Branch Coverage

inc/matrixssl-3-9-3-open/crypto/keyformat/x509.c
Criterion Covered Total %
branch 516 1872 27.5


line true false branch
201 0 777 if ((err = psParseList(pool, fileName, ';', &fileList)) < 0)
209 777 775 while (currentFile)
211 1 776 if ((err = psGetFileBuf(pool, (char *) currentFile->item, &fileBuf,
215 0 1 if (firstCert)
222 1 775 if ((err = pemCertFileBufToX509(pool, fileBuf, fileBufLen, &x509list))
227 0 1 if (firstCert)
244 1495 775 while (x509list != NULL)
248 0 1495 if (err < 0)
250 0 0 if (!(flags & CERT_ALLOW_BUNDLE_PARTIAL_PARSE))
255 0 0 if (firstCert)
268 775 720 if (firstCert == NULL)
302 0 776 if (fileBuf == NULL)
308 0 776 if (current == NULL)
316 1496 775 while (fileBufLen > 0)
318 1495 1 if (
319 1495 0 ((start = (unsigned char *) strstr((char *) chFileBuf, "-----BEGIN")) != NULL) &&
320 1495 0 ((start = (unsigned char *) strstr((char *) chFileBuf, "CERTIFICATE-----")) != NULL) &&
321 1495 0 ((end = (unsigned char *) strstr((char *) start, "-----END")) != NULL) &&
326 720 775 if (current == NULL)
329 0 720 if (current == NULL)
340 0 2990 while (*end == '\x0d' || *end == '\x0a' || *end == '\x09'
1495 1495 while (*end == '\x0d' || *end == '\x0a' || *end == '\x09'
0 1495 while (*end == '\x0d' || *end == '\x0a' || *end == '\x09'
341 0 1495 || *end == ' ')
353 0 1495 if (current->item == NULL)
364 0 1495 if (psBase64decode(start, current->len, current->item, ¤t->len) != 0)
405 0 0 if ((uint32) (end - p) < 1)
409 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
412 0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
419 0 0 if (getAsnAlgorithmIdentifier(&p, (uint32) (end - p), &oi, &plen) < 0)
424 0 0 if (secondPass)
426 0 0 if (oi != cert->pssHash)
432 0 0 if (oi == OID_SHA1_ALG)
436 0 0 else if (oi == OID_SHA256_ALG)
440 0 0 else if (oi == OID_MD5_ALG)
445 0 0 else if (oi == OID_SHA384_ALG)
451 0 0 else if (oi == OID_SHA512_ALG)
469 0 0 if ((uint32) (end - p) < 1)
473 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
477 0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
483 0 0 if (getAsnAlgorithmIdentifier(&p, (uint32) (end - p), &oi, &plen) < 0)
488 0 0 if (secondPass)
490 0 0 if (oi != cert->maskGen)
497 0 0 if (cert->maskGen != OID_ID_MGF1)
517 0 0 if (getAsnAlgorithmIdentifier(&p, (uint32) (end - p), &oi, &plen) < 0)
522 0 0 if (secondPass)
524 0 0 if (oi != cert->maskHash)
532 0 0 if ((uint32) (end - p) < 1)
536 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2))
540 0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
546 0 0 if (getAsnInteger(&p, (uint32) (end - p), &asnint) < 0)
551 0 0 if (secondPass)
553 0 0 if (asnint != cert->saltLen)
561 0 0 if ((uint32) (end - p) < 1)
565 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 3))
570 0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &plen) < 0 ||
576 0 0 if (getAsnInteger(&p, (uint32) (end - p), &asnint) < 0 ||
0 0 if (getAsnInteger(&p, (uint32) (end - p), &asnint) < 0 ||
583 0 0 if (p != end)
605 0 0 if (!cert || !der_out || !der_out_len)
0 0 if (!cert || !der_out || !der_out_len)
0 0 if (!cert || !der_out || !der_out_len)
609 0 0 if (cert->publicKeyDerOffsetIntoUnparsedBin == 0
610 0 0 || cert->publicKeyDerLen == 0)
617 0 0 if (*der_out_len < cert->publicKeyDerLen)
690 1 2879 if ((rc = getAsnSequence32(&p, (uint32_t) (far_end - p), &oneCertLen, 0))
699 0 2879 if (oneCertLen > 0xFFFF)
701 0 0 psAssert(oneCertLen <= 0xFFFF);
711 258 2621 if (flags & CERT_STORE_UNPARSED_BUFFER)
715 0 258 if (cert->unparsedBin == NULL)
753 0 2879 if ((rc = getAsnSequence(&p, (uint32) (end - p), &len)) < 0)
768 0 2879 if ((rc = getExplicitVersion(&p, (uint32) (end - p), 0, &cert->version))
811 0 2879 if ((rc = getSerialNum(pool, &p, (uint32) (end - p), &cert->serialNumber,
823 0 2879 if ((rc = getAsnAlgorithmIdentifier(&p, (uint32) (end - p),
831 0 2879 if (plen != 0)
834 0 0 if (cert->certAlgorithm == OID_RSASSA_PSS)
843 0 0 if ((rc = getAsnSequence(&p, (uint32) (end - p), &len)) < 0)
854 0 0 if (len > 0)
856 0 0 if ((rc = getRsaPssParams(&p, len, cert, 0)) < 0)
891 0 2879 if ((rc = psX509GetDNAttributes(pool, &p, (uint32) (end - p),
904 0 2879 if ((rc = getTimeValidity(pool, &p, (uint32) (end - p),
914 0 2879 if ((rc = validateDateRange(cert)) < 0)
925 0 2879 if ((rc = psX509GetDNAttributes(pool, &p, (uint32) (end - p),
942 0 2879 if ((rc = getAsnSequence(&p, (uint32) (end - p), &len)) < 0)
951 0 2879 if ((rc = getAsnAlgorithmIdentifier(&p, (uint32) (end - p),
964 105 0 if (plen == 0 || plen > (int32) (end - p))
0 105 if (plen == 0 || plen > (int32) (end - p))
971 0 105 if ((rc = getEcPubKey(pool, &p, (uint16_t) (end - p),
974 0 0 if (rc == PS_UNSUPPORTED_FAIL)
983 0 105 if (cert->publicKey.keysize < (MIN_ECC_BITS / 8))
995 0 2774 psAssert(plen == 0); /* No parameters on RSA pub key OID */
997 0 2774 if ((rc = psRsaParseAsnPubKey(pool, &p, (uint16_t) (end - p),
1007 0 2774 if (cert->publicKey.keysize < (MIN_RSA_BITS / 8))
1034 2879 0 if (*p != (ASN_SEQUENCE | ASN_CONSTRUCTED))
1036 2879 0 if (getImplicitBitString(pool, &p, (uint32) (end - p),
1038 2879 0 &cert->uniqueIssuerIdLen) < 0 ||
1041 0 2879 &cert->uniqueSubjectIdLen) < 0 ||
1057 0 2879 if (certEnd != p)
1066 45 2834 if (cert->subject.commonName == NULL &&
0 45 if (cert->subject.commonName == NULL &&
1067 0 0 cert->subject.country == NULL &&
1068 0 0 cert->subject.state == NULL &&
1069 0 0 cert->subject.organization == NULL &&
1070 0 0 cert->subject.orgUnit == NULL &&
1071 0 0 cert->subject.domainComponent == NULL &&
1084 0 2879 if ((rc = getAsnAlgorithmIdentifier(&p, (uint32) (end - p),
1092 0 2879 if (plen != 0)
1095 0 0 if (cert->sigAlgorithm == OID_RSASSA_PSS)
1104 0 0 if ((rc = getAsnSequence(&p, (uint32) (end - p), &len)) < 0)
1111 0 0 if (len > 0)
1113 0 0 if ((rc = getRsaPssParams(&p, len, cert, 1)) < 0)
1138 0 2879 if (cert->certAlgorithm != cert->sigAlgorithm)
1294 0 2879 if (memcmp(cert->sigHash, "\0\0\0\0\0\0", 6) == 0)
1304 0 2879 if ((rc = psX509GetSignature(pool, &p, (uint32) (end - p),
1319 2879 1 if (func_rc == PS_SUCCESS)
1322 0 2879 psAssert(p == end); /* Must have parsed everything. */
1324 0 2880 psAssert(p <= end); /* Must not have parsed too much. */
1362 0 2880 if (cert == NULL)
1377 2880 2879 while (parsing)
1386 2879 1 if (rc == PS_SUCCESS)
1392 0 1 psAssert(cert->parseStatus != PS_X509_PARSE_SUCCESS);
1394 1 0 if (!(flags & CERT_ALLOW_BUNDLE_PARTIAL_PARSE))
1411 0 2879 if ((p != far_end) && (p < (far_end + 1))
0 0 if ((p != far_end) && (p < (far_end + 1))
1412 0 0 && (far_end - p) > MIN_CERT_SIZE)
1414 0 0 if (*p == 0x0 && *(p + 1) == 0x0)
0 0 if (*p == 0x0 && *(p + 1) == 0x0)
1423 0 0 if (cert->next == NULL)
1439 0 2879 if (numParsedCerts == 0)
1442 0 2879 if (flags & CERT_ALLOW_BUNDLE_PARTIAL_PARSE)
1467 806 8640 while (orgUnit != NULL)
1481 0 8640 while (domainComponent != NULL)
1502 0 2880 if (extensions == NULL)
1506 31 2849 if (extensions->san)
1509 36 31 while (active != NULL)
1518 10 2870 if (extensions->issuerAltName)
1521 10 10 while (active != NULL)
1530 12 2868 if (extensions->authorityInfoAccess)
1533 18 12 while (authInfo != NULL)
1545 0 2880 if (extensions->crlNum)
1549 82 2798 if (extensions->crlDist)
1552 102 82 while (active != NULL)
1563 0 2880 if (extensions->nameConstraints.excluded)
1566 0 0 while (active != NULL)
1574 5 2875 if (extensions->nameConstraints.permitted)
1577 40 5 while (active != NULL)
1586 2864 16 if (extensions->sk.id)
1590 2379 501 if (extensions->ak.keyId)
1594 50 2830 if (extensions->ak.serialNum)
1603 88 2880 while (pol_info != NULL)
1609 111 88 while (qual_info != NULL)
1624 5 2880 while (pol_map != NULL)
1633 0 2880 if (extensions->netscapeComment)
1635 0 0 if (extensions->netscapeComment->comment)
1649 0 0 if (DN == NULL)
1654 0 0 if (DN->orgUnit == NULL)
1661 0 0 while (ou->next != NULL)
1676 0 0 if (DN == NULL || DN->orgUnit == NULL || index < 0)
0 0 if (DN == NULL || DN->orgUnit == NULL || index < 0)
0 0 if (DN == NULL || DN->orgUnit == NULL || index < 0)
1687 0 0 if (i < 0)
1693 0 0 if (i == index)
1698 0 0 while (ou->next != NULL)
1702 0 0 if (i < 0)
1706 0 0 if (i == index)
1720 0 0 if (DN == NULL)
1725 0 0 if (DN->domainComponent == NULL)
1732 0 0 while (dc->next != NULL)
1747 0 0 if (DN == NULL || DN->domainComponent == NULL || index < 0)
0 0 if (DN == NULL || DN->domainComponent == NULL || index < 0)
0 0 if (DN == NULL || DN->domainComponent == NULL || index < 0)
1758 0 0 if (i < 0)
1764 0 0 if (i == index)
1769 0 0 while (dc->next != NULL)
1773 0 0 if (i < 0)
1777 0 0 if (i == index)
1796 0 0 if (DN == NULL || out_str == NULL)
0 0 if (DN == NULL || out_str == NULL)
1802 0 0 if (num_dcs == 0)
1809 0 0 for (i = 0; i < num_dcs; i++)
1812 0 0 if (dc == NULL)
1818 0 0 if (i != (num_dcs - 1))
1827 0 0 if (*out_str == NULL)
1836 0 0 for (i = num_dcs - 1; i >= 0; i--)
1839 0 0 if (dc == NULL)
1848 0 0 if (i != 0)
1855 0 0 if (pos != total_len - DN_NUM_TERMINATING_NULLS)
1920 0 0 psAssert(dn != NULL && out_str != NULL);
0 0 psAssert(dn != NULL && out_str != NULL);
1933 0 0 INC_LEN(country);
0 0 INC_LEN(country);
0 0 INC_LEN(country);
1934 0 0 INC_LEN(state);
0 0 INC_LEN(state);
0 0 INC_LEN(state);
1935 0 0 INC_LEN(organization);
0 0 INC_LEN(organization);
0 0 INC_LEN(organization);
1937 0 0 if (num_ous > 0)
1940 0 0 for (i = 0; i < num_ous; i++)
1943 0 0 if (orgUnit == NULL)
1947 0 0 if (first_len)
1959 0 0 INC_LEN(dnQualifier);
0 0 INC_LEN(dnQualifier);
0 0 INC_LEN(dnQualifier);
1960 0 0 INC_LEN(commonName);
0 0 INC_LEN(commonName);
0 0 INC_LEN(commonName);
1961 0 0 INC_LEN(serialNumber);
0 0 INC_LEN(serialNumber);
0 0 INC_LEN(serialNumber);
1964 0 0 INC_LEN(locality);
0 0 INC_LEN(locality);
0 0 INC_LEN(locality);
1965 0 0 INC_LEN(title);
0 0 INC_LEN(title);
0 0 INC_LEN(title);
1966 0 0 INC_LEN(surname);
0 0 INC_LEN(surname);
0 0 INC_LEN(surname);
1967 0 0 INC_LEN(givenName);
0 0 INC_LEN(givenName);
0 0 INC_LEN(givenName);
1968 0 0 INC_LEN(initials);
0 0 INC_LEN(initials);
0 0 INC_LEN(initials);
1969 0 0 INC_LEN(pseudonym);
0 0 INC_LEN(pseudonym);
0 0 INC_LEN(pseudonym);
1970 0 0 INC_LEN(generationQualifier);
0 0 INC_LEN(generationQualifier);
0 0 INC_LEN(generationQualifier);
1982 0 0 if (num_dcs > 0)
1987 0 0 for (i = 0; i < num_dcs; i++)
1990 0 0 if (first_len)
1999 0 0 if (dc == NULL)
2009 0 0 if (total_len > 100000)
2015 0 0 if (str == NULL)
2066 0 0 PRINT_FIELD(country);
0 0 PRINT_FIELD(country);
0 0 PRINT_FIELD(country);
2067 0 0 PRINT_FIELD(state);
0 0 PRINT_FIELD(state);
0 0 PRINT_FIELD(state);
2069 0 0 PRINT_FIELD(locality);
0 0 PRINT_FIELD(locality);
0 0 PRINT_FIELD(locality);
2071 0 0 PRINT_FIELD(organization);
0 0 PRINT_FIELD(organization);
0 0 PRINT_FIELD(organization);
2073 0 0 if (num_ous > 0)
2076 0 0 for (i = 0; i < num_ous; i++)
2079 0 0 if (orgUnit == NULL)
2084 0 0 if (first_field)
2099 0 0 PRINT_FIELD(commonName);
0 0 PRINT_FIELD(commonName);
0 0 PRINT_FIELD(commonName);
2104 0 0 PRINT_FIELD(givenName);
0 0 PRINT_FIELD(givenName);
0 0 PRINT_FIELD(givenName);
2105 0 0 PRINT_FIELD(surname);
0 0 PRINT_FIELD(surname);
0 0 PRINT_FIELD(surname);
2140 0 0 PRINT_FIELD(serialNumber);
0 0 PRINT_FIELD(serialNumber);
0 0 PRINT_FIELD(serialNumber);
2145 0 0 PRINT_FIELD(title);
0 0 PRINT_FIELD(title);
0 0 PRINT_FIELD(title);
2152 0 0 PRINT_FIELD(pseudonym);
0 0 PRINT_FIELD(pseudonym);
0 0 PRINT_FIELD(pseudonym);
2153 0 0 PRINT_FIELD(generationQualifier);
0 0 PRINT_FIELD(generationQualifier);
0 0 PRINT_FIELD(generationQualifier);
2154 0 0 PRINT_FIELD(initials);
0 0 PRINT_FIELD(initials);
0 0 PRINT_FIELD(initials);
2156 0 0 PRINT_FIELD(dnQualifier);
0 0 PRINT_FIELD(dnQualifier);
0 0 PRINT_FIELD(dnQualifier);
2161 0 0 psAssert(total_len == (p - str));
2190 2880 2158 while (curr)
2193 258 2622 if (curr->unparsedBin)
2200 2879 1 if (curr->serialNumber)
2204 2879 1 if (curr->notBefore)
2208 2879 1 if (curr->notAfter)
2212 2879 1 if (curr->signature)
2216 0 2880 if (curr->uniqueIssuerId)
2220 0 2880 if (curr->uniqueSubjectId)
2226 2879 1 if (curr->publicKey.type != PS_NOKEY)
2269 2879 0 if (len < 1 || (*(p++) != ASN_BIT_STRING) ||
2270 2879 0 getAsnLength(&p, len - 1, &llen) < 0 ||
2271 0 2879 (uint32) (end - p) < llen ||
2279 0 2879 psAssert(*p == 0);
2284 0 2879 if (*sig == NULL)
2309 0 0 if (n == NULL)
2315 0 0 if (*n == '\0')
2321 0 0 for (c = n; *c != '\0'; c++ )
2326 0 0 if (c != n)
2328 0 0 if (*c == '.' && *(c - 1) == '.')
0 0 if (*c == '.' && *(c - 1) == '.')
2332 0 0 if (*c == '.' && *(c - 1) == '-')
0 0 if (*c == '.' && *(c - 1) == '-')
2336 0 0 if (*c == '.' && *(c - 1) == '@')
0 0 if (*c == '.' && *(c - 1) == '@')
2340 0 0 if (*c == '-' && *(c - 1) == '.')
0 0 if (*c == '-' && *(c - 1) == '.')
2344 0 0 if (*c == '-' && *(c - 1) == '-')
0 0 if (*c == '-' && *(c - 1) == '-')
2348 0 0 if (*c == '-' && *(c - 1) == '@')
0 0 if (*c == '-' && *(c - 1) == '@')
2352 0 0 if (*c == '@' && *(c - 1) == '.')
0 0 if (*c == '@' && *(c - 1) == '.')
2356 0 0 if (*c == '@' && *(c - 1) == '-')
0 0 if (*c == '@' && *(c - 1) == '-')
2360 0 0 if (*c == '@' && *(c - 1) == '@')
0 0 if (*c == '@' && *(c - 1) == '@')
2367 0 0 if (*c != '.' && (*c < '0' || *c > '9'))
0 0 if (*c != '.' && (*c < '0' || *c > '9'))
0 0 if (*c != '.' && (*c < '0' || *c > '9'))
2374 0 0 if (c != n && *(c + 1) != '\0' && (*c == '.' || *c == '-'))
0 0 if (c != n && *(c + 1) != '\0' && (*c == '.' || *c == '-'))
0 0 if (c != n && *(c + 1) != '\0' && (*c == '.' || *c == '-'))
0 0 if (c != n && *(c + 1) != '\0' && (*c == '.' || *c == '-'))
2379 0 0 if (*c == '@')
2382 0 0 if (c != n && *(c + 1) != '\0' && atfound == 1)
0 0 if (c != n && *(c + 1) != '\0' && atfound == 1)
0 0 if (c != n && *(c + 1) != '\0' && atfound == 1)
2388 0 0 if (*c >= '0' && *c <= '9')
0 0 if (*c >= '0' && *c <= '9')
2393 0 0 if (*c >= 'A' && *c <= 'Z')
0 0 if (*c >= 'A' && *c <= 'Z')
2397 0 0 if (*c >= 'a' && *c <= 'z')
0 0 if (*c >= 'a' && *c <= 'z')
2409 0 0 if (atfound && (*n >= '0' && *n <= '9'))
0 0 if (atfound && (*n >= '0' && *n <= '9'))
0 0 if (atfound && (*n >= '0' && *n <= '9'))
2430 128 55 if (*name == NULL)
2442 188 183 while (len > MIN_GENERALNAME_LEN)
2444 128 60 if (firstName == NULL)
2447 0 128 if (activeName == NULL)
2462 105 60 while (activeName != NULL)
2468 0 60 if (prevName->next == NULL)
2488 0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &otherNameLen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &otherNameLen) < 0 ||
2489 0 0 otherNameLen < 1 ||
2495 0 0 if (*(p++) != ASN_OID
2496 0 0 || getAsnLength(&p, (int32) (extEnd - p), &activeName->oidLen) < 0
2497 0 0 || (uint32) (extEnd - p) < activeName->oidLen
2498 0 0 || activeName->oidLen > sizeof(activeName->oid))
2511 0 0 if ((uint32) (extEnd - p) < 1 || *p != 0xA0)
0 0 if ((uint32) (extEnd - p) < 1 || *p != 0xA0)
2517 0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &otherNameLen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &otherNameLen) < 0 ||
2518 0 0 otherNameLen < 1 ||
2524 0 0 if ((uint32) (extEnd - p) < 1)
2531 0 0 if (len <= (p - save))
2580 188 0 if (getAsnLength(&p, (uint32) (extEnd - p), &activeName->dataLen) < 0 ||
188 0 if (getAsnLength(&p, (uint32) (extEnd - p), &activeName->dataLen) < 0 ||
2581 0 188 activeName->dataLen < 1 ||
2587 0 188 if (len <= (p - save))
2596 0 188 if (len < activeName->dataLen)
2614 7174 183 for (c = p; c < save; c++)
2616 7174 0 if (*c < ' ' || *c > '~')
0 7174 if (*c < ' ' || *c > '~')
2624 0 0 if (activeName->dataLen < 4)
2635 0 188 if (activeName->data == NULL)
2647 0 188 if (limit > 0)
2649 0 0 if (--limit == 0)
2670 0 10733 psAssert(oidlen <= MAX_OID_LEN);
2671 87876 1504 for (j = 0; oid_list[j].id != 0; j++)
2673 242062 0 for (i = 0; i < oidlen; i++)
2675 78647 163415 if ((uint16_t) (oid[i] & 0xFFFF) != oid_list[j].oid[i])
2679 9229 154186 if ((i + 1) == oidlen)
2758 0 111 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
2767 111 0 if (len < 1 || *p++ != ASN_OID)
0 111 if (len < 1 || *p++ != ASN_OID)
2772 111 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 111 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
2778 0 111 if ((oidlen = asnParseOid(p, len, oid)) < 1)
2786 81 30 if (noid == oid_id_qt_cps)
2788 0 81 if (*p++ != ASN_IA5STRING)
2793 81 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 81 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
2806 30 0 else if (noid == oid_id_qt_unotice)
2812 0 30 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
2817 30 0 if (len == 0 || p >= qualifierEnd)
0 30 if (len == 0 || p >= qualifierEnd)
2823 0 30 if (*p == (ASN_SEQUENCE | ASN_CONSTRUCTED))
2828 0 0 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
2834 0 0 if (*p != ASN_UTF8STRING &&
0 0 if (*p != ASN_UTF8STRING &&
2835 0 0 *p != ASN_VISIBLE_STRING &&
2836 0 0 *p != ASN_BMPSTRING &&
2847 0 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
2854 0 0 if (qualInfo->unoticeOrganization == NULL)
2863 0 0 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
2870 0 0 while (p != noticeNumbersEnd)
2872 0 0 if (i == MAX_UNOTICE_NUMBERS)
2877 0 0 if (getAsnInteger(&p, len, ¬iceNumber) < 0)
2887 0 30 if (p >= qualifierEnd)
2893 30 0 if (*p != ASN_UTF8STRING &&
10 20 if (*p != ASN_UTF8STRING &&
2894 0 10 *p != ASN_VISIBLE_STRING &&
2895 0 0 *p != ASN_BMPSTRING &&
2905 30 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 30 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
2912 0 30 if (qualInfo->unoticeExplicitText == NULL)
2956 0 88 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
2965 0 88 if (*p++ != ASN_OID)
2970 88 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 88 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
2976 0 88 if ((oidlen = asnParseOid(p, len, oid)) < 1)
2982 88 0 if (oidlen == 0 || oidlen > MAX_OID_LEN)
0 88 if (oidlen == 0 || oidlen > MAX_OID_LEN)
2990 0 88 if (polInfo->policyOid == NULL)
2994 667 88 for (i = 0; i < oidlen; i++)
3000 81 7 if ((p >= polInfoEnd) ||
0 81 if ((p >= polInfoEnd) ||
3009 0 81 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3017 0 81 if (polInfo->qualifiers == NULL)
3025 0 81 if (parsePolicyQualifierInfo(pool,
3037 30 81 while ((p < qualifierEnd)
3038 30 0 && (p < extEnd)
3039 30 0 && (*p == (ASN_SEQUENCE | ASN_CONSTRUCTED)))
3042 0 30 if (qualInfo->next == NULL)
3049 0 30 if (parsePolicyQualifierInfo(pool,
3086 0 0 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3094 0 0 if (len == 0)
3103 0 0 while ( num_ints < 2 && (*p == ASN_CONTEXT_SPECIFIC ||
0 0 while ( num_ints < 2 && (*p == ASN_CONTEXT_SPECIFIC ||
0 0 while ( num_ints < 2 && (*p == ASN_CONTEXT_SPECIFIC ||
3107 0 0 if (getAsnLength(&p, (uint32) (polConstraintsEnd - p), &len) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (polConstraintsEnd - p), &len) < 0 ||
3115 0 0 if (len != 1)
3120 0 0 if (tag == ASN_CONTEXT_SPECIFIC)
3132 0 0 if (p != polConstraintsEnd)
3163 0 5 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3172 5 5 while (p < polMappingsEnd &&
5 0 while (p < polMappingsEnd &&
3176 0 5 if (num_mappings > 0)
3179 0 0 if (pol_map->next == NULL)
3187 0 5 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3194 0 5 if (*p++ != ASN_OID)
3200 5 0 if (getAsnLength(&p, (uint32) (polMappingsEnd - p), &len) < 0 ||
0 5 if (getAsnLength(&p, (uint32) (polMappingsEnd - p), &len) < 0 ||
3207 0 5 if ((oidlen = asnParseOid(p, len, oid)) < 1)
3218 35 5 for (i = 0; i < oidlen; i++)
3225 0 5 if (*p++ != ASN_OID)
3231 5 0 if (getAsnLength(&p, (uint32) (polMappingsEnd - p), &len) < 0 ||
0 5 if (getAsnLength(&p, (uint32) (polMappingsEnd - p), &len) < 0 ||
3238 0 5 if ((oidlen = asnParseOid(p, len, oid)) < 1)
3249 35 5 for (i = 0; i < oidlen; i++)
3258 0 5 if (p != polMappingsEnd)
3301 0 12 if (getAsnSequence(&p, (int32) (extEnd - p), &len) < 0)
3310 12 0 if (*authInfo == NULL)
3313 0 12 if (*authInfo == NULL)
3323 18 12 while (p < authInfoEnd &&
18 0 while (p < authInfoEnd &&
3328 0 18 while (pAuthInfo->next != NULL)
3332 6 12 if (!first_entry)
3337 0 6 if (pAuthInfo->next == NULL)
3351 0 18 if (getAsnSequence(&p, (int32) (extEnd - p), &adLen) < 0)
3357 0 18 if (*p++ != ASN_OID)
3362 18 0 if (getAsnLength(&p, (uint32) (authInfoEnd - p), &len) < 0 ||
0 18 if (getAsnLength(&p, (uint32) (authInfoEnd - p), &len) < 0 ||
3369 0 18 if ((oidlen = asnParseOid(p, len, oid)) < 1)
3376 12 6 if (noid != oid_id_ad_caIssuers &&
0 12 if (noid != oid_id_ad_caIssuers &&
3385 18 0 switch (*p++)
3389 18 0 if (getAsnLength(&p, (uint32) (authInfoEnd - p), &len) < 0 ||
0 18 if (getAsnLength(&p, (uint32) (authInfoEnd - p), &len) < 0 ||
3395 12 6 if (noid == oid_id_ad_ocsp)
3398 0 12 if (pAuthInfo->ocsp == NULL)
3409 0 6 if (pAuthInfo->caIssuers == NULL)
3451 0 2879 if (inlen < 1)
3458 0 2879 if (known)
3465 0 2879 if (*p != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | expVal))
3470 2879 0 if (getAsnLength(&p, (uint32) (end - p), &len) < 0 ||
0 2879 if (getAsnLength(&p, (uint32) (end - p), &len) < 0 ||
3484 2879 0 if (getAsnSequence(&p, (uint32) (end - p), &len) < 0 ||
0 2879 if (getAsnSequence(&p, (uint32) (end - p), &len) < 0 ||
3491 10561 2879 while ((p != extEnd) && *p == (ASN_SEQUENCE | ASN_CONSTRUCTED))
10561 0 while ((p != extEnd) && *p == (ASN_SEQUENCE | ASN_CONSTRUCTED))
3493 0 10561 if (getAsnSequence(&p, (uint32) (extEnd - p), &fullExtLen) < 0)
3503 10561 0 if (extEnd - p < 1 || *p++ != ASN_OID)
0 10561 if (extEnd - p < 1 || *p++ != ASN_OID)
3508 10561 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
0 10561 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
3514 0 10561 if ((oidlen = asnParseOid(p, len, oid)) < 1)
3526 0 10561 if (extEnd - p < 1)
3531 1313 9248 if (*p == ASN_BOOLEAN)
3534 0 1313 if (extEnd - p < 2)
3539 0 1313 if (*p != 1)
3545 1313 0 if (*p > 0)
3556 10561 0 if (extEnd - p < 1 || (*p++ != ASN_OCTET_STRING) ||
3557 0 10561 getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
3565 1313 9248 if (critical)
3578 0 2879 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3591 1405 1474 if (len == 0)
3599 1474 0 if (*p == ASN_BOOLEAN)
3601 0 1474 if (extEnd - p < 3)
3607 0 1474 if (*p++ != 1)
3613 1474 0 if (*p > 0 && *p != 0xFF)
3617 1474 0 if (*p > 0)
3636 56 1418 if (*p == ASN_INTEGER)
3638 0 56 if (getAsnInteger(&p, (uint32) (extEnd - p),
3652 0 31 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3663 0 31 if (parseGeneralNames(pool, &p, len, extEnd, &extensions->san,
3685 0 691 if (*p++ != ASN_BIT_STRING)
3690 691 0 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
0 691 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
3696 0 691 if (len < 2)
3705 0 691 if (len >= 3)
3707 0 0 if (p[2] == (KEY_USAGE_DECIPHER_ONLY >> 8) && p[0] == 7)
0 0 if (p[2] == (KEY_USAGE_DECIPHER_ONLY >> 8) && p[0] == 7)
3717 0 12 if (getAsnSequence(&p, (int32) (extEnd - p), &fullExtLen) < 0)
3723 43 12 while (fullExtLen > 0)
3725 0 43 if (*p++ != ASN_OID)
3730 43 0 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
0 43 if (getAsnLength(&p, fullExtLen, &len) < 0 ||
3736 0 43 if ((oidlen = asnParseOid(p, len, oid)) < 1)
3743 0 43 if (fullExtLen < (uint32) (p - save))
3784 0 5 if (critical)
3791 0 5 if (getAsnSequence(&p, (int32) (extEnd - p), &fullExtLen) < 0)
3796 5 5 while (fullExtLen > 0)
3800 5 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
3806 0 5 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
3813 5 0 if (getAsnLength(&p, (uint32) (extEnd - p), &subExtLen) < 0 ||
5 0 if (getAsnLength(&p, (uint32) (extEnd - p), &subExtLen) < 0 ||
3814 0 5 subExtLen < 1 || (uint32) (extEnd - p) < subExtLen)
3819 0 5 if (fullExtLen < (subExtLen + (p - save)))
3825 40 5 while (subExtLen > 0)
3828 0 40 if (getAsnSequence(&p, (int32) (extEnd - p), &len) < 0)
3833 0 40 if (subExtLen < (len + (p - subSave)))
3839 40 0 if (nc == 0)
3841 0 40 if (parseGeneralNames(pool, &p, len, extEnd,
3850 0 0 if (parseGeneralNames(pool, &p, len, extEnd,
3866 0 0 if (getSerialNum(pool, &p, (int32) (extEnd - p),
3883 0 82 if (getAsnSequence(&p, (int32) (extEnd - p), &fullExtLen) < 0)
3889 102 82 while (fullExtLen > 0)
3892 0 102 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
3897 0 102 if (fullExtLen < (len + (p - save)))
3904 102 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
3908 102 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
102 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
3909 0 102 len < 1 || (uint32) (extEnd - p) < len)
3915 102 0 if ((*p & 0xF) == 0) /* fullName (GeneralNames) */
3918 102 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0
3919 102 0 || len < 1 || (uint32) (extEnd - p) < len)
0 102 || len < 1 || (uint32) (extEnd - p) < len)
3924 0 102 if (parseGeneralNames(pool, &p, len, extEnd,
3931 0 0 else if ((*p & 0xF) == 1) /* RelativeDistName */
3935 0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0
3936 0 0 || len < 1 || (uint32) (extEnd - p) < len)
0 0 || len < 1 || (uint32) (extEnd - p) < len)
3949 0 102 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
3953 0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
3954 0 0 len < 1 || (uint32) (extEnd - p) < len)
3961 0 102 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2))
3965 0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (extEnd - p), &len) < 0 ||
3966 0 0 len < 1 || (uint32) (extEnd - p) < len)
3976 0 12 if (parseAuthorityInfoAccess(pool, p,
3997 0 2379 if (getAsnSequence(&p, (int32) (extEnd - p), &len) < 0)
4003 0 2379 if (len == 0)
4008 2379 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 0))
4011 2379 0 if (getAsnLength(&p, (int32) (extEnd - p),
4012 0 2379 &extensions->ak.keyLen) < 0 ||
4019 0 2379 if (extensions->ak.keyId == NULL)
4027 50 2329 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
4030 50 0 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
50 0 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
4031 0 50 len < 1 || (uint32) (extEnd - p) < len)
4036 0 50 if ((*p ^ ASN_CONTEXT_SPECIFIC ^ ASN_CONSTRUCTED) != 4)
4044 50 0 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
0 50 if (getAsnLength(&p, (int32) (extEnd - p), &len) < 0 ||
4050 0 50 if (psX509GetDNAttributes(pool, &p, (int32) (extEnd - p),
4057 2329 50 if ((*p == (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) ||
0 2329 if ((*p == (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) ||
4063 0 50 if (getSerialNum(pool, &p, (int32) (extEnd - p),
4080 2864 0 if (*p++ != ASN_OCTET_STRING || getAsnLength(&p,
2864 0 if (*p++ != ASN_OCTET_STRING || getAsnLength(&p,
4081 0 2864 (int32) (extEnd - p), &(extensions->sk.len)) < 0 ||
4088 0 2864 if (extensions->sk.id == NULL)
4104 0 87 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
4117 0 87 if (parsePolicyInformation(pool, p, extEnd, fullExtLen,
4125 1 87 while ((p < policiesEnd)
4126 1 0 && (p < extEnd)
4127 1 0 && (*p == (ASN_SEQUENCE | ASN_CONSTRUCTED)))
4133 0 1 if (parsePolicyInformation(pool, p, extEnd, fullExtLen,
4142 0 0 if (parsePolicyConstraints(pool, p,
4155 0 5 if (parsePolicyMappings(pool, p,
4166 0 10 if (getAsnSequence(&p, (uint32) (extEnd - p), &len) < 0)
4177 0 10 if (parseGeneralNames(pool, &p, len, extEnd, &extensions->issuerAltName,
4192 0 1504 if (critical)
4238 2879 50 if ((*p != (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) &&
0 2879 if ((*p != (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) &&
4246 2929 0 if (len < 1 || getAsnLength(&p, len - 1, &vlen) < 0 || (len - 1) < vlen)
2929 0 if (len < 1 || getAsnLength(&p, len - 1, &vlen) < 0 || (len - 1) < vlen)
0 2929 if (len < 1 || getAsnLength(&p, len - 1, &vlen) < 0 || (len - 1) < vlen)
4253 2929 0 if (vlen > 0)
4256 0 2929 if (*sn == NULL)
4278 0 2879 if (len < 1)
4287 0 2879 if (*p != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | expVal))
4293 2879 0 if (getAsnLength(&p, len - 1, &exLen) < 0 || (len - 1) < exLen)
0 2879 if (getAsnLength(&p, len - 1, &exLen) < 0 || (len - 1) < exLen)
4298 0 2879 if (getAsnInteger(&p, exLen, val) < 0)
4330 0 1148 if ((c = (unsigned char *) cert->notBefore) == NULL)
4334 1148 0 err = psBrokenDownTimeImport(
4339 0 1148 if (err)
4349 1148 0 if (y < 1996 || m < 1 || m > 12)
1148 0 if (y < 1996 || m < 1 || m > 12)
0 1148 if (y < 1996 || m < 1 || m > 12)
4356 0 0 if (y < 2013) /* No month check needed for Jan */
4362 0 0 if (y < 2008 || (y == 2008 && m < 5))
0 0 if (y < 2008 || (y == 2008 && m < 5))
0 0 if (y < 2008 || (y == 2008 && m < 5))
4368 1148 0 if (y < 2002 || (y == 2002 && m < 4))
0 1148 if (y < 2002 || (y == 2002 && m < 4))
0 0 if (y < 2002 || (y == 2002 && m < 4))
4374 0 0 if (y < 1999) /* No month check needed for Jan */
4401 2879 0 if (cert->notBefore == NULL || cert->notAfter == NULL)
0 2879 if (cert->notBefore == NULL || cert->notAfter == NULL)
4407 0 2879 if (err != PS_SUCCESS)
4414 0 2879 if (err != PS_SUCCESS)
4419 2869 10 err = psBrokenDownTimeImport(
4423 0 2879 if (err != PS_SUCCESS)
4428 2869 10 err = psBrokenDownTimeImport(
4432 0 2879 if (err != PS_SUCCESS)
4439 0 2879 if (err != PS_SUCCESS)
4444 0 2879 if (psBrokenDownTimeCmp(&beforeTime, &timeNowLinger) > 0)
4449 0 2879 else if (psBrokenDownTimeCmp(&timeNow, &afterTimeLinger) > 0)
4471 2879 0 if (len < 1 || *(p++) != (ASN_SEQUENCE | ASN_CONSTRUCTED) ||
4472 0 2879 getAsnLength(&p, len - 1, &seqLen) < 0 ||
4481 2879 0 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
10 2869 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
0 10 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
4491 2879 0 if (getAsnLength(&p, seqLen, &timeLen) < 0 || (uint32) (end - p) < timeLen)
0 2879 if (getAsnLength(&p, seqLen, &timeLen) < 0 || (uint32) (end - p) < timeLen)
4496 0 2879 if (timeLen > MAX_TIME_LEN)
4501 0 2879 if (*notBefore == NULL)
4509 2879 0 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
10 2869 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
0 10 if ((end - p) < 1 || ((*p != ASN_UTCTIME) && (*p != ASN_GENERALIZEDTIME)))
4516 2879 0 if (getAsnLength(&p, seqLen - timeLen, &timeLen) < 0 ||
0 2879 if (getAsnLength(&p, seqLen - timeLen, &timeLen) < 0 ||
4522 0 2879 if (timeLen > MAX_TIME_LEN)
4527 0 2879 if (*notAfter == NULL)
4552 0 5758 if (len < 1)
4560 5758 0 if (*p != (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | impVal))
4566 0 0 if (getAsnLength(&p, len, bitLen) < 0
4567 0 0 || *bitLen < 2)
4574 0 0 psAssert(ignore_bits == 0);
4577 0 0 if (*bitString == NULL)
4617 0 5808 if (getAsnSequence(&p, len, &llen) < 0)
4626 3438 2370 if (flags & CERT_STORE_DN_BUFFER)
4630 0 3438 if (attribs->dnenc == NULL)
4638 22835 5808 while (p < dnEnd)
4640 0 22835 if (getAsnSet(&p, (uint32) (dnEnd - p), &setlen) < 0)
4650 0 22835 if (getAsnSequence(&p, (uint32) (dnEnd - p), &llen) < 0)
4655 0 22835 if (moreInSet > 0)
4661 0 22835 if (setlen != llen + (int32) (p - moreInSetPtr))
4666 22835 0 if (dnEnd <= p || (*(p++) != ASN_OID) ||
4667 0 22835 getAsnLength(&p, (uint32) (dnEnd - p), &arcLen) < 0 ||
4689 0 22835 if (dnEnd - p < 2)
4704 0 22835 if (arcLen == 10 &&
0 0 if (arcLen == 10 &&
4705 0 0 *p == 0x09 &&
4706 0 0 *(p + 1) == 0x92 &&
4707 0 0 *(p + 2) == 0x26 &&
4708 0 0 *(p + 3) == 0x89 &&
4709 0 0 *(p + 4) == 0x93 &&
4710 0 0 *(p + 5) == 0xf2 &&
4711 0 0 *(p + 6) == 0x2c &&
4712 0 0 *(p + 7) == 0x64 &&
4715 0 0 if (*(p + 9) == 0x19)
4749 22815 20 if ((*p++ != 85) || (*p++ != 4))
0 22815 if ((*p++ != 85) || (*p++ != 4))
4757 0 20 if ((uint32) (dnEnd - p) < arcLen + 1)
4763 20 0 if (getAsnLength(&p, (uint32) (dnEnd - p), &llen) < 0 ||
0 20 if (getAsnLength(&p, (uint32) (dnEnd - p), &llen) < 0 ||
4773 22815 0 if (arcLen != 3 || dnEnd - p < 2)
0 22815 if (arcLen != 3 || dnEnd - p < 2)
4783 22815 0 if (getAsnLength(&p, (uint32) (dnEnd - p), &llen) < 0 ||
0 22815 if (getAsnLength(&p, (uint32) (dnEnd - p), &llen) < 0 ||
4820 0 0 if (str_err != PS_SUCCESS)
4825 0 0 if (length >= 0x7FFE)
4845 0 22815 if (stringOut == NULL)
4855 45630 22815 for (i = 0; i < DN_NUM_TERMINATING_NULLS; i++)
4860 22815 0 if (checkHiddenNull)
4862 0 22815 if ((uint32) strlen(stringOut) != llen)
4881 0 5717 if (attribs->country)
4890 0 5798 if (attribs->organization)
4908 0 0 if (attribs->dnQualifier)
4917 0 4475 if (attribs->state)
4926 0 5708 if (attribs->commonName)
4935 0 30 if (attribs->serialNumber)
4954 0 281 if (attribs->locality)
4963 0 0 if (attribs->title)
4972 0 0 if (attribs->surname)
4981 0 0 if (attribs->givenName)
4990 0 0 if (attribs->initials)
4999 0 0 if (attribs->pseudonym)
5008 0 0 if (attribs->generationQualifier)
5079 0 22815 if (moreInSet)
5209 0 1295 if (subjectCert == NULL)
5218 1 1294 if (issuerCert == NULL)
5222 2 1 while (sc)
5229 0 1 if (sc->next == NULL)
5248 1296 1149 while (ic)
5254 1296 0 if ((ic->version > 1) && (ic->extensions.bc.cA != CA_TRUE))
0 1296 if ((ic->version > 1) && (ic->extensions.bc.cA != CA_TRUE))
5256 0 0 if (sc != ic)
5267 146 1150 if (memcmp(sc->issuer.hash, ic->subject.hash, SHA1_HASH_SIZE) != 0)
5319 0 1150 if (sc->revokedStatus == CRL_CHECK_REVOKED_AND_AUTHENTICATED)
5454 0 1150 if (sigType == PS_UNSUPPORTED_FAIL)
5467 1150 0 if (sigType == RSA_TYPE_SIG)
5469 0 1150 psAssert(sigLen <= sizeof(sigOut));
5474 0 1150 if (tempSig == NULL)
5481 0 1150 if ((rc = psRsaDecryptPub(pkiPool, &ic->publicKey.key.rsa,
5494 0 1150 if (sigType == RSAPSS_TYPE_SIG)
5497 0 0 if (tempSig == NULL)
5503 0 0 if ((rc = psRsaCrypt(pkiPool, &ic->publicKey.key.rsa,
5511 0 0 if (psPkcs1PssDecode(pkiPool, sc->sigHash, sigLen, tempSig,
5520 0 0 if (rc == 0)
5530 0 1150 if (sigType == ECDSA_TYPE_SIG)
5532 0 0 if ((rc = psEccDsaVerify(pkiPool,
5542 0 0 if (sigStat == -1)
5554 0 1150 if (rc < PS_SUCCESS)
5565 0 1150 if (sc->extensions.ak.keyLen > 0 || ic->extensions.sk.len > 0)
0 0 if (sc->extensions.ak.keyLen > 0 || ic->extensions.sk.len > 0)
5567 0 1150 if (ic->extensions.sk.len != sc->extensions.ak.keyLen)
5573 0 0 if ((sc->signatureLen == ic->signatureLen) &&
0 0 if ((sc->signatureLen == ic->signatureLen) &&
5577 0 0 if (sc->extensions.ak.keyLen != 0)
5591 0 1150 if (memcmp(ic->extensions.sk.id, sc->extensions.ak.keyId,
5602 1148 2 if ( !(ic->extensions.keyUsageFlags & KEY_USAGE_KEY_CERT_SIGN))
5608 1148 0 if (ic->extensions.keyUsageFlags == 0)
5617 1148 0 if (!rc)
5623 0 0 else if (rc < 0)
5635 2 1148 if (sc->authStatus == PS_FALSE
5636 0 2 && sc->authFailFlags & PS_CERT_AUTH_FAIL_DATE_FLAG)
5643 2 1148 if (sc->authStatus == PS_FALSE) /* Hasn't been touched */
5650 1 1149 if (ic == sc)
5655 1148 1 else if (ic == issuerCert)
5664 1 0 if (ic == NULL) /* Reached end of chain */
5700 0 1150 if (getAsnSequence(&p, (uint32) (end - p), &len) < 0)
5707 0 1150 if (getAsnAlgorithmIdentifier(&p, (uint32) (end - p), &oi, &plen) < 0)
5712 0 1150 psAssert(plen == 0);
5714 0 1150 getAsnLength(&p, (uint32) (end - p), &len) < 0 ||
5737 0 0 if (len != SHA1_HASH_SIZE)
5755 0 1150 if (len != SHA256_HASH_SIZE)
5764 0 0 if (len != SHA384_HASH_SIZE)
5773 0 0 if (len != SHA512_HASH_SIZE)
5785 0 1150 if (memcmpct(hash, sigHash, len) != 0)
5809 0 0 if (psParseBufFromStaticData(&pb, p, sz) == PS_SUCCESS)
5811 0 0 if (psParseBufTryReadTagSub(&pb, &extensions, 0xA1))
5813 0 0 while (psParseBufTryReadSequenceSub(&extensions,
5818 0 0 if (psParseBufTrySkipBytes(
5828 0 0 if (psParseBufFinish(&extension) != PS_SUCCESS)
5849 0 0 if (glen >= sizeof(res->revocationTime) + 2 &&
0 0 if (glen >= sizeof(res->revocationTime) + 2 &&
5850 0 0 p[0] == 0x18 && p[1] == sizeof(res->revocationTime))
5856 0 0 if (glen >= sizeof(res->revocationTime) + 0x5 &&
0 0 if (glen >= sizeof(res->revocationTime) + 0x5 &&
5857 0 0 p[17] == 0xa0 && /* [0] */
5858 0 0 p[18] == 0x03 && /* length */
5859 0 0 p[19] == 0x0a && /* ENUMERATED */
5860 0 0 p[20] == 0x01 && /* length */
5861 0 0 p[21] <= 10 && /* CRL reason code 0-10, excluding 7. */
5885 0 0 if (getAsnSequence(&p, (int32) (end - p), &glen) < 0)
5897 0 0 if (getAsnSequence(&p, (int32) (end - p), &glen) < 0)
5902 0 0 if (getAsnAlgorithmIdentifier(&p, (int32) (end - p), &oi, &plen) < 0)
5906 0 0 psAssert(plen == 0);
5910 0 0 getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
5919 0 0 getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
5931 0 0 if ((*p != (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) &&
0 0 if ((*p != (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2)) &&
5939 0 0 if (getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
5956 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 0))
5961 0 0 else if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
5970 0 0 if (getAsnLength(&p, (int32) (end - p), &glen) < 0)
5979 0 0 else if (*p == (ASN_CONTEXT_SPECIFIC | ASN_PRIMITIVE | 2))
5992 0 0 if ((end - p) < 1 || (*p != ASN_GENERALIZEDTIME))
0 0 if ((end - p) < 1 || (*p != ASN_GENERALIZEDTIME))
5998 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6010 0 0 if ((uint32) (end - p) >= 2 &&
0 0 if ((uint32) (end - p) >= 2 &&
6014 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6019 0 0 if (*p == ASN_GENERALIZEDTIME && glen > 2)
0 0 if (*p == ASN_GENERALIZEDTIME && glen > 2)
6028 0 0 if ((uint32) (end - p) >= 2 &&
0 0 if ((uint32) (end - p) >= 2 &&
6032 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6077 0 0 if (getAsnSequence(&p, (uint32) (end - p), &glen) < 0)
6091 0 0 if (getAsnSequence(&p, (uint32) (end - p), &glen) < 0)
6096 0 0 if (getExplicitVersion(&p, (uint32) (end - p), 0, &version) < 0)
6102 0 0 if (version != 0)
6114 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
6118 0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
6119 0 0 (uint32_t) (end - p) < blen || blen == 0)
6130 0 0 getAsnLength32(&p2, (int32) (end - p2), &blen, 0) < 0 ||
6138 0 0 else if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2))
6141 0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
6153 0 0 getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
6154 0 0 (uint32) (end - p) < glen ||
6161 0 0 psAssert(glen == SHA1_HASH_SIZE);
6173 0 0 if ((end - p) < 1 || (*p != ASN_GENERALIZEDTIME))
0 0 if ((end - p) < 1 || (*p != ASN_GENERALIZEDTIME))
6179 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6186 0 0 if (psBrokenDownTimeImport(NULL, (const char *) p, glen, 0) < 0)
6195 0 0 if (getAsnSequence(&p, (int32) (end - p), &glen) < 0)
6204 0 0 while (p < seqend)
6207 0 0 if (parseSingleResponse(glen, &p, seqend, singleResponse) < 0)
6212 0 0 if (p < seqend)
6215 0 0 if (plen == MAX_OCSP_RESPONSES)
6224 0 0 if (*p == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
6226 0 0 if (parse_nonce_ext(p, end - p, &res->nonce) != PS_SUCCESS)
6231 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6251 0 0 if (getAsnAlgorithmIdentifier(&p, (uint32) (end - p), &oid, &plen) < 0)
6256 0 0 if (plen > 0)
6330 0 0 if (*p++ != ASN_BIT_STRING)
6335 0 0 if (getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (int32) (end - p), &glen) < 0 ||
6341 0 0 if (*p++ != 0)
6352 0 0 if (end != p)
6357 0 0 if (*p != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
6363 0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
0 0 if (getAsnLength(&p, (uint32) (end - p), &glen) < 0 ||
6370 0 0 if (getAsnSequence(&p, (uint32) (end - p), &glen) < 0)
6375 0 0 psAssert(glen == (end - p));
6380 0 0 if (cert_res < 0)
6387 0 0 psAssert(p == end);
6397 0 0 if (rc >= PS_OCSP_MALFORMED_REQUEST && rc <= PS_OCSP_UNAUTHORIZED)
0 0 if (rc >= PS_OCSP_MALFORMED_REQUEST && rc <= PS_OCSP_UNAUTHORIZED)
6401 0 0 if (rc != 4)
6407 0 0 return rc == PS_SUCCESS ? 0 /* successful */ : PS_FAILURE /* other error */;
6426 0 0 if (getAsnSequence(&p, (uint32) (end - p), &glen) < 0)
6431 0 0 if (getAsnEnumerated(&p, (uint32) (end - p), &status) < 0)
6447 0 0 if (status != 0)
6451 0 0 if (status <= 6 && status != 4)
0 0 if (status <= 6 && status != 4)
6461 0 0 if (*p == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
6464 0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
0 0 if (getAsnLength32(&p, (uint32_t) (end - p), &blen, 0) < 0 ||
6475 0 0 if (getAsnSequence(&p, (uint32) (end - p), &glen) < 0)
6481 0 0 if (getAsnOID(&p, (uint32) (end - p), &oi, 1, &glen) < 0)
6488 0 0 getAsnLength32(&p, (int32) (end - p), &blen, 0) < 0 ||
6495 0 0 if (oi == OID_BASIC_OCSP_RESPONSE)
6512 0 0 if (err < 0)
6524 0 0 psAssert(end == p);
6572 0 0 if (index >= MAX_OCSP_RESPONSES)
6577 0 0 if (timeNow == NULL)
6583 0 0 if (timeNow->tm_year == 0)
6588 0 0 if (err != PS_SUCCESS)
6595 0 0 if (err != PS_SUCCESS)
6600 0 0 if (thisUpdate == NULL)
6605 0 0 if (nextUpdate == NULL)
6610 0 0 if (producedAt == NULL)
6622 0 0 if (subjectResponse->thisUpdate)
6634 0 0 if (subjectResponse->nextUpdate != NULL)
6642 0 0 else if (ok)
6653 0 0 if (ok == 1)
6659 0 0 if (err != PS_SUCCESS)
6667 0 0 if (psBrokenDownTimeCmp(thisUpdate, &timeNowLinger) > 0)
6672 0 0 else if (psBrokenDownTimeCmp(&nextUpdateTimeLinger, timeNow) < 0)
6714 0 0 if (rc != PS_SUCCESS)
6735 0 0 if (psParseBufTryReadTagSub(&tbsRequest, &extensions, 0xA2))
6737 0 0 while (psParseBufTryReadSequenceSub(&extensions, &extension))
6741 0 0 if (psParseBufTrySkipBytes(
6751 0 0 if (psParseBufFinish(&extension) != PS_SUCCESS)
6767 0 0 if (response->responderKeyHash != NULL)
6770 0 0 if (memcmpct(response->responderKeyHash, curr->sha1KeyHash, 20) == 0)
6775 0 0 else if (response->responderName != NULL)
6784 0 0 if (len < 2 || len > RESPONDER_NAME_MAX_LENGTH)
0 0 if (len < 2 || len > RESPONDER_NAME_MAX_LENGTH)
6790 0 0 if (curr->unparsedBin == NULL ||
0 0 if (curr->unparsedBin == NULL ||
6796 0 0 if (memcmpct(curr->unparsedBin +
6823 0 0 if (vOpts == NULL)
6829 0 0 if (vOpts->request)
6833 0 0 if (rc != PS_SUCCESS)
6842 0 0 if (response->OCSPResponseCert)
6847 0 0 while (curr != NULL)
6851 0 0 if (ocspMatchResponderCert(response, curr) == PS_SUCCESS)
6859 0 0 while (ocspResIssuer)
6861 0 0 if (memcmp(ocspResIssuer->subject.hash,
6865 0 0 if (psX509AuthenticateCert(pool, subject, ocspResIssuer,
6893 0 0 if (issuer == NULL)
6902 0 0 if (issuer == NULL)
6905 0 0 while (curr != NULL)
6909 0 0 if (ocspMatchResponderCert(response, curr) == PS_SUCCESS)
6923 0 0 if (issuer == NULL)
6928 0 0 while (curr != NULL)
6932 0 0 if (ocspMatchResponderCert(response, curr) == PS_SUCCESS)
6944 0 0 if (issuer == NULL)
6968 0 0 while (index < MAX_OCSP_RESPONSES)
6971 0 0 if ((subject->serialNumberLen == subjectResponse->certIdSerialLen) &&
0 0 if ((subject->serialNumberLen == subjectResponse->certIdSerialLen) &&
6979 0 0 if (index == MAX_OCSP_RESPONSES)
6984 0 0 if (vOpts->index_p != NULL)
6990 0 0 if (subjectResponse->certStatus == 0)
6995 0 0 else if (subjectResponse->certStatus == 1)
7003 0 0 if (checkOCSPtimestamp(response, index) != PS_SUCCESS)
7010 0 0 if (nonceExtReq.buf && vOpts->nonceMatch)
0 0 if (nonceExtReq.buf && vOpts->nonceMatch)
7012 0 0 if (response->nonce.buf == NULL)
7117 0 0 if (sigType == PS_RSA)
7119 0 0 if (issuer->publicKey.type != PS_RSA)
7123 0 0 if (pubRsaDecryptSignedElement(pkiPool, &issuer->publicKey.key.rsa,
7130 0 0 if (memcmp(response->hashResult, sigOut, sigOutLen) != 0)
7139 0 0 if (issuer->publicKey.type != PS_ECC)
7145 0 0 if (psEccDsaVerify(pkiPool, &issuer->publicKey.key.ecc,
7152 0 0 if (index != 1)
7160 0 0 if (vOpts->knownFlag)
7165 0 0 if (knownFlag == PS_FALSE)
7172 0 0 if (vOpts->revocationFlag)
7177 0 0 if (vOpts->revocationTime)
7185 0 0 if (vOpts->revocationReason)
7192 0 0 if (revocationFlag)