]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
8020d79b | 2 | * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. |
8d8c7266 | 3 | * |
54fffdf4 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
b1322259 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8d8c7266 DSH |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
b39fc560 | 11 | #include "internal/cryptlib.h" |
ec577822 | 12 | #include <openssl/pkcs12.h> |
c1be4d61 | 13 | #include "crypto/x509.h" /* for ossl_x509_add_cert_new() */ |
8d8c7266 DSH |
14 | |
15 | /* Simplified PKCS#12 routines */ | |
16 | ||
0f113f3e MC |
17 | static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, |
18 | EVP_PKEY **pkey, STACK_OF(X509) *ocerts); | |
e77066ea | 19 | |
28da1455 | 20 | static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, |
0f113f3e | 21 | int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts); |
e77066ea | 22 | |
0f113f3e MC |
23 | static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, |
24 | EVP_PKEY **pkey, STACK_OF(X509) *ocerts); | |
e77066ea | 25 | |
0f113f3e MC |
26 | /* |
27 | * Parse and decrypt a PKCS#12 structure returning user key, user cert and | |
28 | * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it | |
c7dfb2ab DDO |
29 | * should point to a valid STACK structure. pkey and/or cert may be NULL; |
30 | * if non-NULL the variables they point to can be passed uninitialised. | |
8d8c7266 DSH |
31 | */ |
32 | ||
8afca8d9 | 33 | int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, |
0f113f3e | 34 | STACK_OF(X509) **ca) |
8d8c7266 | 35 | { |
0f113f3e MC |
36 | STACK_OF(X509) *ocerts = NULL; |
37 | X509 *x = NULL; | |
524fdd51 | 38 | |
c7dfb2ab | 39 | if (pkey != NULL) |
524fdd51 | 40 | *pkey = NULL; |
c7dfb2ab | 41 | if (cert != NULL) |
524fdd51 BE |
42 | *cert = NULL; |
43 | ||
0f113f3e MC |
44 | /* Check for NULL PKCS12 structure */ |
45 | ||
12a765a5 | 46 | if (p12 == NULL) { |
9311d0c4 | 47 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_PKCS12_POINTER); |
0f113f3e MC |
48 | return 0; |
49 | } | |
50 | ||
0f113f3e MC |
51 | /* Check the mac */ |
52 | ||
53 | /* | |
54 | * If password is zero length or NULL then try verifying both cases to | |
55 | * determine which password is correct. The reason for this is that under | |
56 | * PKCS#12 password based encryption no password and a zero length | |
57 | * password are two different things... | |
58 | */ | |
59 | ||
12a765a5 | 60 | if (pass == NULL || *pass == '\0') { |
61dd4168 DDO |
61 | if (!PKCS12_mac_present(p12) |
62 | || PKCS12_verify_mac(p12, NULL, 0)) | |
0f113f3e MC |
63 | pass = NULL; |
64 | else if (PKCS12_verify_mac(p12, "", 0)) | |
65 | pass = ""; | |
66 | else { | |
9311d0c4 | 67 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE); |
0f113f3e MC |
68 | goto err; |
69 | } | |
70 | } else if (!PKCS12_verify_mac(p12, pass, -1)) { | |
9311d0c4 | 71 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE); |
0f113f3e MC |
72 | goto err; |
73 | } | |
74 | ||
c7dfb2ab DDO |
75 | /* If needed, allocate stack for other certificates */ |
76 | if ((cert != NULL || ca != NULL) | |
77 | && (ocerts = sk_X509_new_null()) == NULL) { | |
9311d0c4 | 78 | ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE); |
524fdd51 | 79 | goto err; |
0f113f3e MC |
80 | } |
81 | ||
82 | if (!parse_pk12(p12, pass, -1, pkey, ocerts)) { | |
29844ea5 DDO |
83 | int err = ERR_peek_last_error(); |
84 | ||
85 | if (ERR_GET_LIB(err) != ERR_LIB_EVP | |
86 | && ERR_GET_REASON(err) != EVP_R_UNSUPPORTED_ALGORITHM) | |
9311d0c4 | 87 | ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR); |
0f113f3e MC |
88 | goto err; |
89 | } | |
90 | ||
c7dfb2ab DDO |
91 | /* Split the certs in ocerts over *cert and *ca as far as requested */ |
92 | while ((x = sk_X509_shift(ocerts)) != NULL) { | |
12a765a5 RS |
93 | if (pkey != NULL && *pkey != NULL |
94 | && cert != NULL && *cert == NULL) { | |
c7dfb2ab DDO |
95 | int match; |
96 | ||
ffbf304d | 97 | ERR_set_mark(); |
c7dfb2ab DDO |
98 | match = X509_check_private_key(x, *pkey); |
99 | ERR_pop_to_mark(); | |
100 | if (match) { | |
0f113f3e | 101 | *cert = x; |
c7dfb2ab | 102 | continue; |
0f113f3e MC |
103 | } |
104 | } | |
105 | ||
c7dfb2ab | 106 | if (ca != NULL) { |
c1be4d61 | 107 | if (!ossl_x509_add_cert_new(ca, x, X509_ADD_FLAG_DEFAULT)) |
0f113f3e | 108 | goto err; |
c7dfb2ab | 109 | continue; |
0f113f3e | 110 | } |
222561fe | 111 | X509_free(x); |
0f113f3e | 112 | } |
c7dfb2ab | 113 | sk_X509_free(ocerts); |
0f113f3e MC |
114 | |
115 | return 1; | |
8d8c7266 | 116 | |
5ba7c902 RL |
117 | err: |
118 | ||
c7dfb2ab | 119 | if (pkey != NULL) { |
0f113f3e | 120 | EVP_PKEY_free(*pkey); |
524fdd51 BE |
121 | *pkey = NULL; |
122 | } | |
c7dfb2ab | 123 | if (cert != NULL) { |
0f113f3e | 124 | X509_free(*cert); |
524fdd51 BE |
125 | *cert = NULL; |
126 | } | |
222561fe RS |
127 | X509_free(x); |
128 | sk_X509_pop_free(ocerts, X509_free); | |
0f113f3e | 129 | return 0; |
8d8c7266 DSH |
130 | |
131 | } | |
132 | ||
133 | /* Parse the outer PKCS#12 structure */ | |
134 | ||
c7dfb2ab | 135 | /* pkey and/or ocerts may be NULL */ |
8afca8d9 | 136 | static int parse_pk12(PKCS12 *p12, const char *pass, int passlen, |
0f113f3e | 137 | EVP_PKEY **pkey, STACK_OF(X509) *ocerts) |
8d8c7266 | 138 | { |
0f113f3e MC |
139 | STACK_OF(PKCS7) *asafes; |
140 | STACK_OF(PKCS12_SAFEBAG) *bags; | |
141 | int i, bagnid; | |
142 | PKCS7 *p7; | |
143 | ||
75ebbd9a | 144 | if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL) |
0f113f3e MC |
145 | return 0; |
146 | for (i = 0; i < sk_PKCS7_num(asafes); i++) { | |
147 | p7 = sk_PKCS7_value(asafes, i); | |
148 | bagnid = OBJ_obj2nid(p7->type); | |
149 | if (bagnid == NID_pkcs7_data) { | |
150 | bags = PKCS12_unpack_p7data(p7); | |
151 | } else if (bagnid == NID_pkcs7_encrypted) { | |
152 | bags = PKCS12_unpack_p7encdata(p7, pass, passlen); | |
153 | } else | |
154 | continue; | |
155 | if (!bags) { | |
156 | sk_PKCS7_pop_free(asafes, PKCS7_free); | |
157 | return 0; | |
158 | } | |
159 | if (!parse_bags(bags, pass, passlen, pkey, ocerts)) { | |
160 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | |
161 | sk_PKCS7_pop_free(asafes, PKCS7_free); | |
162 | return 0; | |
163 | } | |
164 | sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); | |
165 | } | |
166 | sk_PKCS7_pop_free(asafes, PKCS7_free); | |
167 | return 1; | |
8d8c7266 DSH |
168 | } |
169 | ||
c7dfb2ab | 170 | /* pkey and/or ocerts may be NULL */ |
28da1455 | 171 | static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, |
0f113f3e | 172 | int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts) |
8d8c7266 | 173 | { |
0f113f3e MC |
174 | int i; |
175 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { | |
176 | if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i), | |
177 | pass, passlen, pkey, ocerts)) | |
178 | return 0; | |
179 | } | |
180 | return 1; | |
8d8c7266 DSH |
181 | } |
182 | ||
c7dfb2ab | 183 | /* pkey and/or ocerts may be NULL */ |
08e9c1af | 184 | static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, |
0f113f3e | 185 | EVP_PKEY **pkey, STACK_OF(X509) *ocerts) |
8d8c7266 | 186 | { |
0f113f3e MC |
187 | PKCS8_PRIV_KEY_INFO *p8; |
188 | X509 *x509; | |
28da1455 | 189 | const ASN1_TYPE *attrib; |
0f113f3e MC |
190 | ASN1_BMPSTRING *fname = NULL; |
191 | ASN1_OCTET_STRING *lkid = NULL; | |
192 | ||
762ee38d | 193 | if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_friendlyName))) |
0f113f3e MC |
194 | fname = attrib->value.bmpstring; |
195 | ||
762ee38d | 196 | if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_localKeyID))) |
0f113f3e MC |
197 | lkid = attrib->value.octet_string; |
198 | ||
762ee38d | 199 | switch (PKCS12_SAFEBAG_get_nid(bag)) { |
0f113f3e | 200 | case NID_keyBag: |
12a765a5 | 201 | if (pkey == NULL || *pkey != NULL) |
0f113f3e | 202 | return 1; |
03922a63 DSH |
203 | *pkey = EVP_PKCS82PKEY(PKCS12_SAFEBAG_get0_p8inf(bag)); |
204 | if (*pkey == NULL) | |
0f113f3e MC |
205 | return 0; |
206 | break; | |
207 | ||
208 | case NID_pkcs8ShroudedKeyBag: | |
12a765a5 | 209 | if (pkey == NULL || *pkey != NULL) |
0f113f3e | 210 | return 1; |
75ebbd9a | 211 | if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL) |
0f113f3e MC |
212 | return 0; |
213 | *pkey = EVP_PKCS82PKEY(p8); | |
214 | PKCS8_PRIV_KEY_INFO_free(p8); | |
215 | if (!(*pkey)) | |
216 | return 0; | |
217 | break; | |
218 | ||
219 | case NID_certBag: | |
c7dfb2ab DDO |
220 | if (ocerts == NULL |
221 | || PKCS12_SAFEBAG_get_bag_nid(bag) != NID_x509Certificate) | |
0f113f3e | 222 | return 1; |
762ee38d | 223 | if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL) |
0f113f3e MC |
224 | return 0; |
225 | if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) { | |
226 | X509_free(x509); | |
227 | return 0; | |
228 | } | |
229 | if (fname) { | |
230 | int len, r; | |
231 | unsigned char *data; | |
c7dfb2ab | 232 | |
0f113f3e MC |
233 | len = ASN1_STRING_to_UTF8(&data, fname); |
234 | if (len >= 0) { | |
235 | r = X509_alias_set1(x509, data, len); | |
236 | OPENSSL_free(data); | |
237 | if (!r) { | |
238 | X509_free(x509); | |
239 | return 0; | |
240 | } | |
241 | } | |
242 | } | |
243 | ||
244 | if (!sk_X509_push(ocerts, x509)) { | |
245 | X509_free(x509); | |
246 | return 0; | |
247 | } | |
248 | ||
249 | break; | |
250 | ||
251 | case NID_safeContentsBag: | |
03922a63 DSH |
252 | return parse_bags(PKCS12_SAFEBAG_get0_safes(bag), pass, passlen, pkey, |
253 | ocerts); | |
0f113f3e MC |
254 | |
255 | default: | |
256 | return 1; | |
0f113f3e MC |
257 | } |
258 | return 1; | |
8d8c7266 | 259 | } |