p12_kiss.c 8.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297
  1. /* p12_kiss.c */
  2. /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
  3. * project 1999.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include <stdio.h>
  59. #include "cryptlib.h"
  60. #include <openssl/pkcs12.h>
  61. /* Simplified PKCS#12 routines */
  62. static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
  63. EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
  64. static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
  65. int passlen, EVP_PKEY **pkey, X509 **cert,
  66. STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
  67. char *keymatch);
  68. static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
  69. EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
  70. ASN1_OCTET_STRING **keyid, char *keymatch);
  71. /* Parse and decrypt a PKCS#12 structure returning user key, user cert
  72. * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
  73. * or it should point to a valid STACK structure. pkey and cert can be
  74. * passed unitialised.
  75. */
  76. int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
  77. STACK_OF(X509) **ca)
  78. {
  79. /* Check for NULL PKCS12 structure */
  80. if(!p12) {
  81. PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
  82. return 0;
  83. }
  84. /* Allocate stack for ca certificates if needed */
  85. if ((ca != NULL) && (*ca == NULL)) {
  86. if (!(*ca = sk_X509_new_null())) {
  87. PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
  88. return 0;
  89. }
  90. }
  91. if(pkey) *pkey = NULL;
  92. if(cert) *cert = NULL;
  93. /* Check the mac */
  94. /* If password is zero length or NULL then try verifying both cases
  95. * to determine which password is correct. The reason for this is that
  96. * under PKCS#12 password based encryption no password and a zero length
  97. * password are two different things...
  98. */
  99. if(!pass || !*pass) {
  100. if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
  101. else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
  102. else {
  103. PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
  104. goto err;
  105. }
  106. } else if (!PKCS12_verify_mac(p12, pass, -1)) {
  107. PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
  108. goto err;
  109. }
  110. if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
  111. {
  112. PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
  113. goto err;
  114. }
  115. return 1;
  116. err:
  117. if (pkey && *pkey) EVP_PKEY_free(*pkey);
  118. if (cert && *cert) X509_free(*cert);
  119. if (ca) sk_X509_pop_free(*ca, X509_free);
  120. return 0;
  121. }
  122. /* Parse the outer PKCS#12 structure */
  123. static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
  124. EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
  125. {
  126. STACK_OF(PKCS7) *asafes;
  127. STACK_OF(PKCS12_SAFEBAG) *bags;
  128. int i, bagnid;
  129. PKCS7 *p7;
  130. ASN1_OCTET_STRING *keyid = NULL;
  131. char keymatch = 0;
  132. if (!(asafes = PKCS12_unpack_authsafes (p12))) return 0;
  133. for (i = 0; i < sk_PKCS7_num (asafes); i++) {
  134. p7 = sk_PKCS7_value (asafes, i);
  135. bagnid = OBJ_obj2nid (p7->type);
  136. if (bagnid == NID_pkcs7_data) {
  137. bags = PKCS12_unpack_p7data(p7);
  138. } else if (bagnid == NID_pkcs7_encrypted) {
  139. bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
  140. } else continue;
  141. if (!bags) {
  142. sk_PKCS7_pop_free(asafes, PKCS7_free);
  143. return 0;
  144. }
  145. if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
  146. &keyid, &keymatch)) {
  147. sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
  148. sk_PKCS7_pop_free(asafes, PKCS7_free);
  149. return 0;
  150. }
  151. sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
  152. }
  153. sk_PKCS7_pop_free(asafes, PKCS7_free);
  154. if (keyid) M_ASN1_OCTET_STRING_free(keyid);
  155. return 1;
  156. }
  157. static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
  158. int passlen, EVP_PKEY **pkey, X509 **cert,
  159. STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
  160. char *keymatch)
  161. {
  162. int i;
  163. for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
  164. if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
  165. pass, passlen, pkey, cert, ca, keyid,
  166. keymatch)) return 0;
  167. }
  168. return 1;
  169. }
  170. #define MATCH_KEY 0x1
  171. #define MATCH_CERT 0x2
  172. #define MATCH_ALL 0x3
  173. static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
  174. EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
  175. ASN1_OCTET_STRING **keyid,
  176. char *keymatch)
  177. {
  178. PKCS8_PRIV_KEY_INFO *p8;
  179. X509 *x509;
  180. ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
  181. ASN1_TYPE *attrib;
  182. ASN1_BMPSTRING *fname = NULL;
  183. if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
  184. fname = attrib->value.bmpstring;
  185. if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
  186. lkey = attrib->value.octet_string;
  187. ckid = lkey;
  188. }
  189. /* Check for any local key id matching (if needed) */
  190. if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
  191. if (*keyid) {
  192. if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
  193. } else {
  194. if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
  195. PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE);
  196. return 0;
  197. }
  198. }
  199. }
  200. switch (M_PKCS12_bag_type(bag))
  201. {
  202. case NID_keyBag:
  203. if (!lkey || !pkey) return 1;
  204. if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
  205. *keymatch |= MATCH_KEY;
  206. break;
  207. case NID_pkcs8ShroudedKeyBag:
  208. if (!lkey || !pkey) return 1;
  209. if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
  210. return 0;
  211. *pkey = EVP_PKCS82PKEY(p8);
  212. PKCS8_PRIV_KEY_INFO_free(p8);
  213. if (!(*pkey)) return 0;
  214. *keymatch |= MATCH_KEY;
  215. break;
  216. case NID_certBag:
  217. if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
  218. return 1;
  219. if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
  220. if(ckid)
  221. {
  222. if (!X509_keyid_set1(x509, ckid->data, ckid->length))
  223. {
  224. X509_free(x509);
  225. return 0;
  226. }
  227. }
  228. if(fname) {
  229. int len, r;
  230. unsigned char *data;
  231. len = ASN1_STRING_to_UTF8(&data, fname);
  232. if(len > 0) {
  233. r = X509_alias_set1(x509, data, len);
  234. OPENSSL_free(data);
  235. if (!r)
  236. {
  237. X509_free(x509);
  238. return 0;
  239. }
  240. }
  241. }
  242. if (lkey) {
  243. *keymatch |= MATCH_CERT;
  244. if (cert) *cert = x509;
  245. else X509_free(x509);
  246. } else {
  247. if(ca) sk_X509_push (*ca, x509);
  248. else X509_free(x509);
  249. }
  250. break;
  251. case NID_safeContentsBag:
  252. return parse_bags(bag->value.safes, pass, passlen,
  253. pkey, cert, ca, keyid, keymatch);
  254. break;
  255. default:
  256. return 1;
  257. break;
  258. }
  259. return 1;
  260. }