GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libcrypto/ts/ts_verify_ctx.c Lines: 36 45 80.0 %
Date: 2017-11-07 Branches: 9 24 37.5 %

Line Branch Exec Source
1
/* $OpenBSD: ts_verify_ctx.c,v 1.9 2017/01/29 17:49:23 beck Exp $ */
2
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3
 * project 2003.
4
 */
5
/* ====================================================================
6
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 *
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 *
15
 * 2. Redistributions in binary form must reproduce the above copyright
16
 *    notice, this list of conditions and the following disclaimer in
17
 *    the documentation and/or other materials provided with the
18
 *    distribution.
19
 *
20
 * 3. All advertising materials mentioning features or use of this
21
 *    software must display the following acknowledgment:
22
 *    "This product includes software developed by the OpenSSL Project
23
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24
 *
25
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26
 *    endorse or promote products derived from this software without
27
 *    prior written permission. For written permission, please contact
28
 *    licensing@OpenSSL.org.
29
 *
30
 * 5. Products derived from this software may not be called "OpenSSL"
31
 *    nor may "OpenSSL" appear in their names without prior written
32
 *    permission of the OpenSSL Project.
33
 *
34
 * 6. Redistributions of any form whatsoever must retain the following
35
 *    acknowledgment:
36
 *    "This product includes software developed by the OpenSSL Project
37
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38
 *
39
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50
 * OF THE POSSIBILITY OF SUCH DAMAGE.
51
 * ====================================================================
52
 *
53
 * This product includes cryptographic software written by Eric Young
54
 * (eay@cryptsoft.com).  This product includes software written by Tim
55
 * Hudson (tjh@cryptsoft.com).
56
 *
57
 */
58
59
#include <string.h>
60
61
#include <openssl/err.h>
62
#include <openssl/objects.h>
63
#include <openssl/ts.h>
64
65
TS_VERIFY_CTX *
66
TS_VERIFY_CTX_new(void)
67
{
68
4
	TS_VERIFY_CTX *ctx = calloc(1, sizeof(TS_VERIFY_CTX));
69
70
2
	if (!ctx)
71
		TSerror(ERR_R_MALLOC_FAILURE);
72
73
2
	return ctx;
74
}
75
76
void
77
TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
78
{
79
4
	memset(ctx, 0, sizeof(TS_VERIFY_CTX));
80
2
}
81
82
void
83
TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
84
{
85
4
	if (!ctx)
86
		return;
87
88
2
	TS_VERIFY_CTX_cleanup(ctx);
89
2
	free(ctx);
90
4
}
91
92
void
93
TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
94
{
95
4
	if (!ctx)
96
		return;
97
98
2
	X509_STORE_free(ctx->store);
99
2
	sk_X509_pop_free(ctx->certs, X509_free);
100
101
2
	ASN1_OBJECT_free(ctx->policy);
102
103
2
	X509_ALGOR_free(ctx->md_alg);
104
2
	free(ctx->imprint);
105
106
2
	BIO_free_all(ctx->data);
107
108
2
	ASN1_INTEGER_free(ctx->nonce);
109
110
2
	GENERAL_NAME_free(ctx->tsa_name);
111
112
2
	TS_VERIFY_CTX_init(ctx);
113
4
}
114
115
TS_VERIFY_CTX *
116
TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
117
{
118
	TS_VERIFY_CTX *ret = ctx;
119
	ASN1_OBJECT *policy;
120
	TS_MSG_IMPRINT *imprint;
121
	X509_ALGOR *md_alg;
122
	ASN1_OCTET_STRING *msg;
123
	const ASN1_INTEGER *nonce;
124
125
4
	if (ret)
126
		TS_VERIFY_CTX_cleanup(ret);
127
2
	else if (!(ret = TS_VERIFY_CTX_new()))
128
		return NULL;
129
130
	/* Setting flags. */
131
2
	ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
132
133
	/* Setting policy. */
134
2
	if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
135
		if (!(ret->policy = OBJ_dup(policy)))
136
			goto err;
137
	} else
138
2
		ret->flags &= ~TS_VFY_POLICY;
139
140
	/* Setting md_alg, imprint and imprint_len. */
141
2
	imprint = TS_REQ_get_msg_imprint(req);
142
2
	md_alg = TS_MSG_IMPRINT_get_algo(imprint);
143
2
	if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
144
		goto err;
145
2
	msg = TS_MSG_IMPRINT_get_msg(imprint);
146
2
	ret->imprint_len = ASN1_STRING_length(msg);
147
2
	if (!(ret->imprint = malloc(ret->imprint_len)))
148
		goto err;
149
2
	memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
150
151
	/* Setting nonce. */
152
2
	if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
153
		if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
154
			goto err;
155
	} else
156
2
		ret->flags &= ~TS_VFY_NONCE;
157
158
2
	return ret;
159
160
err:
161
	if (ctx)
162
		TS_VERIFY_CTX_cleanup(ctx);
163
	else
164
		TS_VERIFY_CTX_free(ret);
165
	return NULL;
166
2
}