Coverage Report

Created: 2026-04-15 06:25

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/boringssl/crypto/x509/v3_skey.cc
Line
Count
Source
1
// Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//     https://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14
15
#include <limits.h>
16
#include <stdio.h>
17
#include <string.h>
18
19
#include <openssl/digest.h>
20
#include <openssl/err.h>
21
#include <openssl/mem.h>
22
#include <openssl/obj.h>
23
#include <openssl/x509.h>
24
25
#include "internal.h"
26
27
28
using namespace bssl;
29
30
char *i2s_ASN1_OCTET_STRING(const X509V3_EXT_METHOD *method,
31
190
                            const ASN1_OCTET_STRING *oct) {
32
190
  return x509v3_bytes_to_hex(oct->data, oct->length);
33
190
}
34
35
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(const X509V3_EXT_METHOD *method,
36
                                         const X509V3_CTX *ctx,
37
112
                                         const char *str) {
38
112
  size_t len;
39
112
  uint8_t *data = x509v3_hex_to_bytes(str, &len);
40
112
  ASN1_OCTET_STRING *oct;
41
112
  if (data == nullptr) {
42
63
    return nullptr;
43
63
  }
44
49
  if (len > INT_MAX) {
45
0
    OPENSSL_PUT_ERROR(X509V3, ERR_R_OVERFLOW);
46
0
    goto err;
47
0
  }
48
49
49
  oct = ASN1_OCTET_STRING_new();
50
49
  if (oct == nullptr) {
51
0
    goto err;
52
0
  }
53
49
  ASN1_STRING_set0(oct, data, (int)len);
54
49
  return oct;
55
56
0
err:
57
0
  OPENSSL_free(data);
58
0
  return nullptr;
59
49
}
60
61
static char *i2s_ASN1_OCTET_STRING_cb(const X509V3_EXT_METHOD *method,
62
190
                                      void *ext) {
63
190
  return i2s_ASN1_OCTET_STRING(method,
64
190
                               reinterpret_cast<ASN1_OCTET_STRING *>(ext));
65
190
}
66
67
static void *s2i_skey_id(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx,
68
119
                         const char *str) {
69
119
  ASN1_OCTET_STRING *oct;
70
119
  const ASN1_BIT_STRING *pk;
71
119
  unsigned char pkey_dig[EVP_MAX_MD_SIZE];
72
119
  unsigned int diglen;
73
74
119
  if (strcmp(str, "hash")) {
75
112
    return s2i_ASN1_OCTET_STRING(method, ctx, str);
76
112
  }
77
78
7
  if (!(oct = ASN1_OCTET_STRING_new())) {
79
0
    return nullptr;
80
0
  }
81
82
7
  if (ctx && (ctx->flags == X509V3_CTX_TEST)) {
83
0
    return oct;
84
0
  }
85
86
7
  if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
87
4
    OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_PUBLIC_KEY);
88
4
    goto err;
89
4
  }
90
91
3
  if (ctx->subject_req) {
92
0
    pk = &ctx->subject_req->req_info->pubkey->public_key;
93
3
  } else {
94
3
    pk = X509_get0_pubkey_bitstr(ctx->subject_cert);
95
3
  }
96
97
3
  if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(),
98
3
                  nullptr)) {
99
0
    goto err;
100
0
  }
101
102
3
  if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
103
0
    goto err;
104
0
  }
105
106
3
  return oct;
107
108
4
err:
109
4
  ASN1_OCTET_STRING_free(oct);
110
4
  return nullptr;
111
3
}
112
113
const X509V3_EXT_METHOD bssl::v3_skey_id = {
114
    NID_subject_key_identifier,
115
    0,
116
    ASN1_ITEM_ref(ASN1_OCTET_STRING),
117
    nullptr,
118
    nullptr,
119
    nullptr,
120
    nullptr,
121
    i2s_ASN1_OCTET_STRING_cb,
122
    s2i_skey_id,
123
    nullptr,
124
    nullptr,
125
    nullptr,
126
    nullptr,
127
    nullptr,
128
};