[thirdparty/openssl.git] / crypto / pkcs12 / p12_npas.c

/*
 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/pkcs12.h>
#include "p12_local.h"

/* PKCS#12 password change routine */

static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass);
static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
                        const char *newpass);
static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
                        const char *newpass);
static int alg_get(const X509_ALGOR *alg, int *pnid, int *piter,
                   int *psaltlen);

/*
 * Change the password on a PKCS#12 structure.
 */

int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)
{
    /* Check for NULL PKCS12 structure */

    if (!p12) {
        PKCS12err(PKCS12_F_PKCS12_NEWPASS,
                  PKCS12_R_INVALID_NULL_PKCS12_POINTER);
        return 0;
    }

    /* Check the mac */

    if (!PKCS12_verify_mac(p12, oldpass, -1)) {
        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
        return 0;
    }

    if (!newpass_p12(p12, oldpass, newpass)) {
        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
        return 0;
    }

    return 1;
}

/* Parse the outer PKCS#12 structure */

static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
{
    STACK_OF(PKCS7) *asafes = NULL, *newsafes = NULL;
    STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
    int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
    PKCS7 *p7, *p7new;
    ASN1_OCTET_STRING *p12_data_tmp = NULL, *macoct = NULL;
    unsigned char mac[EVP_MAX_MD_SIZE];
    unsigned int maclen;
    int rv = 0;

    if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
        goto err;
    if ((newsafes = sk_PKCS7_new_null()) == NULL)
        goto err;
    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
        p7 = sk_PKCS7_value(asafes, i);
        bagnid = OBJ_obj2nid(p7->type);
        if (bagnid == NID_pkcs7_data) {
            bags = PKCS12_unpack_p7data(p7);
        } else if (bagnid == NID_pkcs7_encrypted) {
            bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
            if (!alg_get(p7->d.encrypted->enc_data->algorithm,
                         &pbe_nid, &pbe_iter, &pbe_saltlen))
                goto err;
        } else {
            continue;
        }
        if (bags == NULL)
            goto err;
        if (!newpass_bags(bags, oldpass, newpass))
            goto err;
        /* Repack bag in same form with new password */
        if (bagnid == NID_pkcs7_data)
            p7new = PKCS12_pack_p7data(bags);
        else
            p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
                                          pbe_saltlen, pbe_iter, bags);
        if (!p7new || !sk_PKCS7_push(newsafes, p7new))
            goto err;
        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
        bags = NULL;
    }

    /* Repack safe: save old safe in case of error */

    p12_data_tmp = p12->authsafes->d.data;
    if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
        goto err;
    if (!PKCS12_pack_authsafes(p12, newsafes))
        goto err;

    if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
        goto err;
    X509_SIG_getm(p12->mac->dinfo, NULL, &macoct);
    if (!ASN1_OCTET_STRING_set(macoct, mac, maclen))
        goto err;

    rv = 1;

err:
    /* Restore old safe if necessary */
    if (rv == 1) {
        ASN1_OCTET_STRING_free(p12_data_tmp);
    } else if (p12_data_tmp != NULL) {
        ASN1_OCTET_STRING_free(p12->authsafes->d.data);
        p12->authsafes->d.data = p12_data_tmp;
    }
    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
    sk_PKCS7_pop_free(asafes, PKCS7_free);
    sk_PKCS7_pop_free(newsafes, PKCS7_free);
    return rv;
}

static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
                        const char *newpass)
{
    int i;
    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
        if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
            return 0;
    }
    return 1;
}

/* Change password of safebag: only needs handle shrouded keybags */

static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
                       const char *newpass)
{
    PKCS8_PRIV_KEY_INFO *p8;
    X509_SIG *p8new;
    int p8_nid, p8_saltlen, p8_iter;
    const X509_ALGOR *shalg;

    if (PKCS12_SAFEBAG_get_nid(bag) != NID_pkcs8ShroudedKeyBag)
        return 1;

    if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL)
        return 0;
    X509_SIG_get0(bag->value.shkeybag, &shalg, NULL);
    if (!alg_get(shalg, &p8_nid, &p8_iter, &p8_saltlen))
        return 0;
    p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
                          p8_iter, p8);
    PKCS8_PRIV_KEY_INFO_free(p8);
    if (p8new == NULL)
        return 0;
    X509_SIG_free(bag->value.shkeybag);
    bag->value.shkeybag = p8new;
    return 1;
}

static int alg_get(const X509_ALGOR *alg, int *pnid, int *piter,
                   int *psaltlen)
{
    PBEPARAM *pbe;
    pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), alg->parameter);
    if (!pbe)
        return 0;
    *pnid = OBJ_obj2nid(alg->algorithm);
    *piter = ASN1_INTEGER_get(pbe->iter);
    *psaltlen = pbe->salt->length;
    PBEPARAM_free(pbe);
    return 1;
}
Commit	Line	Data
0f113f3e	1	/*
b1322259	2	* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
21131f00	3	*
54fffdf4	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
b1322259 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
21131f00 DSH	8	*/
	9
	10	#include <stdio.h>
	11	#include <stdlib.h>
	12	#include <string.h>
	13	#include <openssl/pem.h>
	14	#include <openssl/err.h>
	15	#include <openssl/pkcs12.h>
706457b7	16	#include "p12_local.h"
21131f00 DSH	17
	18	/* PKCS#12 password change routine */
	19
049f5bbc DSH	20	static int newpass_p12(PKCS12 p12, const char oldpass, const char *newpass);
	21	static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) bags, const char oldpass,
	22	const char *newpass);
	23	static int newpass_bag(PKCS12_SAFEBAG bag, const char oldpass,
	24	const char *newpass);
59b4da05 DSH	25	static int alg_get(const X509_ALGOR alg, int pnid, int *piter,
59b4da05 DSH	26	int *psaltlen);
21131f00	27
0f113f3e	28	/*
21131f00 DSH	29	* Change the password on a PKCS#12 structure.
	30	*/
	31
049f5bbc	32	int PKCS12_newpass(PKCS12 p12, const char oldpass, const char *newpass)
21131f00	33	{
0f113f3e MC	34	/* Check for NULL PKCS12 structure */
	35
	36	if (!p12) {
	37	PKCS12err(PKCS12_F_PKCS12_NEWPASS,
	38	PKCS12_R_INVALID_NULL_PKCS12_POINTER);
	39	return 0;
	40	}
	41
	42	/* Check the mac */
	43
	44	if (!PKCS12_verify_mac(p12, oldpass, -1)) {
	45	PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
	46	return 0;
	47	}
	48
	49	if (!newpass_p12(p12, oldpass, newpass)) {
	50	PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
	51	return 0;
	52	}
	53
	54	return 1;
21131f00 DSH	55	}
	56
	57	/* Parse the outer PKCS#12 structure */
	58
049f5bbc	59	static int newpass_p12(PKCS12 p12, const char oldpass, const char *newpass)
21131f00	60	{
d800d0f4 DSH	61	STACK_OF(PKCS7) asafes = NULL, newsafes = NULL;
d800d0f4 DSH	62	STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
0f113f3e MC	63	int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
0f113f3e MC	64	PKCS7 p7, p7new;
a6eb1ce6	65	ASN1_OCTET_STRING p12_data_tmp = NULL, macoct = NULL;
0f113f3e MC	66	unsigned char mac[EVP_MAX_MD_SIZE];
0f113f3e MC	67	unsigned int maclen;
d800d0f4	68	int rv = 0;
0f113f3e	69
75ebbd9a	70	if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
d800d0f4	71	goto err;
75ebbd9a	72	if ((newsafes = sk_PKCS7_new_null()) == NULL)
d800d0f4	73	goto err;
0f113f3e MC	74	for (i = 0; i < sk_PKCS7_num(asafes); i++) {
	75	p7 = sk_PKCS7_value(asafes, i);
	76	bagnid = OBJ_obj2nid(p7->type);
	77	if (bagnid == NID_pkcs7_data) {
	78	bags = PKCS12_unpack_p7data(p7);
	79	} else if (bagnid == NID_pkcs7_encrypted) {
	80	bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
	81	if (!alg_get(p7->d.encrypted->enc_data->algorithm,
d800d0f4 DSH	82	&pbe_nid, &pbe_iter, &pbe_saltlen))
	83	goto err;
	84	} else {
0f113f3e	85	continue;
0f113f3e	86	}
d800d0f4 DSH	87	if (bags == NULL)
	88	goto err;
	89	if (!newpass_bags(bags, oldpass, newpass))
	90	goto err;
0f113f3e MC	91	/* Repack bag in same form with new password */
	92	if (bagnid == NID_pkcs7_data)
	93	p7new = PKCS12_pack_p7data(bags);
	94	else
	95	p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
	96	pbe_saltlen, pbe_iter, bags);
d800d0f4 DSH	97	if (!p7new \|\| !sk_PKCS7_push(newsafes, p7new))
d800d0f4 DSH	98	goto err;
0f113f3e	99	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
d800d0f4	100	bags = NULL;
0f113f3e	101	}
0f113f3e MC	102
	103	/* Repack safe: save old safe in case of error */
	104
	105	p12_data_tmp = p12->authsafes->d.data;
75ebbd9a	106	if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
d800d0f4	107	goto err;
0f113f3e	108	if (!PKCS12_pack_authsafes(p12, newsafes))
d800d0f4	109	goto err;
0f113f3e MC	110
0f113f3e MC	111	if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
d800d0f4	112	goto err;
0b7347ef	113	X509_SIG_getm(p12->mac->dinfo, NULL, &macoct);
a6eb1ce6	114	if (!ASN1_OCTET_STRING_set(macoct, mac, maclen))
d800d0f4	115	goto err;
0f113f3e	116
d800d0f4	117	rv = 1;
21131f00	118
d800d0f4 DSH	119	err:
	120	/* Restore old safe if necessary */
	121	if (rv == 1) {
	122	ASN1_OCTET_STRING_free(p12_data_tmp);
	123	} else if (p12_data_tmp != NULL) {
	124	ASN1_OCTET_STRING_free(p12->authsafes->d.data);
	125	p12->authsafes->d.data = p12_data_tmp;
	126	}
	127	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
	128	sk_PKCS7_pop_free(asafes, PKCS7_free);
	129	sk_PKCS7_pop_free(newsafes, PKCS7_free);
	130	return rv;
21131f00 DSH	131	}
21131f00 DSH	132
049f5bbc DSH	133	static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) bags, const char oldpass,
049f5bbc DSH	134	const char *newpass)
21131f00	135	{
0f113f3e MC	136	int i;
	137	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
	138	if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
	139	return 0;
	140	}
	141	return 1;
21131f00 DSH	142	}
	143
	144	/* Change password of safebag: only needs handle shrouded keybags */
	145
049f5bbc DSH	146	static int newpass_bag(PKCS12_SAFEBAG bag, const char oldpass,
049f5bbc DSH	147	const char *newpass)
21131f00	148	{
0f113f3e MC	149	PKCS8_PRIV_KEY_INFO *p8;
	150	X509_SIG *p8new;
	151	int p8_nid, p8_saltlen, p8_iter;
59b4da05	152	const X509_ALGOR *shalg;
0f113f3e	153
762ee38d	154	if (PKCS12_SAFEBAG_get_nid(bag) != NID_pkcs8ShroudedKeyBag)
0f113f3e MC	155	return 1;
0f113f3e MC	156
75ebbd9a	157	if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL)
0f113f3e	158	return 0;
59b4da05	159	X509_SIG_get0(bag->value.shkeybag, &shalg, NULL);
a6eb1ce6	160	if (!alg_get(shalg, &p8_nid, &p8_iter, &p8_saltlen))
0f113f3e	161	return 0;
d800d0f4 DSH	162	p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
	163	p8_iter, p8);
	164	PKCS8_PRIV_KEY_INFO_free(p8);
	165	if (p8new == NULL)
0f113f3e MC	166	return 0;
	167	X509_SIG_free(bag->value.shkeybag);
	168	bag->value.shkeybag = p8new;
	169	return 1;
21131f00 DSH	170	}
21131f00 DSH	171
59b4da05 DSH	172	static int alg_get(const X509_ALGOR alg, int pnid, int *piter,
59b4da05 DSH	173	int *psaltlen)
21131f00	174	{
0f113f3e	175	PBEPARAM *pbe;
e93c8748	176	pbe = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(PBEPARAM), alg->parameter);
0f113f3e MC	177	if (!pbe)
	178	return 0;
	179	*pnid = OBJ_obj2nid(alg->algorithm);
	180	*piter = ASN1_INTEGER_get(pbe->iter);
	181	*psaltlen = pbe->salt->length;
	182	PBEPARAM_free(pbe);
	183	return 1;
21131f00	184	}