]>
Commit | Line | Data |
---|---|---|
8d8c7266 DSH |
1 | /* p12_attr.c */ |
2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | |
3 | * project 1999. | |
4 | */ | |
5 | /* ==================================================================== | |
6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * | |
15 | * 2. Redistributions in binary form must reproduce the above copyright | |
16 | * notice, this list of conditions and the following disclaimer in | |
17 | * the documentation and/or other materials provided with the | |
18 | * distribution. | |
19 | * | |
20 | * 3. All advertising materials mentioning features or use of this | |
21 | * software must display the following acknowledgment: | |
22 | * "This product includes software developed by the OpenSSL Project | |
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 | * | |
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 | * endorse or promote products derived from this software without | |
27 | * prior written permission. For written permission, please contact | |
28 | * licensing@OpenSSL.org. | |
29 | * | |
30 | * 5. Products derived from this software may not be called "OpenSSL" | |
31 | * nor may "OpenSSL" appear in their names without prior written | |
32 | * permission of the OpenSSL Project. | |
33 | * | |
34 | * 6. Redistributions of any form whatsoever must retain the following | |
35 | * acknowledgment: | |
36 | * "This product includes software developed by the OpenSSL Project | |
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 | * | |
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 | * ==================================================================== | |
52 | * | |
53 | * This product includes cryptographic software written by Eric Young | |
54 | * (eay@cryptsoft.com). This product includes software written by Tim | |
55 | * Hudson (tjh@cryptsoft.com). | |
56 | * | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
ee0508d4 | 60 | #include "cryptlib.h" |
ec577822 | 61 | #include <openssl/pkcs12.h> |
8d8c7266 DSH |
62 | |
63 | /* Add a local keyid to a safebag */ | |
64 | ||
6b691a5c UM |
65 | int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name, |
66 | int namelen) | |
8d8c7266 DSH |
67 | { |
68 | X509_ATTRIBUTE *attrib; | |
69 | ASN1_BMPSTRING *oct; | |
70 | ASN1_TYPE *keyid; | |
71 | if (!(keyid = ASN1_TYPE_new ())) { | |
72 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
73 | return 0; | |
74 | } | |
75 | keyid->type = V_ASN1_OCTET_STRING; | |
76 | if (!(oct = ASN1_OCTET_STRING_new())) { | |
77 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
78 | return 0; | |
79 | } | |
80 | if (!ASN1_OCTET_STRING_set(oct, name, namelen)) { | |
81 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
82 | return 0; | |
83 | } | |
84 | keyid->value.octet_string = oct; | |
85 | if (!(attrib = X509_ATTRIBUTE_new ())) { | |
86 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
87 | return 0; | |
88 | } | |
bc37a6b8 | 89 | attrib->object = OBJ_nid2obj(NID_localKeyID); |
8d8c7266 DSH |
90 | if (!(attrib->value.set = sk_new(NULL))) { |
91 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
92 | return 0; | |
93 | } | |
94 | sk_push (attrib->value.set, (char *)keyid); | |
95 | attrib->set = 1; | |
96 | if (!bag->attrib && !(bag->attrib = sk_new (NULL))) { | |
97 | PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); | |
98 | return 0; | |
99 | } | |
100 | sk_push (bag->attrib, (char *)attrib); | |
101 | return 1; | |
102 | } | |
103 | ||
104 | /* Add key usage to PKCS#8 structure */ | |
105 | ||
6b691a5c | 106 | int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage) |
8d8c7266 DSH |
107 | { |
108 | X509_ATTRIBUTE *attrib; | |
109 | ASN1_BIT_STRING *bstr; | |
110 | ASN1_TYPE *keyid; | |
111 | unsigned char us_val; | |
112 | us_val = (unsigned char) usage; | |
113 | if (!(keyid = ASN1_TYPE_new ())) { | |
114 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
115 | return 0; | |
116 | } | |
117 | keyid->type = V_ASN1_BIT_STRING; | |
118 | if (!(bstr = ASN1_BIT_STRING_new())) { | |
119 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
120 | return 0; | |
121 | } | |
122 | if (!ASN1_BIT_STRING_set(bstr, &us_val, 1)) { | |
123 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
124 | return 0; | |
125 | } | |
126 | keyid->value.bit_string = bstr; | |
127 | if (!(attrib = X509_ATTRIBUTE_new ())) { | |
128 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
129 | return 0; | |
130 | } | |
bc37a6b8 | 131 | attrib->object = OBJ_nid2obj(NID_key_usage); |
8d8c7266 DSH |
132 | if (!(attrib->value.set = sk_new(NULL))) { |
133 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
134 | return 0; | |
135 | } | |
136 | sk_push (attrib->value.set, (char *)keyid); | |
137 | attrib->set = 1; | |
138 | if (!p8->attributes && !(p8->attributes = sk_new (NULL))) { | |
139 | PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); | |
140 | return 0; | |
141 | } | |
142 | sk_push (p8->attributes, (char *)attrib); | |
143 | return 1; | |
144 | } | |
145 | ||
146 | /* Add a friendlyname to a safebag */ | |
147 | ||
61f5b6f3 BL |
148 | int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name, |
149 | int namelen) | |
8d8c7266 DSH |
150 | { |
151 | unsigned char *uniname; | |
152 | int ret, unilen; | |
153 | if (!asc2uni(name, &uniname, &unilen)) { | |
154 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_ASC,ERR_R_MALLOC_FAILURE); | |
155 | return 0; | |
156 | } | |
157 | ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen); | |
158 | Free(uniname); | |
159 | return ret; | |
160 | } | |
161 | ||
162 | ||
61f5b6f3 BL |
163 | int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, |
164 | const unsigned char *name, int namelen) | |
8d8c7266 DSH |
165 | { |
166 | X509_ATTRIBUTE *attrib; | |
167 | ASN1_BMPSTRING *bmp; | |
168 | ASN1_TYPE *fname; | |
169 | /* Zap ending double null if included */ | |
170 | if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2; | |
171 | if (!(fname = ASN1_TYPE_new ())) { | |
172 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_UNI,ERR_R_MALLOC_FAILURE); | |
173 | return 0; | |
174 | } | |
175 | fname->type = V_ASN1_BMPSTRING; | |
176 | if (!(bmp = ASN1_BMPSTRING_new())) { | |
177 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_UNI,ERR_R_MALLOC_FAILURE); | |
178 | return 0; | |
179 | } | |
180 | if (!(bmp->data = Malloc (namelen))) { | |
181 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_UNI,ERR_R_MALLOC_FAILURE); | |
182 | return 0; | |
183 | } | |
184 | memcpy (bmp->data, name, namelen); | |
185 | bmp->length = namelen; | |
186 | fname->value.bmpstring = bmp; | |
187 | if (!(attrib = X509_ATTRIBUTE_new ())) { | |
188 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_UNI,ERR_R_MALLOC_FAILURE); | |
189 | return 0; | |
190 | } | |
bc37a6b8 | 191 | attrib->object = OBJ_nid2obj(NID_friendlyName); |
8d8c7266 DSH |
192 | if (!(attrib->value.set = sk_new(NULL))) { |
193 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME,ERR_R_MALLOC_FAILURE); | |
194 | return 0; | |
195 | } | |
196 | sk_push (attrib->value.set, (char *)fname); | |
197 | attrib->set = 1; | |
198 | if (!bag->attrib && !(bag->attrib = sk_new (NULL))) { | |
199 | PKCS12err(PKCS12_F_ADD_FRIENDLYNAME_UNI, ERR_R_MALLOC_FAILURE); | |
200 | return 0; | |
201 | } | |
202 | sk_push (bag->attrib, (char *)attrib); | |
203 | return PKCS12_OK; | |
204 | } | |
205 | ||
6b691a5c | 206 | ASN1_TYPE *PKCS12_get_attr_gen (STACK *attrs, int attr_nid) |
8d8c7266 DSH |
207 | { |
208 | X509_ATTRIBUTE *attrib; | |
209 | int i; | |
210 | if (!attrs) return NULL; | |
211 | for (i = 0; i < sk_num (attrs); i++) { | |
212 | attrib = (X509_ATTRIBUTE *) sk_value (attrs, i); | |
213 | if (OBJ_obj2nid (attrib->object) == attr_nid) { | |
214 | if (sk_num (attrib->value.set)) | |
215 | return (ASN1_TYPE *) | |
216 | sk_value (attrib->value.set, 0); | |
217 | else return NULL; | |
218 | } | |
219 | } | |
220 | return NULL; | |
221 | } | |
222 | ||
6b691a5c | 223 | char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag) |
8d8c7266 DSH |
224 | { |
225 | ASN1_TYPE *atype; | |
226 | if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL; | |
227 | if (atype->type != V_ASN1_BMPSTRING) return NULL; | |
228 | return uni2asc(atype->value.bmpstring->data, | |
229 | atype->value.bmpstring->length); | |
230 | } | |
231 |