xref: /onnv-gate/usr/src/common/openssl/crypto/pkcs12/p12_kiss.c (revision 2139:6243c3338933) 
10Sstevel@tonic-gate /* p12_kiss.c */
20Sstevel@tonic-gate /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
30Sstevel@tonic-gate  * project 1999.
40Sstevel@tonic-gate  */
50Sstevel@tonic-gate /* ====================================================================
60Sstevel@tonic-gate  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
70Sstevel@tonic-gate  *
80Sstevel@tonic-gate  * Redistribution and use in source and binary forms, with or without
90Sstevel@tonic-gate  * modification, are permitted provided that the following conditions
100Sstevel@tonic-gate  * are met:
110Sstevel@tonic-gate  *
120Sstevel@tonic-gate  * 1. Redistributions of source code must retain the above copyright
130Sstevel@tonic-gate  *    notice, this list of conditions and the following disclaimer.
140Sstevel@tonic-gate  *
150Sstevel@tonic-gate  * 2. Redistributions in binary form must reproduce the above copyright
160Sstevel@tonic-gate  *    notice, this list of conditions and the following disclaimer in
170Sstevel@tonic-gate  *    the documentation and/or other materials provided with the
180Sstevel@tonic-gate  *    distribution.
190Sstevel@tonic-gate  *
200Sstevel@tonic-gate  * 3. All advertising materials mentioning features or use of this
210Sstevel@tonic-gate  *    software must display the following acknowledgment:
220Sstevel@tonic-gate  *    "This product includes software developed by the OpenSSL Project
230Sstevel@tonic-gate  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
240Sstevel@tonic-gate  *
250Sstevel@tonic-gate  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
260Sstevel@tonic-gate  *    endorse or promote products derived from this software without
270Sstevel@tonic-gate  *    prior written permission. For written permission, please contact
280Sstevel@tonic-gate  *    licensing@OpenSSL.org.
290Sstevel@tonic-gate  *
300Sstevel@tonic-gate  * 5. Products derived from this software may not be called "OpenSSL"
310Sstevel@tonic-gate  *    nor may "OpenSSL" appear in their names without prior written
320Sstevel@tonic-gate  *    permission of the OpenSSL Project.
330Sstevel@tonic-gate  *
340Sstevel@tonic-gate  * 6. Redistributions of any form whatsoever must retain the following
350Sstevel@tonic-gate  *    acknowledgment:
360Sstevel@tonic-gate  *    "This product includes software developed by the OpenSSL Project
370Sstevel@tonic-gate  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
380Sstevel@tonic-gate  *
390Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
400Sstevel@tonic-gate  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
410Sstevel@tonic-gate  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
420Sstevel@tonic-gate  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
430Sstevel@tonic-gate  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
440Sstevel@tonic-gate  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
450Sstevel@tonic-gate  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
460Sstevel@tonic-gate  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
470Sstevel@tonic-gate  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
480Sstevel@tonic-gate  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
490Sstevel@tonic-gate  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
500Sstevel@tonic-gate  * OF THE POSSIBILITY OF SUCH DAMAGE.
510Sstevel@tonic-gate  * ====================================================================
520Sstevel@tonic-gate  *
530Sstevel@tonic-gate  * This product includes cryptographic software written by Eric Young
540Sstevel@tonic-gate  * (eay@cryptsoft.com).  This product includes software written by Tim
550Sstevel@tonic-gate  * Hudson (tjh@cryptsoft.com).
560Sstevel@tonic-gate  *
570Sstevel@tonic-gate  */
580Sstevel@tonic-gate 
590Sstevel@tonic-gate #include <stdio.h>
600Sstevel@tonic-gate #include "cryptlib.h"
610Sstevel@tonic-gate #include <openssl/pkcs12.h>
620Sstevel@tonic-gate 
630Sstevel@tonic-gate /* Simplified PKCS#12 routines */
640Sstevel@tonic-gate 
650Sstevel@tonic-gate static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
660Sstevel@tonic-gate 		EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
670Sstevel@tonic-gate 
680Sstevel@tonic-gate static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
690Sstevel@tonic-gate 		       int passlen, EVP_PKEY **pkey, X509 **cert,
700Sstevel@tonic-gate 		       STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
710Sstevel@tonic-gate 		       char *keymatch);
720Sstevel@tonic-gate 
730Sstevel@tonic-gate static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
740Sstevel@tonic-gate 			EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
750Sstevel@tonic-gate 			ASN1_OCTET_STRING **keyid, char *keymatch);
760Sstevel@tonic-gate 
770Sstevel@tonic-gate /* Parse and decrypt a PKCS#12 structure returning user key, user cert
780Sstevel@tonic-gate  * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
790Sstevel@tonic-gate  * or it should point to a valid STACK structure. pkey and cert can be
800Sstevel@tonic-gate  * passed unitialised.
810Sstevel@tonic-gate  */
820Sstevel@tonic-gate 
PKCS12_parse(PKCS12 * p12,const char * pass,EVP_PKEY ** pkey,X509 ** cert,STACK_OF (X509)** ca)83*2139Sjp161948 int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
840Sstevel@tonic-gate 	     STACK_OF(X509) **ca)
850Sstevel@tonic-gate {
860Sstevel@tonic-gate 
870Sstevel@tonic-gate 	/* Check for NULL PKCS12 structure */
880Sstevel@tonic-gate 
890Sstevel@tonic-gate 	if(!p12) {
900Sstevel@tonic-gate 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER);
910Sstevel@tonic-gate 		return 0;
920Sstevel@tonic-gate 	}
930Sstevel@tonic-gate 
940Sstevel@tonic-gate 	/* Allocate stack for ca certificates if needed */
950Sstevel@tonic-gate 	if ((ca != NULL) && (*ca == NULL)) {
960Sstevel@tonic-gate 		if (!(*ca = sk_X509_new_null())) {
970Sstevel@tonic-gate 			PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE);
980Sstevel@tonic-gate 			return 0;
990Sstevel@tonic-gate 		}
1000Sstevel@tonic-gate 	}
1010Sstevel@tonic-gate 
1020Sstevel@tonic-gate 	if(pkey) *pkey = NULL;
1030Sstevel@tonic-gate 	if(cert) *cert = NULL;
1040Sstevel@tonic-gate 
1050Sstevel@tonic-gate 	/* Check the mac */
1060Sstevel@tonic-gate 
1070Sstevel@tonic-gate 	/* If password is zero length or NULL then try verifying both cases
1080Sstevel@tonic-gate 	 * to determine which password is correct. The reason for this is that
1090Sstevel@tonic-gate 	 * under PKCS#12 password based encryption no password and a zero length
1100Sstevel@tonic-gate 	 * password are two different things...
1110Sstevel@tonic-gate 	 */
1120Sstevel@tonic-gate 
1130Sstevel@tonic-gate 	if(!pass || !*pass) {
1140Sstevel@tonic-gate 		if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL;
1150Sstevel@tonic-gate 		else if(PKCS12_verify_mac(p12, "", 0)) pass = "";
1160Sstevel@tonic-gate 		else {
1170Sstevel@tonic-gate 			PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
1180Sstevel@tonic-gate 			goto err;
1190Sstevel@tonic-gate 		}
1200Sstevel@tonic-gate 	} else if (!PKCS12_verify_mac(p12, pass, -1)) {
1210Sstevel@tonic-gate 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE);
1220Sstevel@tonic-gate 		goto err;
1230Sstevel@tonic-gate 	}
1240Sstevel@tonic-gate 
1250Sstevel@tonic-gate 	if (!parse_pk12 (p12, pass, -1, pkey, cert, ca))
1260Sstevel@tonic-gate 		{
1270Sstevel@tonic-gate 		PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR);
1280Sstevel@tonic-gate 		goto err;
1290Sstevel@tonic-gate 		}
1300Sstevel@tonic-gate 
1310Sstevel@tonic-gate 	return 1;
1320Sstevel@tonic-gate 
1330Sstevel@tonic-gate  err:
1340Sstevel@tonic-gate 
1350Sstevel@tonic-gate 	if (pkey && *pkey) EVP_PKEY_free(*pkey);
1360Sstevel@tonic-gate 	if (cert && *cert) X509_free(*cert);
1370Sstevel@tonic-gate 	if (ca) sk_X509_pop_free(*ca, X509_free);
1380Sstevel@tonic-gate 	return 0;
1390Sstevel@tonic-gate 
1400Sstevel@tonic-gate }
1410Sstevel@tonic-gate 
1420Sstevel@tonic-gate /* Parse the outer PKCS#12 structure */
1430Sstevel@tonic-gate 
parse_pk12(PKCS12 * p12,const char * pass,int passlen,EVP_PKEY ** pkey,X509 ** cert,STACK_OF (X509)** ca)144*2139Sjp161948 static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
1450Sstevel@tonic-gate 	     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
1460Sstevel@tonic-gate {
1470Sstevel@tonic-gate 	STACK_OF(PKCS7) *asafes;
1480Sstevel@tonic-gate 	STACK_OF(PKCS12_SAFEBAG) *bags;
1490Sstevel@tonic-gate 	int i, bagnid;
1500Sstevel@tonic-gate 	PKCS7 *p7;
1510Sstevel@tonic-gate 	ASN1_OCTET_STRING *keyid = NULL;
1520Sstevel@tonic-gate 
1530Sstevel@tonic-gate 	char keymatch = 0;
1540Sstevel@tonic-gate 	if (!(asafes = PKCS12_unpack_authsafes (p12))) return 0;
1550Sstevel@tonic-gate 	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
1560Sstevel@tonic-gate 		p7 = sk_PKCS7_value (asafes, i);
1570Sstevel@tonic-gate 		bagnid = OBJ_obj2nid (p7->type);
1580Sstevel@tonic-gate 		if (bagnid == NID_pkcs7_data) {
1590Sstevel@tonic-gate 			bags = PKCS12_unpack_p7data(p7);
1600Sstevel@tonic-gate 		} else if (bagnid == NID_pkcs7_encrypted) {
1610Sstevel@tonic-gate 			bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
1620Sstevel@tonic-gate 		} else continue;
1630Sstevel@tonic-gate 		if (!bags) {
1640Sstevel@tonic-gate 			sk_PKCS7_pop_free(asafes, PKCS7_free);
1650Sstevel@tonic-gate 			return 0;
1660Sstevel@tonic-gate 		}
1670Sstevel@tonic-gate 	    	if (!parse_bags(bags, pass, passlen, pkey, cert, ca,
1680Sstevel@tonic-gate 							 &keyid, &keymatch)) {
1690Sstevel@tonic-gate 			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
1700Sstevel@tonic-gate 			sk_PKCS7_pop_free(asafes, PKCS7_free);
1710Sstevel@tonic-gate 			return 0;
1720Sstevel@tonic-gate 		}
1730Sstevel@tonic-gate 		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
1740Sstevel@tonic-gate 	}
1750Sstevel@tonic-gate 	sk_PKCS7_pop_free(asafes, PKCS7_free);
1760Sstevel@tonic-gate 	if (keyid) M_ASN1_OCTET_STRING_free(keyid);
1770Sstevel@tonic-gate 	return 1;
1780Sstevel@tonic-gate }
1790Sstevel@tonic-gate 
1800Sstevel@tonic-gate 
parse_bags(STACK_OF (PKCS12_SAFEBAG)* bags,const char * pass,int passlen,EVP_PKEY ** pkey,X509 ** cert,STACK_OF (X509)** ca,ASN1_OCTET_STRING ** keyid,char * keymatch)181*2139Sjp161948 static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
182*2139Sjp161948 		      int passlen, EVP_PKEY **pkey, X509 **cert,
183*2139Sjp161948 		      STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid,
184*2139Sjp161948 		      char *keymatch)
1850Sstevel@tonic-gate {
1860Sstevel@tonic-gate 	int i;
1870Sstevel@tonic-gate 	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
1880Sstevel@tonic-gate 		if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i),
1890Sstevel@tonic-gate 			 pass, passlen, pkey, cert, ca, keyid,
1900Sstevel@tonic-gate 							 keymatch)) return 0;
1910Sstevel@tonic-gate 	}
1920Sstevel@tonic-gate 	return 1;
1930Sstevel@tonic-gate }
1940Sstevel@tonic-gate 
1950Sstevel@tonic-gate #define MATCH_KEY  0x1
1960Sstevel@tonic-gate #define MATCH_CERT 0x2
1970Sstevel@tonic-gate #define MATCH_ALL  0x3
1980Sstevel@tonic-gate 
parse_bag(PKCS12_SAFEBAG * bag,const char * pass,int passlen,EVP_PKEY ** pkey,X509 ** cert,STACK_OF (X509)** ca,ASN1_OCTET_STRING ** keyid,char * keymatch)1990Sstevel@tonic-gate static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
200*2139Sjp161948 		     EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca,
201*2139Sjp161948 		     ASN1_OCTET_STRING **keyid,
202*2139Sjp161948 		     char *keymatch)
2030Sstevel@tonic-gate {
2040Sstevel@tonic-gate 	PKCS8_PRIV_KEY_INFO *p8;
2050Sstevel@tonic-gate 	X509 *x509;
2060Sstevel@tonic-gate 	ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL;
2070Sstevel@tonic-gate 	ASN1_TYPE *attrib;
2080Sstevel@tonic-gate 	ASN1_BMPSTRING *fname = NULL;
2090Sstevel@tonic-gate 
2100Sstevel@tonic-gate 	if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
2110Sstevel@tonic-gate 		fname = attrib->value.bmpstring;
2120Sstevel@tonic-gate 
2130Sstevel@tonic-gate 	if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) {
2140Sstevel@tonic-gate 		lkey = attrib->value.octet_string;
2150Sstevel@tonic-gate 		ckid = lkey;
2160Sstevel@tonic-gate 	}
2170Sstevel@tonic-gate 
2180Sstevel@tonic-gate 	/* Check for any local key id matching (if needed) */
2190Sstevel@tonic-gate 	if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) {
2200Sstevel@tonic-gate 		if (*keyid) {
2210Sstevel@tonic-gate 			if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL;
2220Sstevel@tonic-gate 		} else {
2230Sstevel@tonic-gate 			if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) {
224*2139Sjp161948 				PKCS12err(PKCS12_F_PARSE_BAG,ERR_R_MALLOC_FAILURE);
2250Sstevel@tonic-gate 				return 0;
2260Sstevel@tonic-gate 		    }
2270Sstevel@tonic-gate 		}
2280Sstevel@tonic-gate 	}
2290Sstevel@tonic-gate 
2300Sstevel@tonic-gate 	switch (M_PKCS12_bag_type(bag))
2310Sstevel@tonic-gate 	{
2320Sstevel@tonic-gate 	case NID_keyBag:
2330Sstevel@tonic-gate 		if (!lkey || !pkey) return 1;
2340Sstevel@tonic-gate 		if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0;
2350Sstevel@tonic-gate 		*keymatch |= MATCH_KEY;
2360Sstevel@tonic-gate 	break;
2370Sstevel@tonic-gate 
2380Sstevel@tonic-gate 	case NID_pkcs8ShroudedKeyBag:
2390Sstevel@tonic-gate 		if (!lkey || !pkey) return 1;
2400Sstevel@tonic-gate 		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
2410Sstevel@tonic-gate 				return 0;
2420Sstevel@tonic-gate 		*pkey = EVP_PKCS82PKEY(p8);
2430Sstevel@tonic-gate 		PKCS8_PRIV_KEY_INFO_free(p8);
2440Sstevel@tonic-gate 		if (!(*pkey)) return 0;
2450Sstevel@tonic-gate 		*keymatch |= MATCH_KEY;
2460Sstevel@tonic-gate 	break;
2470Sstevel@tonic-gate 
2480Sstevel@tonic-gate 	case NID_certBag:
2490Sstevel@tonic-gate 		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
2500Sstevel@tonic-gate 								 return 1;
2510Sstevel@tonic-gate 		if (!(x509 = PKCS12_certbag2x509(bag))) return 0;
252*2139Sjp161948 		if(ckid)
253*2139Sjp161948 			{
254*2139Sjp161948 			if (!X509_keyid_set1(x509, ckid->data, ckid->length))
255*2139Sjp161948 				{
256*2139Sjp161948 				X509_free(x509);
257*2139Sjp161948 				return 0;
258*2139Sjp161948 				}
259*2139Sjp161948 			}
2600Sstevel@tonic-gate 		if(fname) {
261*2139Sjp161948 			int len, r;
2620Sstevel@tonic-gate 			unsigned char *data;
2630Sstevel@tonic-gate 			len = ASN1_STRING_to_UTF8(&data, fname);
2640Sstevel@tonic-gate 			if(len > 0) {
265*2139Sjp161948 				r = X509_alias_set1(x509, data, len);
2660Sstevel@tonic-gate 				OPENSSL_free(data);
267*2139Sjp161948 				if (!r)
268*2139Sjp161948 					{
269*2139Sjp161948 					X509_free(x509);
270*2139Sjp161948 					return 0;
271*2139Sjp161948 					}
2720Sstevel@tonic-gate 			}
2730Sstevel@tonic-gate 		}
2740Sstevel@tonic-gate 
2750Sstevel@tonic-gate 
2760Sstevel@tonic-gate 		if (lkey) {
2770Sstevel@tonic-gate 			*keymatch |= MATCH_CERT;
2780Sstevel@tonic-gate 			if (cert) *cert = x509;
2790Sstevel@tonic-gate 			else X509_free(x509);
2800Sstevel@tonic-gate 		} else {
2810Sstevel@tonic-gate 			if(ca) sk_X509_push (*ca, x509);
2820Sstevel@tonic-gate 			else X509_free(x509);
2830Sstevel@tonic-gate 		}
2840Sstevel@tonic-gate 	break;
2850Sstevel@tonic-gate 
2860Sstevel@tonic-gate 	case NID_safeContentsBag:
2870Sstevel@tonic-gate 		return parse_bags(bag->value.safes, pass, passlen,
2880Sstevel@tonic-gate 			 		pkey, cert, ca, keyid, keymatch);
2890Sstevel@tonic-gate 	break;
2900Sstevel@tonic-gate 
2910Sstevel@tonic-gate 	default:
2920Sstevel@tonic-gate 		return 1;
2930Sstevel@tonic-gate 	break;
2940Sstevel@tonic-gate 	}
2950Sstevel@tonic-gate 	return 1;
2960Sstevel@tonic-gate }
2970Sstevel@tonic-gate 
298