]>
Commit | Line | Data |
---|---|---|
c5ec6dcf JS |
1 | /* |
2 | * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <stdio.h> | |
11 | #include <string.h> | |
12 | #include <stdlib.h> | |
13 | ||
14 | #include "internal/nelem.h" | |
15 | ||
16 | #include <openssl/pkcs12.h> | |
17 | #include <openssl/x509.h> | |
18 | #include <openssl/x509v3.h> | |
19 | #include <openssl/pem.h> | |
20 | ||
20f8bc72 DDO |
21 | #include "../testutil.h" |
22 | #include "pkcs12.h" /* from the same directory */ | |
c5ec6dcf | 23 | |
c5ec6dcf JS |
24 | /* Set this to > 0 write test data to file */ |
25 | int write_files = 0; | |
26 | ||
27 | /* ------------------------------------------------------------------------- | |
28 | * Local function declarations | |
29 | */ | |
30 | ||
31 | static X509 *load_cert(const unsigned char *bytes, int len); | |
32 | static EVP_PKEY *load_pkey(const unsigned char *bytes, int len); | |
33 | ||
34 | static int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs); | |
35 | ||
36 | static void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac); | |
37 | static int write_p12(PKCS12 *p12, const char *outfile); | |
38 | ||
39 | static PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac); | |
40 | static PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac); | |
41 | static int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac); | |
42 | static int check_asn1_string(const ASN1_TYPE *av, const char *txt); | |
43 | static int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs); | |
44 | ||
45 | ||
46 | /* -------------------------------------------------------------------------- | |
47 | * Test data load functions | |
48 | */ | |
49 | ||
50 | static X509 *load_cert(const unsigned char *bytes, int len) | |
51 | { | |
52 | X509 *cert = NULL; | |
53 | ||
54 | cert = d2i_X509(NULL, &bytes, len); | |
55 | if (!TEST_ptr(cert)) | |
56 | goto err; | |
57 | err: | |
58 | return cert; | |
59 | } | |
60 | ||
61 | static EVP_PKEY *load_pkey(const unsigned char *bytes, int len) | |
62 | { | |
63 | EVP_PKEY *pkey = NULL; | |
64 | ||
65 | pkey = d2i_AutoPrivateKey(NULL, &bytes, len); | |
66 | if (!TEST_ptr(pkey)) | |
67 | goto err; | |
68 | err: | |
69 | return pkey; | |
70 | } | |
71 | ||
72 | ||
73 | /* ------------------------------------------------------------------------- | |
74 | * PKCS12 builder | |
75 | */ | |
76 | ||
77 | PKCS12_BUILDER *new_pkcs12_builder(const char *filename) | |
78 | { | |
79 | PKCS12_BUILDER *pb = OPENSSL_malloc(sizeof(PKCS12_BUILDER)); | |
80 | if (!TEST_ptr(pb)) | |
81 | return NULL; | |
82 | ||
83 | pb->filename = filename; | |
84 | pb->success = 1; | |
85 | return pb; | |
86 | } | |
87 | ||
88 | int end_pkcs12_builder(PKCS12_BUILDER *pb) | |
89 | { | |
90 | int result = pb->success; | |
91 | ||
92 | OPENSSL_free(pb); | |
93 | return result; | |
94 | } | |
95 | ||
96 | ||
97 | void start_pkcs12(PKCS12_BUILDER *pb) | |
98 | { | |
99 | pb->safes = NULL; | |
100 | } | |
101 | ||
102 | ||
103 | void end_pkcs12(PKCS12_BUILDER *pb) | |
104 | { | |
105 | if (!pb->success) | |
106 | return; | |
107 | generate_p12(pb, NULL); | |
108 | } | |
109 | ||
110 | ||
111 | void end_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) | |
112 | { | |
113 | if (!pb->success) | |
114 | return; | |
115 | generate_p12(pb, mac); | |
116 | } | |
117 | ||
118 | ||
119 | /* Generate the PKCS12 encoding and write to memory bio */ | |
120 | static void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) | |
121 | { | |
122 | PKCS12 *p12; | |
123 | ||
124 | if (!pb->success) | |
125 | return; | |
126 | ||
127 | pb->p12bio = BIO_new(BIO_s_mem()); | |
128 | if (!TEST_ptr(pb->p12bio)) { | |
129 | pb->success = 0; | |
130 | return; | |
131 | } | |
132 | p12 = PKCS12_add_safes(pb->safes, 0); | |
133 | if (!TEST_ptr(p12)) { | |
134 | pb->success = 0; | |
135 | goto err; | |
136 | } | |
137 | sk_PKCS7_pop_free(pb->safes, PKCS7_free); | |
138 | ||
139 | if (mac != NULL) { | |
140 | if (!TEST_true(PKCS12_set_mac(p12, mac->pass, strlen(mac->pass), | |
141 | NULL, 0, mac->iter, EVP_get_digestbynid(mac->nid)))) { | |
142 | pb->success = 0; | |
143 | goto err; | |
144 | } | |
145 | } | |
146 | i2d_PKCS12_bio(pb->p12bio, p12); | |
147 | ||
148 | /* Can write to file here for debug */ | |
149 | if (write_files) | |
150 | write_p12(p12, pb->filename); | |
151 | err: | |
152 | PKCS12_free(p12); | |
153 | } | |
154 | ||
155 | ||
156 | static int write_p12(PKCS12 *p12, const char *outfile) | |
157 | { | |
158 | int ret = 0; | |
159 | BIO *out = BIO_new_file(outfile, "w"); | |
160 | ||
161 | if (out == NULL) | |
162 | goto err; | |
163 | ||
164 | if (!TEST_int_eq(i2d_PKCS12_bio(out, p12), 1)) | |
165 | goto err; | |
166 | ret = 1; | |
167 | err: | |
168 | BIO_free(out); | |
169 | return ret; | |
170 | } | |
171 | ||
172 | static PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac) | |
173 | { | |
174 | PKCS12 *p12 = NULL; | |
175 | ||
176 | p12 = d2i_PKCS12_bio(bio, NULL); | |
177 | BIO_free(bio); | |
178 | if (!TEST_ptr(p12)) | |
179 | goto err; | |
180 | if (mac == NULL) { | |
181 | if (!TEST_false(PKCS12_mac_present(p12))) | |
182 | goto err; | |
183 | } else { | |
184 | if (!check_p12_mac(p12, mac)) | |
185 | goto err; | |
186 | } | |
187 | return p12; | |
188 | err: | |
189 | PKCS12_free(p12); | |
190 | return NULL; | |
191 | } | |
192 | ||
193 | ||
194 | /* For use with existing files */ | |
195 | static PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac) | |
196 | { | |
197 | PKCS12 *p12 = NULL; | |
198 | BIO *in = BIO_new_file(infile, "r"); | |
199 | ||
200 | if (in == NULL) | |
201 | goto err; | |
202 | p12 = d2i_PKCS12_bio(in, NULL); | |
203 | BIO_free(in); | |
204 | if (!TEST_ptr(p12)) | |
205 | goto err; | |
206 | if (mac == NULL) { | |
207 | if (!TEST_false(PKCS12_mac_present(p12))) | |
208 | goto err; | |
209 | } else { | |
210 | if (!check_p12_mac(p12, mac)) | |
211 | goto err; | |
212 | } | |
213 | return p12; | |
214 | err: | |
215 | PKCS12_free(p12); | |
216 | return NULL; | |
217 | } | |
218 | ||
219 | static int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac) | |
220 | { | |
221 | return TEST_true(PKCS12_mac_present(p12)) | |
222 | && TEST_true(PKCS12_verify_mac(p12, mac->pass, strlen(mac->pass))); | |
223 | } | |
224 | ||
225 | ||
226 | /* ------------------------------------------------------------------------- | |
227 | * PKCS7 content info builder | |
228 | */ | |
229 | ||
230 | void start_contentinfo(PKCS12_BUILDER *pb) | |
231 | { | |
232 | pb->bags = NULL; | |
233 | } | |
234 | ||
235 | ||
236 | void end_contentinfo(PKCS12_BUILDER *pb) | |
237 | { | |
238 | if (pb->success) { | |
239 | if (pb->bags && !TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, -1, 0, NULL))) { | |
240 | pb->success = 0; | |
241 | return; | |
242 | } | |
243 | } | |
244 | sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); | |
245 | pb->bags = NULL; | |
246 | } | |
247 | ||
248 | ||
249 | void end_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc) | |
250 | { | |
251 | if (pb->success) { | |
252 | if (pb->bags | |
253 | && !TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, enc->nid, enc->iter, enc->pass))) { | |
254 | pb->success = 0; | |
255 | return; | |
256 | } | |
257 | } | |
258 | sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); | |
259 | pb->bags = NULL; | |
260 | } | |
261 | ||
262 | ||
263 | static STACK_OF(PKCS12_SAFEBAG) *decode_contentinfo(STACK_OF(PKCS7) *safes, int idx, const PKCS12_ENC *enc) | |
264 | { | |
265 | STACK_OF(PKCS12_SAFEBAG) *bags = NULL; | |
266 | PKCS7 *p7 = sk_PKCS7_value(safes, idx); | |
267 | int bagnid = OBJ_obj2nid(p7->type); | |
268 | ||
269 | if (enc) { | |
270 | if (!TEST_int_eq(bagnid, NID_pkcs7_encrypted)) | |
271 | goto err; | |
272 | /* TODO: Check algorithm (iterations?) against what we originally set */ | |
273 | bags = PKCS12_unpack_p7encdata(p7, enc->pass, strlen(enc->pass)); | |
274 | } else { | |
275 | if (!TEST_int_eq(bagnid, NID_pkcs7_data)) | |
276 | goto err; | |
277 | bags = PKCS12_unpack_p7data(p7); | |
278 | } | |
279 | if (!TEST_ptr(bags)) | |
280 | goto err; | |
281 | ||
282 | return bags; | |
283 | err: | |
284 | return NULL; | |
285 | } | |
286 | ||
287 | ||
288 | /* ------------------------------------------------------------------------- | |
289 | * PKCS12 safeBag/attribute builder | |
290 | */ | |
291 | ||
292 | static int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs) | |
293 | { | |
294 | int ret = 0; | |
295 | int attr_nid; | |
296 | const PKCS12_ATTR *p_attr = attrs; | |
297 | ||
298 | if (attrs == NULL) | |
299 | return 1; | |
300 | ||
301 | while (p_attr->oid != NULL) { | |
302 | TEST_info("Adding attribute %s = %s", p_attr->oid, p_attr->value); | |
303 | attr_nid = OBJ_txt2nid(p_attr->oid); | |
304 | ||
305 | if (attr_nid == NID_friendlyName) { | |
306 | if (!TEST_true(PKCS12_add_friendlyname(bag, p_attr->value, -1))) | |
307 | goto err; | |
308 | } else if (attr_nid == NID_localKeyID) { | |
309 | if (!TEST_true(PKCS12_add_localkeyid(bag, (unsigned char *)p_attr->value, | |
310 | strlen(p_attr->value)))) | |
311 | goto err; | |
312 | } else { | |
313 | /* Custom attribute values limited to ASCII in these tests */ | |
314 | if (!TEST_true(PKCS12_add1_attr_by_txt(bag, p_attr->oid, MBSTRING_ASC, | |
315 | (unsigned char *)p_attr->value, | |
316 | strlen(p_attr->value)))) | |
317 | goto err; | |
318 | } | |
319 | p_attr++; | |
320 | } | |
321 | ret = 1; | |
322 | err: | |
323 | return ret; | |
324 | } | |
325 | ||
326 | void add_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, | |
327 | const PKCS12_ATTR *attrs) | |
328 | { | |
329 | PKCS12_SAFEBAG *bag = NULL; | |
330 | X509 *cert = NULL; | |
331 | char *name; | |
332 | ||
333 | if (!pb->success) | |
334 | return; | |
335 | ||
336 | cert = load_cert(bytes, len); | |
337 | if (!TEST_ptr(cert)) { | |
338 | pb->success = 0; | |
339 | return; | |
340 | } | |
341 | ||
342 | name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0); | |
343 | TEST_info("Adding certificate <%s>", name); | |
344 | OPENSSL_free(name); | |
345 | ||
346 | bag = PKCS12_add_cert(&pb->bags, cert); | |
347 | if (!TEST_ptr(bag)) { | |
348 | pb->success = 0; | |
349 | goto err; | |
350 | } | |
351 | ||
352 | if (!TEST_true(add_attributes(bag, attrs))) { | |
353 | pb->success = 0; | |
354 | goto err; | |
355 | } | |
356 | err: | |
357 | X509_free(cert); | |
358 | } | |
359 | ||
360 | void add_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, | |
361 | const PKCS12_ATTR *attrs, const PKCS12_ENC *enc) | |
362 | { | |
363 | PKCS12_SAFEBAG *bag = NULL; | |
364 | EVP_PKEY *pkey = NULL; | |
365 | ||
366 | if (!pb->success) | |
367 | return; | |
368 | ||
369 | TEST_info("Adding key"); | |
370 | ||
371 | pkey = load_pkey(bytes, len); | |
372 | if (!TEST_ptr(pkey)) { | |
373 | pb->success = 0; | |
374 | return; | |
375 | } | |
376 | ||
377 | bag = PKCS12_add_key(&pb->bags, pkey, 0 /*keytype*/, enc->iter, enc->nid, enc->pass); | |
378 | if (!TEST_ptr(bag)) { | |
379 | pb->success = 0; | |
380 | goto err; | |
381 | } | |
382 | if (!add_attributes(bag, attrs)) | |
383 | pb->success = 0; | |
384 | err: | |
385 | EVP_PKEY_free(pkey); | |
386 | } | |
387 | ||
388 | void add_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret, | |
389 | const PKCS12_ATTR *attrs) | |
390 | { | |
391 | PKCS12_SAFEBAG *bag = NULL; | |
392 | ||
393 | if (!pb->success) | |
394 | return; | |
395 | ||
396 | TEST_info("Adding secret <%s>", secret); | |
397 | ||
398 | bag = PKCS12_add_secret(&pb->bags, secret_nid, (const unsigned char *)secret, strlen(secret)); | |
399 | if (!TEST_ptr(bag)) { | |
400 | pb->success = 0; | |
401 | return; | |
402 | } | |
403 | if (!add_attributes(bag, attrs)) | |
404 | pb->success = 0; | |
405 | } | |
406 | ||
407 | ||
408 | /* ------------------------------------------------------------------------- | |
409 | * PKCS12 structure checking | |
410 | */ | |
411 | ||
412 | static int check_asn1_string(const ASN1_TYPE *av, const char *txt) | |
413 | { | |
414 | int ret = 0; | |
415 | char *value = NULL; | |
416 | ||
417 | if (!TEST_ptr(av)) | |
418 | goto err; | |
419 | ||
420 | switch (av->type) { | |
421 | case V_ASN1_BMPSTRING: | |
422 | value = OPENSSL_uni2asc(av->value.bmpstring->data, | |
423 | av->value.bmpstring->length); | |
424 | if (!TEST_str_eq(txt, (char *)value)) | |
425 | goto err; | |
426 | break; | |
427 | ||
428 | case V_ASN1_UTF8STRING: | |
429 | if (!TEST_str_eq(txt, (char *)av->value.utf8string->data)) | |
430 | goto err; | |
431 | break; | |
432 | ||
433 | case V_ASN1_OCTET_STRING: | |
434 | if (!TEST_str_eq(txt, (char *)av->value.octet_string->data)) | |
435 | goto err; | |
436 | break; | |
437 | ||
438 | default: | |
439 | /* Tests do not support other attribute types currently */ | |
440 | goto err; | |
441 | } | |
442 | ret = 1; | |
443 | err: | |
444 | OPENSSL_free(value); | |
445 | return ret; | |
446 | } | |
447 | ||
448 | static int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs) | |
449 | { | |
450 | int ret = 0; | |
451 | X509_ATTRIBUTE *attr; | |
452 | ASN1_TYPE *av; | |
453 | int i, j; | |
454 | char attr_txt[100]; | |
455 | ||
456 | for (i = 0; i < sk_X509_ATTRIBUTE_num(bag_attrs); i++) { | |
457 | const PKCS12_ATTR *p_attr = attrs; | |
458 | ASN1_OBJECT *attr_obj; | |
459 | ||
460 | attr = sk_X509_ATTRIBUTE_value(bag_attrs, i); | |
461 | attr_obj = X509_ATTRIBUTE_get0_object(attr); | |
462 | OBJ_obj2txt(attr_txt, 100, attr_obj, 0); | |
463 | ||
464 | while(p_attr->oid != NULL) { | |
465 | /* Find a matching attribute type */ | |
466 | if (strcmp(p_attr->oid, attr_txt) == 0) { | |
467 | ||
468 | /* TODO: Handle multi-value attributes */ | |
469 | if (!TEST_int_eq(X509_ATTRIBUTE_count(attr), 1)) | |
470 | goto err; | |
471 | ||
472 | for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) | |
473 | { | |
474 | av = X509_ATTRIBUTE_get0_type(attr, j); | |
475 | if (!TEST_true(check_asn1_string(av, p_attr->value))) | |
476 | goto err; | |
477 | } | |
478 | break; | |
479 | } | |
480 | p_attr++; | |
481 | } | |
482 | } | |
483 | ret = 1; | |
484 | err: | |
485 | return ret; | |
486 | } | |
487 | ||
488 | void check_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, | |
489 | const PKCS12_ATTR *attrs) | |
490 | { | |
491 | X509 *x509 = NULL; | |
492 | X509 *ref_x509 = NULL; | |
493 | const PKCS12_SAFEBAG *bag; | |
494 | ||
495 | if (!pb->success) | |
496 | return; | |
497 | ||
498 | bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); | |
499 | if (!TEST_ptr(bag)) { | |
500 | pb->success = 0; | |
501 | return; | |
502 | } | |
503 | if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs) | |
504 | || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_certBag) | |
505 | || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), NID_x509Certificate)) { | |
506 | pb->success = 0; | |
507 | return; | |
508 | } | |
509 | x509 = PKCS12_SAFEBAG_get1_cert(bag); | |
510 | if (!TEST_ptr(x509)) { | |
511 | pb->success = 0; | |
512 | goto err; | |
513 | } | |
514 | ref_x509 = load_cert(bytes, len); | |
515 | if (!TEST_false(X509_cmp(x509, ref_x509))) | |
516 | pb->success = 0; | |
517 | err: | |
518 | X509_free(x509); | |
519 | X509_free(ref_x509); | |
520 | } | |
521 | ||
522 | void check_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, | |
523 | const PKCS12_ATTR *attrs, const PKCS12_ENC *enc) | |
524 | { | |
525 | EVP_PKEY *pkey = NULL; | |
526 | EVP_PKEY *ref_pkey = NULL; | |
527 | PKCS8_PRIV_KEY_INFO *p8; | |
528 | const PKCS8_PRIV_KEY_INFO *p8c; | |
529 | const PKCS12_SAFEBAG *bag; | |
530 | ||
531 | if (!pb->success) | |
532 | return; | |
533 | ||
534 | bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); | |
535 | if (!TEST_ptr(bag)) { | |
536 | pb->success = 0; | |
537 | return; | |
538 | } | |
539 | ||
540 | if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs)) { | |
541 | pb->success = 0; | |
542 | return; | |
543 | } | |
544 | ||
545 | switch (PKCS12_SAFEBAG_get_nid(bag)) { | |
546 | case NID_keyBag: | |
547 | p8c = PKCS12_SAFEBAG_get0_p8inf(bag); | |
548 | if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8c))) { | |
549 | pb->success = 0; | |
550 | goto err; | |
551 | } | |
552 | /* TODO: handle key attributes */ | |
553 | /* PKCS8_pkey_get0_attrs(p8c); */ | |
554 | break; | |
555 | ||
556 | case NID_pkcs8ShroudedKeyBag: | |
557 | if (!TEST_ptr(p8 = PKCS12_decrypt_skey(bag, enc->pass, strlen(enc->pass)))) { | |
558 | pb->success = 0; | |
559 | goto err; | |
560 | } | |
561 | if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8))) { | |
562 | PKCS8_PRIV_KEY_INFO_free(p8); | |
563 | pb->success = 0; | |
564 | goto err; | |
565 | } | |
566 | /* TODO: handle key attributes */ | |
567 | /* PKCS8_pkey_get0_attrs(p8); */ | |
568 | PKCS8_PRIV_KEY_INFO_free(p8); | |
569 | break; | |
570 | ||
571 | default: | |
572 | pb->success = 0; | |
573 | goto err; | |
574 | } | |
575 | ||
576 | /* PKEY compare returns 1 for match */ | |
577 | ref_pkey = load_pkey(bytes, len); | |
578 | if (!TEST_true(EVP_PKEY_eq(pkey, ref_pkey))) | |
579 | pb->success = 0; | |
580 | err: | |
581 | EVP_PKEY_free(pkey); | |
582 | EVP_PKEY_free(ref_pkey); | |
583 | } | |
584 | ||
585 | void check_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret, const PKCS12_ATTR *attrs) | |
586 | { | |
587 | const PKCS12_SAFEBAG *bag; | |
588 | ||
589 | if (!pb->success) | |
590 | return; | |
591 | ||
592 | bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); | |
593 | if (!TEST_ptr(bag)) { | |
594 | pb->success = 0; | |
595 | return; | |
596 | } | |
597 | ||
598 | if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs) | |
599 | || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_secretBag) | |
600 | || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), secret_nid) | |
601 | || !TEST_true(check_asn1_string(PKCS12_SAFEBAG_get0_bag_obj(bag), secret))) | |
602 | pb->success = 0; | |
603 | } | |
604 | ||
605 | ||
606 | void start_check_pkcs12(PKCS12_BUILDER *pb) | |
607 | { | |
608 | PKCS12 *p12 = from_bio_p12(pb->p12bio, NULL); | |
609 | if (!TEST_ptr(p12)) { | |
610 | pb->success = 0; | |
611 | return; | |
612 | } | |
613 | pb->safes = PKCS12_unpack_authsafes(p12); | |
614 | if (!TEST_ptr(pb->safes)) | |
615 | pb->success = 0; | |
616 | ||
617 | pb->safe_idx = 0; | |
618 | PKCS12_free(p12); | |
619 | } | |
620 | ||
621 | void start_check_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) | |
622 | { | |
623 | PKCS12 *p12 = from_bio_p12(pb->p12bio, mac); | |
624 | if (!TEST_ptr(p12)) { | |
625 | pb->success = 0; | |
626 | return; | |
627 | } | |
628 | pb->safes = PKCS12_unpack_authsafes(p12); | |
629 | if (!TEST_ptr(pb->safes)) | |
630 | pb->success = 0; | |
631 | ||
632 | pb->safe_idx = 0; | |
633 | PKCS12_free(p12); | |
634 | } | |
635 | ||
636 | void start_check_pkcs12_file(PKCS12_BUILDER *pb) | |
637 | { | |
638 | PKCS12 *p12 = read_p12(pb->filename, NULL); | |
639 | if (!TEST_ptr(p12)) { | |
640 | pb->success = 0; | |
641 | return; | |
642 | } | |
643 | pb->safes = PKCS12_unpack_authsafes(p12); | |
644 | if (!TEST_ptr(pb->safes)) | |
645 | pb->success = 0; | |
646 | ||
647 | pb->safe_idx = 0; | |
648 | PKCS12_free(p12); | |
649 | } | |
650 | ||
651 | void start_check_pkcs12_file_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) | |
652 | { | |
653 | PKCS12 *p12 = read_p12(pb->filename, mac); | |
654 | if (!TEST_ptr(p12)) { | |
655 | pb->success = 0; | |
656 | return; | |
657 | } | |
658 | pb->safes = PKCS12_unpack_authsafes(p12); | |
659 | if (!TEST_ptr(pb->safes)) | |
660 | pb->success = 0; | |
661 | ||
662 | pb->safe_idx = 0; | |
663 | PKCS12_free(p12); | |
664 | } | |
665 | ||
666 | void end_check_pkcs12(PKCS12_BUILDER *pb) | |
667 | { | |
668 | sk_PKCS7_pop_free(pb->safes, PKCS7_free); | |
669 | } | |
670 | ||
671 | ||
672 | void start_check_contentinfo(PKCS12_BUILDER *pb) | |
673 | { | |
674 | pb->bag_idx = 0; | |
675 | pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, NULL); | |
676 | if (!TEST_ptr(pb->bags)) { | |
677 | pb->success = 0; | |
678 | return; | |
679 | } | |
680 | TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags)); | |
681 | } | |
682 | ||
683 | void start_check_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc) | |
684 | { | |
685 | pb->bag_idx = 0; | |
686 | pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, enc); | |
687 | if (!TEST_ptr(pb->bags)) { | |
688 | pb->success = 0; | |
689 | return; | |
690 | } | |
691 | TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags)); | |
692 | } | |
693 | ||
694 | ||
695 | void end_check_contentinfo(PKCS12_BUILDER *pb) | |
696 | { | |
697 | if (!TEST_int_eq(sk_PKCS12_SAFEBAG_num(pb->bags), pb->bag_idx)) | |
698 | pb->success = 0; | |
699 | sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); | |
700 | pb->bags = NULL; | |
701 | } | |
702 | ||
703 |