/src/openssl/crypto/pkcs12/p12_add.c

Source (jump to first uncovered line)
/*
 * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/pkcs12.h>
#include "p12_lcl.h"

/* Pack an object into an OCTET STRING and turn into a safebag */

PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
                                         int nid1, int nid2)
{
    PKCS12_BAGS *bag;
    PKCS12_SAFEBAG *safebag;

    if ((bag = PKCS12_BAGS_new()) == NULL) {
        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    bag->type = OBJ_nid2obj(nid1);
    if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
        goto err;
    }
    if ((safebag = PKCS12_SAFEBAG_new()) == NULL) {
        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
        goto err;
    }
    safebag->value.bag = bag;
    safebag->type = OBJ_nid2obj(nid2);
    return safebag;

 err:
    PKCS12_BAGS_free(bag);
    return NULL;
}

/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
{
    PKCS7 *p7;

    if ((p7 = PKCS7_new()) == NULL) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    p7->type = OBJ_nid2obj(NID_pkcs7_data);
    if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
        goto err;
    }

    if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
        goto err;
    }
    return p7;

 err:
    PKCS7_free(p7);
    return NULL;
}

/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
{
    if (!PKCS7_type_is_data(p7)) {
        PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,
                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
        return NULL;
    }
    return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
}

/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */

PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
                             unsigned char *salt, int saltlen, int iter,
                             STACK_OF(PKCS12_SAFEBAG) *bags)
{
    PKCS7 *p7;
    X509_ALGOR *pbe;
    const EVP_CIPHER *pbe_ciph;

    if ((p7 = PKCS7_new()) == NULL) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
                  PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
        goto err;
    }

    pbe_ciph = EVP_get_cipherbynid(pbe_nid);

    if (pbe_ciph)
        pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
    else
        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);

    if (!pbe) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
        goto err;
    }
    X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
    p7->d.encrypted->enc_data->algorithm = pbe;
    ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
    if (!(p7->d.encrypted->enc_data->enc_data =
          PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass,
                                  passlen, bags, 1))) {
        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
        goto err;
    }

    return p7;

 err:
    PKCS7_free(p7);
    return NULL;
}

STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
                                                  int passlen)
{
    if (!PKCS7_type_is_encrypted(p7))
        return NULL;
    return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
                                   ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
                                   pass, passlen,
                                   p7->d.encrypted->enc_data->enc_data, 1);
}

PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag,
                                         const char *pass, int passlen)
{
    return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
}

int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
{
    if (ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
                       &p12->authsafes->d.data))
        return 1;
    return 0;
}

STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12)
{
    if (!PKCS7_type_is_data(p12->authsafes)) {
        PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,
                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
        return NULL;
    }
    return ASN1_item_unpack(p12->authsafes->d.data,
                            ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the OpenSSL license (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include <openssl/pkcs12.h>
13		#include "p12_lcl.h"
14
15		/* Pack an object into an OCTET STRING and turn into a safebag */
16
17		PKCS12_SAFEBAG PKCS12_item_pack_safebag(void obj, const ASN1_ITEM *it,
18		int nid1, int nid2)
19	0	{
20	0	PKCS12_BAGS *bag;
21	0	PKCS12_SAFEBAG *safebag;
22	0
23	0	if ((bag = PKCS12_BAGS_new()) == NULL) {
24	0	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
25	0	return NULL;
26	0	}
27	0	bag->type = OBJ_nid2obj(nid1);
28	0	if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
29	0	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
30	0	goto err;
31	0	}
32	0	if ((safebag = PKCS12_SAFEBAG_new()) == NULL) {
33	0	PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
34	0	goto err;
35	0	}
36	0	safebag->value.bag = bag;
37	0	safebag->type = OBJ_nid2obj(nid2);
38	0	return safebag;
39	0
40	0	err:
41	0	PKCS12_BAGS_free(bag);
42	0	return NULL;
43	0	}
44
45		/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
46		PKCS7 PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) sk)
47	0	{
48	0	PKCS7 *p7;
49	0
50	0	if ((p7 = PKCS7_new()) == NULL) {
51	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
52	0	return NULL;
53	0	}
54	0	p7->type = OBJ_nid2obj(NID_pkcs7_data);
55	0	if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) {
56	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
57	0	goto err;
58	0	}
59	0
60	0	if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
61	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
62	0	goto err;
63	0	}
64	0	return p7;
65	0
66	0	err:
67	0	PKCS7_free(p7);
68	0	return NULL;
69	0	}
70
71		/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
72		STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7data(PKCS7 p7)
73	0	{
74	0	if (!PKCS7_type_is_data(p7)) {
75	0	PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,
76	0	PKCS12_R_CONTENT_TYPE_NOT_DATA);
77	0	return NULL;
78	0	}
79	0	return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
80	0	}
81
82		/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
83
84		PKCS7 PKCS12_pack_p7encdata(int pbe_nid, const char pass, int passlen,
85		unsigned char *salt, int saltlen, int iter,
86		STACK_OF(PKCS12_SAFEBAG) *bags)
87	0	{
88	0	PKCS7 *p7;
89	0	X509_ALGOR *pbe;
90	0	const EVP_CIPHER *pbe_ciph;
91	0
92	0	if ((p7 = PKCS7_new()) == NULL) {
93	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
94	0	return NULL;
95	0	}
96	0	if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
97	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
98	0	PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
99	0	goto err;
100	0	}
101	0
102	0	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
103	0
104	0	if (pbe_ciph)
105	0	pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
106	0	else
107	0	pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
108	0
109	0	if (!pbe) {
110	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
111	0	goto err;
112	0	}
113	0	X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
114	0	p7->d.encrypted->enc_data->algorithm = pbe;
115	0	ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
116	0	if (!(p7->d.encrypted->enc_data->enc_data =
117	0	PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass,
118	0	passlen, bags, 1))) {
119	0	PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
120	0	goto err;
121	0	}
122	0
123	0	return p7;
124	0
125	0	err:
126	0	PKCS7_free(p7);
127	0	return NULL;
128	0	}
129
130		STACK_OF(PKCS12_SAFEBAG) PKCS12_unpack_p7encdata(PKCS7 p7, const char *pass,
131		int passlen)
132	0	{
133	0	if (!PKCS7_type_is_encrypted(p7))
134	0	return NULL;
135	0	return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
136	0	ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
137	0	pass, passlen,
138	0	p7->d.encrypted->enc_data->enc_data, 1);
139	0	}
140
141		PKCS8_PRIV_KEY_INFO PKCS12_decrypt_skey(const PKCS12_SAFEBAG bag,
142		const char *pass, int passlen)
143	0	{
144	0	return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
145	0	}
146
147		int PKCS12_pack_authsafes(PKCS12 p12, STACK_OF(PKCS7) safes)
148	0	{
149	0	if (ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
150	0	&p12->authsafes->d.data))
151	0	return 1;
152	0	return 0;
153	0	}
154
155		STACK_OF(PKCS7) PKCS12_unpack_authsafes(const PKCS12 p12)
156	0	{
157	0	if (!PKCS7_type_is_data(p12->authsafes)) {
158	0	PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,
159	0	PKCS12_R_CONTENT_TYPE_NOT_DATA);
160	0	return NULL;
161	0	}
162	0	return ASN1_item_unpack(p12->authsafes->d.data,
163	0	ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
164	0	}

Coverage Report

Created: 2018-08-29 13:53