Bug Summary

File:lib/algorithms/publickey.c
Location:line 156, column 21
Description:Value stored to 'i' is never read

Annotated Source Code

1/*
2 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23#include <gnutls_int.h>
24#include <algorithms.h>
25#include <gnutls_errors.h>
26#include <x509/common.h>
27
28
29/* KX mappings to PK algorithms */
30typedef struct
31{
32 gnutls_kx_algorithm_t kx_algorithm;
33 gnutls_pk_algorithm_t pk_algorithm;
34 enum encipher_type encipher_type; /* CIPHER_ENCRYPT if this algorithm is to be used
35 * for encryption, CIPHER_SIGN if signature only,
36 * CIPHER_IGN if this does not apply at all.
37 *
38 * This is useful to certificate cipher suites, which check
39 * against the certificate key usage bits.
40 */
41} gnutls_pk_map;
42
43/* This table maps the Key exchange algorithms to
44 * the certificate algorithms. Eg. if we have
45 * RSA algorithm in the certificate then we can
46 * use GNUTLS_KX_RSA or GNUTLS_KX_DHE_RSA.
47 */
48static const gnutls_pk_map pk_mappings[] = {
49 {GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
50 {GNUTLS_KX_RSA_EXPORT, GNUTLS_PK_RSA, CIPHER_SIGN},
51 {GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
52 {GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
53 {GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
54 {GNUTLS_KX_ECDHE_ECDSA, GNUTLS_PK_EC, CIPHER_SIGN},
55 {GNUTLS_KX_DHE_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
56 {GNUTLS_KX_SRP_DSS, GNUTLS_PK_DSA, CIPHER_SIGN},
57 {0, 0, 0}
58};
59
60#define GNUTLS_PK_MAP_LOOP(b)const gnutls_pk_map *p; for(p = pk_mappings; p->kx_algorithm
!= 0; p++) { b } \
61 const gnutls_pk_map *p; \
62 for(p = pk_mappings; p->kx_algorithm != 0; p++) { b }
63
64#define GNUTLS_PK_MAP_ALG_LOOP(a)const gnutls_pk_map *p; for(p = pk_mappings; p->kx_algorithm
!= 0; p++) { if(p->kx_algorithm == kx_algorithm) { a; break
; } } \
65 GNUTLS_PK_MAP_LOOP( if(p->kx_algorithm == kx_algorithm) { a; break; })const gnutls_pk_map *p; for(p = pk_mappings; p->kx_algorithm
!= 0; p++) { if(p->kx_algorithm == kx_algorithm) { a; break
; } }
66
67
68/* returns the gnutls_pk_algorithm_t which is compatible with
69 * the given gnutls_kx_algorithm_t.
70 */
71gnutls_pk_algorithm_t
72_gnutls_map_pk_get_pk (gnutls_kx_algorithm_t kx_algorithm)
73{
74 gnutls_pk_algorithm_t ret = -1;
75
76 GNUTLS_PK_MAP_ALG_LOOP (ret = p->pk_algorithm)const gnutls_pk_map *p; for(p = pk_mappings; p->kx_algorithm
!= 0; p++) { if(p->kx_algorithm == kx_algorithm) { ret = p
->pk_algorithm; break; } } return ret;
77}
78
79/* pk algorithms;
80 */
81struct gnutls_pk_entry
82{
83 const char *name;
84 const char *oid;
85 gnutls_pk_algorithm_t id;
86};
87typedef struct gnutls_pk_entry gnutls_pk_entry;
88
89static const gnutls_pk_entry pk_algorithms[] = {
90 /* having duplicate entries is ok, as long as the one
91 * we want to return OID from is first */
92 {"UNKNOWN", NULL((void*)0), GNUTLS_PK_UNKNOWN},
93 {"RSA", PK_PKIX1_RSA_OID"1.2.840.113549.1.1.1", GNUTLS_PK_RSA},
94 {"RSA (X.509)", PK_X509_RSA_OID"2.5.8.1.1", GNUTLS_PK_RSA}, /* some certificates use this OID for RSA */
95 {"RSA (MD5)", SIG_RSA_MD5_OID"1.2.840.113549.1.1.4", GNUTLS_PK_RSA}, /* some other broken certificates set RSA with MD5 as an indicator of RSA */
96 {"RSA (SHA1)", SIG_RSA_SHA1_OID"1.2.840.113549.1.1.5", GNUTLS_PK_RSA}, /* some other broken certificates set RSA with SHA1 as an indicator of RSA */
97 {"DSA", PK_DSA_OID"1.2.840.10040.4.1", GNUTLS_PK_DSA},
98 {"GOST R 34.10-2001", PK_GOST_R3410_2001_OID"1.2.643.2.2.19", GNUTLS_PK_UNKNOWN},
99 {"GOST R 34.10-94", PK_GOST_R3410_94_OID"1.2.643.2.2.20", GNUTLS_PK_UNKNOWN},
100 {"EC", "1.2.840.10045.2.1", GNUTLS_PK_EC},
101 {0, 0, 0}
102};
103
104#define GNUTLS_PK_LOOP(b){ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { b ; } } \
105 { const gnutls_pk_entry *p; \
106 for(p = pk_algorithms; p->name != NULL((void*)0); p++) { b ; } }
107
108
109/**
110 * gnutls_pk_algorithm_get_name:
111 * @algorithm: is a pk algorithm
112 *
113 * Convert a #gnutls_pk_algorithm_t value to a string.
114 *
115 * Returns: a string that contains the name of the specified public
116 * key algorithm, or %NULL.
117 **/
118const char *
119gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm)
120{
121 const char *ret = NULL((void*)0);
122
123 GNUTLS_PK_LOOP({ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
124 if (p->id == algorithm){ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
125 {{ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
126 ret = p->name;{ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
127 break;{ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
128 }{ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } }
129 ){ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id == algorithm) { ret = p->
name; break; } ; } };
130
131 return ret;
132}
133
134/**
135 * gnutls_pk_list:
136 *
137 * Get a list of supported public key algorithms.
138 *
139 * This function is not thread safe.
140 *
141 * Returns: a (0)-terminated list of #gnutls_pk_algorithm_t integers
142 * indicating the available ciphers.
143 *
144 * Since: 2.6.0
145 **/
146const gnutls_pk_algorithm_t *
147gnutls_pk_list (void)
148{
149static gnutls_pk_algorithm_t supported_pks[MAX_ALGOS32] = {0};
150
151 if (supported_pks[0] == 0)
152 {
153 int i = 0;
154
155 GNUTLS_PK_LOOP (if (p->id != GNUTLS_PK_UNKNOWN && supported_pks[i>0?(i-1):0]!=p->id) supported_pks[i++]=p->id){ const gnutls_pk_entry *p; for(p = pk_algorithms; p->name
!= ((void*)0); p++) { if (p->id != GNUTLS_PK_UNKNOWN &&
supported_pks[i>0?(i-1):0]!=p->id) supported_pks[i++]=
p->id ; } };
156 supported_pks[i++]=0;
Value stored to 'i' is never read
157 }
158
159 return supported_pks;
160}
161
162/**
163 * gnutls_pk_get_id:
164 * @name: is a string containing a public key algorithm name.
165 *
166 * Convert a string to a #gnutls_pk_algorithm_t value. The names are
167 * compared in a case insensitive way. For example,
168 * gnutls_pk_get_id("RSA") will return %GNUTLS_PK_RSA.
169 *
170 * Returns: a #gnutls_pk_algorithm_t id of the specified public key
171 * algorithm string, or %GNUTLS_PK_UNKNOWN on failures.
172 *
173 * Since: 2.6.0
174 **/
175gnutls_pk_algorithm_t
176gnutls_pk_get_id (const char *name)
177{
178 gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
179 const gnutls_pk_entry *p;
180
181 for (p = pk_algorithms; p->name != NULL((void*)0); p++)
182 if (name && strcmp (p->name, name) == 0)
183 {
184 ret = p->id;
185 break;
186 }
187
188 return ret;
189}
190
191/**
192 * gnutls_pk_get_name:
193 * @algorithm: is a public key algorithm
194 *
195 * Convert a #gnutls_pk_algorithm_t value to a string.
196 *
197 * Returns: a pointer to a string that contains the name of the
198 * specified public key algorithm, or %NULL.
199 *
200 * Since: 2.6.0
201 **/
202const char *
203gnutls_pk_get_name (gnutls_pk_algorithm_t algorithm)
204{
205 const char *ret = "Unknown";
206 const gnutls_pk_entry *p;
207
208 for (p = pk_algorithms; p->name != NULL((void*)0); p++)
209 if (algorithm == p->id)
210 {
211 ret = p->name;
212 break;
213 }
214
215 return ret;
216}
217
218gnutls_pk_algorithm_t
219_gnutls_x509_oid2pk_algorithm (const char *oid)
220{
221 gnutls_pk_algorithm_t ret = GNUTLS_PK_UNKNOWN;
222 const gnutls_pk_entry *p;
223
224 for (p = pk_algorithms; p->name != NULL((void*)0); p++)
225 if (p->oid && strcmp (p->oid, oid) == 0)
226 {
227 ret = p->id;
228 break;
229 }
230
231 return ret;
232}
233
234const char *
235_gnutls_x509_pk_to_oid (gnutls_pk_algorithm_t algorithm)
236{
237 const char *ret = NULL((void*)0);
238 const gnutls_pk_entry *p;
239
240 for (p = pk_algorithms; p->name != NULL((void*)0); p++)
241 if (p->id == algorithm)
242 {
243 ret = p->oid;
244 break;
245 }
246
247 return ret;
248}
249
250/* Returns the encipher type for the given key exchange algorithm.
251 * That one of CIPHER_ENCRYPT, CIPHER_SIGN, CIPHER_IGN.
252 *
253 * ex. GNUTLS_KX_RSA requires a certificate able to encrypt... so returns CIPHER_ENCRYPT.
254 */
255enum encipher_type
256_gnutls_kx_encipher_type (gnutls_kx_algorithm_t kx_algorithm)
257{
258 int ret = CIPHER_IGN;
259 GNUTLS_PK_MAP_ALG_LOOP (ret = p->encipher_type)const gnutls_pk_map *p; for(p = pk_mappings; p->kx_algorithm
!= 0; p++) { if(p->kx_algorithm == kx_algorithm) { ret = p
->encipher_type; break; } } return ret;
260
261}
262