated
FALSE	evaluated 1297 times by 1 test Evaluated by: libssl.so.1.1

0-1297

259 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

260 SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR); -

261

return 0;

never executed: return 0;

262 } -

263

}

executed 1297 times by 1 test: end of block

Executed by:

libssl.so.1.1

1297

264 -

265

return 1;

executed 1378 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1378

266 } -

267 #endif /* OPENSSL_NO_EC */ -

268 -

269 int tls_parse_ctos_session_ticket(SSL *s, PACKET *pkt, unsigned int context, -

270 X509 *x, size_t chainidx) -

271 { -

272

if (s->ext.session_ticket_cb &&

s->ext.session_ticket_cb	Description
TRUE	never evaluated
FALSE	evaluated 1399 times by 1 test Evaluated by: libssl.so.1.1

0-1399

273

!s->ext.session_ticket_cb(s, PACKET_data(pkt),

!s->ext.sessio...ticket_cb_arg)	Description
TRUE	never evaluated
FALSE	never evaluated

274

PACKET_remaining(pkt),

!s->ext.sessio...ticket_cb_arg)	Description
TRUE	never evaluated
FALSE	never evaluated

275

s->ext.session_ticket_cb_arg)) {

!s->ext.sessio...ticket_cb_arg)	Description
TRUE	never evaluated
FALSE	never evaluated

276 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

277 SSL_F_TLS_PARSE_CTOS_SESSION_TICKET, ERR_R_INTERNAL_ERROR); -

278

return 0;

never executed: return 0;

279 } -

280 -

281

return 1;

executed 1399 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1399

282 } -

283 -

284 int tls_parse_ctos_sig_algs_cert(SSL *s, PACKET *pkt, unsigned int context, -

285 X509 *x, size_t chainidx) -

286 { -

287 PACKET supported_sig_algs; -

288 -

289

if (!PACKET_as_length_prefixed_2(pkt, &supported_sig_algs)

!PACKET_as_len...rted_sig_algs)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 58 times by 1 test Evaluated by: libssl.so.1.1

2-58

290

|| PACKET_remaining(&supported_sig_algs) == 0) {

PACKET_remaini...sig_algs) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 57 times by 1 test Evaluated by: libssl.so.1.1

1-57

291 SSLfatal(s, SSL_AD_DECODE_ERROR, -

292 SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT, SSL_R_BAD_EXTENSION); -

293

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

294 } -

295 -

296

if (!s->hit && !tls1_save_sigalgs(s, &supported_sig_algs, 1)) {

!s->hit	Description
TRUE	evaluated 56 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

!tls1_save_sig...d_sig_algs, 1)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 55 times by 1 test Evaluated by: libssl.so.1.1

1-56

297 SSLfatal(s, SSL_AD_DECODE_ERROR, -

298 SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT, SSL_R_BAD_EXTENSION); -

299

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

300 } -

301 -

302

return 1;

executed 56 times by 1 test: return 1;

Executed by:

libssl.so.1.1

303 } -

304 -

305 int tls_parse_ctos_sig_algs(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

306 size_t chainidx) -

307 { -

308 PACKET supported_sig_algs; -

309 -

310

if (!PACKET_as_length_prefixed_2(pkt, &supported_sig_algs)

!PACKET_as_len...rted_sig_algs)	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2300 times by 1 test Evaluated by: libssl.so.1.1

7-2300

311

|| PACKET_remaining(&supported_sig_algs) == 0) {

PACKET_remaini...sig_algs) == 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2297 times by 1 test Evaluated by: libssl.so.1.1

3-2297

312 SSLfatal(s, SSL_AD_DECODE_ERROR, -

313 SSL_F_TLS_PARSE_CTOS_SIG_ALGS, SSL_R_BAD_EXTENSION); -

314

return 0;

executed 10 times by 1 test: return 0;

Executed by:

libssl.so.1.1

315 } -

316 -

317

if (!s->hit && !tls1_save_sigalgs(s, &supported_sig_algs, 0)) {

!s->hit	Description
TRUE	evaluated 2080 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 217 times by 1 test Evaluated by: libssl.so.1.1

!tls1_save_sig...d_sig_algs, 0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2079 times by 1 test Evaluated by: libssl.so.1.1

1-2080

318 SSLfatal(s, SSL_AD_DECODE_ERROR, -

319 SSL_F_TLS_PARSE_CTOS_SIG_ALGS, SSL_R_BAD_EXTENSION); -

320

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

321 } -

322 -

323

return 1;

executed 2296 times by 1 test: return 1;

Executed by:

libssl.so.1.1

2296

324 } -

325 -

326 #ifndef OPENSSL_NO_OCSP -

327 int tls_parse_ctos_status_request(SSL *s, PACKET *pkt, unsigned int context, -

328 X509 *x, size_t chainidx) -

329 { -

330 PACKET responder_id_list, exts; -

331 -

332 /* We ignore this in a resumption handshake */ -

333

if (s->hit)

s->hit	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 568 times by 1 test Evaluated by: libssl.so.1.1

5-568

334

return 1;

executed 5 times by 1 test: return 1;

Executed by:

libssl.so.1.1

335 -

336 /* Not defined if we get one of these in a client Certificate */ -

337

if (x != NULL)

x != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 568 times by 1 test Evaluated by: libssl.so.1.1

0-568

338

return 1;

never executed: return 1;

339 -

340

if (!PACKET_get_1(pkt, (unsigned int *)&s->ext.status_type)) {

!PACKET_get_1(...t.status_type)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 567 times by 1 test Evaluated by: libssl.so.1.1

1-567

341 SSLfatal(s, SSL_AD_DECODE_ERROR, -

342 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

343

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

344 } -

345 -

346

if (s->ext.status_type != TLSEXT_STATUSTYPE_ocsp) {

s->ext.status_type != 1	Description
TRUE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 434 times by 1 test Evaluated by: libssl.so.1.1

133-434

347 /* -

348 * We don't know what to do with any other type so ignore it. -

349 */ -

350 s->ext.status_type = TLSEXT_STATUSTYPE_nothing; -

351

return 1;

executed 133 times by 1 test: return 1;

Executed by:

libssl.so.1.1

133

352 } -

353 -

354

if (!PACKET_get_length_prefixed_2 (pkt, &responder_id_list)) {

!PACKET_get_le...onder_id_list)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 432 times by 1 test Evaluated by: libssl.so.1.1

2-432

355 SSLfatal(s, SSL_AD_DECODE_ERROR, -

356 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

357

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

358 } -

359 -

360 /* -

361 * We remove any OCSP_RESPIDs from a previous handshake -

362 * to prevent unbounded memory growth - CVE-2016-6304 -

363 */ -

364 sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free); -

365

if (PACKET_remaining(&responder_id_list) > 0) {

PACKET_remaini...r_id_list) > 0	Description
TRUE	evaluated 206 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 226 times by 1 test Evaluated by: libssl.so.1.1

206-226

366 s->ext.ocsp.ids = sk_OCSP_RESPID_new_null(); -

367

if (s->ext.ocsp.ids == NULL) {

s->ext.ocsp.ids == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 206 times by 1 test Evaluated by: libssl.so.1.1

0-206

368 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

369 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, ERR_R_MALLOC_FAILURE); -

370

return 0;

never executed: return 0;

371 } -

372

} else {

executed 206 times by 1 test: end of block

Executed by:

libssl.so.1.1

206

373 s->ext.ocsp.ids = NULL; -

374

}

executed 226 times by 1 test: end of block

Executed by:

libssl.so.1.1

226

375 -

376

while (PACKET_remaining(&responder_id_list) > 0) {

PACKET_remaini...r_id_list) > 0	Description
TRUE	evaluated 217 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 228 times by 1 test Evaluated by: libssl.so.1.1

217-228

377 OCSP_RESPID *id; -

378 PACKET responder_id; -

379 const unsigned char *id_data; -

380 -

381

if (!PACKET_get_length_prefixed_2(&responder_id_list, &responder_id)

!PACKET_get_le...&responder_id)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 215 times by 1 test Evaluated by: libssl.so.1.1

2-215

382

|| PACKET_remaining(&responder_id) == 0) {

PACKET_remaini...onder_id) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 214 times by 1 test Evaluated by: libssl.so.1.1

1-214

383 SSLfatal(s, SSL_AD_DECODE_ERROR, -

384 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

385

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

386 } -

387 -

388 id_data = PACKET_data(&responder_id); -

389 /* TODO(size_t): Convert d2i_* to size_t */ -

390 id = d2i_OCSP_RESPID(NULL, &id_data, -

391 (int)PACKET_remaining(&responder_id)); -

392

if (id == NULL) {

id == ((void *)0)	Description
TRUE	evaluated 190 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24 times by 1 test Evaluated by: libssl.so.1.1

24-190

393 SSLfatal(s, SSL_AD_DECODE_ERROR, -

394 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

395

return 0;

executed 190 times by 1 test: return 0;

Executed by:

libssl.so.1.1

190

396 } -

397 -

398

if (id_data != PACKET_end(&responder_id)) {

id_data != PAC...&responder_id)	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1

11-13

399 OCSP_RESPID_free(id); -

400 SSLfatal(s, SSL_AD_DECODE_ERROR, -

401 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

402 -

403

return 0;

executed 11 times by 1 test: return 0;

Executed by:

libssl.so.1.1

404 } -

405 -

406

if (!sk_OCSP_RESPID_push(s->ext.ocsp.ids, id)) {

!sk_OCSP_RESPI....ocsp.ids, id)	Description
TRUE	never evaluated
FALSE	evaluated 13 times by 1 test Evaluated by: libssl.so.1.1

0-13

407 OCSP_RESPID_free(id); -

408 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

409 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); -

410 -

411

return 0;

never executed: return 0;

412 } -

413

}

executed 13 times by 1 test: end of block

Executed by:

libssl.so.1.1

414 -

415 /* Read in request_extensions */ -

416

if (!PACKET_as_length_prefixed_2(pkt, &exts)) {

!PACKET_as_len..._2(pkt, &exts)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 226 times by 1 test Evaluated by: libssl.so.1.1

2-226

417 SSLfatal(s, SSL_AD_DECODE_ERROR, -

418 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

419

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

420 } -

421 -

422

if (PACKET_remaining(&exts) > 0) {

PACKET_remaining(&exts) > 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 220 times by 1 test Evaluated by: libssl.so.1.1

6-220

423 const unsigned char *ext_data = PACKET_data(&exts); -

424 -

425 sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, -

426 X509_EXTENSION_free); -

427 s->ext.ocsp.exts = -

428 d2i_X509_EXTENSIONS(NULL, &ext_data, (int)PACKET_remaining(&exts)); -

429

if (s->ext.ocsp.exts == NULL || ext_data != PACKET_end(&exts)) {

s->ext.ocsp.ex...== ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

ext_data != PACKET_end(&exts)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-4

430 SSLfatal(s, SSL_AD_DECODE_ERROR, -

431 SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST, SSL_R_BAD_EXTENSION); -

432

return 0;

executed 5 times by 1 test: return 0;

Executed by:

libssl.so.1.1

433 } -

434

}

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

435 -

436

return 1;

executed 221 times by 1 test: return 1;

Executed by:

libssl.so.1.1

221

437 } -

438 #endif -

439 -

440 #ifndef OPENSSL_NO_NEXTPROTONEG -

441 int tls_parse_ctos_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

442 size_t chainidx) -

443 { -

444 /* -

445 * We shouldn't accept this extension on a -

446 * renegotiation. -

447 */ -

448

if (SSL_IS_FIRST_HANDSHAKE(s))

(s)->s3->tmp.f...sh_md_len == 0	Description
TRUE	evaluated 30 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->s3->tmp.p...sh_md_len == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-30

449

s->s3->npn_seen = 1;

executed 30 times by 1 test: s->s3->npn_seen = 1;

Executed by:

libssl.so.1.1

450 -

451

return 1;

executed 30 times by 1 test: return 1;

Executed by:

libssl.so.1.1

452 } -

453 #endif -

454 -

455 /* -

456 * Save the ALPN extension in a ClientHello.|pkt| holds the contents of the ALPN -

457 * extension, not including type and length. Returns: 1 on success, 0 on error. -

458 */ -

459 int tls_parse_ctos_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

460 size_t chainidx) -

461 { -

462 PACKET protocol_list, save_protocol_list, protocol; -

463 -

464

if (!SSL_IS_FIRST_HANDSHAKE(s))

(s)->s3->tmp.f...sh_md_len == 0	Description
TRUE	evaluated 76 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->s3->tmp.p...sh_md_len == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0-76

465

return 1;

never executed: return 1;

466 -

467

if (!PACKET_as_length_prefixed_2(pkt, &protocol_list)

!PACKET_as_len...protocol_list)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 74 times by 1 test Evaluated by: libssl.so.1.1

2-74

468

|| PACKET_remaining(&protocol_list) < 2) {

PACKET_remaini...ocol_list) < 2	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 73 times by 1 test Evaluated by: libssl.so.1.1

1-73

469 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_ALPN, -

470 SSL_R_BAD_EXTENSION); -

471

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

472 } -

473 -

474 save_protocol_list = protocol_list; -

475 do { -

476 /* Protocol names can't be empty. */ -

477

if (!PACKET_get_length_prefixed_1(&protocol_list, &protocol)

!PACKET_get_le...st, &protocol)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 333 times by 1 test Evaluated by: libssl.so.1.1

5-333

478

|| PACKET_remaining(&protocol) == 0) {

PACKET_remaini...protocol) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 332 times by 1 test Evaluated by: libssl.so.1.1

1-332

479 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_ALPN, -

480 SSL_R_BAD_EXTENSION); -

481

return 0;

executed 6 times by 1 test: return 0;

Executed by:

libssl.so.1.1

482 } -

483

} while (PACKET_remaining(&protocol_list) != 0);

executed 332 times by 1 test: end of block

Executed by:

libssl.so.1.1

PACKET_remaini...col_list) != 0	Description
TRUE	evaluated 265 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 67 times by 1 test Evaluated by: libssl.so.1.1

67-332

484 -

485 OPENSSL_free(s->s3->alpn_proposed); -

486 s->s3->alpn_proposed = NULL; -

487 s->s3->alpn_proposed_len = 0; -

488

if (!PACKET_memdup(&save_protocol_list,

!PACKET_memdup..._proposed_len)	Description
TRUE	never evaluated
FALSE	evaluated 67 times by 1 test Evaluated by: libssl.so.1.1

0-67

489

&s->s3->alpn_proposed, &s->s3->alpn_proposed_len)) {

!PACKET_memdup..._proposed_len)	Description
TRUE	never evaluated
FALSE	evaluated 67 times by 1 test Evaluated by: libssl.so.1.1

0-67

490 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_ALPN, -

491 ERR_R_INTERNAL_ERROR); -

492

return 0;

never executed: return 0;

493 } -

494 -

495

return 1;

executed 67 times by 1 test: return 1;

Executed by:

libssl.so.1.1

496 } -

497 -

498 #ifndef OPENSSL_NO_SRTP -

499 int tls_parse_ctos_use_srtp(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

500 size_t chainidx) -

501 { -

502 STACK_OF(SRTP_PROTECTION_PROFILE) *srvr; -

503 unsigned int ct, mki_len, id; -

504 int i, srtp_pref; -

505 PACKET subpkt; -

506 -

507 /* Ignore this if we have no SRTP profiles */ -

508

if (SSL_get_srtp_profiles(s) == NULL)

SSL_get_srtp_p...== ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

509

return 1;

never executed: return 1;

510 -

511 /* Pull off the length of the cipher suite list and check it is even */ -

512

if (!PACKET_get_net_2(pkt, &ct) || (ct & 1) != 0

!PACKET_get_net_2(pkt, &ct)	Description
TRUE	never evaluated
FALSE	never evaluated

(ct & 1) != 0	Description
TRUE	never evaluated
FALSE	never evaluated

513

|| !PACKET_get_sub_packet(pkt, &subpkt, ct)) {

!PACKET_get_su..., &subpkt, ct)	Description
TRUE	never evaluated
FALSE	never evaluated

514 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_USE_SRTP, -

515 SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); -

516

return 0;

never executed: return 0;

517 } -

518 -

519 srvr = SSL_get_srtp_profiles(s); -

520 s->srtp_profile = NULL; -

521 /* Search all profiles for a match initially */ -

522 srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr); -

523 -

524

while (PACKET_remaining(&subpkt)) {

PACKET_remaining(&subpkt)	Description
TRUE	never evaluated
FALSE	never evaluated

525

if (!PACKET_get_net_2(&subpkt, &id)) {

!PACKET_get_ne...(&subpkt, &id)	Description
TRUE	never evaluated
FALSE	never evaluated

526 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_USE_SRTP, -

527 SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); -

528

return 0;

never executed: return 0;

529 } -

530 -

531 /* -

532 * Only look for match in profiles of higher preference than -

533 * current match. -

534 * If no profiles have been have been configured then this -

535 * does nothing. -

536 */ -

537

for (i = 0; i < srtp_pref; i++) {

i < srtp_pref	Description
TRUE	never evaluated
FALSE	never evaluated

538 SRTP_PROTECTION_PROFILE *sprof = -

539 sk_SRTP_PROTECTION_PROFILE_value(srvr, i); -

540 -

541

if (sprof->id == id) {

sprof->id == id	Description
TRUE	never evaluated
FALSE	never evaluated

542 s->srtp_profile = sprof; -

543 srtp_pref = i; -

544

break;

never executed: break;

545 } -

546

}

never executed: end of block

547

}

never executed: end of block

548 -

549 /* Now extract the MKI value as a sanity check, but discard it for now */ -

550

if (!PACKET_get_1(pkt, &mki_len)) {

!PACKET_get_1(pkt, &mki_len)	Description
TRUE	never evaluated
FALSE	never evaluated

551 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_USE_SRTP, -

552 SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); -

553

return 0;

never executed: return 0;

554 } -

555 -

556

if (!PACKET_forward(pkt, mki_len)

!PACKET_forward(pkt, mki_len)	Description
TRUE	never evaluated
FALSE	never evaluated

557

|| PACKET_remaining(pkt)) {

PACKET_remaining(pkt)	Description
TRUE	never evaluated
FALSE	never evaluated

558 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_USE_SRTP, -

559 SSL_R_BAD_SRTP_MKI_VALUE); -

560

return 0;

never executed: return 0;

561 } -

562 -

563

return 1;

never executed: return 1;

564 } -

565 #endif -

566 -

567 int tls_parse_ctos_etm(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

568 size_t chainidx) -

569 { -

570

if (!(s->options & SSL_OP_NO_ENCRYPT_THEN_MAC))

!(s->options & 0x00080000U)	Description
TRUE	evaluated 1207 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-1207

571

s->ext.use_etm = 1;

executed 1207 times by 1 test: s->ext.use_etm = 1;

Executed by:

libssl.so.1.1

1207

572 -

573

return 1;

executed 1209 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1209

574 } -

575 -

576 /* -

577 * Process a psk_kex_modes extension received in the ClientHello. |pkt| contains -

578 * the raw PACKET data for the extension. Returns 1 on success or 0 on failure. -

579 */ -

580 int tls_parse_ctos_psk_kex_modes(SSL *s, PACKET *pkt, unsigned int context, -

581 X509 *x, size_t chainidx) -

582 { -

583 #ifndef OPENSSL_NO_TLS1_3 -

584 PACKET psk_kex_modes; -

585 unsigned int mode; -

586 -

587

if (!PACKET_as_length_prefixed_1(pkt, &psk_kex_modes)

!PACKET_as_len...psk_kex_modes)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 836 times by 1 test Evaluated by: libssl.so.1.1

2-836

588

|| PACKET_remaining(&psk_kex_modes) == 0) {

PACKET_remaini...ex_modes) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 834 times by 1 test Evaluated by: libssl.so.1.1

2-834

589 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES, -

590 SSL_R_BAD_EXTENSION); -

591

return 0;

executed 4 times by 1 test: return 0;

Executed by:

libssl.so.1.1

592 } -

593 -

594

while (PACKET_get_1(&psk_kex_modes, &mode)) {

PACKET_get_1(&..._modes, &mode)	Description
TRUE	evaluated 1695 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 834 times by 1 test Evaluated by: libssl.so.1.1

834-1695

595

if (mode == TLSEXT_KEX_MODE_KE_DHE)

mode == 0x01	Description
TRUE	evaluated 910 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 785 times by 1 test Evaluated by: libssl.so.1.1

785-910

596

s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE_DHE;

executed 910 times by 1 test: s->ext.psk_kex_mode |= 2;

Executed by:

libssl.so.1.1

910

597

else if (mode == TLSEXT_KEX_MODE_KE

mode == 0x00	Description
TRUE	evaluated 286 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 499 times by 1 test Evaluated by: libssl.so.1.1

286-499

598

&& (s->options & SSL_OP_ALLOW_NO_DHE_KEX) != 0)

(s->options & ...0000400U) != 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 284 times by 1 test Evaluated by: libssl.so.1.1

2-284

599

s->ext.psk_kex_mode |= TLSEXT_KEX_MODE_FLAG_KE;

executed 2 times by 1 test: s->ext.psk_kex_mode |= 1;

Executed by:

libssl.so.1.1

600

}

executed 1695 times by 1 test: end of block

Executed by:

libssl.so.1.1

1695

601 #endif -

602 -

603

return 1;

executed 834 times by 1 test: return 1;

Executed by:

libssl.so.1.1

834

604 } -

605 -

606 /* -

607 * Process a key_share extension received in the ClientHello. |pkt| contains -

608 * the raw PACKET data for the extension. Returns 1 on success or 0 on failure. -

609 */ -

610 int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

611 size_t chainidx) -

612 { -

613 #ifndef OPENSSL_NO_TLS1_3 -

614 unsigned int group_id; -

615 PACKET key_share_list, encoded_pt; -

616 const uint16_t *clntgroups, *srvrgroups; -

617 size_t clnt_num_groups, srvr_num_groups; -

618 int found = 0; -

619 -

620

if (s->hit && (s->ext.psk_kex_mode & TLSEXT_KEX_MODE_FLAG_KE_DHE) == 0)

s->hit	Description
TRUE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 935 times by 1 test Evaluated by: libssl.so.1.1

(s->ext.psk_kex_mode & 2) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1

1-935

621

return 1;

executed 1 time by 1 test: return 1;

Executed by:

libssl.so.1.1

622 -

623 /* Sanity check */ -

624

if (s->s3->peer_tmp != NULL) {

s->s3->peer_tmp != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1068 times by 1 test Evaluated by: libssl.so.1.1

0-1068

625 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

626 ERR_R_INTERNAL_ERROR); -

627

return 0;

never executed: return 0;

628 } -

629 -

630

if (!PACKET_as_length_prefixed_2(pkt, &key_share_list)) {

!PACKET_as_len...ey_share_list)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1065 times by 1 test Evaluated by: libssl.so.1.1

3-1065

631 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

632 SSL_R_LENGTH_MISMATCH); -

633

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

634 } -

635 -

636 /* Get our list of supported groups */ -

637 tls1_get_supported_groups(s, &srvrgroups, &srvr_num_groups); -

638 /* Get the clients list of supported groups. */ -

639 tls1_get_peer_groups(s, &clntgroups, &clnt_num_groups); -

640

if (clnt_num_groups == 0) {

clnt_num_groups == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1064 times by 1 test Evaluated by: libssl.so.1.1

1-1064

641 /* -

642 * This can only happen if the supported_groups extension was not sent, -

643 * because we verify that the length is non-zero when we process that -

644 * extension. -

645 */ -

646 SSLfatal(s, SSL_AD_MISSING_EXTENSION, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

647 SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION); -

648

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

649 } -

650 -

651

if (s->s3->group_id != 0 && PACKET_remaining(&key_share_list) == 0) {

s->s3->group_id != 0	Description
TRUE	evaluated 41 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1023 times by 1 test Evaluated by: libssl.so.1.1

PACKET_remaini...are_list) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40 times by 1 test Evaluated by: libssl.so.1.1

1-1023

652 /* -

653 * If we set a group_id already, then we must have sent an HRR -

654 * requesting a new key_share. If we haven't got one then that is an -

655 * error -

656 */ -

657 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

658 SSL_R_BAD_KEY_SHARE); -

659

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

660 } -

661 -

662

while (PACKET_remaining(&key_share_list) > 0) {

PACKET_remaini...hare_list) > 0	Description
TRUE	evaluated 1533 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1007 times by 1 test Evaluated by: libssl.so.1.1

1007-1533

663

if (!PACKET_get_net_2(&key_share_list, &group_id)

!PACKET_get_ne...st, &group_id)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1529 times by 1 test Evaluated by: libssl.so.1.1

4-1529

664

|| !PACKET_get_length_prefixed_2(&key_share_list, &encoded_pt)

!PACKET_get_le..., &encoded_pt)	Description
TRUE	evaluated 18 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1511 times by 1 test Evaluated by: libssl.so.1.1

18-1511

665

|| PACKET_remaining(&encoded_pt) == 0) {

PACKET_remaini...coded_pt) == 0	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1503 times by 1 test Evaluated by: libssl.so.1.1

8-1503

666 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

667 SSL_R_LENGTH_MISMATCH); -

668

return 0;

executed 30 times by 1 test: return 0;

Executed by:

libssl.so.1.1

669 } -

670 -

671 /* -

672 * If we already found a suitable key_share we loop through the -

673 * rest to verify the structure, but don't process them. -

674 */ -

675

if (found)

found	Description
TRUE	evaluated 398 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1105 times by 1 test Evaluated by: libssl.so.1.1

398-1105

676

continue;

executed 398 times by 1 test: continue;

Executed by:

libssl.so.1.1

398

677 -

678 /* -

679 * If we sent an HRR then the key_share sent back MUST be for the group -

680 * we requested, and must be the only key_share sent. -

681 */ -

682

if (s->s3->group_id != 0

s->s3->group_id != 0	Description
TRUE	evaluated 40 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1065 times by 1 test Evaluated by: libssl.so.1.1

40-1065

683

&& (group_id != s->s3->group_id

group_id != s->s3->group_id	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 38 times by 1 test Evaluated by: libssl.so.1.1

2-38

684

|| PACKET_remaining(&key_share_list) != 0)) {

PACKET_remaini...are_list) != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 37 times by 1 test Evaluated by: libssl.so.1.1

1-37

685 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

686 SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE); -

687

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

688 } -

689 -

690 /* Check if this share is in supported_groups sent from client */ -

691

if (!check_in_list(s, group_id, clntgroups, clnt_num_groups, 0)) {

!check_in_list...num_groups, 0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1100 times by 1 test Evaluated by: libssl.so.1.1

2-1100

692 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

693 SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_KEY_SHARE); -

694

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

695 } -

696 -

697 /* Check if this share is for a group we can use */ -

698

if (!check_in_list(s, group_id, srvrgroups, srvr_num_groups, 1)) {

!check_in_list...num_groups, 1)	Description
TRUE	evaluated 179 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 921 times by 1 test Evaluated by: libssl.so.1.1

179-921

699 /* Share not suitable */ -

700

continue;

executed 179 times by 1 test: continue;

Executed by:

libssl.so.1.1

179

701 } -

702 -

703

if ((s->s3->peer_tmp = ssl_generate_param_group(group_id)) == NULL) {

(s->s3->peer_t...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 921 times by 1 test Evaluated by: libssl.so.1.1

0-921

704 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, -

705 SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); -

706

return 0;

never executed: return 0;

707 } -

708 -

709 s->s3->group_id = group_id; -

710 -

711

if (!EVP_PKEY_set1_tls_encodedpoint(s->s3->peer_tmp,

!EVP_PKEY_set1...(&encoded_pt))	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 900 times by 1 test Evaluated by: libssl.so.1.1

21-900

712

PACKET_data(&encoded_pt),

!EVP_PKEY_set1...(&encoded_pt))	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 900 times by 1 test Evaluated by: libssl.so.1.1

21-900

713

PACKET_remaining(&encoded_pt))) {

!EVP_PKEY_set1...(&encoded_pt))	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 900 times by 1 test Evaluated by: libssl.so.1.1

21-900

714 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

715 SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_ECPOINT); -

716

return 0;

executed 21 times by 1 test: return 0;

Executed by:

libssl.so.1.1

717 } -

718 -

719 found = 1; -

720

}

executed 900 times by 1 test: end of block

Executed by:

libssl.so.1.1

900

721 #endif -

722 -

723

return 1;

executed 1007 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1007

724 } -

725 -

726 int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

727 size_t chainidx) -

728 { -

729 #ifndef OPENSSL_NO_TLS1_3 -

730 unsigned int format, version, key_share, group_id; -

731 EVP_MD_CTX *hctx; -

732 EVP_PKEY *pkey; -

733 PACKET cookie, raw, chhash, appcookie; -

734 WPACKET hrrpkt; -

735 const unsigned char *data, *mdin, *ciphdata; -

736 unsigned char hmac[SHA256_DIGEST_LENGTH]; -

737 unsigned char hrr[MAX_HRR_SIZE]; -

738 size_t rawlen, hmaclen, hrrlen, ciphlen; -

739 unsigned long tm, now; -

740 -

741 /* Ignore any cookie if we're not set up to verify it */ -

742

if (s->ctx->verify_stateless_cookie_cb == NULL

s->ctx->verify...== ((void *)0)	Description
TRUE	evaluated 4 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-4

743

|| (s->s3->flags & TLS1_FLAGS_STATELESS) == 0)

(s->s3->flags & 0x0800) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

1-2

744

return 1;

executed 6 times by 1 test: return 1;

Executed by:

libssl.so.1.1

745 -

746

if (!PACKET_as_length_prefixed_2(pkt, &cookie)) {

!PACKET_as_len...(pkt, &cookie)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

747 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

748 SSL_R_LENGTH_MISMATCH); -

749

return 0;

never executed: return 0;

750 } -

751 -

752 raw = cookie; -

753 data = PACKET_data(&raw); -

754 rawlen = PACKET_remaining(&raw); -

755

if (rawlen < SHA256_DIGEST_LENGTH

rawlen < 32	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

756

|| !PACKET_forward(&raw, rawlen - SHA256_DIGEST_LENGTH)) {

!PACKET_forwar..., rawlen - 32)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

757 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

758 SSL_R_LENGTH_MISMATCH); -

759

return 0;

never executed: return 0;

760 } -

761 mdin = PACKET_data(&raw); -

762 -

763 /* Verify the HMAC of the cookie */ -

764 hctx = EVP_MD_CTX_create(); -

765 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, -

766 s->session_ctx->ext.cookie_hmac_key, -

767 sizeof(s->session_ctx->ext -

768 .cookie_hmac_key)); -

769

if (hctx == NULL || pkey == NULL) {

hctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

pkey == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

770 EVP_MD_CTX_free(hctx); -

771 EVP_PKEY_free(pkey); -

772 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

773 ERR_R_MALLOC_FAILURE); -

774

return 0;

never executed: return 0;

775 } -

776 -

777 hmaclen = SHA256_DIGEST_LENGTH; -

778

if (EVP_DigestSignInit(hctx, NULL, EVP_sha256(), NULL, pkey) <= 0

EVP_DigestSign...) , pkey) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

779

|| EVP_DigestSign(hctx, hmac, &hmaclen, data,

EVP_DigestSign...len - 32) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

780

rawlen - SHA256_DIGEST_LENGTH) <= 0

EVP_DigestSign...len - 32) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

781

|| hmaclen != SHA256_DIGEST_LENGTH) {

hmaclen != 32	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

782 EVP_MD_CTX_free(hctx); -

783 EVP_PKEY_free(pkey); -

784 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

785 ERR_R_INTERNAL_ERROR); -

786

return 0;

never executed: return 0;

787 } -

788 -

789 EVP_MD_CTX_free(hctx); -

790 EVP_PKEY_free(pkey); -

791 -

792

if (CRYPTO_memcmp(hmac, mdin, SHA256_DIGEST_LENGTH) != 0) {

CRYPTO_memcmp(...mdin, 32) != 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

793 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_COOKIE, -

794 SSL_R_COOKIE_MISMATCH); -

795

return 0;

never executed: return 0;

796 } -

797 -

798

if (!PACKET_get_net_2(&cookie, &format)) {

!PACKET_get_ne...okie, &format)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

799 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

800 SSL_R_LENGTH_MISMATCH); -

801

return 0;

never executed: return 0;

802 } -

803 /* Check the cookie format is something we recognise. Ignore it if not */ -

804

if (format != COOKIE_STATE_FORMAT_VERSION)

format != 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

805

return 1;

never executed: return 1;

806 -

807 /* -

808 * The rest of these checks really shouldn't fail since we have verified the -

809 * HMAC above. -

810 */ -

811 -

812 /* Check the version number is sane */ -

813

if (!PACKET_get_net_2(&cookie, &version)) {

!PACKET_get_ne...kie, &version)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

814 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

815 SSL_R_LENGTH_MISMATCH); -

816

return 0;

never executed: return 0;

817 } -

818

if (version != TLS1_3_VERSION) {

version != 0x0304	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

819 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_COOKIE, -

820 SSL_R_BAD_PROTOCOL_VERSION_NUMBER); -

821

return 0;

never executed: return 0;

822 } -

823 -

824

if (!PACKET_get_net_2(&cookie, &group_id)) {

!PACKET_get_ne...ie, &group_id)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

825 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

826 SSL_R_LENGTH_MISMATCH); -

827

return 0;

never executed: return 0;

828 } -

829 -

830 ciphdata = PACKET_data(&cookie); -

831

if (!PACKET_forward(&cookie, 2)) {

!PACKET_forward(&cookie, 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

832 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

833 SSL_R_LENGTH_MISMATCH); -

834

return 0;

never executed: return 0;

835 } -

836

if (group_id != s->s3->group_id

group_id != s->s3->group_id	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

837

|| s->s3->tmp.new_cipher

s->s3->tmp.new..., ciphdata, 0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

838

!= ssl_get_cipher_by_char(s, ciphdata, 0)) {

s->s3->tmp.new..., ciphdata, 0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

839 /* -

840 * We chose a different cipher or group id this time around to what is -

841 * in the cookie. Something must have changed. -

842 */ -

843 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_COOKIE, -

844 SSL_R_BAD_CIPHER); -

845

return 0;

never executed: return 0;

846 } -

847 -

848

if (!PACKET_get_1(&cookie, &key_share)

!PACKET_get_1(...e, &key_share)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

849

|| !PACKET_get_net_4(&cookie, &tm)

!PACKET_get_ne...(&cookie, &tm)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

850

|| !PACKET_get_length_prefixed_2(&cookie, &chhash)

!PACKET_get_le...okie, &chhash)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

851

|| !PACKET_get_length_prefixed_1(&cookie, &appcookie)

!PACKET_get_le...e, &appcookie)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

852

|| PACKET_remaining(&cookie) != SHA256_DIGEST_LENGTH) {

PACKET_remaini...&cookie) != 32	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

853 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

854 SSL_R_LENGTH_MISMATCH); -

855

return 0;

never executed: return 0;

856 } -

857 -

858 /* We tolerate a cookie age of up to 10 minutes (= 60 * 10 seconds) */ -

859 now = (unsigned long)time(NULL); -

860

if (tm > now || (now - tm) > 600) {

tm > now	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

(now - tm) > 600	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

861 /* Cookie is stale. Ignore it */ -

862

return 1;

never executed: return 1;

863 } -

864 -

865 /* Verify the app cookie */ -

866

if (s->ctx->verify_stateless_cookie_cb(s, PACKET_data(&appcookie),

s->ctx->verify...pcookie)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

867

PACKET_remaining(&appcookie)) == 0) {

s->ctx->verify...pcookie)) == 0	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

868 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_COOKIE, -

869 SSL_R_COOKIE_MISMATCH); -

870

return 0;

never executed: return 0;

871 } -

872 -

873 /* -

874 * Reconstruct the HRR that we would have sent in response to the original -

875 * ClientHello so we can add it to the transcript hash. -

876 * Note: This won't work with custom HRR extensions -

877 */ -

878

if (!WPACKET_init_static_len(&hrrpkt, hrr, sizeof(hrr), 0)) {

!WPACKET_init_...izeof(hrr), 0)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

879 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

880 ERR_R_INTERNAL_ERROR); -

881

return 0;

never executed: return 0;

882 } -

883

if (!WPACKET_put_bytes_u8(&hrrpkt, SSL3_MT_SERVER_HELLO)

!WPACKET_put_b...rpkt), (2), 1)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

884

|| !WPACKET_start_sub_packet_u24(&hrrpkt)

!WPACKET_start...((&hrrpkt), 3)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

885

|| !WPACKET_put_bytes_u16(&hrrpkt, TLS1_2_VERSION)

!WPACKET_put_b..., (0x0303), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

886

|| !WPACKET_memcpy(&hrrpkt, hrrrandom, SSL3_RANDOM_SIZE)

!WPACKET_memcp...hrrrandom, 32)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

887

|| !WPACKET_sub_memcpy_u8(&hrrpkt, s->tmp_session_id,

!WPACKET_sub_m...on_id_len), 1)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

888 s->tmp_session_id_len) -

889

|| !s->method->put_cipher_by_char(s->s3->tmp.new_cipher, &hrrpkt,

!s->method->pu...pkt, &ciphlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

890

&ciphlen)

!s->method->pu...pkt, &ciphlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

891

|| !WPACKET_put_bytes_u8(&hrrpkt, 0)

!WPACKET_put_b...rpkt), (0), 1)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

892

|| !WPACKET_start_sub_packet_u16(&hrrpkt)) {

!WPACKET_start...((&hrrpkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

893 WPACKET_cleanup(&hrrpkt); -

894 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

895 ERR_R_INTERNAL_ERROR); -

896

return 0;

never executed: return 0;

897 } -

898

if (!WPACKET_put_bytes_u16(&hrrpkt, TLSEXT_TYPE_supported_versions)

!WPACKET_put_b...pkt), (43), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

899

|| !WPACKET_start_sub_packet_u16(&hrrpkt)

!WPACKET_start...((&hrrpkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

900

|| !WPACKET_put_bytes_u16(&hrrpkt, s->version)

!WPACKET_put_b...->version), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

901

|| !WPACKET_close(&hrrpkt)) {

!WPACKET_close(&hrrpkt)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

902 WPACKET_cleanup(&hrrpkt); -

903 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

904 ERR_R_INTERNAL_ERROR); -

905

return 0;

never executed: return 0;

906 } -

907

if (key_share) {

key_share	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

908

if (!WPACKET_put_bytes_u16(&hrrpkt, TLSEXT_TYPE_key_share)

!WPACKET_put_b...pkt), (51), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

909

|| !WPACKET_start_sub_packet_u16(&hrrpkt)

!WPACKET_start...((&hrrpkt), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

910

|| !WPACKET_put_bytes_u16(&hrrpkt, s->s3->group_id)

!WPACKET_put_b...>group_id), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

911

|| !WPACKET_close(&hrrpkt)) {

!WPACKET_close(&hrrpkt)	Description
TRUE	never evaluated
FALSE	never evaluated

912 WPACKET_cleanup(&hrrpkt); -

913 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

914 ERR_R_INTERNAL_ERROR); -

915

return 0;

never executed: return 0;

916 } -

917

}

never executed: end of block

918

if (!WPACKET_put_bytes_u16(&hrrpkt, TLSEXT_TYPE_cookie)

!WPACKET_put_b...pkt), (44), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

919

|| !WPACKET_start_sub_packet_u16(&hrrpkt)

!WPACKET_start...((&hrrpkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

920

|| !WPACKET_sub_memcpy_u16(&hrrpkt, data, rawlen)

!WPACKET_sub_m..., (rawlen), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

921

|| !WPACKET_close(&hrrpkt) /* cookie extension */

!WPACKET_close(&hrrpkt)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

922

|| !WPACKET_close(&hrrpkt) /* extension block */

!WPACKET_close(&hrrpkt)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

923

|| !WPACKET_close(&hrrpkt) /* message */

!WPACKET_close(&hrrpkt)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

924

|| !WPACKET_get_total_written(&hrrpkt, &hrrlen)

!WPACKET_get_t...rpkt, &hrrlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

925

|| !WPACKET_finish(&hrrpkt)) {

!WPACKET_finish(&hrrpkt)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

926 WPACKET_cleanup(&hrrpkt); -

927 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_COOKIE, -

928 ERR_R_INTERNAL_ERROR); -

929

return 0;

never executed: return 0;

930 } -

931 -

932 /* Reconstruct the transcript hash */ -

933

if (!create_synthetic_message_hash(s, PACKET_data(&chhash),

!create_synthe..., hrr, hrrlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

934

PACKET_remaining(&chhash), hrr,

!create_synthe..., hrr, hrrlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

935

hrrlen)) {

!create_synthe..., hrr, hrrlen)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

936 /* SSLfatal() already called */ -

937

return 0;

never executed: return 0;

938 } -

939 -

940 /* Act as if this ClientHello came after a HelloRetryRequest */ -

941 s->hello_retry_request = 1; -

942 -

943 s->ext.cookieok = 1; -

944 #endif -

945 -

946

return 1;

executed 1 time by 1 test: return 1;

Executed by:

libssl.so.1.1

947 } -

948 -

949 #ifndef OPENSSL_NO_EC -

950 int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context, -

951 X509 *x, size_t chainidx) -

952 { -

953 PACKET supported_groups_list; -

954 -

955 /* Each group is 2 bytes and we must have at least 1. */ -

956

if (!PACKET_as_length_prefixed_2(pkt, &supported_groups_list)

!PACKET_as_len...d_groups_list)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2514 times by 1 test Evaluated by: libssl.so.1.1

5-2514

957

|| PACKET_remaining(&supported_groups_list) == 0

PACKET_remaini...ups_list) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2513 times by 1 test Evaluated by: libssl.so.1.1

1-2513

958

|| (PACKET_remaining(&supported_groups_list) % 2) != 0) {

(PACKET_remain...ist) % 2) != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2512 times by 1 test Evaluated by: libssl.so.1.1

1-2512

959 SSLfatal(s, SSL_AD_DECODE_ERROR, -

960 SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS, SSL_R_BAD_EXTENSION); -

961

return 0;

executed 7 times by 1 test: return 0;

Executed by:

libssl.so.1.1

962 } -

963 -

964

if (!s->hit || SSL_IS_TLS13(s)) {

!s->hit	Description
TRUE	evaluated 2306 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 206 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 190 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 56 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2306

965 OPENSSL_free(s->session->ext.supportedgroups); -

966 s->session->ext.supportedgroups = NULL; -

967 s->session->ext.supportedgroups_len = 0; -

968

if (!tls1_save_u16(&supported_groups_list,

!tls1_save_u16...tedgroups_len)	Description
TRUE	never evaluated
FALSE	evaluated 2440 times by 1 test Evaluated by: libssl.so.1.1

0-2440

969

&s->session->ext.supportedgroups,

!tls1_save_u16...tedgroups_len)	Description
TRUE	never evaluated
FALSE	evaluated 2440 times by 1 test Evaluated by: libssl.so.1.1

0-2440

970

&s->session->ext.supportedgroups_len)) {

!tls1_save_u16...tedgroups_len)	Description
TRUE	never evaluated
FALSE	evaluated 2440 times by 1 test Evaluated by: libssl.so.1.1

0-2440

971 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

972 SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS, -

973 ERR_R_INTERNAL_ERROR); -

974

return 0;

never executed: return 0;

975 } -

976

}

executed 2440 times by 1 test: end of block

Executed by:

libssl.so.1.1

2440

977 -

978

return 1;

executed 2512 times by 1 test: return 1;

Executed by:

libssl.so.1.1

2512

979 } -

980 #endif -

981 -

982 int tls_parse_ctos_ems(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

983 size_t chainidx) -

984 { -

985 /* The extension must always be empty */ -

986

if (PACKET_remaining(pkt) != 0) {

PACKET_remaining(pkt) != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1390 times by 1 test Evaluated by: libssl.so.1.1

1-1390

987 SSLfatal(s, SSL_AD_DECODE_ERROR, -

988 SSL_F_TLS_PARSE_CTOS_EMS, SSL_R_BAD_EXTENSION); -

989

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

990 } -

991 -

992 s->s3->flags |= TLS1_FLAGS_RECEIVED_EXTMS; -

993 -

994

return 1;

executed 1390 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1390

995 } -

996 -

997 -

998 int tls_parse_ctos_early_data(SSL *s, PACKET *pkt, unsigned int context, -

999 X509 *x, size_t chainidx) -

1000 { -

1001

if (PACKET_remaining(pkt) != 0) {

PACKET_remaining(pkt) != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 217 times by 1 test Evaluated by: libssl.so.1.1

1-217

1002 SSLfatal(s, SSL_AD_DECODE_ERROR, -

1003 SSL_F_TLS_PARSE_CTOS_EARLY_DATA, SSL_R_BAD_EXTENSION); -

1004

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

1005 } -

1006 -

1007

if (s->hello_retry_request != SSL_HRR_NONE) {

s->hello_retry...= SSL_HRR_NONE	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 216 times by 1 test Evaluated by: libssl.so.1.1

1-216

1008 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, -

1009 SSL_F_TLS_PARSE_CTOS_EARLY_DATA, SSL_R_BAD_EXTENSION); -

1010

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

1011 } -

1012 -

1013

return 1;

executed 216 times by 1 test: return 1;

Executed by:

libssl.so.1.1

216

1014 } -

1015 -

1016 static SSL_TICKET_STATUS tls_get_stateful_ticket(SSL *s, PACKET *tick, -

1017 SSL_SESSION **sess) -

1018 { -

1019 SSL_SESSION *tmpsess = NULL; -

1020 -

1021 s->ext.ticket_expected = 1; -

1022 -

1023 switch (PACKET_remaining(tick)) { -

1024

case 0:

never executed: case 0:

1025

return SSL_TICKET_EMPTY;

never executed: return 3;

1026 -

1027

case SSL_MAX_SSL_SESSION_ID_LENGTH:

executed 54 times by 1 test: case 32:

Executed by:

libssl.so.1.1

1028

break;

executed 54 times by 1 test: break;

Executed by:

libssl.so.1.1

1029 -

1030

default:

executed 2 times by 1 test: default:

Executed by:

libssl.so.1.1

1031

return SSL_TICKET_NO_DECRYPT;

executed 2 times by 1 test: return 4;

Executed by:

libssl.so.1.1

1032 } -

1033 -

1034 tmpsess = lookup_sess_in_cache(s, PACKET_data(tick), -

1035 SSL_MAX_SSL_SESSION_ID_LENGTH); -

1036 -

1037

if (tmpsess == NULL)

tmpsess == ((void *)0)	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 40 times by 1 test Evaluated by: libssl.so.1.1

14-40

1038

return SSL_TICKET_NO_DECRYPT;

executed 14 times by 1 test: return 4;

Executed by:

libssl.so.1.1

1039 -

1040 *sess = tmpsess; -

1041

return SSL_TICKET_SUCCESS;

executed 40 times by 1 test: return 5;

Executed by:

libssl.so.1.1

1042 } -

1043 -

1044 int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x, -

1045 size_t chainidx) -

1046 { -

1047 PACKET identities, binders, binder; -

1048 size_t binderoffset, hashsize; -

1049 SSL_SESSION *sess = NULL; -

1050 unsigned int id, i, ext = 0; -

1051 const EVP_MD *md = NULL; -

1052 -

1053 /* -

1054 * If we have no PSK kex mode that we recognise then we can't resume so -

1055 * ignore this extension -

1056 */ -

1057

if ((s->ext.psk_kex_mode

(s->ext.psk_ke... (1 \| 2)) == 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 184 times by 1 test Evaluated by: libssl.so.1.1

3-184

1058

& (TLSEXT_KEX_MODE_FLAG_KE | TLSEXT_KEX_MODE_FLAG_KE_DHE)) == 0)

(s->ext.psk_ke... (1 \| 2)) == 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 184 times by 1 test Evaluated by: libssl.so.1.1

3-184

1059

return 1;

executed 3 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1060 -

1061

if (!PACKET_get_length_prefixed_2(pkt, &identities)) {

!PACKET_get_le..., &identities)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 182 times by 1 test Evaluated by: libssl.so.1.1

2-182

1062 SSLfatal(s, SSL_AD_DECODE_ERROR, -

1063 SSL_F_TLS_PARSE_CTOS_PSK, SSL_R_BAD_EXTENSION); -

1064

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1065 } -

1066 -

1067 s->ext.ticket_expected = 0; -

1068

for (id = 0; PACKET_remaining(&identities) != 0; id++) {

PACKET_remaini...entities) != 0	Description
TRUE	evaluated 185 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 38 times by 1 test Evaluated by: libssl.so.1.1

38-185

1069 PACKET identity; -

1070 unsigned long ticket_agel; -

1071 size_t idlen; -

1072 -

1073

if (!PACKET_get_length_prefixed_2(&identities, &identity)

!PACKET_get_le...es, &identity)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 183 times by 1 test Evaluated by: libssl.so.1.1

2-183

1074

|| !PACKET_get_net_4(&identities, &ticket_agel)) {

!PACKET_get_ne... &ticket_agel)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 182 times by 1 test Evaluated by: libssl.so.1.1

1-182

1075 SSLfatal(s, SSL_AD_DECODE_ERROR, -

1076 SSL_F_TLS_PARSE_CTOS_PSK, SSL_R_BAD_EXTENSION); -

1077

return 0;

executed 3 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1078 } -

1079 -

1080 idlen = PACKET_remaining(&identity); -

1081

if (s->psk_find_session_cb != NULL

s->psk_find_se...!= ((void *)0)	Description
TRUE	evaluated 25 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 157 times by 1 test Evaluated by: libssl.so.1.1

25-157

1082

&& !s->psk_find_session_cb(s, PACKET_data(&identity), idlen,

!s->psk_find_s... idlen, &sess)	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libssl.so.1.1

0-25

1083

&sess)) {

!s->psk_find_s... idlen, &sess)	Description
TRUE	never evaluated
FALSE	evaluated 25 times by 1 test Evaluated by: libssl.so.1.1

0-25

1084 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1085 SSL_F_TLS_PARSE_CTOS_PSK, SSL_R_BAD_EXTENSION); -

1086

return 0;

never executed: return 0;

1087 } -

1088 -

1089 #ifndef OPENSSL_NO_PSK -

1090

if(sess == NULL

sess == ((void *)0)	Description
TRUE	evaluated 162 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 20 times by 1 test Evaluated by: libssl.so.1.1

20-162

1091

&& s->psk_server_callback != NULL

s->psk_server_...!= ((void *)0)	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 154 times by 1 test Evaluated by: libssl.so.1.1

8-154

1092

&& idlen <= PSK_MAX_IDENTITY_LEN) {

idlen <= 128	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-8

1093 char *pskid = NULL; -

1094 unsigned char pskdata[PSK_MAX_PSK_LEN]; -

1095 unsigned int pskdatalen; -

1096 -

1097

if (!PACKET_strndup(&identity, &pskid)) {

!PACKET_strndu...ntity, &pskid)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

1098 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1099 ERR_R_INTERNAL_ERROR); -

1100

return 0;

never executed: return 0;

1101 } -

1102 pskdatalen = s->psk_server_callback(s, pskid, pskdata, -

1103 sizeof(pskdata)); -

1104 OPENSSL_free(pskid); -

1105

if (pskdatalen > PSK_MAX_PSK_LEN) {

pskdatalen > 256	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

1106 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1107 ERR_R_INTERNAL_ERROR); -

1108

return 0;

never executed: return 0;

1109

} else if (pskdatalen > 0) {

pskdatalen > 0	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-6

1110 const SSL_CIPHER *cipher; -

1111 const unsigned char tls13_aes128gcmsha256_id[] = { 0x13, 0x01 }; -

1112 -

1113 /* -

1114 * We found a PSK using an old style callback. We don't know -

1115 * the digest so we default to SHA256 as per the TLSv1.3 spec -

1116 */ -

1117 cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id); -

1118

if (cipher == NULL) {

cipher == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1119 OPENSSL_cleanse(pskdata, pskdatalen); -

1120 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1121 ERR_R_INTERNAL_ERROR); -

1122

return 0;

never executed: return 0;

1123 } -

1124 -

1125 sess = SSL_SESSION_new(); -

1126

if (sess == NULL

sess == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1127

|| !SSL_SESSION_set1_master_key(sess, pskdata,

!SSL_SESSION_s...a, pskdatalen)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1128

pskdatalen)

!SSL_SESSION_s...a, pskdatalen)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1129

|| !SSL_SESSION_set_cipher(sess, cipher)

!SSL_SESSION_s...(sess, cipher)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1130

|| !SSL_SESSION_set_protocol_version(sess,

!SSL_SESSION_s...(sess, 0x0304)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1131

TLS1_3_VERSION)) {

!SSL_SESSION_s...(sess, 0x0304)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-6

1132 OPENSSL_cleanse(pskdata, pskdatalen); -

1133 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1134 ERR_R_INTERNAL_ERROR); -

1135

goto err;

never executed: goto err;

1136 } -

1137 OPENSSL_cleanse(pskdata, pskdatalen); -

1138

}

executed 6 times by 1 test: end of block

Executed by:

libssl.so.1.1

1139

}

executed 8 times by 1 test: end of block

Executed by:

libssl.so.1.1

1140 #endif /* OPENSSL_NO_PSK */ -

1141 -

1142

if (sess != NULL) {

sess != ((void *)0)	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 156 times by 1 test Evaluated by: libssl.so.1.1

26-156

1143 /* We found a PSK */ -

1144 SSL_SESSION *sesstmp = ssl_session_dup(sess, 0); -

1145 -

1146

if (sesstmp == NULL) {

sesstmp == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 26 times by 1 test Evaluated by: libssl.so.1.1

0-26

1147 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1148 SSL_F_TLS_PARSE_CTOS_PSK, ERR_R_INTERNAL_ERROR); -

1149

return 0;

never executed: return 0;

1150 } -

1151 SSL_SESSION_free(sess); -

1152 sess = sesstmp; -

1153 -

1154 /* -

1155 * We've just been told to use this session for this context so -

1156 * make sure the sid_ctx matches up. -

1157 */ -

1158 memcpy(sess->sid_ctx, s->sid_ctx, s->sid_ctx_length); -

1159 sess->sid_ctx_length = s->sid_ctx_length; -

1160 ext = 1; -

1161

if (id == 0)

id == 0	Description
TRUE	evaluated 26 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-26

1162

s->ext.early_data_ok = 1;

executed 26 times by 1 test: s->ext.early_data_ok = 1;

Executed by:

libssl.so.1.1

1163 s->ext.ticket_expected = 1; -

1164

} else {

executed 26 times by 1 test: end of block

Executed by:

libssl.so.1.1

1165 uint32_t ticket_age = 0, now, agesec, agems; -

1166 int ret; -

1167 -

1168 /* -

1169 * If we are using anti-replay protection then we behave as if -

1170 * SSL_OP_NO_TICKET is set - we are caching tickets anyway so there -

1171 * is no point in using full stateless tickets. -

1172 */ -

1173

if ((s->options & SSL_OP_NO_TICKET) != 0

(s->options & ...0004000U) != 0	Description
TRUE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 145 times by 1 test Evaluated by: libssl.so.1.1

11-145

1174

|| (s->max_early_data > 0

s->max_early_data > 0	Description
TRUE	evaluated 61 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 84 times by 1 test Evaluated by: libssl.so.1.1

61-84

1175

&& (s->options & SSL_OP_NO_ANTI_REPLAY) == 0))

(s->options & ...1000000U) == 0	Description
TRUE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1

16-45

1176

ret = tls_get_stateful_ticket(s, &identity, &sess);

executed 56 times by 1 test: ret = tls_get_stateful_ticket(s, &identity, &sess);

Executed by:

libssl.so.1.1

1177 else -

1178

ret = tls_decrypt_ticket(s, PACKET_data(&identity),

executed 100 times by 1 test: ret = tls_decrypt_ticket(s, PACKET_data(&identity), PACKET_remaining(&identity), ((void *)0) , 0, &sess);

Executed by:

libssl.so.1.1

100

1179

PACKET_remaining(&identity), NULL, 0,

executed 100 times by 1 test: ret = tls_decrypt_ticket(s, PACKET_data(&identity), PACKET_remaining(&identity), ((void *)0) , 0, &sess);

Executed by:

libssl.so.1.1

100

1180

&sess);

executed 100 times by 1 test: ret = tls_decrypt_ticket(s, PACKET_data(&identity), PACKET_remaining(&identity), ((void *)0) , 0, &sess);

Executed by:

libssl.so.1.1

100

1181 -

1182

if (ret == SSL_TICKET_EMPTY) {

ret == 3	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 154 times by 1 test Evaluated by: libssl.so.1.1

2-154

1183 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1184 SSL_R_BAD_EXTENSION); -

1185

return 0;

executed 2 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1186 } -

1187 -

1188

if (ret == SSL_TICKET_FATAL_ERR_MALLOC

ret == 0	Description
TRUE	never evaluated
FALSE	evaluated 154 times by 1 test Evaluated by: libssl.so.1.1

0-154

1189

|| ret == SSL_TICKET_FATAL_ERR_OTHER) {

ret == 1	Description
TRUE	never evaluated
FALSE	evaluated 154 times by 1 test Evaluated by: libssl.so.1.1

0-154

1190 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1191 SSL_F_TLS_PARSE_CTOS_PSK, ERR_R_INTERNAL_ERROR); -

1192

return 0;

never executed: return 0;

1193 } -

1194

if (ret == SSL_TICKET_NONE || ret == SSL_TICKET_NO_DECRYPT)

ret == 2	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 153 times by 1 test Evaluated by: libssl.so.1.1

ret == 4	Description
TRUE	evaluated 35 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 118 times by 1 test Evaluated by: libssl.so.1.1

1-153

1195

continue;

executed 36 times by 1 test: continue;

Executed by:

libssl.so.1.1

1196 -

1197 /* Check for replay */ -

1198

if (s->max_early_data > 0

s->max_early_data > 0	Description
TRUE	evaluated 48 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 70 times by 1 test Evaluated by: libssl.so.1.1

48-70

1199

&& (s->options & SSL_OP_NO_ANTI_REPLAY) == 0

(s->options & ...1000000U) == 0	Description
TRUE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1

16-32

1200

&& !SSL_CTX_remove_session(s->session_ctx, sess)) {

!SSL_CTX_remov...ion_ctx, sess)	Description
TRUE	never evaluated
FALSE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1

0-32

1201 SSL_SESSION_free(sess); -

1202 sess = NULL; -

1203

continue;

never executed: continue;

1204 } -

1205 -

1206 ticket_age = (uint32_t)ticket_agel; -

1207 now = (uint32_t)time(NULL); -

1208 agesec = now - (uint32_t)sess->time; -

1209 agems = agesec * (uint32_t)1000; -

1210 ticket_age -= sess->ext.tick_age_add; -

1211 -

1212 /* -

1213 * For simplicity we do our age calculations in seconds. If the -

1214 * client does it in ms then it could appear that their ticket age -

1215 * is longer than ours (our ticket age calculation should always be -

1216 * slightly longer than the client's due to the network latency). -

1217 * Therefore we add 1000ms to our age calculation to adjust for -

1218 * rounding errors. -

1219 */ -

1220

if (id == 0

id == 0	Description
TRUE	evaluated 118 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-118

1221

&& sess->timeout >= (long)agesec

sess->timeout >= (long)agesec	Description
TRUE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

5-113

1222

&& agems / (uint32_t)1000 == agesec

agems / (uint3...1000 == agesec	Description
TRUE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-113

1223

&& ticket_age <= agems + 1000

ticket_age <= agems + 1000	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

7-106

1224

&& ticket_age + TICKET_AGE_ALLOWANCE >= agems + 1000) {

ticket_age + (...= agems + 1000	Description
TRUE	evaluated 106 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-106

1225 /* -

1226 * Ticket age is within tolerance and not expired. We allow it -

1227 * for early data -

1228 */ -

1229 s->ext.early_data_ok = 1; -

1230

}

executed 106 times by 1 test: end of block

Executed by:

libssl.so.1.1

106

1231

}

executed 118 times by 1 test: end of block

Executed by:

libssl.so.1.1

118

1232 -

1233 md = ssl_md(sess->cipher->algorithm2); -

1234

if (md != ssl_md(s->s3->tmp.new_cipher->algorithm2)) {

md != ssl_md(s...r->algorithm2)	Description
TRUE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 139 times by 1 test Evaluated by: libssl.so.1.1

5-139

1235 /* The ciphersuite is not compatible with this session. */ -

1236 SSL_SESSION_free(sess); -

1237 sess = NULL; -

1238 s->ext.early_data_ok = 0; -

1239 s->ext.ticket_expected = 0; -

1240

continue;

executed 5 times by 1 test: continue;

Executed by:

libssl.so.1.1

1241 } -

1242

break;

executed 139 times by 1 test: break;

Executed by:

libssl.so.1.1

139

1243 } -

1244 -

1245

if (sess == NULL)

sess == ((void *)0)	Description
TRUE	evaluated 38 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 139 times by 1 test Evaluated by: libssl.so.1.1

38-139

1246

return 1;

executed 38 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1247 -

1248 binderoffset = PACKET_data(pkt) - (const unsigned char *)s->init_buf->data; -

1249 hashsize = EVP_MD_size(md); -

1250 -

1251

if (!PACKET_get_length_prefixed_2(pkt, &binders)) {

!PACKET_get_le...pkt, &binders)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 137 times by 1 test Evaluated by: libssl.so.1.1

2-137

1252 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1253 SSL_R_BAD_EXTENSION); -

1254

goto err;

executed 2 times by 1 test: goto err;

Executed by:

libssl.so.1.1

1255 } -

1256 -

1257

for (i = 0; i <= id; i++) {

i <= id	Description
TRUE	evaluated 137 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 135 times by 1 test Evaluated by: libssl.so.1.1

135-137

1258

if (!PACKET_get_length_prefixed_1(&binders, &binder)) {

!PACKET_get_le...ders, &binder)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 135 times by 1 test Evaluated by: libssl.so.1.1

2-135

1259 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1260 SSL_R_BAD_EXTENSION); -

1261

goto err;

executed 2 times by 1 test: goto err;

Executed by:

libssl.so.1.1

1262 } -

1263

}

executed 135 times by 1 test: end of block

Executed by:

libssl.so.1.1

135

1264 -

1265

if (PACKET_remaining(&binder) != hashsize) {

PACKET_remaini...r) != hashsize	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 134 times by 1 test Evaluated by: libssl.so.1.1

1-134

1266 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_PSK, -

1267 SSL_R_BAD_EXTENSION); -

1268

goto err;

executed 1 time by 1 test: goto err;

Executed by:

libssl.so.1.1

1269 } -

1270

if (tls_psk_do_binder(s, md, (const unsigned char *)s->init_buf->data,

tls_psk_do_bin..., 0, ext) != 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1

1-133

1271

binderoffset, PACKET_data(&binder), NULL, sess, 0,

tls_psk_do_bin..., 0, ext) != 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1

1-133

1272

ext) != 1) {

tls_psk_do_bin..., 0, ext) != 1	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1

1-133

1273 /* SSLfatal() already called */ -

1274

goto err;

executed 1 time by 1 test: goto err;

Executed by:

libssl.so.1.1

1275 } -

1276 -

1277 sess->ext.tick_identity = id; -

1278 -

1279 SSL_SESSION_free(s->session); -

1280 s->session = sess; -

1281

return 1;

executed 133 times by 1 test: return 1;

Executed by:

libssl.so.1.1

133

1282 err: -

1283 SSL_SESSION_free(sess); -

1284

return 0;

executed 6 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1285 } -

1286 -

1287 int tls_parse_ctos_post_handshake_auth(SSL *s, PACKET *pkt, unsigned int context, -

1288 X509 *x, size_t chainidx) -

1289 { -

1290

if (PACKET_remaining(pkt) != 0) {

PACKET_remaining(pkt) != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 48 times by 1 test Evaluated by: libssl.so.1.1

1-48

1291 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH, -

1292 SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR); -

1293

return 0;

executed 1 time by 1 test: return 0;

Executed by:

libssl.so.1.1

1294 } -

1295 -

1296 s->post_handshake_auth = SSL_PHA_EXT_RECEIVED; -

1297 -

1298

return 1;

executed 48 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1299 } -

1300 -

1301 /* -

1302 * Add the server's renegotiation binding -

1303 */ -

1304 EXT_RETURN tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt, -

1305 unsigned int context, X509 *x, -

1306 size_t chainidx) -

1307 { -

1308

if (!s->s3->send_connection_binding)

!s->s3->send_c...ection_binding	Description
TRUE	evaluated 157 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

157-1353

1309

return EXT_RETURN_NOT_SENT;

executed 157 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

157

1310 -

1311 /* Still add this even if SSL_OP_NO_RENEGOTIATION is set */ -

1312

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)

!WPACKET_put_b..., (0xff01), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1313

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1314

|| !WPACKET_start_sub_packet_u8(pkt)

!WPACKET_start...en__((pkt), 1)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1315

|| !WPACKET_memcpy(pkt, s->s3->previous_client_finished,

!WPACKET_memcp..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1316

s->s3->previous_client_finished_len)

!WPACKET_memcp..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1317

|| !WPACKET_memcpy(pkt, s->s3->previous_server_finished,

!WPACKET_memcp..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1318

s->s3->previous_server_finished_len)

!WPACKET_memcp..._finished_len)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1319

|| !WPACKET_close(pkt)

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1320

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 1353 times by 1 test Evaluated by: libssl.so.1.1

0-1353

1321 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE, -

1322 ERR_R_INTERNAL_ERROR); -

1323

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1324 } -

1325 -

1326

return EXT_RETURN_SENT;

executed 1353 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1353

1327 } -

1328 -

1329 EXT_RETURN tls_construct_stoc_server_name(SSL *s, WPACKET *pkt, -

1330 unsigned int context, X509 *x, -

1331 size_t chainidx) -

1332 { -

1333

if (s->hit || s->servername_done != 1

s->hit	Description
TRUE	evaluated 195 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2169 times by 1 test Evaluated by: libssl.so.1.1

s->servername_done != 1	Description
TRUE	evaluated 2138 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 31 times by 1 test Evaluated by: libssl.so.1.1

31-2169

1334

|| s->ext.hostname == NULL)

s->ext.hostname == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 31 times by 1 test Evaluated by: libssl.so.1.1

0-31

1335

return EXT_RETURN_NOT_SENT;

executed 2333 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

2333

1336 -

1337

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_server_name)

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 31 times by 1 test Evaluated by: libssl.so.1.1

0-31

1338

|| !WPACKET_put_bytes_u16(pkt, 0)) {

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 31 times by 1 test Evaluated by: libssl.so.1.1

0-31

1339 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME, -

1340 ERR_R_INTERNAL_ERROR); -

1341

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1342 } -

1343 -

1344

return EXT_RETURN_SENT;

executed 31 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1345 } -

1346 -

1347 /* Add/include the server's max fragment len extension into ServerHello */ -

1348 EXT_RETURN tls_construct_stoc_maxfragmentlen(SSL *s, WPACKET *pkt, -

1349 unsigned int context, X509 *x, -

1350 size_t chainidx) -

1351 { -

1352

if (!USE_MAX_FRAGMENT_LENGTH_EXT(s->session))

((s->session->...en_mode) >= 1)	Description
TRUE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2337 times by 1 test Evaluated by: libssl.so.1.1

((s->session->...en_mode) <= 4)	Description
TRUE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2337

1353

return EXT_RETURN_NOT_SENT;

executed 2337 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

2337

1354 -

1355 /*- -

1356 * 4 bytes for this extension type and extension length -

1357 * 1 byte for the Max Fragment Length code value. -

1358 */ -

1359

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_max_fragment_length)

!WPACKET_put_b...(pkt), (1), 2)	Description
TRUE	never evaluated
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

0-27

1360

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

0-27

1361

|| !WPACKET_put_bytes_u8(pkt, s->session->ext.max_fragment_len_mode)

!WPACKET_put_b..._len_mode), 1)	Description
TRUE	never evaluated
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

0-27

1362

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

0-27

1363 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1364 SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN, ERR_R_INTERNAL_ERROR); -

1365

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1366 } -

1367 -

1368

return EXT_RETURN_SENT;

executed 27 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1369 } -

1370 -

1371 #ifndef OPENSSL_NO_EC -

1372 EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt, -

1373 unsigned int context, X509 *x, -

1374 size_t chainidx) -

1375 { -

1376 unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey; -

1377 unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth; -

1378

int using_ecc = ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))

(alg_k & 0x00000004U)	Description
TRUE	evaluated 1157 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 353 times by 1 test Evaluated by: libssl.so.1.1

(alg_a & 0x00000008U)	Description
TRUE	never evaluated
FALSE	evaluated 353 times by 1 test Evaluated by: libssl.so.1.1

0-1157

1379

&& (s->session->ext.ecpointformats != NULL);

(s->session->e... ((void *)0) )	Description
TRUE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 161 times by 1 test Evaluated by: libssl.so.1.1

161-996

1380 const unsigned char *plist; -

1381 size_t plistlen; -

1382 -

1383

if (!using_ecc)

!using_ecc	Description
TRUE	evaluated 514 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1

514-996

1384

return EXT_RETURN_NOT_SENT;

executed 514 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

514

1385 -

1386 tls1_get_formatlist(s, &plist, &plistlen); -

1387

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_ec_point_formats)

!WPACKET_put_b...pkt), (11), 2)	Description
TRUE	never evaluated
FALSE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1

0-996

1388

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1

0-996

1389

|| !WPACKET_sub_memcpy_u8(pkt, plist, plistlen)

!WPACKET_sub_m...(plistlen), 1)	Description
TRUE	never evaluated
FALSE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1

0-996

1390

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 996 times by 1 test Evaluated by: libssl.so.1.1

0-996

1391 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1392 SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR); -

1393

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1394 } -

1395 -

1396

return EXT_RETURN_SENT;

executed 996 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

996

1397 } -

1398 #endif -

1399 -

1400 #ifndef OPENSSL_NO_EC -

1401 EXT_RETURN tls_construct_stoc_supported_groups(SSL *s, WPACKET *pkt, -

1402 unsigned int context, X509 *x, -

1403 size_t chainidx) -

1404 { -

1405 const uint16_t *groups; -

1406 size_t numgroups, i, first = 1; -

1407 -

1408 /* s->s3->group_id is non zero if we accepted a key_share */ -

1409

if (s->s3->group_id == 0)

s->s3->group_id == 0	Description
TRUE	evaluated 1512 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 852 times by 1 test Evaluated by: libssl.so.1.1

852-1512

1410

return EXT_RETURN_NOT_SENT;

executed 1512 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

1512

1411 -

1412 /* Get our list of supported groups */ -

1413 tls1_get_supported_groups(s, &groups, &numgroups); -

1414

if (numgroups == 0) {

numgroups == 0	Description
TRUE	never evaluated
FALSE	evaluated 852 times by 1 test Evaluated by: libssl.so.1.1

0-852

1415 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1416 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, ERR_R_INTERNAL_ERROR); -

1417

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1418 } -

1419 -

1420 /* Copy group ID if supported */ -

1421

for (i = 0; i < numgroups; i++) {

i < numgroups	Description
TRUE	evaluated 1320 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

117-1320

1422 uint16_t group = groups[i]; -

1423 -

1424

if (tls_curve_allowed(s, group, SSL_SECOP_CURVE_SUPPORTED)) {

tls_curve_allo... \| (2 << 16)))	Description
TRUE	evaluated 1320 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1320

1425

if (first) {

first	Description
TRUE	evaluated 852 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 468 times by 1 test Evaluated by: libssl.so.1.1

468-852

1426 /* -

1427 * Check if the client is already using our preferred group. If -

1428 * so we don't need to add this extension -

1429 */ -

1430

if (s->s3->group_id == group)

s->s3->group_id == group	Description
TRUE	evaluated 735 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

117-735

1431

return EXT_RETURN_NOT_SENT;

executed 735 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

735

1432 -

1433 /* Add extension header */ -

1434

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_groups)

!WPACKET_put_b...pkt), (10), 2)	Description
TRUE	never evaluated
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

0-117

1435 /* Sub-packet for supported_groups extension */ -

1436

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

0-117

1437

|| !WPACKET_start_sub_packet_u16(pkt)) {

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

0-117

1438 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1439 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, -

1440 ERR_R_INTERNAL_ERROR); -

1441

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1442 } -

1443 -

1444 first = 0; -

1445

}

executed 117 times by 1 test: end of block

Executed by:

libssl.so.1.1

117

1446

if (!WPACKET_put_bytes_u16(pkt, group)) {

!WPACKET_put_b...), (group), 2)	Description
TRUE	never evaluated
FALSE	evaluated 585 times by 1 test Evaluated by: libssl.so.1.1

0-585

1447 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1448 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, -

1449 ERR_R_INTERNAL_ERROR); -

1450

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1451 } -

1452

}

executed 585 times by 1 test: end of block

Executed by:

libssl.so.1.1

585

1453

}

executed 585 times by 1 test: end of block

Executed by:

libssl.so.1.1

585

1454 -

1455

if (!WPACKET_close(pkt) || !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 117 times by 1 test Evaluated by: libssl.so.1.1

0-117

1456 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1457 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, -

1458 ERR_R_INTERNAL_ERROR); -

1459

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1460 } -

1461 -

1462

return EXT_RETURN_SENT;

executed 117 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

117

1463 } -

1464 #endif -

1465 -

1466 EXT_RETURN tls_construct_stoc_session_ticket(SSL *s, WPACKET *pkt, -

1467 unsigned int context, X509 *x, -

1468 size_t chainidx) -

1469 { -

1470

if (!s->ext.ticket_expected || !tls_use_ticket(s)) {

!s->ext.ticket_expected	Description
TRUE	evaluated 371 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1139 times by 1 test Evaluated by: libssl.so.1.1

!tls_use_ticket(s)	Description
TRUE	never evaluated
FALSE	evaluated 1139 times by 1 test Evaluated by: libssl.so.1.1

0-1139

1471 s->ext.ticket_expected = 0; -

1472

return EXT_RETURN_NOT_SENT;

executed 371 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

371

1473 } -

1474 -

1475

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket)

!WPACKET_put_b...pkt), (35), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1139 times by 1 test Evaluated by: libssl.so.1.1

0-1139

1476

|| !WPACKET_put_bytes_u16(pkt, 0)) {

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1139 times by 1 test Evaluated by: libssl.so.1.1

0-1139

1477 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1478 SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET, ERR_R_INTERNAL_ERROR); -

1479

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1480 } -

1481 -

1482

return EXT_RETURN_SENT;

executed 1139 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1139

1483 } -

1484 -

1485 #ifndef OPENSSL_NO_OCSP -

1486 EXT_RETURN tls_construct_stoc_status_request(SSL *s, WPACKET *pkt, -

1487 unsigned int context, X509 *x, -

1488 size_t chainidx) -

1489 { -

1490

if (!s->ext.status_expected)

!s->ext.status_expected	Description
TRUE	evaluated 2369 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

11-2369

1491

return EXT_RETURN_NOT_SENT;

executed 2369 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

2369

1492 -

1493

if (SSL_IS_TLS13(s) && chainidx != 0)

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

chainidx != 0	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-9

1494

return EXT_RETURN_NOT_SENT;

never executed: return EXT_RETURN_NOT_SENT;

1495 -

1496

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_status_request)

!WPACKET_put_b...(pkt), (5), 2)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

1497

|| !WPACKET_start_sub_packet_u16(pkt)) {

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

1498 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1499 SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); -

1500

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1501 } -

1502 -

1503 /* -

1504 * In TLSv1.3 we include the certificate status itself. In <= TLSv1.2 we -

1505 * send back an empty extension, with the certificate status appearing as a -

1506 * separate message -

1507 */ -

1508

if (SSL_IS_TLS13(s) && !tls_construct_cert_status_body(s, pkt)) {

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->version >= 0x0304	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

!tls_construct...s_body(s, pkt)	Description
TRUE	never evaluated
FALSE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1

0-9

1509 /* SSLfatal() already called */ -

1510

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1511 } -

1512

if (!WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 11 times by 1 test Evaluated by: libssl.so.1.1

0-11

1513 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1514 SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST, ERR_R_INTERNAL_ERROR); -

1515

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1516 } -

1517 -

1518

return EXT_RETURN_SENT;

executed 11 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1519 } -

1520 #endif -

1521 -

1522 #ifndef OPENSSL_NO_NEXTPROTONEG -

1523 EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt, -

1524 unsigned int context, X509 *x, -

1525 size_t chainidx) -

1526 { -

1527 const unsigned char *npa; -

1528 unsigned int npalen; -

1529 int ret; -

1530 int npn_seen = s->s3->npn_seen; -

1531 -

1532 s->s3->npn_seen = 0; -

1533

if (!npn_seen || s->ctx->ext.npn_advertised_cb == NULL)

!npn_seen	Description
TRUE	evaluated 1483 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 27 times by 1 test Evaluated by: libssl.so.1.1

s->ctx->ext.np...== ((void *)0)	Description
TRUE	evaluated 6 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

6-1483

1534

return EXT_RETURN_NOT_SENT;

executed 1489 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

1489

1535 -

1536 ret = s->ctx->ext.npn_advertised_cb(s, &npa, &npalen, -

1537 s->ctx->ext.npn_advertised_cb_arg); -

1538

if (ret == SSL_TLSEXT_ERR_OK) {

ret == 0	Description
TRUE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-21

1539

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_next_proto_neg)

!WPACKET_put_b...), (13172), 2)	Description
TRUE	never evaluated
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

0-21

1540

|| !WPACKET_sub_memcpy_u16(pkt, npa, npalen)) {

!WPACKET_sub_m..., (npalen), 2)	Description
TRUE	never evaluated
FALSE	evaluated 21 times by 1 test Evaluated by: libssl.so.1.1

0-21

1541 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1542 SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG, -

1543 ERR_R_INTERNAL_ERROR); -

1544

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1545 } -

1546 s->s3->npn_seen = 1; -

1547

}

executed 21 times by 1 test: end of block

Executed by:

libssl.so.1.1

1548 -

1549

return EXT_RETURN_SENT;

executed 21 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1550 } -

1551 #endif -

1552 -

1553 EXT_RETURN tls_construct_stoc_alpn(SSL *s, WPACKET *pkt, unsigned int context, -

1554 X509 *x, size_t chainidx) -

1555 { -

1556

if (s->s3->alpn_selected == NULL)

s->s3->alpn_se...== ((void *)0)	Description
TRUE	evaluated 2342 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

22-2342

1557

return EXT_RETURN_NOT_SENT;

executed 2342 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

2342

1558 -

1559

if (!WPACKET_put_bytes_u16(pkt,

!WPACKET_put_b...pkt), (16), 2)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1560 TLSEXT_TYPE_application_layer_protocol_negotiation) -

1561

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1562

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1563

|| !WPACKET_sub_memcpy_u8(pkt, s->s3->alpn_selected,

!WPACKET_sub_m...ected_len), 1)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1564 s->s3->alpn_selected_len) -

1565

|| !WPACKET_close(pkt)

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1566

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1567 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1568 SSL_F_TLS_CONSTRUCT_STOC_ALPN, ERR_R_INTERNAL_ERROR); -

1569

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1570 } -

1571 -

1572

return EXT_RETURN_SENT;

executed 22 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1573 } -

1574 -

1575 #ifndef OPENSSL_NO_SRTP -

1576 EXT_RETURN tls_construct_stoc_use_srtp(SSL *s, WPACKET *pkt, -

1577 unsigned int context, X509 *x, -

1578 size_t chainidx) -

1579 { -

1580

if (s->srtp_profile == NULL)

s->srtp_profile == ((void *)0)	Description
TRUE	evaluated 2364 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2364

1581

return EXT_RETURN_NOT_SENT;

executed 2364 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

2364

1582 -

1583

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_use_srtp)

!WPACKET_put_b...pkt), (14), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

1584

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

1585

|| !WPACKET_put_bytes_u16(pkt, 2)

!WPACKET_put_b...(pkt), (2), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

1586

|| !WPACKET_put_bytes_u16(pkt, s->srtp_profile->id)

!WPACKET_put_b...ofile->id), 2)	Description
TRUE	never evaluated
FALSE	never evaluated

1587

|| !WPACKET_put_bytes_u8(pkt, 0)

!WPACKET_put_b...(pkt), (0), 1)	Description
TRUE	never evaluated
FALSE	never evaluated

1588

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	never evaluated

1589 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP, -

1590 ERR_R_INTERNAL_ERROR); -

1591

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1592 } -

1593 -

1594

return EXT_RETURN_SENT;

never executed: return EXT_RETURN_SENT;

1595 } -

1596 #endif -

1597 -

1598 EXT_RETURN tls_construct_stoc_etm(SSL *s, WPACKET *pkt, unsigned int context, -

1599 X509 *x, size_t chainidx) -

1600 { -

1601

if (!s->ext.use_etm)

!s->ext.use_etm	Description
TRUE	evaluated 363 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1147 times by 1 test Evaluated by: libssl.so.1.1

363-1147

1602

return EXT_RETURN_NOT_SENT;

executed 363 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

363

1603 -

1604 /* -

1605 * Don't use encrypt_then_mac if AEAD or RC4 might want to disable -

1606 * for other cases too. -

1607 */ -

1608

if (s->s3->tmp.new_cipher->algorithm_mac == SSL_AEAD

s->s3->tmp.new...== 0x00000040U	Description
TRUE	evaluated 536 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

536-611

1609

|| s->s3->tmp.new_cipher->algorithm_enc == SSL_RC4

s->s3->tmp.new...== 0x00000004U	Description
TRUE	never evaluated
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

0-611

1610

|| s->s3->tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT

s->s3->tmp.new...== 0x00000400U	Description
TRUE	never evaluated
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

0-611

1611

|| s->s3->tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT12) {

s->s3->tmp.new...== 0x00040000U	Description
TRUE	never evaluated
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

0-611

1612 s->ext.use_etm = 0; -

1613

return EXT_RETURN_NOT_SENT;

executed 536 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

536

1614 } -

1615 -

1616

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_encrypt_then_mac)

!WPACKET_put_b...pkt), (22), 2)	Description
TRUE	never evaluated
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

0-611

1617

|| !WPACKET_put_bytes_u16(pkt, 0)) {

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 611 times by 1 test Evaluated by: libssl.so.1.1

0-611

1618 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_ETM, -

1619 ERR_R_INTERNAL_ERROR); -

1620

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1621 } -

1622 -

1623

return EXT_RETURN_SENT;

executed 611 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

611

1624 } -

1625 -

1626 EXT_RETURN tls_construct_stoc_ems(SSL *s, WPACKET *pkt, unsigned int context, -

1627 X509 *x, size_t chainidx) -

1628 { -

1629

if ((s->s3->flags & TLS1_FLAGS_RECEIVED_EXTMS) == 0)

(s->s3->flags & 0x0200) == 0	Description
TRUE	evaluated 186 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1324 times by 1 test Evaluated by: libssl.so.1.1

186-1324

1630

return EXT_RETURN_NOT_SENT;

executed 186 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

186

1631 -

1632

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret)

!WPACKET_put_b...pkt), (23), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1324 times by 1 test Evaluated by: libssl.so.1.1

0-1324

1633

|| !WPACKET_put_bytes_u16(pkt, 0)) {

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1324 times by 1 test Evaluated by: libssl.so.1.1

0-1324

1634 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_EMS, -

1635 ERR_R_INTERNAL_ERROR); -

1636

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1637 } -

1638 -

1639

return EXT_RETURN_SENT;

executed 1324 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1324

1640 } -

1641 -

1642 EXT_RETURN tls_construct_stoc_supported_versions(SSL *s, WPACKET *pkt, -

1643 unsigned int context, X509 *x, -

1644 size_t chainidx) -

1645 { -

1646

if (!ossl_assert(SSL_IS_TLS13(s))) {

!(((!(s->metho...x10000)) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1

!(s->method->s...c_flags & 0x8)	Description
TRUE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->version >= 0x0304	Description
TRUE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

(s)->method->v...ion != 0x10000	Description
TRUE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-971

1647 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1648 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS, -

1649 ERR_R_INTERNAL_ERROR); -

1650

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1651 } -

1652 -

1653

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_supported_versions)

!WPACKET_put_b...pkt), (43), 2)	Description
TRUE	never evaluated
FALSE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1

0-971

1654

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1

0-971

1655

|| !WPACKET_put_bytes_u16(pkt, s->version)

!WPACKET_put_b...->version), 2)	Description
TRUE	never evaluated
FALSE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1

0-971

1656

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 971 times by 1 test Evaluated by: libssl.so.1.1

0-971

1657 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1658 SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS, -

1659 ERR_R_INTERNAL_ERROR); -

1660

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1661 } -

1662 -

1663

return EXT_RETURN_SENT;

executed 971 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

971

1664 } -

1665 -

1666 EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, -

1667 unsigned int context, X509 *x, -

1668 size_t chainidx) -

1669 { -

1670 #ifndef OPENSSL_NO_TLS1_3 -

1671 unsigned char *encodedPoint; -

1672 size_t encoded_pt_len = 0; -

1673 EVP_PKEY *ckey = s->s3->peer_tmp, *skey = NULL; -

1674 -

1675

if (s->hello_retry_request == SSL_HRR_PENDING) {

s->hello_retry...SL_HRR_PENDING	Description
TRUE	evaluated 115 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 856 times by 1 test Evaluated by: libssl.so.1.1

115-856

1676

if (ckey != NULL) {

ckey != ((void *)0)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1

3-112

1677 /* Original key_share was acceptable so don't ask for another one */ -

1678

return EXT_RETURN_NOT_SENT;

executed 3 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

1679 } -

1680

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)

!WPACKET_put_b...pkt), (51), 2)	Description
TRUE	never evaluated
FALSE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1

0-112

1681

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1

0-112

1682

|| !WPACKET_put_bytes_u16(pkt, s->s3->group_id)

!WPACKET_put_b...>group_id), 2)	Description
TRUE	never evaluated
FALSE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1

0-112

1683

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1

0-112

1684 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1685 SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, -

1686 ERR_R_INTERNAL_ERROR); -

1687

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1688 } -

1689 -

1690

return EXT_RETURN_SENT;

executed 112 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

112

1691 } -

1692 -

1693

if (ckey == NULL) {

ckey == ((void *)0)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

2-854

1694 /* No key_share received from client - must be resuming */ -

1695

if (!s->hit || !tls13_generate_handshake_secret(s, NULL, 0)) {

!s->hit	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

!tls13_generat...void *)0) , 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1696 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1697 SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR); -

1698

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1699 } -

1700

return EXT_RETURN_NOT_SENT;

executed 2 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

1701 } -

1702 -

1703

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)

!WPACKET_put_b...pkt), (51), 2)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1704

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1705

|| !WPACKET_put_bytes_u16(pkt, s->s3->group_id)) {

!WPACKET_put_b...>group_id), 2)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1706 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1707 SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR); -

1708

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1709 } -

1710 -

1711 skey = ssl_generate_pkey(ckey); -

1712

if (skey == NULL) {

skey == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1713 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, -

1714 ERR_R_MALLOC_FAILURE); -

1715

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1716 } -

1717 -

1718 /* Generate encoding of server key */ -

1719 encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint); -

1720

if (encoded_pt_len == 0) {

encoded_pt_len == 0	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1721 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, -

1722 ERR_R_EC_LIB); -

1723 EVP_PKEY_free(skey); -

1724

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1725 } -

1726 -

1727

if (!WPACKET_sub_memcpy_u16(pkt, encodedPoint, encoded_pt_len)

!WPACKET_sub_m...ed_pt_len), 2)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1728

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

0-854

1729 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, -

1730 ERR_R_INTERNAL_ERROR); -

1731 EVP_PKEY_free(skey); -

1732 OPENSSL_free(encodedPoint); -

1733

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1734 } -

1735 OPENSSL_free(encodedPoint); -

1736 -

1737 /* This causes the crypto state to be updated based on the derived keys */ -

1738 s->s3->tmp.pkey = skey; -

1739

if (ssl_derive(s, skey, ckey, 1) == 0) {

ssl_derive(s, ... ckey, 1) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 852 times by 1 test Evaluated by: libssl.so.1.1

2-852

1740 /* SSLfatal() already called */ -

1741

return EXT_RETURN_FAIL;

executed 2 times by 1 test: return EXT_RETURN_FAIL;

Executed by:

libssl.so.1.1

1742 } -

1743

return EXT_RETURN_SENT;

executed 852 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

852

1744 #else -

1745 return EXT_RETURN_FAIL; -

1746 #endif -

1747 } -

1748 -

1749 EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, -

1750 X509 *x, size_t chainidx) -

1751 { -

1752 #ifndef OPENSSL_NO_TLS1_3 -

1753 unsigned char *hashval1, *hashval2, *appcookie1, *appcookie2, *cookie; -

1754 unsigned char *hmac, *hmac2; -

1755 size_t startlen, ciphlen, totcookielen, hashlen, hmaclen, appcookielen; -

1756 EVP_MD_CTX *hctx; -

1757 EVP_PKEY *pkey; -

1758 int ret = EXT_RETURN_FAIL; -

1759 -

1760

if ((s->s3->flags & TLS1_FLAGS_STATELESS) == 0)

(s->s3->flags & 0x0800) == 0	Description
TRUE	evaluated 112 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-112

1761

return EXT_RETURN_NOT_SENT;

executed 112 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

112

1762 -

1763

if (s->ctx->gen_stateless_cookie_cb == NULL) {

s->ctx->gen_st...== ((void *)0)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

1-2

1764 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1765 SSL_R_NO_COOKIE_CALLBACK_SET); -

1766

return EXT_RETURN_FAIL;

executed 1 time by 1 test: return EXT_RETURN_FAIL;

Executed by:

libssl.so.1.1

1767 } -

1768 -

1769

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_cookie)

!WPACKET_put_b...pkt), (44), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1770

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1771

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1772

|| !WPACKET_get_total_written(pkt, &startlen)

!WPACKET_get_t...kt, &startlen)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1773

|| !WPACKET_reserve_bytes(pkt, MAX_COOKIE_SIZE, &cookie)

!WPACKET_reser... 32), &cookie)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1774

|| !WPACKET_put_bytes_u16(pkt, COOKIE_STATE_FORMAT_VERSION)

!WPACKET_put_b...(pkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1775

|| !WPACKET_put_bytes_u16(pkt, TLS1_3_VERSION)

!WPACKET_put_b..., (0x0304), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1776

|| !WPACKET_put_bytes_u16(pkt, s->s3->group_id)

!WPACKET_put_b...>group_id), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1777

|| !s->method->put_cipher_by_char(s->s3->tmp.new_cipher, pkt,

!s->method->pu...pkt, &ciphlen)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1778

&ciphlen)

!s->method->pu...pkt, &ciphlen)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1779 /* Is there a key_share extension present in this HRR? */ -

1780

|| !WPACKET_put_bytes_u8(pkt, s->s3->peer_tmp == NULL)

!WPACKET_put_b...oid *)0) ), 1)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1781

|| !WPACKET_put_bytes_u32(pkt, (unsigned int)time(NULL))

!WPACKET_put_b...id *)0) )), 4)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1782

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1783

|| !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &hashval1)) {

!WPACKET_reser...64, &hashval1)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1784 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1785 ERR_R_INTERNAL_ERROR); -

1786

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1787 } -

1788 -

1789 /* -

1790 * Get the hash of the initial ClientHello. ssl_handshake_hash() operates -

1791 * on raw buffers, so we first reserve sufficient bytes (above) and then -

1792 * subsequently allocate them (below) -

1793 */ -

1794

if (!ssl3_digest_cached_records(s, 0)

!ssl3_digest_c..._records(s, 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1795

|| !ssl_handshake_hash(s, hashval1, EVP_MAX_MD_SIZE, &hashlen)) {

!ssl_handshake... 64, &hashlen)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1796 /* SSLfatal() already called */ -

1797

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1798 } -

1799 -

1800

if (!WPACKET_allocate_bytes(pkt, hashlen, &hashval2)

!WPACKET_alloc...en, &hashval2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1801

|| !ossl_assert(hashval1 == hashval2)

!((hashval1 == hashval2) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1802

|| !WPACKET_close(pkt)

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1803

|| !WPACKET_start_sub_packet_u8(pkt)

!WPACKET_start...en__((pkt), 1)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1804

|| !WPACKET_reserve_bytes(pkt, SSL_COOKIE_LENGTH, &appcookie1)) {

!WPACKET_reser..., &appcookie1)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1805 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1806 ERR_R_INTERNAL_ERROR); -

1807

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1808 } -

1809 -

1810 /* Generate the application cookie */ -

1811

if (s->ctx->gen_stateless_cookie_cb(s, appcookie1, &appcookielen) == 0) {

s->ctx->gen_st...ookielen) == 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1812 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1813 SSL_R_COOKIE_GEN_CALLBACK_FAILURE); -

1814

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1815 } -

1816 -

1817

if (!WPACKET_allocate_bytes(pkt, appcookielen, &appcookie2)

!WPACKET_alloc..., &appcookie2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1818

|| !ossl_assert(appcookie1 == appcookie2)

!((appcookie1 ...cookie2) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1819

|| !WPACKET_close(pkt)

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1820

|| !WPACKET_get_total_written(pkt, &totcookielen)

!WPACKET_get_t...&totcookielen)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1821

|| !WPACKET_reserve_bytes(pkt, SHA256_DIGEST_LENGTH, &hmac)) {

!WPACKET_reser...kt, 32, &hmac)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1822 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1823 ERR_R_INTERNAL_ERROR); -

1824

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1825 } -

1826 hmaclen = SHA256_DIGEST_LENGTH; -

1827 -

1828 totcookielen -= startlen; -

1829

if (!ossl_assert(totcookielen <= MAX_COOKIE_SIZE - SHA256_DIGEST_LENGTH)) {

!((totcookiele...2) - 32) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1830 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1831 ERR_R_INTERNAL_ERROR); -

1832

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1833 } -

1834 -

1835 /* HMAC the cookie */ -

1836 hctx = EVP_MD_CTX_create(); -

1837 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, -

1838 s->session_ctx->ext.cookie_hmac_key, -

1839 sizeof(s->session_ctx->ext -

1840 .cookie_hmac_key)); -

1841

if (hctx == NULL || pkey == NULL) {

hctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

pkey == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1842 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1843 ERR_R_MALLOC_FAILURE); -

1844

goto err;

never executed: goto err;

1845 } -

1846 -

1847

if (EVP_DigestSignInit(hctx, NULL, EVP_sha256(), NULL, pkey) <= 0

EVP_DigestSign...) , pkey) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1848

|| EVP_DigestSign(hctx, hmac, &hmaclen, cookie,

EVP_DigestSign...ookielen) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1849

totcookielen) <= 0) {

EVP_DigestSign...ookielen) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1850 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1851 ERR_R_INTERNAL_ERROR); -

1852

goto err;

never executed: goto err;

1853 } -

1854 -

1855

if (!ossl_assert(totcookielen + hmaclen <= MAX_COOKIE_SIZE)) {

!((totcookiele...6 + 32)) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1856 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1857 ERR_R_INTERNAL_ERROR); -

1858

goto err;

never executed: goto err;

1859 } -

1860 -

1861

if (!WPACKET_allocate_bytes(pkt, hmaclen, &hmac2)

!WPACKET_alloc...aclen, &hmac2)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1862

|| !ossl_assert(hmac == hmac2)

!((hmac == hmac2) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1863

|| !ossl_assert(cookie == hmac - totcookielen)

!((cookie == h...okielen) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1864

|| !WPACKET_close(pkt)

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1865

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

0-2

1866 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, -

1867 ERR_R_INTERNAL_ERROR); -

1868

goto err;

never executed: goto err;

1869 } -

1870 -

1871 ret = EXT_RETURN_SENT; -

1872 -

1873

err:

code before this statement executed 2 times by 1 test: err:

Executed by:

libssl.so.1.1

1874 EVP_MD_CTX_free(hctx); -

1875 EVP_PKEY_free(pkey); -

1876

return ret;

executed 2 times by 1 test: return ret;

Executed by:

libssl.so.1.1

1877 #else -

1878 return EXT_RETURN_FAIL; -

1879 #endif -

1880 } -

1881 -

1882 EXT_RETURN tls_construct_stoc_cryptopro_bug(SSL *s, WPACKET *pkt, -

1883 unsigned int context, X509 *x, -

1884 size_t chainidx) -

1885 { -

1886 const unsigned char cryptopro_ext[36] = { -

1887 0xfd, 0xe8, /* 65000 */ -

1888 0x00, 0x20, /* 32 bytes length */ -

1889 0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85, -

1890 0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06, -

1891 0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08, -

1892 0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17 -

1893 }; -

1894 -

1895

if (((s->s3->tmp.new_cipher->id & 0xFFFF) != 0x80

(s->s3->tmp.ne...xFFFF) != 0x80	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1510

1896

&& (s->s3->tmp.new_cipher->id & 0xFFFF) != 0x81)

(s->s3->tmp.ne...xFFFF) != 0x81	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1510

1897

|| (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG) == 0)

(SSL_get_optio...0000000U) == 0	Description
TRUE	never evaluated
FALSE	never evaluated

1898

return EXT_RETURN_NOT_SENT;

executed 1510 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

1510

1899 -

1900

if (!WPACKET_memcpy(pkt, cryptopro_ext, sizeof(cryptopro_ext))) {

!WPACKET_memcp...ryptopro_ext))	Description
TRUE	never evaluated
FALSE	never evaluated

1901 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1902 SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG, ERR_R_INTERNAL_ERROR); -

1903

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1904 } -

1905 -

1906

return EXT_RETURN_SENT;

never executed: return EXT_RETURN_SENT;

1907 } -

1908 -

1909 EXT_RETURN tls_construct_stoc_early_data(SSL *s, WPACKET *pkt, -

1910 unsigned int context, X509 *x, -

1911 size_t chainidx) -

1912 { -

1913

if (context == SSL_EXT_TLS1_3_NEW_SESSION_TICKET) {

context == 0x2000	Description
TRUE	evaluated 1033 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 854 times by 1 test Evaluated by: libssl.so.1.1

854-1033

1914

if (s->max_early_data == 0)

s->max_early_data == 0	Description
TRUE	evaluated 886 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 147 times by 1 test Evaluated by: libssl.so.1.1

147-886

1915

return EXT_RETURN_NOT_SENT;

executed 886 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

886

1916 -

1917

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_early_data)

!WPACKET_put_b...pkt), (42), 2)	Description
TRUE	never evaluated
FALSE	evaluated 147 times by 1 test Evaluated by: libssl.so.1.1

0-147

1918

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 147 times by 1 test Evaluated by: libssl.so.1.1

0-147

1919

|| !WPACKET_put_bytes_u32(pkt, s->max_early_data)

!WPACKET_put_b...arly_data), 4)	Description
TRUE	never evaluated
FALSE	evaluated 147 times by 1 test Evaluated by: libssl.so.1.1

0-147

1920

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 147 times by 1 test Evaluated by: libssl.so.1.1

0-147

1921 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1922 SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA, ERR_R_INTERNAL_ERROR); -

1923

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1924 } -

1925 -

1926

return EXT_RETURN_SENT;

executed 147 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

147

1927 } -

1928 -

1929

if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED)

s->ext.early_data != 2	Description
TRUE	evaluated 832 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

22-832

1930

return EXT_RETURN_NOT_SENT;

executed 832 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

832

1931 -

1932

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_early_data)

!WPACKET_put_b...pkt), (42), 2)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1933

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1934

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 22 times by 1 test Evaluated by: libssl.so.1.1

0-22

1935 SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA, -

1936 ERR_R_INTERNAL_ERROR); -

1937

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1938 } -

1939 -

1940

return EXT_RETURN_SENT;

executed 22 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

1941 } -

1942 -

1943 EXT_RETURN tls_construct_stoc_psk(SSL *s, WPACKET *pkt, unsigned int context, -

1944 X509 *x, size_t chainidx) -

1945 { -

1946

if (!s->hit)

!s->hit	Description
TRUE	evaluated 741 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

113-741

1947

return EXT_RETURN_NOT_SENT;

executed 741 times by 1 test: return EXT_RETURN_NOT_SENT;

Executed by:

libssl.so.1.1

741

1948 -

1949

if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_psk)

!WPACKET_put_b...pkt), (41), 2)	Description
TRUE	never evaluated
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

0-113

1950

|| !WPACKET_start_sub_packet_u16(pkt)

!WPACKET_start...en__((pkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

0-113

1951

|| !WPACKET_put_bytes_u16(pkt, s->session->ext.tick_identity)

!WPACKET_put_b..._identity), 2)	Description
TRUE	never evaluated
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

0-113

1952

|| !WPACKET_close(pkt)) {

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 113 times by 1 test Evaluated by: libssl.so.1.1

0-113

1953 SSLfatal(s, SSL_AD_INTERNAL_ERROR, -

1954 SSL_F_TLS_CONSTRUCT_STOC_PSK, ERR_R_INTERNAL_ERROR); -

1955

return EXT_RETURN_FAIL;

never executed: return EXT_RETURN_FAIL;

1956 } -

1957 -

1958

return EXT_RETURN_SENT;

executed 113 times by 1 test: return EXT_RETURN_SENT;

Executed by:

libssl.so.1.1

113

1959 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2