/src/openssl/crypto/x509/v3_tlsf.c

Source (jump to first uncovered line)
/*
 * Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/e_os.h"
#include "internal/cryptlib.h"
#include <stdio.h>
#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#include "ext_dat.h"
#include "x509_local.h"

static STACK_OF(CONF_VALUE) *i2v_TLS_FEATURE(const X509V3_EXT_METHOD *method,
                                             TLS_FEATURE *tls_feature,
                                             STACK_OF(CONF_VALUE) *ext_list);
static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
                                    X509V3_CTX *ctx,
                                    STACK_OF(CONF_VALUE) *nval);

ASN1_ITEM_TEMPLATE(TLS_FEATURE) =
        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, TLS_FEATURE, ASN1_INTEGER)
static_ASN1_ITEM_TEMPLATE_END(TLS_FEATURE)

IMPLEMENT_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)

const X509V3_EXT_METHOD ossl_v3_tls_feature = {
    NID_tlsfeature, 0,
    ASN1_ITEM_ref(TLS_FEATURE),
    0, 0, 0, 0,
    0, 0,
    (X509V3_EXT_I2V)i2v_TLS_FEATURE,
    (X509V3_EXT_V2I)v2i_TLS_FEATURE,
    0, 0,
    NULL
};


typedef struct {
    long num;
    const char *name;
} TLS_FEATURE_NAME;

static TLS_FEATURE_NAME tls_feature_tbl[] = {
    { 5, "status_request" },
    { 17, "status_request_v2" }
};

/*
 * i2v_TLS_FEATURE converts the TLS_FEATURE structure tls_feature into the
 * STACK_OF(CONF_VALUE) structure ext_list. STACK_OF(CONF_VALUE) is the format
 * used by the CONF library to represent a multi-valued extension.  ext_list is
 * returned.
 */
static STACK_OF(CONF_VALUE) *i2v_TLS_FEATURE(const X509V3_EXT_METHOD *method,
                                             TLS_FEATURE *tls_feature,
                                             STACK_OF(CONF_VALUE) *ext_list)
{
    int i;
    size_t j;
    ASN1_INTEGER *ai;
    long tlsextid;
    for (i = 0; i < sk_ASN1_INTEGER_num(tls_feature); i++) {
        ai = sk_ASN1_INTEGER_value(tls_feature, i);
        tlsextid = ASN1_INTEGER_get(ai);
        for (j = 0; j < OSSL_NELEM(tls_feature_tbl); j++)
            if (tlsextid == tls_feature_tbl[j].num)
                break;
        if (j < OSSL_NELEM(tls_feature_tbl))
            X509V3_add_value(NULL, tls_feature_tbl[j].name, &ext_list);
        else
            X509V3_add_value_int(NULL, ai, &ext_list);
    }
    return ext_list;
}

/*
 * v2i_TLS_FEATURE converts the multi-valued extension nval into a TLS_FEATURE
 * structure, which is returned if the conversion is successful.  In case of
 * error, NULL is returned.
 */
static TLS_FEATURE *v2i_TLS_FEATURE(const X509V3_EXT_METHOD *method,
                                    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
    TLS_FEATURE *tlsf;
    char *extval, *endptr;
    ASN1_INTEGER *ai = NULL;
    CONF_VALUE *val;
    int i;
    size_t j;
    long tlsextid;

    if ((tlsf = sk_ASN1_INTEGER_new_null()) == NULL) {
        ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
        return NULL;
    }

    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
        val = sk_CONF_VALUE_value(nval, i);
        if (val->value)
            extval = val->value;
        else
            extval = val->name;

        for (j = 0; j < OSSL_NELEM(tls_feature_tbl); j++)
            if (OPENSSL_strcasecmp(extval, tls_feature_tbl[j].name) == 0)
                break;
        if (j < OSSL_NELEM(tls_feature_tbl))
            tlsextid = tls_feature_tbl[j].num;
        else {
            tlsextid = strtol(extval, &endptr, 10);
            if (((*endptr) != '\0') || (extval == endptr) || (tlsextid < 0) ||
                (tlsextid > 65535)) {
                ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_SYNTAX);
                X509V3_conf_add_error_name_value(val);
                goto err;
            }
        }

        if ((ai = ASN1_INTEGER_new()) == NULL
                || !ASN1_INTEGER_set(ai, tlsextid)
                || sk_ASN1_INTEGER_push(tlsf, ai) <= 0) {
            ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
            goto err;
        }
        /* So it doesn't get purged if an error occurs next time around */
        ai = NULL;
    }
    return tlsf;

 err:
    sk_ASN1_INTEGER_pop_free(tlsf, ASN1_INTEGER_free);
    ASN1_INTEGER_free(ai);
    return NULL;
}

Coverage Report

Created: 2025-06-13 06:36

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2015-2022 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/e_os.h"
11		#include "internal/cryptlib.h"
12		#include <stdio.h>
13		#include <openssl/asn1t.h>
14		#include <openssl/conf.h>
15		#include <openssl/x509v3.h>
16		#include "ext_dat.h"
17		#include "x509_local.h"
18
19		static STACK_OF(CONF_VALUE) i2v_TLS_FEATURE(const X509V3_EXT_METHOD method,
20		TLS_FEATURE *tls_feature,
21		STACK_OF(CONF_VALUE) *ext_list);
22		static TLS_FEATURE v2i_TLS_FEATURE(const X509V3_EXT_METHOD method,
23		X509V3_CTX *ctx,
24		STACK_OF(CONF_VALUE) *nval);
25
26		ASN1_ITEM_TEMPLATE(TLS_FEATURE) =
27		ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, TLS_FEATURE, ASN1_INTEGER)
28		static_ASN1_ITEM_TEMPLATE_END(TLS_FEATURE)
29
30		IMPLEMENT_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)
31
32		const X509V3_EXT_METHOD ossl_v3_tls_feature = {
33		NID_tlsfeature, 0,
34		ASN1_ITEM_ref(TLS_FEATURE),
35		0, 0, 0, 0,
36		0, 0,
37		(X509V3_EXT_I2V)i2v_TLS_FEATURE,
38		(X509V3_EXT_V2I)v2i_TLS_FEATURE,
39		0, 0,
40		NULL
41		};
42
43
44		typedef struct {
45		long num;
46		const char *name;
47		} TLS_FEATURE_NAME;
48
49		static TLS_FEATURE_NAME tls_feature_tbl[] = {
50		{ 5, "status_request" },
51		{ 17, "status_request_v2" }
52		};
53
54		/*
55		* i2v_TLS_FEATURE converts the TLS_FEATURE structure tls_feature into the
56		* STACK_OF(CONF_VALUE) structure ext_list. STACK_OF(CONF_VALUE) is the format
57		* used by the CONF library to represent a multi-valued extension. ext_list is
58		* returned.
59		*/
60		static STACK_OF(CONF_VALUE) i2v_TLS_FEATURE(const X509V3_EXT_METHOD method,
61		TLS_FEATURE *tls_feature,
62		STACK_OF(CONF_VALUE) *ext_list)
63	0	{
64	0	int i;
65	0	size_t j;
66	0	ASN1_INTEGER *ai;
67	0	long tlsextid;
68	0	for (i = 0; i < sk_ASN1_INTEGER_num(tls_feature); i++) {
69	0	ai = sk_ASN1_INTEGER_value(tls_feature, i);
70	0	tlsextid = ASN1_INTEGER_get(ai);
71	0	for (j = 0; j < OSSL_NELEM(tls_feature_tbl); j++)
72	0	if (tlsextid == tls_feature_tbl[j].num)
73	0	break;
74	0	if (j < OSSL_NELEM(tls_feature_tbl))
75	0	X509V3_add_value(NULL, tls_feature_tbl[j].name, &ext_list);
76	0	else
77	0	X509V3_add_value_int(NULL, ai, &ext_list);
78	0	}
79	0	return ext_list;
80	0	}
81
82		/*
83		* v2i_TLS_FEATURE converts the multi-valued extension nval into a TLS_FEATURE
84		* structure, which is returned if the conversion is successful. In case of
85		* error, NULL is returned.
86		*/
87		static TLS_FEATURE v2i_TLS_FEATURE(const X509V3_EXT_METHOD method,
88		X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
89	0	{
90	0	TLS_FEATURE *tlsf;
91	0	char extval, endptr;
92	0	ASN1_INTEGER *ai = NULL;
93	0	CONF_VALUE *val;
94	0	int i;
95	0	size_t j;
96	0	long tlsextid;
97
98	0	if ((tlsf = sk_ASN1_INTEGER_new_null()) == NULL) {
99	0	ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
100	0	return NULL;
101	0	}
102
103	0	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
104	0	val = sk_CONF_VALUE_value(nval, i);
105	0	if (val->value)
106	0	extval = val->value;
107	0	else
108	0	extval = val->name;
109
110	0	for (j = 0; j < OSSL_NELEM(tls_feature_tbl); j++)
111	0	if (OPENSSL_strcasecmp(extval, tls_feature_tbl[j].name) == 0)
112	0	break;
113	0	if (j < OSSL_NELEM(tls_feature_tbl))
114	0	tlsextid = tls_feature_tbl[j].num;
115	0	else {
116	0	tlsextid = strtol(extval, &endptr, 10);
117	0	if (((*endptr) != '\0') \|\| (extval == endptr) \|\| (tlsextid < 0) \|\|
118	0	(tlsextid > 65535)) {
119	0	ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_SYNTAX);
120	0	X509V3_conf_add_error_name_value(val);
121	0	goto err;
122	0	}
123	0	}
124
125	0	if ((ai = ASN1_INTEGER_new()) == NULL
126	0	\|\| !ASN1_INTEGER_set(ai, tlsextid)
127	0	\|\| sk_ASN1_INTEGER_push(tlsf, ai) <= 0) {
128	0	ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
129	0	goto err;
130	0	}
131		/* So it doesn't get purged if an error occurs next time around */
132	0	ai = NULL;
133	0	}
134	0	return tlsf;
135
136	0	err:
137	0	sk_ASN1_INTEGER_pop_free(tlsf, ASN1_INTEGER_free);
138	0	ASN1_INTEGER_free(ai);
139	0	return NULL;
140	0	}