Coverage Report

Created: 2022-08-24 06:31

/src/libressl/crypto/ct/ct_prn.c
Line
Count
Source (jump to first uncovered line)
1
/*  $OpenBSD: ct_prn.c,v 1.6 2021/12/18 16:34:52 tb Exp $ */
2
/*
3
 * Written by Rob Stradling (rob@comodo.com) and Stephen Henson
4
 * (steve@openssl.org) for the OpenSSL project 2014.
5
 */
6
/* ====================================================================
7
 * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
8
 *
9
 * Redistribution and use in source and binary forms, with or without
10
 * modification, are permitted provided that the following conditions
11
 * are met:
12
 *
13
 * 1. Redistributions of source code must retain the above copyright
14
 *    notice, this list of conditions and the following disclaimer.
15
 *
16
 * 2. Redistributions in binary form must reproduce the above copyright
17
 *    notice, this list of conditions and the following disclaimer in
18
 *    the documentation and/or other materials provided with the
19
 *    distribution.
20
 *
21
 * 3. All advertising materials mentioning features or use of this
22
 *    software must display the following acknowledgment:
23
 *    "This product includes software developed by the OpenSSL Project
24
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25
 *
26
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27
 *    endorse or promote products derived from this software without
28
 *    prior written permission. For written permission, please contact
29
 *    licensing@OpenSSL.org.
30
 *
31
 * 5. Products derived from this software may not be called "OpenSSL"
32
 *    nor may "OpenSSL" appear in their names without prior written
33
 *    permission of the OpenSSL Project.
34
 *
35
 * 6. Redistributions of any form whatsoever must retain the following
36
 *    acknowledgment:
37
 *    "This product includes software developed by the OpenSSL Project
38
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39
 *
40
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
44
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51
 * OF THE POSSIBILITY OF SUCH DAMAGE.
52
 * ====================================================================
53
 *
54
 * This product includes cryptographic software written by Eric Young
55
 * (eay@cryptsoft.com).  This product includes software written by Tim
56
 * Hudson (tjh@cryptsoft.com).
57
 *
58
 */
59
60
#ifdef OPENSSL_NO_CT
61
# error "CT is disabled"
62
#endif
63
64
#include <openssl/asn1.h>
65
#include <openssl/bio.h>
66
67
#include "ct_local.h"
68
69
/*
70
 * XXX public api in OpenSSL 1.1.0  but this is the only thing that uses it.
71
 * so I am stuffing it here for the moment.
72
 */
73
static int
74
BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
75
    int datalen)
76
0
{
77
0
  int i, j = 0;
78
79
0
  if (datalen < 1)
80
0
    return 1;
81
82
0
  for (i = 0; i < datalen - 1; i++) {
83
0
    if (i && !j)
84
0
      BIO_printf(out, "%*s", indent, "");
85
86
0
    BIO_printf(out, "%02X:", data[i]);
87
88
0
    j = (j + 1) % width;
89
0
    if (!j)
90
0
      BIO_printf(out, "\n");
91
0
  }
92
93
0
  if (i && !j)
94
0
    BIO_printf(out, "%*s", indent, "");
95
0
  BIO_printf(out, "%02X", data[datalen - 1]);
96
0
  return 1;
97
0
}
98
99
static void
100
SCT_signature_algorithms_print(const SCT *sct, BIO *out)
101
0
{
102
0
  int nid = SCT_get_signature_nid(sct);
103
104
0
  if (nid == NID_undef)
105
0
    BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg);
106
0
  else
107
0
    BIO_printf(out, "%s", OBJ_nid2ln(nid));
108
0
}
109
110
static void
111
timestamp_print(uint64_t timestamp, BIO *out)
112
0
{
113
0
  ASN1_GENERALIZEDTIME *gen = ASN1_GENERALIZEDTIME_new();
114
0
  char genstr[20];
115
116
0
  if (gen == NULL)
117
0
    return;
118
0
  ASN1_GENERALIZEDTIME_adj(gen, (time_t)0, (int)(timestamp / 86400000),
119
0
      (timestamp % 86400000) / 1000);
120
  /*
121
   * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
122
   * characters long with a final Z. Update it with fractional seconds.
123
   */
124
0
  snprintf(genstr, sizeof(genstr), "%.14sZ", ASN1_STRING_get0_data(gen));
125
0
  if (ASN1_GENERALIZEDTIME_set_string(gen, genstr))
126
0
    ASN1_GENERALIZEDTIME_print(out, gen);
127
0
  ASN1_GENERALIZEDTIME_free(gen);
128
0
}
129
130
const char *
131
SCT_validation_status_string(const SCT *sct)
132
0
{
133
0
  switch (SCT_get_validation_status(sct)) {
134
0
  case SCT_VALIDATION_STATUS_NOT_SET:
135
0
    return "not set";
136
0
  case SCT_VALIDATION_STATUS_UNKNOWN_VERSION:
137
0
    return "unknown version";
138
0
  case SCT_VALIDATION_STATUS_UNKNOWN_LOG:
139
0
    return "unknown log";
140
0
  case SCT_VALIDATION_STATUS_UNVERIFIED:
141
0
    return "unverified";
142
0
  case SCT_VALIDATION_STATUS_INVALID:
143
0
    return "invalid";
144
0
  case SCT_VALIDATION_STATUS_VALID:
145
0
    return "valid";
146
0
  }
147
0
  return "unknown status";
148
0
}
149
150
void
151
SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *log_store)
152
0
{
153
0
  const CTLOG *log = NULL;
154
155
0
  if (log_store != NULL) {
156
0
    log = CTLOG_STORE_get0_log_by_id(log_store, sct->log_id,
157
0
        sct->log_id_len);
158
0
  }
159
160
0
  BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, "");
161
0
  BIO_printf(out, "\n%*sVersion   : ", indent + 4, "");
162
163
0
  if (sct->version != SCT_VERSION_V1) {
164
0
    BIO_printf(out, "unknown\n%*s", indent + 16, "");
165
0
    BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len);
166
0
    return;
167
0
  }
168
169
0
  BIO_printf(out, "v1 (0x0)");
170
171
0
  if (log != NULL) {
172
0
    BIO_printf(out, "\n%*sLog       : %s", indent + 4, "",
173
0
        CTLOG_get0_name(log));
174
0
  }
175
176
0
  BIO_printf(out, "\n%*sLog ID    : ", indent + 4, "");
177
0
  BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len);
178
179
0
  BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
180
0
  timestamp_print(sct->timestamp, out);
181
182
0
  BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
183
0
  if (sct->ext_len == 0)
184
0
    BIO_printf(out, "none");
185
0
  else
186
0
    BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len);
187
188
0
  BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
189
0
  SCT_signature_algorithms_print(sct, out);
190
0
  BIO_printf(out, "\n%*s            ", indent + 4, "");
191
0
  BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len);
192
0
}
193
194
void
195
SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
196
    const char *separator, const CTLOG_STORE *log_store)
197
0
{
198
0
  int sct_count = sk_SCT_num(sct_list);
199
0
  int i;
200
201
0
  for (i = 0; i < sct_count; ++i) {
202
0
    SCT *sct = sk_SCT_value(sct_list, i);
203
204
0
    SCT_print(sct, out, indent, log_store);
205
0
    if (i < sk_SCT_num(sct_list) - 1)
206
0
      BIO_printf(out, "%s", separator);
207
0
  }
208
0
}