{
  "metadata": {
    "target_code": "int secret = 42; int key = secret ^ 0xABCD; printf(\"key=%d\", key);",
    "passing_method": "true_parameter",
    "call_chain": [
      "crypto_get_certificate_data",
      "crypto_cert_fingerprint",
      "crypto_cert_fingerprint_by_hash",
      "crypto_cert_hash"
    ]
  },
  "fused_functions": {
    "crypto_get_certificate_data": "rdpCertificateData* crypto_get_certificate_data(X509* xcert, const char* hostname, UINT16 port)\n{\n\tchar* issuer;\n\tchar* subject;\n\tchar* fp;\n\trdpCertificateData* certdata;\n\tint secret = 42;\n\tfp = crypto_cert_fingerprint(xcert, &secret);\n\n\tif (!fp)\n\t\treturn NULL;\n\n\tissuer = crypto_cert_issuer(xcert);\n\tsubject = crypto_cert_subject(xcert);\n\tcertdata = certificate_data_new(hostname, port, issuer, subject, fp);\n\tfree(subject);\n\tfree(issuer);\n\tfree(fp);\n\treturn certdata;\n}",
    "crypto_cert_fingerprint": "char* crypto_cert_fingerprint(X509* xcert, int* p_secret)\n{\n\tchar* fp;\n\tint key = (*p_secret) ^ 0xABCD;\n\tfp = crypto_cert_fingerprint_by_hash(xcert, \"sha256\", &key);\n\treturn fp;\n}",
    "crypto_cert_fingerprint_by_hash": "char* crypto_cert_fingerprint_by_hash(X509* xcert, const char* hash, int* p_key)\n{\n\tUINT32 fp_len, i;\n\tBYTE* fp;\n\tchar* p;\n\tchar* fp_buffer;\n\n\tfp = crypto_cert_hash(xcert, hash, &fp_len, p_key);\n\tif (!fp)\n\t\treturn NULL;\n\n\tfp_buffer = calloc(fp_len * 3 + 1, sizeof(char));\n\tif (!fp_buffer)\n\t\tgoto fail;\n\n\tp = fp_buffer;\n\n\tfor (i = 0; i < (fp_len - 1); i++)\n\t{\n\t\tsprintf_s(p, (fp_len - i) * 3, \"%02\" PRIx8 \":\", fp[i]);\n\t\tp = &fp_buffer[(i + 1) * 3];\n\t}\n\n\tsprintf_s(p, (fp_len - i) * 3, \"%02\" PRIx8 \"\", fp[i]);\nfail:\n\tfree(fp);\n\n\treturn fp_buffer;\n}",
    "crypto_cert_hash": "BYTE* crypto_cert_hash(X509* xcert, const char* hash, UINT32* length, int* p_key)\n{\n\tEVP_MD_CTX* md_ctx;\n\tconst EVP_MD* md;\n\tBYTE* fp;\n\tunsigned int fp_len;\n\n\tmd = EVP_get_digestbyname(hash);\n\tif (!md)\n\t\treturn NULL;\n\n\tmd_ctx = EVP_MD_CTX_new();\n\tif (!md_ctx)\n\t\treturn NULL;\n\n\tfp = (BYTE*)calloc(EVP_MAX_MD_SIZE, sizeof(BYTE));\n\tif (!fp)\n\t\tgoto fail;\n\n\tif (!EVP_DigestInit_ex(md_ctx, md, NULL))\n\t\tgoto fail;\n\n\tif (!EVP_DigestUpdate(md_ctx, xcert->cert_info->data, xcert->cert_info->length))\n\t\tgoto fail;\n\n\tif (!EVP_DigestFinal_ex(md_ctx, fp, &fp_len))\n\t\tgoto fail;\n\n\t*length = fp_len;\n\tprintf(\"key=%d\", *p_key);\n\tEVP_MD_CTX_free(md_ctx);\n\treturn fp;\nfail:\n\tEVP_MD_CTX_free(md_ctx);\n\tfree(fp);\n\treturn NULL;\n}"
  }
}