/src/irssi/subprojects/openssl-1.1.1l/crypto/x509v3/pcy_node.c

Source (jump to first uncovered line)
/*
 * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/asn1.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>

#include "pcy_local.h"

static int node_cmp(const X509_POLICY_NODE *const *a,
                    const X509_POLICY_NODE *const *b)
{
    return OBJ_cmp((*a)->data->valid_policy, (*b)->data->valid_policy);
}

STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
{
    return sk_X509_POLICY_NODE_new(node_cmp);
}

X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
                               const ASN1_OBJECT *id)
{
    X509_POLICY_DATA n;
    X509_POLICY_NODE l;
    int idx;

    n.valid_policy = (ASN1_OBJECT *)id;
    l.data = &n;

    idx = sk_X509_POLICY_NODE_find(nodes, &l);
    return sk_X509_POLICY_NODE_value(nodes, idx);

}

X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
                                  const X509_POLICY_NODE *parent,
                                  const ASN1_OBJECT *id)
{
    X509_POLICY_NODE *node;
    int i;
    for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
        node = sk_X509_POLICY_NODE_value(level->nodes, i);
        if (node->parent == parent) {
            if (!OBJ_cmp(node->data->valid_policy, id))
                return node;
        }
    }
    return NULL;
}

X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
                                 X509_POLICY_DATA *data,
                                 X509_POLICY_NODE *parent,
                                 X509_POLICY_TREE *tree)
{
    X509_POLICY_NODE *node;

    node = OPENSSL_zalloc(sizeof(*node));
    if (node == NULL) {
        X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    node->data = data;
    node->parent = parent;
    if (level) {
        if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
            if (level->anyPolicy)
                goto node_error;
            level->anyPolicy = node;
        } else {

            if (level->nodes == NULL)
                level->nodes = policy_node_cmp_new();
            if (level->nodes == NULL) {
                X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
                goto node_error;
            }
            if (!sk_X509_POLICY_NODE_push(level->nodes, node)) {
                X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
                goto node_error;
            }
        }
    }

    if (tree) {
        if (tree->extra_data == NULL)
            tree->extra_data = sk_X509_POLICY_DATA_new_null();
        if (tree->extra_data == NULL){
            X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
            goto node_error;
        }
        if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) {
            X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
            goto node_error;
        }
    }

    if (parent)
        parent->nchild++;

    return node;

 node_error:
    policy_node_free(node);
    return NULL;
}

void policy_node_free(X509_POLICY_NODE *node)
{
    OPENSSL_free(node);
}

/*
 * See if a policy node matches a policy OID. If mapping enabled look through
 * expected policy set otherwise just valid policy.
 */

int policy_node_match(const X509_POLICY_LEVEL *lvl,
                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
{
    int i;
    ASN1_OBJECT *policy_oid;
    const X509_POLICY_DATA *x = node->data;

    if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP)
        || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
        if (!OBJ_cmp(x->valid_policy, oid))
            return 1;
        return 0;
    }

    for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
        policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
        if (!OBJ_cmp(policy_oid, oid))
            return 1;
    }
    return 0;

}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the OpenSSL license (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <openssl/asn1.h>
11		#include <openssl/x509.h>
12		#include <openssl/x509v3.h>
13		#include <openssl/err.h>
14
15		#include "pcy_local.h"
16
17		static int node_cmp(const X509_POLICY_NODE const a,
18		const X509_POLICY_NODE const b)
19	0	{
20	0	return OBJ_cmp((a)->data->valid_policy, (b)->data->valid_policy);
21	0	}
22
23		STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
24	0	{
25	0	return sk_X509_POLICY_NODE_new(node_cmp);
26	0	}
27
28		X509_POLICY_NODE tree_find_sk(STACK_OF(X509_POLICY_NODE) nodes,
29		const ASN1_OBJECT *id)
30	0	{
31	0	X509_POLICY_DATA n;
32	0	X509_POLICY_NODE l;
33	0	int idx;
34
35	0	n.valid_policy = (ASN1_OBJECT *)id;
36	0	l.data = &n;
37
38	0	idx = sk_X509_POLICY_NODE_find(nodes, &l);
39	0	return sk_X509_POLICY_NODE_value(nodes, idx);
40
41	0	}
42
43		X509_POLICY_NODE level_find_node(const X509_POLICY_LEVEL level,
44		const X509_POLICY_NODE *parent,
45		const ASN1_OBJECT *id)
46	0	{
47	0	X509_POLICY_NODE *node;
48	0	int i;
49	0	for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
50	0	node = sk_X509_POLICY_NODE_value(level->nodes, i);
51	0	if (node->parent == parent) {
52	0	if (!OBJ_cmp(node->data->valid_policy, id))
53	0	return node;
54	0	}
55	0	}
56	0	return NULL;
57	0	}
58
59		X509_POLICY_NODE level_add_node(X509_POLICY_LEVEL level,
60		X509_POLICY_DATA *data,
61		X509_POLICY_NODE *parent,
62		X509_POLICY_TREE *tree)
63	0	{
64	0	X509_POLICY_NODE *node;
65
66	0	node = OPENSSL_zalloc(sizeof(*node));
67	0	if (node == NULL) {
68	0	X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
69	0	return NULL;
70	0	}
71	0	node->data = data;
72	0	node->parent = parent;
73	0	if (level) {
74	0	if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
75	0	if (level->anyPolicy)
76	0	goto node_error;
77	0	level->anyPolicy = node;
78	0	} else {
79
80	0	if (level->nodes == NULL)
81	0	level->nodes = policy_node_cmp_new();
82	0	if (level->nodes == NULL) {
83	0	X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
84	0	goto node_error;
85	0	}
86	0	if (!sk_X509_POLICY_NODE_push(level->nodes, node)) {
87	0	X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
88	0	goto node_error;
89	0	}
90	0	}
91	0	}
92
93	0	if (tree) {
94	0	if (tree->extra_data == NULL)
95	0	tree->extra_data = sk_X509_POLICY_DATA_new_null();
96	0	if (tree->extra_data == NULL){
97	0	X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
98	0	goto node_error;
99	0	}
100	0	if (!sk_X509_POLICY_DATA_push(tree->extra_data, data)) {
101	0	X509V3err(X509V3_F_LEVEL_ADD_NODE, ERR_R_MALLOC_FAILURE);
102	0	goto node_error;
103	0	}
104	0	}
105
106	0	if (parent)
107	0	parent->nchild++;
108
109	0	return node;
110
111	0	node_error:
112	0	policy_node_free(node);
113	0	return NULL;
114	0	}
115
116		void policy_node_free(X509_POLICY_NODE *node)
117	0	{
118	0	OPENSSL_free(node);
119	0	}
120
121		/*
122		* See if a policy node matches a policy OID. If mapping enabled look through
123		* expected policy set otherwise just valid policy.
124		*/
125
126		int policy_node_match(const X509_POLICY_LEVEL *lvl,
127		const X509_POLICY_NODE node, const ASN1_OBJECT oid)
128	0	{
129	0	int i;
130	0	ASN1_OBJECT *policy_oid;
131	0	const X509_POLICY_DATA *x = node->data;
132
133	0	if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP)
134	0	\|\| !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
135	0	if (!OBJ_cmp(x->valid_policy, oid))
136	0	return 1;
137	0	return 0;
138	0	}
139
140	0	for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
141	0	policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
142	0	if (!OBJ_cmp(policy_oid, oid))
143	0	return 1;
144	0	}
145	0	return 0;
146
147	0	}

Coverage Report

Created: 2025-07-01 06:23