Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | #include <stdio.h> | - |
11 | #include "internal/cryptlib.h" | - |
12 | #include <openssl/conf.h> | - |
13 | #include <openssl/asn1.h> | - |
14 | #include <openssl/asn1t.h> | - |
15 | #include <openssl/x509v3.h> | - |
16 | | - |
17 | #include "pcy_int.h" | - |
18 | #include "ext_dat.h" | - |
19 | | - |
20 | | - |
21 | | - |
22 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, | - |
23 | BIO *out, int indent); | - |
24 | static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, | - |
25 | X509V3_CTX *ctx, const char *value); | - |
26 | static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, | - |
27 | int indent); | - |
28 | static void print_notice(BIO *out, USERNOTICE *notice, int indent); | - |
29 | static POLICYINFO *policy_section(X509V3_CTX *ctx, | - |
30 | STACK_OF(CONF_VALUE) *polstrs, int ia5org); | - |
31 | static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, | - |
32 | STACK_OF(CONF_VALUE) *unot, int ia5org); | - |
33 | static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); | - |
34 | static int displaytext_str2tag(const char *tagstr, unsigned int *tag_len); | - |
35 | static int displaytext_get_tag_len(const char *tagstr); | - |
36 | | - |
37 | const X509V3_EXT_METHOD v3_cpols = { | - |
38 | NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES), | - |
39 | 0, 0, 0, 0, | - |
40 | 0, 0, | - |
41 | 0, 0, | - |
42 | (X509V3_EXT_I2R)i2r_certpol, | - |
43 | (X509V3_EXT_R2I)r2i_certpol, | - |
44 | NULL | - |
45 | }; | - |
46 | | - |
47 | ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = | - |
48 | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO) | - |
49 | ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES) | - |
50 | | - |
51 | IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) never executed: end of block never executed: return (CERTIFICATEPOLICIES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(CERTIFICATEPOLICIES_it))); never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(CERTIFICATEPOLICIES_it))); never executed: return (CERTIFICATEPOLICIES *)ASN1_item_new((&(CERTIFICATEPOLICIES_it))); | 0 |
52 | | - |
53 | ASN1_SEQUENCE(POLICYINFO) = { | - |
54 | ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT), | - |
55 | ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO) | - |
56 | } ASN1_SEQUENCE_END(POLICYINFO) | - |
57 | | - |
58 | IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO) never executed: end of block never executed: return (POLICYINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(POLICYINFO_it))); never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(POLICYINFO_it))); never executed: return (POLICYINFO *)ASN1_item_new((&(POLICYINFO_it))); | 0 |
59 | | - |
60 | ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY); | - |
61 | | - |
62 | ASN1_ADB(POLICYQUALINFO) = { | - |
63 | ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)), | - |
64 | ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE)) | - |
65 | } ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL); | - |
66 | | - |
67 | ASN1_SEQUENCE(POLICYQUALINFO) = { | - |
68 | ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT), | - |
69 | ASN1_ADB_OBJECT(POLICYQUALINFO) | - |
70 | } ASN1_SEQUENCE_END(POLICYQUALINFO) | - |
71 | | - |
72 | IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO) never executed: end of block never executed: return (POLICYQUALINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(POLICYQUALINFO_it))); never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(POLICYQUALINFO_it))); never executed: return (POLICYQUALINFO *)ASN1_item_new((&(POLICYQUALINFO_it))); | 0 |
73 | | - |
74 | ASN1_SEQUENCE(USERNOTICE) = { | - |
75 | ASN1_OPT(USERNOTICE, noticeref, NOTICEREF), | - |
76 | ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT) | - |
77 | } ASN1_SEQUENCE_END(USERNOTICE) | - |
78 | | - |
79 | IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE) never executed: end of block never executed: return (USERNOTICE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(USERNOTICE_it))); never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(USERNOTICE_it))); never executed: return (USERNOTICE *)ASN1_item_new((&(USERNOTICE_it))); | 0 |
80 | | - |
81 | ASN1_SEQUENCE(NOTICEREF) = { | - |
82 | ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT), | - |
83 | ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER) | - |
84 | } ASN1_SEQUENCE_END(NOTICEREF) | - |
85 | | - |
86 | IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF) never executed: end of block never executed: return (NOTICEREF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, (&(NOTICEREF_it))); never executed: return ASN1_item_i2d((ASN1_VALUE *)a, out, (&(NOTICEREF_it))); never executed: return (NOTICEREF *)ASN1_item_new((&(NOTICEREF_it))); | 0 |
87 | | - |
88 | static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, | - |
89 | X509V3_CTX *ctx, const char *value) | - |
90 | { | - |
91 | STACK_OF(POLICYINFO) *pols; | - |
92 | char *pstr; | - |
93 | POLICYINFO *pol; | - |
94 | ASN1_OBJECT *pobj; | - |
95 | STACK_OF(CONF_VALUE) *vals = X509V3_parse_list(value); | - |
96 | CONF_VALUE *cnf; | - |
97 | const int num = sk_CONF_VALUE_num(vals); | - |
98 | int i, ia5org; | - |
99 | | - |
100 | if (vals == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
101 | X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB); | - |
102 | return NULL; never executed: return ((void *)0) ; | 0 |
103 | } | - |
104 | | - |
105 | pols = sk_POLICYINFO_new_reserve(NULL, num); | - |
106 | if (pols == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
107 | X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); | - |
108 | goto err; never executed: goto err; | 0 |
109 | } | - |
110 | | - |
111 | ia5org = 0; | - |
112 | for (i = 0; i < num; i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
113 | cnf = sk_CONF_VALUE_value(vals, i); | - |
114 | | - |
115 | if (cnf->value || !cnf->name) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
116 | X509V3err(X509V3_F_R2I_CERTPOL, | - |
117 | X509V3_R_INVALID_POLICY_IDENTIFIER); | - |
118 | X509V3_conf_err(cnf); | - |
119 | goto err; never executed: goto err; | 0 |
120 | } | - |
121 | pstr = cnf->name; | - |
122 | if (strcmp(pstr, "ia5org") == 0) { never executed: __result = (((const unsigned char *) (const char *) ( pstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "ia5org" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
123 | ia5org = 1; | - |
124 | continue; never executed: continue; | 0 |
125 | } else if (*pstr == '@') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
126 | STACK_OF(CONF_VALUE) *polsect; | - |
127 | polsect = X509V3_get_section(ctx, pstr + 1); | - |
128 | if (!polsect) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
129 | X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_SECTION); | - |
130 | | - |
131 | X509V3_conf_err(cnf); | - |
132 | goto err; never executed: goto err; | 0 |
133 | } | - |
134 | pol = policy_section(ctx, polsect, ia5org); | - |
135 | X509V3_section_free(ctx, polsect); | - |
136 | if (pol == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
137 | goto err; never executed: goto err; | 0 |
138 | } else { never executed: end of block | 0 |
139 | if ((pobj = OBJ_txt2obj(cnf->name, 0)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
140 | X509V3err(X509V3_F_R2I_CERTPOL, | - |
141 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | - |
142 | X509V3_conf_err(cnf); | - |
143 | goto err; never executed: goto err; | 0 |
144 | } | - |
145 | pol = POLICYINFO_new(); | - |
146 | if (pol == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
147 | ASN1_OBJECT_free(pobj); | - |
148 | X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); | - |
149 | goto err; never executed: goto err; | 0 |
150 | } | - |
151 | pol->policyid = pobj; | - |
152 | } never executed: end of block | 0 |
153 | if (!sk_POLICYINFO_push(pols, pol)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
154 | POLICYINFO_free(pol); | - |
155 | X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); | - |
156 | goto err; never executed: goto err; | 0 |
157 | } | - |
158 | } never executed: end of block | 0 |
159 | sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); | - |
160 | return pols; never executed: return pols; | 0 |
161 | err: | - |
162 | sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); | - |
163 | sk_POLICYINFO_pop_free(pols, POLICYINFO_free); | - |
164 | return NULL; never executed: return ((void *)0) ; | 0 |
165 | } | - |
166 | | - |
167 | static POLICYINFO *policy_section(X509V3_CTX *ctx, | - |
168 | STACK_OF(CONF_VALUE) *polstrs, int ia5org) | - |
169 | { | - |
170 | int i; | - |
171 | CONF_VALUE *cnf; | - |
172 | POLICYINFO *pol; | - |
173 | POLICYQUALINFO *qual; | - |
174 | | - |
175 | if ((pol = POLICYINFO_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
176 | goto merr; never executed: goto merr; | 0 |
177 | for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
178 | cnf = sk_CONF_VALUE_value(polstrs, i); | - |
179 | if (strcmp(cnf->name, "policyIdentifier") == 0) { never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "policyIdentifier" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
180 | ASN1_OBJECT *pobj; | - |
181 | if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
182 | X509V3err(X509V3_F_POLICY_SECTION, | - |
183 | X509V3_R_INVALID_OBJECT_IDENTIFIER); | - |
184 | X509V3_conf_err(cnf); | - |
185 | goto err; never executed: goto err; | 0 |
186 | } | - |
187 | pol->policyid = pobj; | - |
188 | | - |
189 | } else if (!name_cmp(cnf->name, "CPS")) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
190 | if (pol->qualifiers == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
191 | pol->qualifiers = sk_POLICYQUALINFO_new_null(); never executed: pol->qualifiers = sk_POLICYQUALINFO_new_null(); | 0 |
192 | if ((qual = POLICYQUALINFO_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
193 | goto merr; never executed: goto merr; | 0 |
194 | if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
195 | goto merr; never executed: goto merr; | 0 |
196 | if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_cps)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
197 | X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR); | - |
198 | goto err; never executed: goto err; | 0 |
199 | } | - |
200 | if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
201 | goto merr; never executed: goto merr; | 0 |
202 | if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
203 | strlen(cnf->value)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
204 | goto merr; never executed: goto merr; | 0 |
205 | } else if (!name_cmp(cnf->name, "userNotice")) { never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
| 0 |
206 | STACK_OF(CONF_VALUE) *unot; | - |
207 | if (*cnf->value != '@') {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
208 | X509V3err(X509V3_F_POLICY_SECTION, | - |
209 | X509V3_R_EXPECTED_A_SECTION_NAME); | - |
210 | X509V3_conf_err(cnf); | - |
211 | goto err; never executed: goto err; | 0 |
212 | } | - |
213 | unot = X509V3_get_section(ctx, cnf->value + 1); | - |
214 | if (!unot) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
215 | X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_SECTION); | - |
216 | | - |
217 | X509V3_conf_err(cnf); | - |
218 | goto err; never executed: goto err; | 0 |
219 | } | - |
220 | qual = notice_section(ctx, unot, ia5org); | - |
221 | X509V3_section_free(ctx, unot); | - |
222 | if (!qual)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
223 | goto err; never executed: goto err; | 0 |
224 | if (!pol->qualifiers)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
225 | pol->qualifiers = sk_POLICYQUALINFO_new_null(); never executed: pol->qualifiers = sk_POLICYQUALINFO_new_null(); | 0 |
226 | if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
227 | goto merr; never executed: goto merr; | 0 |
228 | } else { never executed: end of block | 0 |
229 | X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OPTION); | - |
230 | | - |
231 | X509V3_conf_err(cnf); | - |
232 | goto err; never executed: goto err; | 0 |
233 | } | - |
234 | } | - |
235 | if (!pol->policyid) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
236 | X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_NO_POLICY_IDENTIFIER); | - |
237 | goto err; never executed: goto err; | 0 |
238 | } | - |
239 | | - |
240 | return pol; never executed: return pol; | 0 |
241 | | - |
242 | merr: | - |
243 | X509V3err(X509V3_F_POLICY_SECTION, ERR_R_MALLOC_FAILURE); | - |
244 | | - |
245 | err: code before this statement never executed: err: | 0 |
246 | POLICYINFO_free(pol); | - |
247 | return NULL; never executed: return ((void *)0) ; | 0 |
248 | } | - |
249 | | - |
250 | static int displaytext_get_tag_len(const char *tagstr) | - |
251 | { | - |
252 | char *colon = strchr(tagstr, ':');TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
253 | | - |
254 | return (colon == NULL) ? -1 : colon - tagstr; never executed: return (colon == ((void *)0) ) ? -1 : colon - tagstr; TRUE | never evaluated | FALSE | never evaluated |
| 0 |
255 | } | - |
256 | | - |
257 | static int displaytext_str2tag(const char *tagstr, unsigned int *tag_len) | - |
258 | { | - |
259 | int len; | - |
260 | | - |
261 | *tag_len = 0; | - |
262 | len = displaytext_get_tag_len(tagstr); | - |
263 | | - |
264 | if (len == -1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
265 | return V_ASN1_VISIBLESTRING; never executed: return 26; | 0 |
266 | *tag_len = len; | - |
267 | if (len == sizeof("UTF8") - 1 && strncmp(tagstr, "UTF8", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "UTF8" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
268 | return V_ASN1_UTF8STRING; never executed: return 12; | 0 |
269 | if (len == sizeof("UTF8String") - 1 && strncmp(tagstr, "UTF8String", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "UTF8String" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
270 | return V_ASN1_UTF8STRING; never executed: return 12; | 0 |
271 | if (len == sizeof("BMP") - 1 && strncmp(tagstr, "BMP", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "BMP" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
272 | return V_ASN1_BMPSTRING; never executed: return 30; | 0 |
273 | if (len == sizeof("BMPSTRING") - 1 && strncmp(tagstr, "BMPSTRING", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "BMPSTRING" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
274 | return V_ASN1_BMPSTRING; never executed: return 30; | 0 |
275 | if (len == sizeof("VISIBLE") - 1 && strncmp(tagstr, "VISIBLE", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "VISIBLE" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
276 | return V_ASN1_VISIBLESTRING; never executed: return 26; | 0 |
277 | if (len == sizeof("VISIBLESTRING") - 1 && strncmp(tagstr, "VISIBLESTRING", len) == 0) never executed: __result = (((const unsigned char *) (const char *) ( tagstr ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "VISIBLESTRING" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
278 | return V_ASN1_VISIBLESTRING; never executed: return 26; | 0 |
279 | *tag_len = 0; | - |
280 | return V_ASN1_VISIBLESTRING; never executed: return 26; | 0 |
281 | } | - |
282 | | - |
283 | static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, | - |
284 | STACK_OF(CONF_VALUE) *unot, int ia5org) | - |
285 | { | - |
286 | int i, ret, len, tag; | - |
287 | unsigned int tag_len; | - |
288 | CONF_VALUE *cnf; | - |
289 | USERNOTICE *not; | - |
290 | POLICYQUALINFO *qual; | - |
291 | char *value = NULL; | - |
292 | | - |
293 | if ((qual = POLICYQUALINFO_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
294 | goto merr; never executed: goto merr; | 0 |
295 | if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
296 | X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR); | - |
297 | goto err; never executed: goto err; | 0 |
298 | } | - |
299 | if ((not = USERNOTICE_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
300 | goto merr; never executed: goto merr; | 0 |
301 | qual->d.usernotice = not; | - |
302 | for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
303 | cnf = sk_CONF_VALUE_value(unot, i); | - |
304 | value = cnf->value; | - |
305 | if (strcmp(cnf->name, "explicitText") == 0) { never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "explicitText" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
306 | tag = displaytext_str2tag(value, &tag_len); | - |
307 | if ((not->exptext = ASN1_STRING_type_new(tag)) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
308 | goto merr; never executed: goto merr; | 0 |
309 | if (tag_len != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
310 | value += tag_len + 1; never executed: value += tag_len + 1; | 0 |
311 | len = strlen(value); | - |
312 | if (!ASN1_STRING_set(not->exptext, value, len))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
313 | goto merr; never executed: goto merr; | 0 |
314 | } else if (strcmp(cnf->name, "organization") == 0) { never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "organization" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
315 | NOTICEREF *nref; | - |
316 | if (!not->noticeref) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
317 | if ((nref = NOTICEREF_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
318 | goto merr; never executed: goto merr; | 0 |
319 | not->noticeref = nref; | - |
320 | } else never executed: end of block | 0 |
321 | nref = not->noticeref; never executed: nref = not->noticeref; | 0 |
322 | if (ia5org)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
323 | nref->organization->type = V_ASN1_IA5STRING; never executed: nref->organization->type = 22; | 0 |
324 | else | - |
325 | nref->organization->type = V_ASN1_VISIBLESTRING; never executed: nref->organization->type = 26; | 0 |
326 | if (!ASN1_STRING_set(nref->organization, cnf->value,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
327 | strlen(cnf->value)))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
328 | goto merr; never executed: goto merr; | 0 |
329 | } else if (strcmp(cnf->name, "noticeNumbers") == 0) { never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "noticeNumbers" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
330 | NOTICEREF *nref; | - |
331 | STACK_OF(CONF_VALUE) *nos; | - |
332 | if (!not->noticeref) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
333 | if ((nref = NOTICEREF_new()) == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
334 | goto merr; never executed: goto merr; | 0 |
335 | not->noticeref = nref; | - |
336 | } else never executed: end of block | 0 |
337 | nref = not->noticeref; never executed: nref = not->noticeref; | 0 |
338 | nos = X509V3_parse_list(cnf->value); | - |
339 | if (!nos || !sk_CONF_VALUE_num(nos)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
340 | X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS); | - |
341 | X509V3_conf_err(cnf); | - |
342 | sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); | - |
343 | goto err; never executed: goto err; | 0 |
344 | } | - |
345 | ret = nref_nos(nref->noticenos, nos); | - |
346 | sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); | - |
347 | if (!ret)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
348 | goto err; never executed: goto err; | 0 |
349 | } else { never executed: end of block | 0 |
350 | X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_OPTION); | - |
351 | X509V3_conf_err(cnf); | - |
352 | goto err; never executed: goto err; | 0 |
353 | } | - |
354 | } | - |
355 | | - |
356 | if (not->noticeref &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
357 | (!not->noticeref->noticenos || !not->noticeref->organization)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
358 | X509V3err(X509V3_F_NOTICE_SECTION, | - |
359 | X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); | - |
360 | goto err; never executed: goto err; | 0 |
361 | } | - |
362 | | - |
363 | return qual; never executed: return qual; | 0 |
364 | | - |
365 | merr: | - |
366 | X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_MALLOC_FAILURE); | - |
367 | | - |
368 | err: code before this statement never executed: err: | 0 |
369 | POLICYQUALINFO_free(qual); | - |
370 | return NULL; never executed: return ((void *)0) ; | 0 |
371 | } | - |
372 | | - |
373 | static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) | - |
374 | { | - |
375 | CONF_VALUE *cnf; | - |
376 | ASN1_INTEGER *aint; | - |
377 | | - |
378 | int i; | - |
379 | | - |
380 | for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
381 | cnf = sk_CONF_VALUE_value(nos, i); | - |
382 | if ((aint = s2i_ASN1_INTEGER(NULL, cnf->name)) == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
383 | X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER); | - |
384 | goto err; never executed: goto err; | 0 |
385 | } | - |
386 | if (!sk_ASN1_INTEGER_push(nnums, aint))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
387 | goto merr; never executed: goto merr; | 0 |
388 | } never executed: end of block | 0 |
389 | return 1; never executed: return 1; | 0 |
390 | | - |
391 | merr: | - |
392 | ASN1_INTEGER_free(aint); | - |
393 | X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE); | - |
394 | | - |
395 | err: code before this statement never executed: err: | 0 |
396 | return 0; never executed: return 0; | 0 |
397 | } | - |
398 | | - |
399 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, | - |
400 | BIO *out, int indent) | - |
401 | { | - |
402 | int i; | - |
403 | POLICYINFO *pinfo; | - |
404 | | - |
405 | for (i = 0; i < sk_POLICYINFO_num(pol); i++) {TRUE | evaluated 1165 times by 1 test | FALSE | evaluated 1126 times by 1 test |
| 1126-1165 |
406 | pinfo = sk_POLICYINFO_value(pol, i); | - |
407 | BIO_printf(out, "%*sPolicy: ", indent, ""); | - |
408 | i2a_ASN1_OBJECT(out, pinfo->policyid); | - |
409 | BIO_puts(out, "\n"); | - |
410 | if (pinfo->qualifiers)TRUE | evaluated 854 times by 1 test | FALSE | evaluated 311 times by 1 test |
| 311-854 |
411 | print_qualifiers(out, pinfo->qualifiers, indent + 2);executed 854 times by 1 test: print_qualifiers(out, pinfo->qualifiers, indent + 2); | 854 |
412 | }executed 1165 times by 1 test: end of block | 1165 |
413 | return 1;executed 1126 times by 1 test: return 1; | 1126 |
414 | } | - |
415 | | - |
416 | static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, | - |
417 | int indent) | - |
418 | { | - |
419 | POLICYQUALINFO *qualinfo; | - |
420 | int i; | - |
421 | for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {TRUE | evaluated 2095 times by 1 test | FALSE | evaluated 854 times by 1 test |
| 854-2095 |
422 | qualinfo = sk_POLICYQUALINFO_value(quals, i); | - |
423 | switch (OBJ_obj2nid(qualinfo->pqualid)) { | - |
424 | case NID_id_qt_cps:executed 311 times by 1 test: case 164: | 311 |
425 | BIO_printf(out, "%*sCPS: %s\n", indent, "", | - |
426 | qualinfo->d.cpsuri->data); | - |
427 | break;executed 311 times by 1 test: break; | 311 |
428 | | - |
429 | case NID_id_qt_unotice:executed 526 times by 1 test: case 165: | 526 |
430 | BIO_printf(out, "%*sUser Notice:\n", indent, ""); | - |
431 | print_notice(out, qualinfo->d.usernotice, indent + 2); | - |
432 | break;executed 526 times by 1 test: break; | 526 |
433 | | - |
434 | default:executed 1258 times by 1 test: default: | 1258 |
435 | BIO_printf(out, "%*sUnknown Qualifier: ", indent + 2, ""); | - |
436 | | - |
437 | i2a_ASN1_OBJECT(out, qualinfo->pqualid); | - |
438 | BIO_puts(out, "\n"); | - |
439 | break;executed 1258 times by 1 test: break; | 1258 |
440 | } | - |
441 | } | - |
442 | }executed 854 times by 1 test: end of block | 854 |
443 | | - |
444 | static void print_notice(BIO *out, USERNOTICE *notice, int indent) | - |
445 | { | - |
446 | int i; | - |
447 | if (notice->noticeref) {TRUE | evaluated 280 times by 1 test | FALSE | evaluated 246 times by 1 test |
| 246-280 |
448 | NOTICEREF *ref; | - |
449 | ref = notice->noticeref; | - |
450 | BIO_printf(out, "%*sOrganization: %s\n", indent, "", | - |
451 | ref->organization->data); | - |
452 | BIO_printf(out, "%*sNumber%s: ", indent, "", | - |
453 | sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : ""); | - |
454 | for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {TRUE | evaluated 572 times by 1 test | FALSE | evaluated 280 times by 1 test |
| 280-572 |
455 | ASN1_INTEGER *num; | - |
456 | char *tmp; | - |
457 | num = sk_ASN1_INTEGER_value(ref->noticenos, i); | - |
458 | if (i)TRUE | evaluated 459 times by 1 test | FALSE | evaluated 113 times by 1 test |
| 113-459 |
459 | BIO_puts(out, ", ");executed 459 times by 1 test: BIO_puts(out, ", "); | 459 |
460 | if (num == NULL)TRUE | never evaluated | FALSE | evaluated 572 times by 1 test |
| 0-572 |
461 | BIO_puts(out, "(null)"); never executed: BIO_puts(out, "(null)"); | 0 |
462 | else { | - |
463 | tmp = i2s_ASN1_INTEGER(NULL, num); | - |
464 | if (tmp == NULL)TRUE | never evaluated | FALSE | evaluated 572 times by 1 test |
| 0-572 |
465 | return; never executed: return; | 0 |
466 | BIO_puts(out, tmp); | - |
467 | OPENSSL_free(tmp); | - |
468 | }executed 572 times by 1 test: end of block | 572 |
469 | } | - |
470 | BIO_puts(out, "\n"); | - |
471 | }executed 280 times by 1 test: end of block | 280 |
472 | if (notice->exptext)TRUE | evaluated 176 times by 1 test | FALSE | evaluated 350 times by 1 test |
| 176-350 |
473 | BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",executed 176 times by 1 test: BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", notice->exptext->data); | 176 |
474 | notice->exptext->data);executed 176 times by 1 test: BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", notice->exptext->data); | 176 |
475 | }executed 526 times by 1 test: end of block | 526 |
476 | | - |
477 | void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) | - |
478 | { | - |
479 | const X509_POLICY_DATA *dat = node->data; | - |
480 | | - |
481 | BIO_printf(out, "%*sPolicy: ", indent, ""); | - |
482 | | - |
483 | i2a_ASN1_OBJECT(out, dat->valid_policy); | - |
484 | BIO_puts(out, "\n"); | - |
485 | BIO_printf(out, "%*s%s\n", indent + 2, "", | - |
486 | node_data_critical(dat) ? "Critical" : "Non Critical"); | - |
487 | if (dat->qualifier_set)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
488 | print_qualifiers(out, dat->qualifier_set, indent + 2); never executed: print_qualifiers(out, dat->qualifier_set, indent + 2); | 0 |
489 | else | - |
490 | BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); never executed: BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); | 0 |
491 | } | - |
| | |