Coverage Report

Created: 2026-02-14 07:20

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl30/crypto/pkcs12/p12_kiss.c
Line
Count
Source
1
/*
2
 * Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <stdio.h>
11
#include "internal/cryptlib.h"
12
#include <openssl/pkcs12.h>
13
#include "crypto/x509.h" /* for ossl_x509_add_cert_new() */
14
15
/* Simplified PKCS#12 routines */
16
17
static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
18
    EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
19
20
static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
21
    int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
22
23
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
24
    EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
25
26
/*
27
 * Parse and decrypt a PKCS#12 structure returning user key, user cert and
28
 * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it
29
 * should point to a valid STACK structure. pkey and/or cert may be NULL;
30
 * if non-NULL the variables they point to can be passed uninitialised.
31
 */
32
33
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
34
    STACK_OF(X509) **ca)
35
{
36
    STACK_OF(X509) *ocerts = NULL;
37
    X509 *x = NULL;
38
39
    if (pkey != NULL)
40
        *pkey = NULL;
41
    if (cert != NULL)
42
        *cert = NULL;
43
44
    /* Check for NULL PKCS12 structure */
45
46
    if (p12 == NULL) {
47
        ERR_raise(ERR_LIB_PKCS12, PKCS12_R_INVALID_NULL_PKCS12_POINTER);
48
        return 0;
49
    }
50
51
    /* Check the mac */
52
53
    /*
54
     * If password is zero length or NULL then try verifying both cases to
55
     * determine which password is correct. The reason for this is that under
56
     * PKCS#12 password based encryption no password and a zero length
57
     * password are two different things...
58
     */
59
60
    if (pass == NULL || *pass == '\0') {
61
        if (!PKCS12_mac_present(p12)
62
            || PKCS12_verify_mac(p12, NULL, 0))
63
            pass = NULL;
64
        else if (PKCS12_verify_mac(p12, "", 0))
65
            pass = "";
66
        else {
67
            ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE);
68
            goto err;
69
        }
70
    } else if (!PKCS12_verify_mac(p12, pass, -1)) {
71
        ERR_raise(ERR_LIB_PKCS12, PKCS12_R_MAC_VERIFY_FAILURE);
72
        goto err;
73
    }
74
75
    /* If needed, allocate stack for other certificates */
76
    if ((cert != NULL || ca != NULL)
77
        && (ocerts = sk_X509_new_null()) == NULL) {
78
        ERR_raise(ERR_LIB_PKCS12, ERR_R_MALLOC_FAILURE);
79
        goto err;
80
    }
81
82
    if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
83
        int err = ERR_peek_last_error();
84
85
        if (ERR_GET_LIB(err) != ERR_LIB_EVP
86
            && ERR_GET_REASON(err) != EVP_R_UNSUPPORTED_ALGORITHM)
87
            ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR);
88
        goto err;
89
    }
90
91
    /* Split the certs in ocerts over *cert and *ca as far as requested */
92
    while ((x = sk_X509_shift(ocerts)) != NULL) {
93
        if (pkey != NULL && *pkey != NULL
94
            && cert != NULL && *cert == NULL) {
95
            int match;
96
97
            ERR_set_mark();
98
            match = X509_check_private_key(x, *pkey);
99
            ERR_pop_to_mark();
100
            if (match) {
101
                *cert = x;
102
                continue;
103
            }
104
        }
105
106
        if (ca != NULL) {
107
            if (!ossl_x509_add_cert_new(ca, x, X509_ADD_FLAG_DEFAULT))
108
                goto err;
109
            continue;
110
        }
111
        X509_free(x);
112
    }
113
    sk_X509_free(ocerts);
114
115
    return 1;
116
117
err:
118
119
    if (pkey != NULL) {
120
        EVP_PKEY_free(*pkey);
121
        *pkey = NULL;
122
    }
123
    if (cert != NULL) {
124
        X509_free(*cert);
125
        *cert = NULL;
126
    }
127
    X509_free(x);
128
    sk_X509_pop_free(ocerts, X509_free);
129
    return 0;
130
}
131
132
/* Parse the outer PKCS#12 structure */
133
134
/* pkey and/or ocerts may be NULL */
135
static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
136
    EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
137
1.53k
{
138
1.53k
    STACK_OF(PKCS7) *asafes;
139
1.53k
    STACK_OF(PKCS12_SAFEBAG) *bags;
140
1.53k
    int i, bagnid;
141
1.53k
    PKCS7 *p7;
142
143
1.53k
    if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
144
1.11k
        return 0;
145
790
    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
146
726
        p7 = sk_PKCS7_value(asafes, i);
147
726
        bagnid = OBJ_obj2nid(p7->type);
148
726
        if (bagnid == NID_pkcs7_data) {
149
66
            bags = PKCS12_unpack_p7data(p7);
150
660
        } else if (bagnid == NID_pkcs7_encrypted) {
151
308
            bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
152
308
        } else
153
352
            continue;
154
374
        if (!bags) {
155
340
            sk_PKCS7_pop_free(asafes, PKCS7_free);
156
340
            return 0;
157
340
        }
158
34
        if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
159
20
            sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
160
20
            sk_PKCS7_pop_free(asafes, PKCS7_free);
161
20
            return 0;
162
20
        }
163
14
        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
164
14
    }
165
64
    sk_PKCS7_pop_free(asafes, PKCS7_free);
166
64
    return 1;
167
424
}
168
169
/* pkey and/or ocerts may be NULL */
170
static int parse_bags(const STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
171
    int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
172
34
{
173
34
    int i;
174
42
    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
175
28
        if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i),
176
28
                pass, passlen, pkey, ocerts))
177
20
            return 0;
178
28
    }
179
14
    return 1;
180
34
}
181
182
/* pkey and/or ocerts may be NULL */
183
static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
184
    EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
185
28
{
186
28
    PKCS8_PRIV_KEY_INFO *p8;
187
28
    X509 *x509;
188
28
    const ASN1_TYPE *attrib;
189
28
    ASN1_BMPSTRING *fname = NULL;
190
28
    ASN1_OCTET_STRING *lkid = NULL;
191
192
28
    if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_friendlyName))) {
193
4
        if (attrib->type != V_ASN1_BMPSTRING)
194
2
            return 0;
195
2
        fname = attrib->value.bmpstring;
196
2
    }
197
198
26
    if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_localKeyID))) {
199
6
        if (attrib->type != V_ASN1_OCTET_STRING)
200
2
            return 0;
201
4
        lkid = attrib->value.octet_string;
202
4
    }
203
204
24
    switch (PKCS12_SAFEBAG_get_nid(bag)) {
205
0
    case NID_keyBag:
206
0
        if (pkey == NULL || *pkey != NULL)
207
0
            return 1;
208
0
        *pkey = EVP_PKCS82PKEY(PKCS12_SAFEBAG_get0_p8inf(bag));
209
0
        if (*pkey == NULL)
210
0
            return 0;
211
0
        break;
212
213
16
    case NID_pkcs8ShroudedKeyBag:
214
16
        if (pkey == NULL || *pkey != NULL)
215
0
            return 1;
216
16
        if ((p8 = PKCS12_decrypt_skey(bag, pass, passlen)) == NULL)
217
16
            return 0;
218
0
        *pkey = EVP_PKCS82PKEY(p8);
219
0
        PKCS8_PRIV_KEY_INFO_free(p8);
220
0
        if (!(*pkey))
221
0
            return 0;
222
0
        break;
223
224
0
    case NID_certBag:
225
0
        if (ocerts == NULL
226
0
            || PKCS12_SAFEBAG_get_bag_nid(bag) != NID_x509Certificate)
227
0
            return 1;
228
0
        if ((x509 = PKCS12_SAFEBAG_get1_cert(bag)) == NULL)
229
0
            return 0;
230
0
        if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
231
0
            X509_free(x509);
232
0
            return 0;
233
0
        }
234
0
        if (fname) {
235
0
            int len, r;
236
0
            unsigned char *data;
237
238
0
            len = ASN1_STRING_to_UTF8(&data, fname);
239
0
            if (len >= 0) {
240
0
                r = X509_alias_set1(x509, data, len);
241
0
                OPENSSL_free(data);
242
0
                if (!r) {
243
0
                    X509_free(x509);
244
0
                    return 0;
245
0
                }
246
0
            }
247
0
        }
248
249
0
        if (!sk_X509_push(ocerts, x509)) {
250
0
            X509_free(x509);
251
0
            return 0;
252
0
        }
253
254
0
        break;
255
256
0
    case NID_safeContentsBag:
257
0
        return parse_bags(PKCS12_SAFEBAG_get0_safes(bag), pass, passlen, pkey,
258
0
            ocerts);
259
260
8
    default:
261
8
        return 1;
262
24
    }
263
0
    return 1;
264
24
}