wolfSSL - wolfSSL SSL/TLS library, support up to TLS1.3

Users » wolfSSL » Code » wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfcrypt/src/pkcs12.c@13:f67a6c6013ca, 2017-08-22 (annotated)

Committer:: wolfSSL
Date:: Tue Aug 22 10:48:22 2017 +0000
Revision:: 13:f67a6c6013ca

wolfSSL3.12.0 with TLS1.3

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	13:f67a6c6013ca	1	/* pkcs12.c
wolfSSL	13:f67a6c6013ca	2	*
wolfSSL	13:f67a6c6013ca	3	* Copyright (C) 2006-2016 wolfSSL Inc.
wolfSSL	13:f67a6c6013ca	4	*
wolfSSL	13:f67a6c6013ca	5	* This file is part of wolfSSL.
wolfSSL	13:f67a6c6013ca	6	*
wolfSSL	13:f67a6c6013ca	7	* wolfSSL is free software; you can redistribute it and/or modify
wolfSSL	13:f67a6c6013ca	8	* it under the terms of the GNU General Public License as published by
wolfSSL	13:f67a6c6013ca	9	* the Free Software Foundation; either version 2 of the License, or
wolfSSL	13:f67a6c6013ca	10	* (at your option) any later version.
wolfSSL	13:f67a6c6013ca	11	*
wolfSSL	13:f67a6c6013ca	12	* wolfSSL is distributed in the hope that it will be useful,
wolfSSL	13:f67a6c6013ca	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL	13:f67a6c6013ca	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL	13:f67a6c6013ca	15	* GNU General Public License for more details.
wolfSSL	13:f67a6c6013ca	16	*
wolfSSL	13:f67a6c6013ca	17	* You should have received a copy of the GNU General Public License
wolfSSL	13:f67a6c6013ca	18	* along with this program; if not, write to the Free Software
wolfSSL	13:f67a6c6013ca	19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL	13:f67a6c6013ca	20	*/
wolfSSL	13:f67a6c6013ca	21
wolfSSL	13:f67a6c6013ca	22
wolfSSL	13:f67a6c6013ca	23	#ifdef HAVE_CONFIG_H
wolfSSL	13:f67a6c6013ca	24	#include <config.h>
wolfSSL	13:f67a6c6013ca	25	#endif
wolfSSL	13:f67a6c6013ca	26
wolfSSL	13:f67a6c6013ca	27	#include <wolfssl/wolfcrypt/settings.h>
wolfSSL	13:f67a6c6013ca	28
wolfSSL	13:f67a6c6013ca	29	#if !defined(NO_ASN) && !defined(NO_PWDBASED)
wolfSSL	13:f67a6c6013ca	30
wolfSSL	13:f67a6c6013ca	31	#include <wolfssl/wolfcrypt/asn.h>
wolfSSL	13:f67a6c6013ca	32	#include <wolfssl/wolfcrypt/asn_public.h>
wolfSSL	13:f67a6c6013ca	33	#include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL	13:f67a6c6013ca	34	#include <wolfssl/wolfcrypt/hmac.h>
wolfSSL	13:f67a6c6013ca	35	#include <wolfssl/wolfcrypt/logging.h>
wolfSSL	13:f67a6c6013ca	36	#ifdef NO_INLINE
wolfSSL	13:f67a6c6013ca	37	#include <wolfssl/wolfcrypt/misc.h>
wolfSSL	13:f67a6c6013ca	38	#else
wolfSSL	13:f67a6c6013ca	39	#define WOLFSSL_MISC_INCLUDED
wolfSSL	13:f67a6c6013ca	40	#include <wolfcrypt/src/misc.c>
wolfSSL	13:f67a6c6013ca	41	#endif
wolfSSL	13:f67a6c6013ca	42	#include <wolfssl/wolfcrypt/pkcs12.h>
wolfSSL	13:f67a6c6013ca	43	#include <wolfssl/wolfcrypt/pwdbased.h>
wolfSSL	13:f67a6c6013ca	44
wolfSSL	13:f67a6c6013ca	45
wolfSSL	13:f67a6c6013ca	46	#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
wolfSSL	13:f67a6c6013ca	47
wolfSSL	13:f67a6c6013ca	48	enum {
wolfSSL	13:f67a6c6013ca	49	WC_PKCS12_KeyBag = 667,
wolfSSL	13:f67a6c6013ca	50	WC_PKCS12_ShroudedKeyBag = 668,
wolfSSL	13:f67a6c6013ca	51	WC_PKCS12_CertBag = 669,
wolfSSL	13:f67a6c6013ca	52	WC_PKCS12_CertBag_Type1 = 675,
wolfSSL	13:f67a6c6013ca	53	WC_PKCS12_CrlBag = 670,
wolfSSL	13:f67a6c6013ca	54	WC_PKCS12_SecretBag = 671,
wolfSSL	13:f67a6c6013ca	55	WC_PKCS12_SafeContentsBag = 672,
wolfSSL	13:f67a6c6013ca	56	WC_PKCS12_DATA = 651,
wolfSSL	13:f67a6c6013ca	57	WC_PKCS12_ENCRYPTED_DATA = 656,
wolfSSL	13:f67a6c6013ca	58	};
wolfSSL	13:f67a6c6013ca	59
wolfSSL	13:f67a6c6013ca	60	typedef struct ContentInfo {
wolfSSL	13:f67a6c6013ca	61	byte* data;
wolfSSL	13:f67a6c6013ca	62	struct ContentInfo* next;
wolfSSL	13:f67a6c6013ca	63	word32 encC; /* encryptedContent */
wolfSSL	13:f67a6c6013ca	64	word32 dataSz;
wolfSSL	13:f67a6c6013ca	65	int type; /* DATA / encrypted / envelpoed */
wolfSSL	13:f67a6c6013ca	66	} ContentInfo;
wolfSSL	13:f67a6c6013ca	67
wolfSSL	13:f67a6c6013ca	68
wolfSSL	13:f67a6c6013ca	69	typedef struct AuthenticatedSafe {
wolfSSL	13:f67a6c6013ca	70	ContentInfo* CI;
wolfSSL	13:f67a6c6013ca	71	byte* data; /* T contents.... */
wolfSSL	13:f67a6c6013ca	72	word32 oid; /* encrypted or not */
wolfSSL	13:f67a6c6013ca	73	word32 numCI; /* number of Content Info structs */
wolfSSL	13:f67a6c6013ca	74	word32 dataSz;
wolfSSL	13:f67a6c6013ca	75	} AuthenticatedSafe;
wolfSSL	13:f67a6c6013ca	76
wolfSSL	13:f67a6c6013ca	77
wolfSSL	13:f67a6c6013ca	78	typedef struct MacData {
wolfSSL	13:f67a6c6013ca	79	byte* digest;
wolfSSL	13:f67a6c6013ca	80	byte* salt;
wolfSSL	13:f67a6c6013ca	81	word32 oid;
wolfSSL	13:f67a6c6013ca	82	word32 digestSz;
wolfSSL	13:f67a6c6013ca	83	word32 saltSz;
wolfSSL	13:f67a6c6013ca	84	int itt; /* number of itterations when creating HMAC key */
wolfSSL	13:f67a6c6013ca	85	} MacData;
wolfSSL	13:f67a6c6013ca	86
wolfSSL	13:f67a6c6013ca	87
wolfSSL	13:f67a6c6013ca	88	struct WC_PKCS12 {
wolfSSL	13:f67a6c6013ca	89	void* heap;
wolfSSL	13:f67a6c6013ca	90	AuthenticatedSafe* safe;
wolfSSL	13:f67a6c6013ca	91	MacData* signData;
wolfSSL	13:f67a6c6013ca	92	word32 oid; /* DATA / Enveloped DATA ... */
wolfSSL	13:f67a6c6013ca	93	};
wolfSSL	13:f67a6c6013ca	94
wolfSSL	13:f67a6c6013ca	95
wolfSSL	13:f67a6c6013ca	96	/* for friendlyName, localKeyId .... */
wolfSSL	13:f67a6c6013ca	97	typedef struct WC_PKCS12_ATTRIBUTE {
wolfSSL	13:f67a6c6013ca	98	byte* data;
wolfSSL	13:f67a6c6013ca	99	word32 oid;
wolfSSL	13:f67a6c6013ca	100	word32 dataSz;
wolfSSL	13:f67a6c6013ca	101	} WC_PKCS12_ATTRIBUTE;
wolfSSL	13:f67a6c6013ca	102
wolfSSL	13:f67a6c6013ca	103
wolfSSL	13:f67a6c6013ca	104	WC_PKCS12* wc_PKCS12_new(void)
wolfSSL	13:f67a6c6013ca	105	{
wolfSSL	13:f67a6c6013ca	106	WC_PKCS12* pkcs12 = (WC_PKCS12*)XMALLOC(sizeof(WC_PKCS12),
wolfSSL	13:f67a6c6013ca	107	NULL, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	108	if (pkcs12 == NULL) {
wolfSSL	13:f67a6c6013ca	109	WOLFSSL_MSG("Memory issue when creating WC_PKCS12 struct");
wolfSSL	13:f67a6c6013ca	110	return NULL;
wolfSSL	13:f67a6c6013ca	111	}
wolfSSL	13:f67a6c6013ca	112
wolfSSL	13:f67a6c6013ca	113	XMEMSET(pkcs12, 0, sizeof(WC_PKCS12));
wolfSSL	13:f67a6c6013ca	114
wolfSSL	13:f67a6c6013ca	115	return pkcs12;
wolfSSL	13:f67a6c6013ca	116	}
wolfSSL	13:f67a6c6013ca	117
wolfSSL	13:f67a6c6013ca	118
wolfSSL	13:f67a6c6013ca	119	static void freeSafe(AuthenticatedSafe* safe, void* heap)
wolfSSL	13:f67a6c6013ca	120	{
wolfSSL	13:f67a6c6013ca	121	int i;
wolfSSL	13:f67a6c6013ca	122
wolfSSL	13:f67a6c6013ca	123	if (safe == NULL) {
wolfSSL	13:f67a6c6013ca	124	return;
wolfSSL	13:f67a6c6013ca	125	}
wolfSSL	13:f67a6c6013ca	126
wolfSSL	13:f67a6c6013ca	127	/* free content info structs */
wolfSSL	13:f67a6c6013ca	128	for (i = safe->numCI; i > 0; i--) {
wolfSSL	13:f67a6c6013ca	129	ContentInfo* ci = safe->CI;
wolfSSL	13:f67a6c6013ca	130	safe->CI = ci->next;
wolfSSL	13:f67a6c6013ca	131	XFREE(ci, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	132	}
wolfSSL	13:f67a6c6013ca	133	if (safe->data != NULL) {
wolfSSL	13:f67a6c6013ca	134	XFREE(safe->data, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	135	}
wolfSSL	13:f67a6c6013ca	136	XFREE(safe, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	137
wolfSSL	13:f67a6c6013ca	138	(void)heap;
wolfSSL	13:f67a6c6013ca	139	}
wolfSSL	13:f67a6c6013ca	140
wolfSSL	13:f67a6c6013ca	141
wolfSSL	13:f67a6c6013ca	142	void wc_PKCS12_free(WC_PKCS12* pkcs12)
wolfSSL	13:f67a6c6013ca	143	{
wolfSSL	13:f67a6c6013ca	144	void* heap;
wolfSSL	13:f67a6c6013ca	145
wolfSSL	13:f67a6c6013ca	146	/* if null pointer is passed in do nothing */
wolfSSL	13:f67a6c6013ca	147	if (pkcs12 == NULL) {
wolfSSL	13:f67a6c6013ca	148	WOLFSSL_MSG("Trying to free null WC_PKCS12 object");
wolfSSL	13:f67a6c6013ca	149	return;
wolfSSL	13:f67a6c6013ca	150	}
wolfSSL	13:f67a6c6013ca	151
wolfSSL	13:f67a6c6013ca	152	heap = pkcs12->heap;
wolfSSL	13:f67a6c6013ca	153	if (pkcs12->safe != NULL) {
wolfSSL	13:f67a6c6013ca	154	freeSafe(pkcs12->safe, heap);
wolfSSL	13:f67a6c6013ca	155	}
wolfSSL	13:f67a6c6013ca	156
wolfSSL	13:f67a6c6013ca	157	/* free mac data */
wolfSSL	13:f67a6c6013ca	158	if (pkcs12->signData != NULL) {
wolfSSL	13:f67a6c6013ca	159	if (pkcs12->signData->digest != NULL) {
wolfSSL	13:f67a6c6013ca	160	XFREE(pkcs12->signData->digest, heap, DYNAMIC_TYPE_DIGEST);
wolfSSL	13:f67a6c6013ca	161	pkcs12->signData->digest = NULL;
wolfSSL	13:f67a6c6013ca	162	}
wolfSSL	13:f67a6c6013ca	163	if (pkcs12->signData->salt != NULL) {
wolfSSL	13:f67a6c6013ca	164	XFREE(pkcs12->signData->salt, heap, DYNAMIC_TYPE_SALT);
wolfSSL	13:f67a6c6013ca	165	pkcs12->signData->salt = NULL;
wolfSSL	13:f67a6c6013ca	166	}
wolfSSL	13:f67a6c6013ca	167	XFREE(pkcs12->signData, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	168	pkcs12->signData = NULL;
wolfSSL	13:f67a6c6013ca	169	}
wolfSSL	13:f67a6c6013ca	170
wolfSSL	13:f67a6c6013ca	171	XFREE(pkcs12, NULL, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	172	pkcs12 = NULL;
wolfSSL	13:f67a6c6013ca	173	}
wolfSSL	13:f67a6c6013ca	174
wolfSSL	13:f67a6c6013ca	175
wolfSSL	13:f67a6c6013ca	176	static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
wolfSSL	13:f67a6c6013ca	177	word32* idx, int maxIdx)
wolfSSL	13:f67a6c6013ca	178	{
wolfSSL	13:f67a6c6013ca	179	AuthenticatedSafe* safe;
wolfSSL	13:f67a6c6013ca	180	word32 oid;
wolfSSL	13:f67a6c6013ca	181	word32 localIdx = *idx;
wolfSSL	13:f67a6c6013ca	182	int ret;
wolfSSL	13:f67a6c6013ca	183	int size = 0;
wolfSSL	13:f67a6c6013ca	184
wolfSSL	13:f67a6c6013ca	185	safe = (AuthenticatedSafe*)XMALLOC(sizeof(AuthenticatedSafe), pkcs12->heap,
wolfSSL	13:f67a6c6013ca	186	DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	187	if (safe == NULL) {
wolfSSL	13:f67a6c6013ca	188	return MEMORY_E;
wolfSSL	13:f67a6c6013ca	189	}
wolfSSL	13:f67a6c6013ca	190	XMEMSET(safe, 0, sizeof(AuthenticatedSafe));
wolfSSL	13:f67a6c6013ca	191
wolfSSL	13:f67a6c6013ca	192	ret = GetObjectId(input, &localIdx, &oid, oidIgnoreType, maxIdx);
wolfSSL	13:f67a6c6013ca	193	if (ret < 0) {
wolfSSL	13:f67a6c6013ca	194	WOLFSSL_LEAVE("Get object id failed", ret);
wolfSSL	13:f67a6c6013ca	195	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	196	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	197	}
wolfSSL	13:f67a6c6013ca	198
wolfSSL	13:f67a6c6013ca	199	safe->oid = oid;
wolfSSL	13:f67a6c6013ca	200	/* check tag, length */
wolfSSL	13:f67a6c6013ca	201	if (input[localIdx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	202	WOLFSSL_MSG("Unexpected tag in PKCS12 DER");
wolfSSL	13:f67a6c6013ca	203	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	204	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	205	}
wolfSSL	13:f67a6c6013ca	206	if ((ret = GetLength(input, &localIdx, &size, maxIdx)) <= 0) {
wolfSSL	13:f67a6c6013ca	207	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	208	return ret;
wolfSSL	13:f67a6c6013ca	209	}
wolfSSL	13:f67a6c6013ca	210
wolfSSL	13:f67a6c6013ca	211	switch (oid) {
wolfSSL	13:f67a6c6013ca	212	case WC_PKCS12_ENCRYPTED_DATA:
wolfSSL	13:f67a6c6013ca	213	WOLFSSL_MSG("Found PKCS12 OBJECT: ENCRYPTED DATA\n");
wolfSSL	13:f67a6c6013ca	214	break;
wolfSSL	13:f67a6c6013ca	215
wolfSSL	13:f67a6c6013ca	216	case WC_PKCS12_DATA:
wolfSSL	13:f67a6c6013ca	217	WOLFSSL_MSG("Found PKCS12 OBJECT: DATA");
wolfSSL	13:f67a6c6013ca	218	/* get octets holding contents */
wolfSSL	13:f67a6c6013ca	219	if (input[localIdx++] != ASN_OCTET_STRING) {
wolfSSL	13:f67a6c6013ca	220	WOLFSSL_MSG("Wrong tag with content PKCS12 type DATA");
wolfSSL	13:f67a6c6013ca	221	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	222	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	223	}
wolfSSL	13:f67a6c6013ca	224	if ((ret = GetLength(input, &localIdx, &size, maxIdx)) <= 0) {
wolfSSL	13:f67a6c6013ca	225	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	226	return ret;
wolfSSL	13:f67a6c6013ca	227	}
wolfSSL	13:f67a6c6013ca	228
wolfSSL	13:f67a6c6013ca	229	break;
wolfSSL	13:f67a6c6013ca	230	}
wolfSSL	13:f67a6c6013ca	231
wolfSSL	13:f67a6c6013ca	232	safe->dataSz = size;
wolfSSL	13:f67a6c6013ca	233	safe->data = (byte*)XMALLOC(size, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	234	if (safe->data == NULL) {
wolfSSL	13:f67a6c6013ca	235	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	236	return MEMORY_E;
wolfSSL	13:f67a6c6013ca	237	}
wolfSSL	13:f67a6c6013ca	238	XMEMCPY(safe->data, input + localIdx, size);
wolfSSL	13:f67a6c6013ca	239	*idx = localIdx;
wolfSSL	13:f67a6c6013ca	240
wolfSSL	13:f67a6c6013ca	241	/* an instance of AuthenticatedSafe is created from
wolfSSL	13:f67a6c6013ca	242	* ContentInfo's strung together in a SEQUENCE. Here we itterate
wolfSSL	13:f67a6c6013ca	243	* through the ContentInfo's and add them to our
wolfSSL	13:f67a6c6013ca	244	* AuthenticatedSafe struct */
wolfSSL	13:f67a6c6013ca	245	localIdx = 0;
wolfSSL	13:f67a6c6013ca	246	input = safe->data;
wolfSSL	13:f67a6c6013ca	247	{
wolfSSL	13:f67a6c6013ca	248	int CISz;
wolfSSL	13:f67a6c6013ca	249	ret = GetSequence(input, &localIdx, &CISz, safe->dataSz);
wolfSSL	13:f67a6c6013ca	250	if (ret < 0) {
wolfSSL	13:f67a6c6013ca	251	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	252	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	253	}
wolfSSL	13:f67a6c6013ca	254	CISz += localIdx;
wolfSSL	13:f67a6c6013ca	255	while ((int)localIdx < CISz) {
wolfSSL	13:f67a6c6013ca	256	int curSz = 0;
wolfSSL	13:f67a6c6013ca	257	word32 curIdx;
wolfSSL	13:f67a6c6013ca	258	ContentInfo* ci = NULL;
wolfSSL	13:f67a6c6013ca	259
wolfSSL	13:f67a6c6013ca	260	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	261	printf("\t\tlooking for Content Info.... ");
wolfSSL	13:f67a6c6013ca	262	#endif
wolfSSL	13:f67a6c6013ca	263
wolfSSL	13:f67a6c6013ca	264	if ((ret = GetSequence(input, &localIdx, &curSz, safe->dataSz))
wolfSSL	13:f67a6c6013ca	265	< 0) {
wolfSSL	13:f67a6c6013ca	266	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	267	return ret;
wolfSSL	13:f67a6c6013ca	268	}
wolfSSL	13:f67a6c6013ca	269
wolfSSL	13:f67a6c6013ca	270	if (curSz > CISz) {
wolfSSL	13:f67a6c6013ca	271	/* subset should not be larger than universe */
wolfSSL	13:f67a6c6013ca	272	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	273	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	274	}
wolfSSL	13:f67a6c6013ca	275
wolfSSL	13:f67a6c6013ca	276	curIdx = localIdx;
wolfSSL	13:f67a6c6013ca	277	if ((ret = GetObjectId(input, &localIdx, &oid, oidIgnoreType,
wolfSSL	13:f67a6c6013ca	278	safe->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	279	WOLFSSL_LEAVE("Get object id failed", ret);
wolfSSL	13:f67a6c6013ca	280	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	281	return ret;
wolfSSL	13:f67a6c6013ca	282	}
wolfSSL	13:f67a6c6013ca	283
wolfSSL	13:f67a6c6013ca	284	/* create new content info struct ... possible OID sanity check? */
wolfSSL	13:f67a6c6013ca	285	ci = (ContentInfo*)XMALLOC(sizeof(ContentInfo), pkcs12->heap,
wolfSSL	13:f67a6c6013ca	286	DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	287	if (ci == NULL) {
wolfSSL	13:f67a6c6013ca	288	freeSafe(safe, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	289	return MEMORY_E;
wolfSSL	13:f67a6c6013ca	290	}
wolfSSL	13:f67a6c6013ca	291
wolfSSL	13:f67a6c6013ca	292	ci->type = oid;
wolfSSL	13:f67a6c6013ca	293	ci->dataSz = curSz - (localIdx-curIdx);
wolfSSL	13:f67a6c6013ca	294	ci->data = (byte*)input + localIdx;
wolfSSL	13:f67a6c6013ca	295	localIdx += ci->dataSz;
wolfSSL	13:f67a6c6013ca	296
wolfSSL	13:f67a6c6013ca	297	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	298	switch (oid) {
wolfSSL	13:f67a6c6013ca	299	case WC_PKCS12_ENCRYPTED_DATA:
wolfSSL	13:f67a6c6013ca	300	printf("CONTENT INFO: ENCRYPTED DATA, size = %d\n", ci->dataSz);
wolfSSL	13:f67a6c6013ca	301	break;
wolfSSL	13:f67a6c6013ca	302
wolfSSL	13:f67a6c6013ca	303	case WC_PKCS12_DATA:
wolfSSL	13:f67a6c6013ca	304	printf("CONTENT INFO: DATA, size = %d\n", ci->dataSz);
wolfSSL	13:f67a6c6013ca	305	break;
wolfSSL	13:f67a6c6013ca	306	default:
wolfSSL	13:f67a6c6013ca	307	printf("CONTENT INFO: UNKNOWN, size = %d\n", ci->dataSz);
wolfSSL	13:f67a6c6013ca	308	}
wolfSSL	13:f67a6c6013ca	309	#endif
wolfSSL	13:f67a6c6013ca	310
wolfSSL	13:f67a6c6013ca	311	/* insert to head of list */
wolfSSL	13:f67a6c6013ca	312	ci->next = safe->CI;
wolfSSL	13:f67a6c6013ca	313	safe->CI = ci;
wolfSSL	13:f67a6c6013ca	314	safe->numCI += 1;
wolfSSL	13:f67a6c6013ca	315	}
wolfSSL	13:f67a6c6013ca	316	}
wolfSSL	13:f67a6c6013ca	317
wolfSSL	13:f67a6c6013ca	318	pkcs12->safe = safe;
wolfSSL	13:f67a6c6013ca	319	*idx += localIdx;
wolfSSL	13:f67a6c6013ca	320
wolfSSL	13:f67a6c6013ca	321	return ret;
wolfSSL	13:f67a6c6013ca	322	}
wolfSSL	13:f67a6c6013ca	323
wolfSSL	13:f67a6c6013ca	324
wolfSSL	13:f67a6c6013ca	325	/* optional mac data */
wolfSSL	13:f67a6c6013ca	326	static int GetSignData(WC_PKCS12* pkcs12, const byte* mem, word32* idx,
wolfSSL	13:f67a6c6013ca	327	word32 totalSz)
wolfSSL	13:f67a6c6013ca	328	{
wolfSSL	13:f67a6c6013ca	329	MacData* mac;
wolfSSL	13:f67a6c6013ca	330	word32 curIdx = *idx;
wolfSSL	13:f67a6c6013ca	331	word32 oid = 0;
wolfSSL	13:f67a6c6013ca	332	int size, ret;
wolfSSL	13:f67a6c6013ca	333
wolfSSL	13:f67a6c6013ca	334	/* Digest Info : Sequence
wolfSSL	13:f67a6c6013ca	335	* DigestAlgorithmIdentifier
wolfSSL	13:f67a6c6013ca	336	* Digest
wolfSSL	13:f67a6c6013ca	337	*/
wolfSSL	13:f67a6c6013ca	338	if ((ret = GetSequence(mem, &curIdx, &size, totalSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	339	WOLFSSL_MSG("Failed to get PKCS12 sequence");
wolfSSL	13:f67a6c6013ca	340	return ret;
wolfSSL	13:f67a6c6013ca	341	}
wolfSSL	13:f67a6c6013ca	342
wolfSSL	13:f67a6c6013ca	343	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	344	printf("\t\tSEQUENCE: DigestInfo size = %d\n", size);
wolfSSL	13:f67a6c6013ca	345	#endif
wolfSSL	13:f67a6c6013ca	346
wolfSSL	13:f67a6c6013ca	347	mac = (MacData*)XMALLOC(sizeof(MacData), pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	348	if (mac == NULL) {
wolfSSL	13:f67a6c6013ca	349	return MEMORY_E;
wolfSSL	13:f67a6c6013ca	350	}
wolfSSL	13:f67a6c6013ca	351	XMEMSET(mac, 0, sizeof(MacData));
wolfSSL	13:f67a6c6013ca	352
wolfSSL	13:f67a6c6013ca	353	/* DigestAlgorithmIdentifier */
wolfSSL	13:f67a6c6013ca	354	if ((ret = GetAlgoId(mem, &curIdx, &oid, oidIgnoreType, totalSz)) < 0) {
wolfSSL	13:f67a6c6013ca	355	WOLFSSL_MSG("Failed to get PKCS12 sequence");
wolfSSL	13:f67a6c6013ca	356	XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	357	return ret;
wolfSSL	13:f67a6c6013ca	358	}
wolfSSL	13:f67a6c6013ca	359	mac->oid = oid;
wolfSSL	13:f67a6c6013ca	360
wolfSSL	13:f67a6c6013ca	361	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	362	printf("\t\tALGO ID = %d\n", oid);
wolfSSL	13:f67a6c6013ca	363	#endif
wolfSSL	13:f67a6c6013ca	364
wolfSSL	13:f67a6c6013ca	365	/* Digest: should be octet type holding digest */
wolfSSL	13:f67a6c6013ca	366	if (mem[curIdx++] != ASN_OCTET_STRING) {
wolfSSL	13:f67a6c6013ca	367	WOLFSSL_MSG("Failed to get digest");
wolfSSL	13:f67a6c6013ca	368	XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	369	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	370	}
wolfSSL	13:f67a6c6013ca	371
wolfSSL	13:f67a6c6013ca	372	if ((ret = GetLength(mem, &curIdx, &size, totalSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	373	XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	374	return ret;
wolfSSL	13:f67a6c6013ca	375	}
wolfSSL	13:f67a6c6013ca	376	mac->digestSz = size;
wolfSSL	13:f67a6c6013ca	377	mac->digest = (byte*)XMALLOC(mac->digestSz, pkcs12->heap,
wolfSSL	13:f67a6c6013ca	378	DYNAMIC_TYPE_DIGEST);
wolfSSL	13:f67a6c6013ca	379	if (mac->digest == NULL \|\| mac->digestSz + curIdx > totalSz) {
wolfSSL	13:f67a6c6013ca	380	ERROR_OUT(MEMORY_E, exit_gsd);
wolfSSL	13:f67a6c6013ca	381	}
wolfSSL	13:f67a6c6013ca	382	XMEMCPY(mac->digest, mem + curIdx, mac->digestSz);
wolfSSL	13:f67a6c6013ca	383
wolfSSL	13:f67a6c6013ca	384	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	385	{
wolfSSL	13:f67a6c6013ca	386	byte* p;
wolfSSL	13:f67a6c6013ca	387	for (printf("\t\tDigest = "), p = (byte*)mem+curIdx;
wolfSSL	13:f67a6c6013ca	388	p < (byte*)mem + curIdx + mac->digestSz;
wolfSSL	13:f67a6c6013ca	389	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	390	printf(" : size = %d\n", mac->digestSz);
wolfSSL	13:f67a6c6013ca	391	}
wolfSSL	13:f67a6c6013ca	392	#endif
wolfSSL	13:f67a6c6013ca	393
wolfSSL	13:f67a6c6013ca	394	curIdx += mac->digestSz;
wolfSSL	13:f67a6c6013ca	395
wolfSSL	13:f67a6c6013ca	396	/* get salt, should be octet string */
wolfSSL	13:f67a6c6013ca	397	if (mem[curIdx++] != ASN_OCTET_STRING) {
wolfSSL	13:f67a6c6013ca	398	WOLFSSL_MSG("Failed to get salt");
wolfSSL	13:f67a6c6013ca	399	ERROR_OUT(ASN_PARSE_E, exit_gsd);
wolfSSL	13:f67a6c6013ca	400	}
wolfSSL	13:f67a6c6013ca	401
wolfSSL	13:f67a6c6013ca	402	if ((ret = GetLength(mem, &curIdx, &size, totalSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	403	goto exit_gsd;
wolfSSL	13:f67a6c6013ca	404	}
wolfSSL	13:f67a6c6013ca	405	mac->saltSz = size;
wolfSSL	13:f67a6c6013ca	406	mac->salt = (byte*)XMALLOC(mac->saltSz, pkcs12->heap, DYNAMIC_TYPE_SALT);
wolfSSL	13:f67a6c6013ca	407	if (mac->salt == NULL \|\| mac->saltSz + curIdx > totalSz) {
wolfSSL	13:f67a6c6013ca	408	ERROR_OUT(MEMORY_E, exit_gsd);
wolfSSL	13:f67a6c6013ca	409	}
wolfSSL	13:f67a6c6013ca	410	XMEMCPY(mac->salt, mem + curIdx, mac->saltSz);
wolfSSL	13:f67a6c6013ca	411
wolfSSL	13:f67a6c6013ca	412	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	413	{
wolfSSL	13:f67a6c6013ca	414	byte* p;
wolfSSL	13:f67a6c6013ca	415	for (printf("\t\tSalt = "), p = (byte*)mem + curIdx;
wolfSSL	13:f67a6c6013ca	416	p < (byte*)mem + curIdx + mac->saltSz;
wolfSSL	13:f67a6c6013ca	417	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	418	printf(" : size = %d\n", mac->saltSz);
wolfSSL	13:f67a6c6013ca	419	}
wolfSSL	13:f67a6c6013ca	420	#endif
wolfSSL	13:f67a6c6013ca	421
wolfSSL	13:f67a6c6013ca	422	curIdx += mac->saltSz;
wolfSSL	13:f67a6c6013ca	423
wolfSSL	13:f67a6c6013ca	424	/* check for MAC itterations, default to 1 */
wolfSSL	13:f67a6c6013ca	425	mac->itt = 1;
wolfSSL	13:f67a6c6013ca	426	if (curIdx < totalSz) {
wolfSSL	13:f67a6c6013ca	427	int number = 0;
wolfSSL	13:f67a6c6013ca	428	if ((ret = GetShortInt(mem, &curIdx, &number, totalSz)) >= 0) {
wolfSSL	13:f67a6c6013ca	429	/* found a itteration value */
wolfSSL	13:f67a6c6013ca	430	mac->itt = number;
wolfSSL	13:f67a6c6013ca	431	}
wolfSSL	13:f67a6c6013ca	432	}
wolfSSL	13:f67a6c6013ca	433
wolfSSL	13:f67a6c6013ca	434	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	435	printf("\t\tITTERATIONS : %d\n", mac->itt);
wolfSSL	13:f67a6c6013ca	436	#endif
wolfSSL	13:f67a6c6013ca	437
wolfSSL	13:f67a6c6013ca	438	*idx = curIdx;
wolfSSL	13:f67a6c6013ca	439	pkcs12->signData = mac;
wolfSSL	13:f67a6c6013ca	440	ret = 0; /* success */
wolfSSL	13:f67a6c6013ca	441
wolfSSL	13:f67a6c6013ca	442	exit_gsd:
wolfSSL	13:f67a6c6013ca	443
wolfSSL	13:f67a6c6013ca	444	/* failure cleanup */
wolfSSL	13:f67a6c6013ca	445	if (ret != 0) {
wolfSSL	13:f67a6c6013ca	446	if (mac) {
wolfSSL	13:f67a6c6013ca	447	if (mac->digest)
wolfSSL	13:f67a6c6013ca	448	XFREE(mac->digest, pkcs12->heap, DYNAMIC_TYPE_DIGEST);
wolfSSL	13:f67a6c6013ca	449	XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	450	}
wolfSSL	13:f67a6c6013ca	451	}
wolfSSL	13:f67a6c6013ca	452
wolfSSL	13:f67a6c6013ca	453	return ret;
wolfSSL	13:f67a6c6013ca	454	}
wolfSSL	13:f67a6c6013ca	455
wolfSSL	13:f67a6c6013ca	456
wolfSSL	13:f67a6c6013ca	457	/* check mac on pkcs12, pkcs12->mac has been sanity checked before entering *
wolfSSL	13:f67a6c6013ca	458	* returns the result of comparison, success is 0 */
wolfSSL	13:f67a6c6013ca	459	static int wc_PKCS12_verify(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
wolfSSL	13:f67a6c6013ca	460	const byte* psw, word32 pswSz)
wolfSSL	13:f67a6c6013ca	461	{
wolfSSL	13:f67a6c6013ca	462	Hmac hmac;
wolfSSL	13:f67a6c6013ca	463	MacData* mac;
wolfSSL	13:f67a6c6013ca	464	int ret, typeH, kLen;
wolfSSL	13:f67a6c6013ca	465	int idx = 0;
wolfSSL	13:f67a6c6013ca	466	int id = 3; /* value from RFC 7292 indicating key is used for MAC */
wolfSSL	13:f67a6c6013ca	467	word32 i;
wolfSSL	13:f67a6c6013ca	468	byte digest[MAX_DIGEST_SIZE];
wolfSSL	13:f67a6c6013ca	469	byte unicodePasswd[MAX_UNICODE_SZ];
wolfSSL	13:f67a6c6013ca	470	byte key[MAX_KEY_SIZE];
wolfSSL	13:f67a6c6013ca	471
wolfSSL	13:f67a6c6013ca	472	mac = pkcs12->signData;
wolfSSL	13:f67a6c6013ca	473
wolfSSL	13:f67a6c6013ca	474	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	475	printf("Verifying MAC with OID = %d\n", mac->oid);
wolfSSL	13:f67a6c6013ca	476	#endif
wolfSSL	13:f67a6c6013ca	477
wolfSSL	13:f67a6c6013ca	478	/* check if this builds digest size is too small */
wolfSSL	13:f67a6c6013ca	479	if (mac->digestSz > MAX_DIGEST_SIZE) {
wolfSSL	13:f67a6c6013ca	480	WOLFSSL_MSG("PKCS12 max digest size too small");
wolfSSL	13:f67a6c6013ca	481	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	482	}
wolfSSL	13:f67a6c6013ca	483
wolfSSL	13:f67a6c6013ca	484	/* unicode set up from asn.c */
wolfSSL	13:f67a6c6013ca	485	if ((pswSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
wolfSSL	13:f67a6c6013ca	486	WOLFSSL_MSG("PKCS12 max unicode size too small");
wolfSSL	13:f67a6c6013ca	487	return UNICODE_SIZE_E;
wolfSSL	13:f67a6c6013ca	488	}
wolfSSL	13:f67a6c6013ca	489
wolfSSL	13:f67a6c6013ca	490	for (i = 0; i < pswSz; i++) {
wolfSSL	13:f67a6c6013ca	491	unicodePasswd[idx++] = 0x00;
wolfSSL	13:f67a6c6013ca	492	unicodePasswd[idx++] = (byte)psw[i];
wolfSSL	13:f67a6c6013ca	493	}
wolfSSL	13:f67a6c6013ca	494	/* add trailing NULL */
wolfSSL	13:f67a6c6013ca	495	unicodePasswd[idx++] = 0x00;
wolfSSL	13:f67a6c6013ca	496	unicodePasswd[idx++] = 0x00;
wolfSSL	13:f67a6c6013ca	497
wolfSSL	13:f67a6c6013ca	498	/* get hash type used and resulting size of HMAC key */
wolfSSL	13:f67a6c6013ca	499	switch (mac->oid) {
wolfSSL	13:f67a6c6013ca	500	#ifndef NO_SHA
wolfSSL	13:f67a6c6013ca	501	case SHAh: /* 88 */
wolfSSL	13:f67a6c6013ca	502	typeH = SHA;
wolfSSL	13:f67a6c6013ca	503	kLen = SHA_DIGEST_SIZE;
wolfSSL	13:f67a6c6013ca	504	break;
wolfSSL	13:f67a6c6013ca	505	#endif
wolfSSL	13:f67a6c6013ca	506	#ifndef NO_SHA256
wolfSSL	13:f67a6c6013ca	507	case SHA256h: /* 414 */
wolfSSL	13:f67a6c6013ca	508	typeH = SHA256;
wolfSSL	13:f67a6c6013ca	509	kLen = SHA256_DIGEST_SIZE;
wolfSSL	13:f67a6c6013ca	510	break;
wolfSSL	13:f67a6c6013ca	511	#endif
wolfSSL	13:f67a6c6013ca	512	#ifdef WOLFSSL_SHA384
wolfSSL	13:f67a6c6013ca	513	case SHA384h: /* 415 */
wolfSSL	13:f67a6c6013ca	514	typeH = SHA384;
wolfSSL	13:f67a6c6013ca	515	kLen = SHA384_DIGEST_SIZE;
wolfSSL	13:f67a6c6013ca	516	break;
wolfSSL	13:f67a6c6013ca	517	#endif
wolfSSL	13:f67a6c6013ca	518	#ifdef WOLFSSL_SHA512
wolfSSL	13:f67a6c6013ca	519	case SHA512h: /* 416 */
wolfSSL	13:f67a6c6013ca	520	typeH = SHA512;
wolfSSL	13:f67a6c6013ca	521	kLen = SHA512_DIGEST_SIZE;
wolfSSL	13:f67a6c6013ca	522	break;
wolfSSL	13:f67a6c6013ca	523	#endif
wolfSSL	13:f67a6c6013ca	524	default: /* May be SHA224 or was just not built in */
wolfSSL	13:f67a6c6013ca	525	WOLFSSL_MSG("Unsupported hash used");
wolfSSL	13:f67a6c6013ca	526	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	527	}
wolfSSL	13:f67a6c6013ca	528
wolfSSL	13:f67a6c6013ca	529	/* idx contains size of unicodePasswd */
wolfSSL	13:f67a6c6013ca	530	if ((ret = wc_PKCS12_PBKDF_ex(key, unicodePasswd, idx, mac->salt,
wolfSSL	13:f67a6c6013ca	531	mac->saltSz, mac->itt, kLen, typeH, id, pkcs12->heap)) < 0) {
wolfSSL	13:f67a6c6013ca	532	return ret;
wolfSSL	13:f67a6c6013ca	533	}
wolfSSL	13:f67a6c6013ca	534
wolfSSL	13:f67a6c6013ca	535	/* now that key has been created use it to get HMAC hash on data */
wolfSSL	13:f67a6c6013ca	536	if ((ret = wc_HmacInit(&hmac, pkcs12->heap, INVALID_DEVID)) != 0) {
wolfSSL	13:f67a6c6013ca	537	return ret;
wolfSSL	13:f67a6c6013ca	538	}
wolfSSL	13:f67a6c6013ca	539	ret = wc_HmacSetKey(&hmac, typeH, key, kLen);
wolfSSL	13:f67a6c6013ca	540	if (ret == 0)
wolfSSL	13:f67a6c6013ca	541	ret = wc_HmacUpdate(&hmac, data, dataSz);
wolfSSL	13:f67a6c6013ca	542	if (ret == 0)
wolfSSL	13:f67a6c6013ca	543	ret = wc_HmacFinal(&hmac, digest);
wolfSSL	13:f67a6c6013ca	544	wc_HmacFree(&hmac);
wolfSSL	13:f67a6c6013ca	545
wolfSSL	13:f67a6c6013ca	546	if (ret != 0)
wolfSSL	13:f67a6c6013ca	547	return ret;
wolfSSL	13:f67a6c6013ca	548
wolfSSL	13:f67a6c6013ca	549	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	550	{
wolfSSL	13:f67a6c6013ca	551	byte* p;
wolfSSL	13:f67a6c6013ca	552	for (printf("\t\tHash = "), p = (byte*)digest;
wolfSSL	13:f67a6c6013ca	553	p < (byte*)digest + mac->digestSz;
wolfSSL	13:f67a6c6013ca	554	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	555	printf(" : size = %d\n", mac->digestSz);
wolfSSL	13:f67a6c6013ca	556	}
wolfSSL	13:f67a6c6013ca	557	#endif
wolfSSL	13:f67a6c6013ca	558
wolfSSL	13:f67a6c6013ca	559	return XMEMCMP(digest, mac->digest, mac->digestSz);
wolfSSL	13:f67a6c6013ca	560	}
wolfSSL	13:f67a6c6013ca	561
wolfSSL	13:f67a6c6013ca	562
wolfSSL	13:f67a6c6013ca	563	/* Convert DER format stored in der buffer to WC_PKCS12 struct
wolfSSL	13:f67a6c6013ca	564	* Puts the raw contents of Content Info into structure without completly
wolfSSL	13:f67a6c6013ca	565	* parsing or decoding.
wolfSSL	13:f67a6c6013ca	566	* der : pointer to der buffer holding PKCS12
wolfSSL	13:f67a6c6013ca	567	* derSz : size of der buffer
wolfSSL	13:f67a6c6013ca	568	* pkcs12 : non-null pkcs12 pointer
wolfSSL	13:f67a6c6013ca	569	* return 0 on success and negative on failure.
wolfSSL	13:f67a6c6013ca	570	*/
wolfSSL	13:f67a6c6013ca	571	int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12)
wolfSSL	13:f67a6c6013ca	572	{
wolfSSL	13:f67a6c6013ca	573	word32 idx = 0;
wolfSSL	13:f67a6c6013ca	574	word32 totalSz = 0;
wolfSSL	13:f67a6c6013ca	575	int ret;
wolfSSL	13:f67a6c6013ca	576	int size = 0;
wolfSSL	13:f67a6c6013ca	577	int version = 0;
wolfSSL	13:f67a6c6013ca	578
wolfSSL	13:f67a6c6013ca	579	WOLFSSL_ENTER("wolfSSL_d2i_PKCS12_bio");
wolfSSL	13:f67a6c6013ca	580
wolfSSL	13:f67a6c6013ca	581	if (der == NULL \|\| pkcs12 == NULL) {
wolfSSL	13:f67a6c6013ca	582	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	583	}
wolfSSL	13:f67a6c6013ca	584
wolfSSL	13:f67a6c6013ca	585	totalSz = derSz;
wolfSSL	13:f67a6c6013ca	586	if ((ret = GetSequence(der, &idx, &size, totalSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	587	WOLFSSL_MSG("Failed to get PKCS12 sequence");
wolfSSL	13:f67a6c6013ca	588	return ret;
wolfSSL	13:f67a6c6013ca	589	}
wolfSSL	13:f67a6c6013ca	590
wolfSSL	13:f67a6c6013ca	591	/* get version */
wolfSSL	13:f67a6c6013ca	592	if ((ret = GetMyVersion(der, &idx, &version, totalSz)) < 0) {
wolfSSL	13:f67a6c6013ca	593	return ret;
wolfSSL	13:f67a6c6013ca	594	}
wolfSSL	13:f67a6c6013ca	595
wolfSSL	13:f67a6c6013ca	596	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	597	printf("\nBEGIN: PKCS12 size = %d\n", totalSz);
wolfSSL	13:f67a6c6013ca	598	printf("version = %d\n", version);
wolfSSL	13:f67a6c6013ca	599	#endif
wolfSSL	13:f67a6c6013ca	600
wolfSSL	13:f67a6c6013ca	601	if (version != 3) {
wolfSSL	13:f67a6c6013ca	602	WOLFSSL_MSG("PKCS12 unsupported version!");
wolfSSL	13:f67a6c6013ca	603	return ASN_VERSION_E;
wolfSSL	13:f67a6c6013ca	604	}
wolfSSL	13:f67a6c6013ca	605
wolfSSL	13:f67a6c6013ca	606	if ((ret = GetSequence(der, &idx, &size, totalSz)) < 0) {
wolfSSL	13:f67a6c6013ca	607	return ret;
wolfSSL	13:f67a6c6013ca	608	}
wolfSSL	13:f67a6c6013ca	609
wolfSSL	13:f67a6c6013ca	610	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	611	printf("\tSEQUENCE: AuthenticatedSafe size = %d\n", size);
wolfSSL	13:f67a6c6013ca	612	#endif
wolfSSL	13:f67a6c6013ca	613
wolfSSL	13:f67a6c6013ca	614	if ((ret = GetSafeContent(pkcs12, der, &idx, size + idx)) < 0) {
wolfSSL	13:f67a6c6013ca	615	WOLFSSL_MSG("GetSafeContent error");
wolfSSL	13:f67a6c6013ca	616	return ret;
wolfSSL	13:f67a6c6013ca	617	}
wolfSSL	13:f67a6c6013ca	618
wolfSSL	13:f67a6c6013ca	619	/* if more buffer left check for MAC data */
wolfSSL	13:f67a6c6013ca	620	if (idx < totalSz) {
wolfSSL	13:f67a6c6013ca	621	if ((ret = GetSequence(der, &idx, &size, totalSz)) < 0) {
wolfSSL	13:f67a6c6013ca	622	WOLFSSL_MSG("Ignoring unknown data at end of PKCS12 DER buffer");
wolfSSL	13:f67a6c6013ca	623	}
wolfSSL	13:f67a6c6013ca	624	else {
wolfSSL	13:f67a6c6013ca	625	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	626	printf("\tSEQUENCE: Signature size = %d\n", size);
wolfSSL	13:f67a6c6013ca	627	#endif
wolfSSL	13:f67a6c6013ca	628
wolfSSL	13:f67a6c6013ca	629	if ((ret = GetSignData(pkcs12, der, &idx, totalSz)) < 0) {
wolfSSL	13:f67a6c6013ca	630	return ASN_PARSE_E;
wolfSSL	13:f67a6c6013ca	631	}
wolfSSL	13:f67a6c6013ca	632	}
wolfSSL	13:f67a6c6013ca	633	}
wolfSSL	13:f67a6c6013ca	634
wolfSSL	13:f67a6c6013ca	635	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	636	printf("END: PKCS12\n");
wolfSSL	13:f67a6c6013ca	637	#endif
wolfSSL	13:f67a6c6013ca	638
wolfSSL	13:f67a6c6013ca	639	return ret;
wolfSSL	13:f67a6c6013ca	640	}
wolfSSL	13:f67a6c6013ca	641
wolfSSL	13:f67a6c6013ca	642
wolfSSL	13:f67a6c6013ca	643	/* helper function to free WC_DerCertList */
wolfSSL	13:f67a6c6013ca	644	static void freeCertList(WC_DerCertList* list, void* heap)
wolfSSL	13:f67a6c6013ca	645	{
wolfSSL	13:f67a6c6013ca	646	WC_DerCertList* current = list;
wolfSSL	13:f67a6c6013ca	647	WC_DerCertList* next;
wolfSSL	13:f67a6c6013ca	648
wolfSSL	13:f67a6c6013ca	649	if (list == NULL) {
wolfSSL	13:f67a6c6013ca	650	return;
wolfSSL	13:f67a6c6013ca	651	}
wolfSSL	13:f67a6c6013ca	652
wolfSSL	13:f67a6c6013ca	653	while (current != NULL) {
wolfSSL	13:f67a6c6013ca	654	next = current->next;
wolfSSL	13:f67a6c6013ca	655	if (current->buffer != NULL) {
wolfSSL	13:f67a6c6013ca	656	XFREE(current->buffer, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	657	}
wolfSSL	13:f67a6c6013ca	658	XFREE(current, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	659	current = next;
wolfSSL	13:f67a6c6013ca	660	}
wolfSSL	13:f67a6c6013ca	661
wolfSSL	13:f67a6c6013ca	662	(void)heap;
wolfSSL	13:f67a6c6013ca	663	}
wolfSSL	13:f67a6c6013ca	664
wolfSSL	13:f67a6c6013ca	665	static void freeDecCertList(WC_DerCertList list, byte pkey, word32* pkeySz,
wolfSSL	13:f67a6c6013ca	666	byte** cert, word32* certSz, void* heap)
wolfSSL	13:f67a6c6013ca	667	{
wolfSSL	13:f67a6c6013ca	668	WC_DerCertList* current = *list;
wolfSSL	13:f67a6c6013ca	669	WC_DerCertList* previous = NULL;
wolfSSL	13:f67a6c6013ca	670	DecodedCert DeCert;
wolfSSL	13:f67a6c6013ca	671
wolfSSL	13:f67a6c6013ca	672	while (current != NULL) {
wolfSSL	13:f67a6c6013ca	673
wolfSSL	13:f67a6c6013ca	674	InitDecodedCert(&DeCert, current->buffer, current->bufferSz, heap);
wolfSSL	13:f67a6c6013ca	675	if (ParseCertRelative(&DeCert, CERT_TYPE, NO_VERIFY, NULL) == 0) {
wolfSSL	13:f67a6c6013ca	676	if (wc_CheckPrivateKey(pkey, pkeySz, &DeCert) == 1) {
wolfSSL	13:f67a6c6013ca	677	WOLFSSL_MSG("Key Pair found");
wolfSSL	13:f67a6c6013ca	678	*cert = current->buffer;
wolfSSL	13:f67a6c6013ca	679	*certSz = current->bufferSz;
wolfSSL	13:f67a6c6013ca	680
wolfSSL	13:f67a6c6013ca	681	if (previous == NULL) {
wolfSSL	13:f67a6c6013ca	682	*list = current->next;
wolfSSL	13:f67a6c6013ca	683	}
wolfSSL	13:f67a6c6013ca	684	else {
wolfSSL	13:f67a6c6013ca	685	previous->next = current->next;
wolfSSL	13:f67a6c6013ca	686	}
wolfSSL	13:f67a6c6013ca	687	FreeDecodedCert(&DeCert);
wolfSSL	13:f67a6c6013ca	688	XFREE(current, heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	689	break;
wolfSSL	13:f67a6c6013ca	690	}
wolfSSL	13:f67a6c6013ca	691	}
wolfSSL	13:f67a6c6013ca	692	FreeDecodedCert(&DeCert);
wolfSSL	13:f67a6c6013ca	693
wolfSSL	13:f67a6c6013ca	694	previous = current;
wolfSSL	13:f67a6c6013ca	695	current = current->next;
wolfSSL	13:f67a6c6013ca	696	}
wolfSSL	13:f67a6c6013ca	697	}
wolfSSL	13:f67a6c6013ca	698
wolfSSL	13:f67a6c6013ca	699
wolfSSL	13:f67a6c6013ca	700	/* return 0 on success and negative on failure.
wolfSSL	13:f67a6c6013ca	701	* By side effect returns private key, cert, and optionally ca.
wolfSSL	13:f67a6c6013ca	702	* Parses and decodes the parts of PKCS12
wolfSSL	13:f67a6c6013ca	703	*
wolfSSL	13:f67a6c6013ca	704	* NOTE: can parse with USER RSA enabled but may return cert that is not the
wolfSSL	13:f67a6c6013ca	705	* pair for the key when using RSA key pairs.
wolfSSL	13:f67a6c6013ca	706	*
wolfSSL	13:f67a6c6013ca	707	* pkcs12 : non-null WC_PKCS12 struct
wolfSSL	13:f67a6c6013ca	708	* psw : password to use for PKCS12 decode
wolfSSL	13:f67a6c6013ca	709	* pkey : Private key returned
wolfSSL	13:f67a6c6013ca	710	* cert : x509 cert returned
wolfSSL	13:f67a6c6013ca	711	* ca : optional ca returned
wolfSSL	13:f67a6c6013ca	712	*/
wolfSSL	13:f67a6c6013ca	713	int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
wolfSSL	13:f67a6c6013ca	714	byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
wolfSSL	13:f67a6c6013ca	715	WC_DerCertList** ca)
wolfSSL	13:f67a6c6013ca	716	{
wolfSSL	13:f67a6c6013ca	717	ContentInfo* ci = NULL;
wolfSSL	13:f67a6c6013ca	718	WC_DerCertList* certList = NULL;
wolfSSL	13:f67a6c6013ca	719	byte* buf = NULL;
wolfSSL	13:f67a6c6013ca	720	word32 i, oid;
wolfSSL	13:f67a6c6013ca	721	int ret, pswSz;
wolfSSL	13:f67a6c6013ca	722
wolfSSL	13:f67a6c6013ca	723	WOLFSSL_ENTER("wc_PKCS12_parse");
wolfSSL	13:f67a6c6013ca	724
wolfSSL	13:f67a6c6013ca	725	if (pkcs12 == NULL \|\| psw == NULL \|\| cert == NULL \|\| certSz == NULL \|\|
wolfSSL	13:f67a6c6013ca	726	pkey == NULL \|\| pkeySz == NULL) {
wolfSSL	13:f67a6c6013ca	727	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	728	}
wolfSSL	13:f67a6c6013ca	729
wolfSSL	13:f67a6c6013ca	730	pswSz = (int)XSTRLEN(psw);
wolfSSL	13:f67a6c6013ca	731	*cert = NULL;
wolfSSL	13:f67a6c6013ca	732	*pkey = NULL;
wolfSSL	13:f67a6c6013ca	733	if (ca != NULL)
wolfSSL	13:f67a6c6013ca	734	*ca = NULL;
wolfSSL	13:f67a6c6013ca	735
wolfSSL	13:f67a6c6013ca	736	/* if there is sign data then verify the MAC */
wolfSSL	13:f67a6c6013ca	737	if (pkcs12->signData != NULL ) {
wolfSSL	13:f67a6c6013ca	738	if ((ret = wc_PKCS12_verify(pkcs12, pkcs12->safe->data,
wolfSSL	13:f67a6c6013ca	739	pkcs12->safe->dataSz, (byte*)psw, pswSz)) != 0) {
wolfSSL	13:f67a6c6013ca	740	WOLFSSL_MSG("PKCS12 Bad MAC on verify");
wolfSSL	13:f67a6c6013ca	741	WOLFSSL_LEAVE("wc_PKCS12_parse verify ", ret);
wolfSSL	13:f67a6c6013ca	742	return MAC_CMP_FAILED_E;
wolfSSL	13:f67a6c6013ca	743	}
wolfSSL	13:f67a6c6013ca	744	}
wolfSSL	13:f67a6c6013ca	745
wolfSSL	13:f67a6c6013ca	746	if (pkcs12->safe == NULL) {
wolfSSL	13:f67a6c6013ca	747	WOLFSSL_MSG("No PKCS12 safes to parse");
wolfSSL	13:f67a6c6013ca	748	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	749	}
wolfSSL	13:f67a6c6013ca	750
wolfSSL	13:f67a6c6013ca	751	/* Decode content infos */
wolfSSL	13:f67a6c6013ca	752	ci = pkcs12->safe->CI;
wolfSSL	13:f67a6c6013ca	753	for (i = 0; i < pkcs12->safe->numCI; i++) {
wolfSSL	13:f67a6c6013ca	754	byte* data;
wolfSSL	13:f67a6c6013ca	755	word32 idx = 0;
wolfSSL	13:f67a6c6013ca	756	int size, totalSz;
wolfSSL	13:f67a6c6013ca	757
wolfSSL	13:f67a6c6013ca	758	if (ci->type == WC_PKCS12_ENCRYPTED_DATA) {
wolfSSL	13:f67a6c6013ca	759	int number;
wolfSSL	13:f67a6c6013ca	760
wolfSSL	13:f67a6c6013ca	761	WOLFSSL_MSG("Decrypting PKCS12 Content Info Container");
wolfSSL	13:f67a6c6013ca	762	data = ci->data;
wolfSSL	13:f67a6c6013ca	763	if (data[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	764	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	765	}
wolfSSL	13:f67a6c6013ca	766	if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	767	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	768	}
wolfSSL	13:f67a6c6013ca	769
wolfSSL	13:f67a6c6013ca	770	if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	771	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	772	}
wolfSSL	13:f67a6c6013ca	773
wolfSSL	13:f67a6c6013ca	774	if ((ret = GetShortInt(data, &idx, &number, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	775	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	776	}
wolfSSL	13:f67a6c6013ca	777
wolfSSL	13:f67a6c6013ca	778	if (number != 0) {
wolfSSL	13:f67a6c6013ca	779	WOLFSSL_MSG("Expecting 0 for Integer with Encrypted PKCS12");
wolfSSL	13:f67a6c6013ca	780	}
wolfSSL	13:f67a6c6013ca	781
wolfSSL	13:f67a6c6013ca	782	if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	783	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	784	}
wolfSSL	13:f67a6c6013ca	785
wolfSSL	13:f67a6c6013ca	786	ret = GetObjectId(data, &idx, &oid, oidIgnoreType, ci->dataSz);
wolfSSL	13:f67a6c6013ca	787	if (ret < 0 \|\| oid != WC_PKCS12_DATA) {
wolfSSL	13:f67a6c6013ca	788	WOLFSSL_MSG("Not PKCS12 DATA object or get object parse error");
wolfSSL	13:f67a6c6013ca	789	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	790	}
wolfSSL	13:f67a6c6013ca	791
wolfSSL	13:f67a6c6013ca	792	/* decrypted content overwrites input buffer */
wolfSSL	13:f67a6c6013ca	793	size = ci->dataSz - idx;
wolfSSL	13:f67a6c6013ca	794	buf = (byte*)XMALLOC(size, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	795	if (buf == NULL) {
wolfSSL	13:f67a6c6013ca	796	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	797	}
wolfSSL	13:f67a6c6013ca	798	XMEMCPY(buf, data + idx, size);
wolfSSL	13:f67a6c6013ca	799
wolfSSL	13:f67a6c6013ca	800	if ((ret = DecryptContent(buf, size, psw, pswSz)) < 0) {
wolfSSL	13:f67a6c6013ca	801	WOLFSSL_MSG("Decryption failed, algorithm not compiled in?");
wolfSSL	13:f67a6c6013ca	802	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	803	}
wolfSSL	13:f67a6c6013ca	804
wolfSSL	13:f67a6c6013ca	805	data = buf;
wolfSSL	13:f67a6c6013ca	806	idx = 0;
wolfSSL	13:f67a6c6013ca	807
wolfSSL	13:f67a6c6013ca	808	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	809	{
wolfSSL	13:f67a6c6013ca	810	byte* p;
wolfSSL	13:f67a6c6013ca	811	for (printf("\tData = "), p = (byte*)buf;
wolfSSL	13:f67a6c6013ca	812	p < (byte*)buf + size;
wolfSSL	13:f67a6c6013ca	813	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	814	printf("\n");
wolfSSL	13:f67a6c6013ca	815	}
wolfSSL	13:f67a6c6013ca	816	#endif
wolfSSL	13:f67a6c6013ca	817	}
wolfSSL	13:f67a6c6013ca	818	else { /* type DATA */
wolfSSL	13:f67a6c6013ca	819	WOLFSSL_MSG("Parsing PKCS12 DATA Content Info Container");
wolfSSL	13:f67a6c6013ca	820	data = ci->data;
wolfSSL	13:f67a6c6013ca	821	if (data[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	822	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	823	}
wolfSSL	13:f67a6c6013ca	824	if ((ret = GetLength(data, &idx, &size, ci->dataSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	825	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	826	}
wolfSSL	13:f67a6c6013ca	827	if (data[idx++] != ASN_OCTET_STRING) {
wolfSSL	13:f67a6c6013ca	828	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	829	}
wolfSSL	13:f67a6c6013ca	830	if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	831	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	832	}
wolfSSL	13:f67a6c6013ca	833
wolfSSL	13:f67a6c6013ca	834	}
wolfSSL	13:f67a6c6013ca	835
wolfSSL	13:f67a6c6013ca	836	/* parse through bags in ContentInfo */
wolfSSL	13:f67a6c6013ca	837	if ((ret = GetSequence(data, &idx, &totalSz, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	838	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	839	}
wolfSSL	13:f67a6c6013ca	840	totalSz += idx;
wolfSSL	13:f67a6c6013ca	841
wolfSSL	13:f67a6c6013ca	842	while ((int)idx < totalSz) {
wolfSSL	13:f67a6c6013ca	843	int bagSz;
wolfSSL	13:f67a6c6013ca	844	if ((ret = GetSequence(data, &idx, &bagSz, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	845	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	846	}
wolfSSL	13:f67a6c6013ca	847	bagSz += idx;
wolfSSL	13:f67a6c6013ca	848
wolfSSL	13:f67a6c6013ca	849	if ((ret = GetObjectId(data, &idx, &oid, oidIgnoreType,
wolfSSL	13:f67a6c6013ca	850	ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	851	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	852	}
wolfSSL	13:f67a6c6013ca	853
wolfSSL	13:f67a6c6013ca	854	switch (oid) {
wolfSSL	13:f67a6c6013ca	855	case WC_PKCS12_KeyBag: /* 667 */
wolfSSL	13:f67a6c6013ca	856	WOLFSSL_MSG("PKCS12 Key Bag found");
wolfSSL	13:f67a6c6013ca	857	if (data[idx++] !=
wolfSSL	13:f67a6c6013ca	858	(ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	859	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	860	}
wolfSSL	13:f67a6c6013ca	861	if ((ret = GetLength(data, &idx, &size, ci->dataSz)) <= 0) {
wolfSSL	13:f67a6c6013ca	862	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	863	}
wolfSSL	13:f67a6c6013ca	864	if (*pkey == NULL) {
wolfSSL	13:f67a6c6013ca	865	pkey = (byte)XMALLOC(size, pkcs12->heap,
wolfSSL	13:f67a6c6013ca	866	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	867	if (*pkey == NULL) {
wolfSSL	13:f67a6c6013ca	868	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	869	}
wolfSSL	13:f67a6c6013ca	870	XMEMCPY(*pkey, data + idx, size);
wolfSSL	13:f67a6c6013ca	871	pkeySz = ToTraditional(pkey, size);
wolfSSL	13:f67a6c6013ca	872	}
wolfSSL	13:f67a6c6013ca	873
wolfSSL	13:f67a6c6013ca	874	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	875	{
wolfSSL	13:f67a6c6013ca	876	byte* p;
wolfSSL	13:f67a6c6013ca	877	for (printf("\tKey = "), p = (byte)pkey;
wolfSSL	13:f67a6c6013ca	878	p < (byte)pkey + size;
wolfSSL	13:f67a6c6013ca	879	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	880	printf("\n");
wolfSSL	13:f67a6c6013ca	881	}
wolfSSL	13:f67a6c6013ca	882	#endif
wolfSSL	13:f67a6c6013ca	883	idx += size;
wolfSSL	13:f67a6c6013ca	884	break;
wolfSSL	13:f67a6c6013ca	885
wolfSSL	13:f67a6c6013ca	886	case WC_PKCS12_ShroudedKeyBag: /* 668 */
wolfSSL	13:f67a6c6013ca	887	{
wolfSSL	13:f67a6c6013ca	888	byte* k;
wolfSSL	13:f67a6c6013ca	889
wolfSSL	13:f67a6c6013ca	890	WOLFSSL_MSG("PKCS12 Shrouded Key Bag found");
wolfSSL	13:f67a6c6013ca	891	if (data[idx++] !=
wolfSSL	13:f67a6c6013ca	892	(ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	893	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	894	}
wolfSSL	13:f67a6c6013ca	895	if ((ret = GetLength(data, &idx, &size,
wolfSSL	13:f67a6c6013ca	896	ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	897	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	898	}
wolfSSL	13:f67a6c6013ca	899
wolfSSL	13:f67a6c6013ca	900	k = (byte*)XMALLOC(size, pkcs12->heap,
wolfSSL	13:f67a6c6013ca	901	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	902	if (k == NULL) {
wolfSSL	13:f67a6c6013ca	903	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	904	}
wolfSSL	13:f67a6c6013ca	905	XMEMCPY(k, data + idx, size);
wolfSSL	13:f67a6c6013ca	906
wolfSSL	13:f67a6c6013ca	907	/* overwrites input, be warned */
wolfSSL	13:f67a6c6013ca	908	if ((ret = ToTraditionalEnc(k, size, psw, pswSz)) < 0) {
wolfSSL	13:f67a6c6013ca	909	XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	910	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	911	}
wolfSSL	13:f67a6c6013ca	912
wolfSSL	13:f67a6c6013ca	913	if (ret < size) {
wolfSSL	13:f67a6c6013ca	914	/* shrink key buffer */
wolfSSL	13:f67a6c6013ca	915	byte* tmp = (byte*)XMALLOC(ret, pkcs12->heap,
wolfSSL	13:f67a6c6013ca	916	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	917	if (tmp == NULL) {
wolfSSL	13:f67a6c6013ca	918	XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	919	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	920	}
wolfSSL	13:f67a6c6013ca	921	XMEMCPY(tmp, k, ret);
wolfSSL	13:f67a6c6013ca	922	XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	923	k = tmp;
wolfSSL	13:f67a6c6013ca	924	}
wolfSSL	13:f67a6c6013ca	925	size = ret;
wolfSSL	13:f67a6c6013ca	926
wolfSSL	13:f67a6c6013ca	927	if (*pkey == NULL) {
wolfSSL	13:f67a6c6013ca	928	*pkey = k;
wolfSSL	13:f67a6c6013ca	929	*pkeySz = size;
wolfSSL	13:f67a6c6013ca	930	}
wolfSSL	13:f67a6c6013ca	931	else { /* only expecting one key */
wolfSSL	13:f67a6c6013ca	932	XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	933	}
wolfSSL	13:f67a6c6013ca	934	idx += size;
wolfSSL	13:f67a6c6013ca	935
wolfSSL	13:f67a6c6013ca	936	#ifdef WOLFSSL_DEBUG_PKCS12
wolfSSL	13:f67a6c6013ca	937	{
wolfSSL	13:f67a6c6013ca	938	byte* p;
wolfSSL	13:f67a6c6013ca	939	for (printf("\tKey = "), p = (byte*)k;
wolfSSL	13:f67a6c6013ca	940	p < (byte*)k + ret;
wolfSSL	13:f67a6c6013ca	941	printf("%02X", *p), p++);
wolfSSL	13:f67a6c6013ca	942	printf("\n");
wolfSSL	13:f67a6c6013ca	943	}
wolfSSL	13:f67a6c6013ca	944	#endif
wolfSSL	13:f67a6c6013ca	945	}
wolfSSL	13:f67a6c6013ca	946	break;
wolfSSL	13:f67a6c6013ca	947
wolfSSL	13:f67a6c6013ca	948	case WC_PKCS12_CertBag: /* 669 */
wolfSSL	13:f67a6c6013ca	949	{
wolfSSL	13:f67a6c6013ca	950	WC_DerCertList* node;
wolfSSL	13:f67a6c6013ca	951	WOLFSSL_MSG("PKCS12 Cert Bag found");
wolfSSL	13:f67a6c6013ca	952	if (data[idx++] !=
wolfSSL	13:f67a6c6013ca	953	(ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	954	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	955	}
wolfSSL	13:f67a6c6013ca	956	if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	957	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	958	}
wolfSSL	13:f67a6c6013ca	959
wolfSSL	13:f67a6c6013ca	960	/* get cert bag type */
wolfSSL	13:f67a6c6013ca	961	if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) <0) {
wolfSSL	13:f67a6c6013ca	962	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	963	}
wolfSSL	13:f67a6c6013ca	964
wolfSSL	13:f67a6c6013ca	965	if ((ret = GetObjectId(data, &idx, &oid, oidIgnoreType,
wolfSSL	13:f67a6c6013ca	966	ci->dataSz)) < 0) {
wolfSSL	13:f67a6c6013ca	967	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	968	}
wolfSSL	13:f67a6c6013ca	969
wolfSSL	13:f67a6c6013ca	970	switch (oid) {
wolfSSL	13:f67a6c6013ca	971	case WC_PKCS12_CertBag_Type1: /* 675 */
wolfSSL	13:f67a6c6013ca	972	/* type 1 */
wolfSSL	13:f67a6c6013ca	973	WOLFSSL_MSG("PKCS12 cert bag type 1");
wolfSSL	13:f67a6c6013ca	974	if (data[idx++] !=
wolfSSL	13:f67a6c6013ca	975	(ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC)) {
wolfSSL	13:f67a6c6013ca	976	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	977	}
wolfSSL	13:f67a6c6013ca	978	if ((ret = GetLength(data, &idx, &size, ci->dataSz))
wolfSSL	13:f67a6c6013ca	979	<= 0) {
wolfSSL	13:f67a6c6013ca	980	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	981	}
wolfSSL	13:f67a6c6013ca	982	if (data[idx++] != ASN_OCTET_STRING) {
wolfSSL	13:f67a6c6013ca	983	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	984
wolfSSL	13:f67a6c6013ca	985	}
wolfSSL	13:f67a6c6013ca	986	if ((ret = GetLength(data, &idx, &size, ci->dataSz))
wolfSSL	13:f67a6c6013ca	987	< 0) {
wolfSSL	13:f67a6c6013ca	988	goto exit_pk12par;
wolfSSL	13:f67a6c6013ca	989	}
wolfSSL	13:f67a6c6013ca	990	break;
wolfSSL	13:f67a6c6013ca	991	default:
wolfSSL	13:f67a6c6013ca	992	WOLFSSL_MSG("Unknown PKCS12 cert bag type");
wolfSSL	13:f67a6c6013ca	993	}
wolfSSL	13:f67a6c6013ca	994
wolfSSL	13:f67a6c6013ca	995	if (size + idx > (word32)bagSz) {
wolfSSL	13:f67a6c6013ca	996	ERROR_OUT(ASN_PARSE_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	997	}
wolfSSL	13:f67a6c6013ca	998
wolfSSL	13:f67a6c6013ca	999	/* list to hold all certs found */
wolfSSL	13:f67a6c6013ca	1000	node = (WC_DerCertList*)XMALLOC(sizeof(WC_DerCertList),
wolfSSL	13:f67a6c6013ca	1001	pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	1002	if (node == NULL) {
wolfSSL	13:f67a6c6013ca	1003	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	1004	}
wolfSSL	13:f67a6c6013ca	1005	XMEMSET(node, 0, sizeof(WC_DerCertList));
wolfSSL	13:f67a6c6013ca	1006
wolfSSL	13:f67a6c6013ca	1007	node->buffer = (byte*)XMALLOC(size, pkcs12->heap,
wolfSSL	13:f67a6c6013ca	1008	DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	1009	if (node->buffer == NULL) {
wolfSSL	13:f67a6c6013ca	1010	XFREE(node, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	1011	ERROR_OUT(MEMORY_E, exit_pk12par);
wolfSSL	13:f67a6c6013ca	1012	}
wolfSSL	13:f67a6c6013ca	1013	XMEMCPY(node->buffer, data + idx, size);
wolfSSL	13:f67a6c6013ca	1014	node->bufferSz = size;
wolfSSL	13:f67a6c6013ca	1015
wolfSSL	13:f67a6c6013ca	1016	/* put the new node into the list */
wolfSSL	13:f67a6c6013ca	1017	if (certList != NULL) {
wolfSSL	13:f67a6c6013ca	1018	WOLFSSL_MSG("Pushing new cert onto stack");
wolfSSL	13:f67a6c6013ca	1019	node->next = certList;
wolfSSL	13:f67a6c6013ca	1020	certList = node;
wolfSSL	13:f67a6c6013ca	1021	}
wolfSSL	13:f67a6c6013ca	1022	else {
wolfSSL	13:f67a6c6013ca	1023	certList = node;
wolfSSL	13:f67a6c6013ca	1024	}
wolfSSL	13:f67a6c6013ca	1025
wolfSSL	13:f67a6c6013ca	1026	/* on to next */
wolfSSL	13:f67a6c6013ca	1027	idx += size;
wolfSSL	13:f67a6c6013ca	1028	}
wolfSSL	13:f67a6c6013ca	1029	break;
wolfSSL	13:f67a6c6013ca	1030
wolfSSL	13:f67a6c6013ca	1031	case WC_PKCS12_CrlBag: /* 670 */
wolfSSL	13:f67a6c6013ca	1032	WOLFSSL_MSG("PKCS12 CRL BAG not yet supported");
wolfSSL	13:f67a6c6013ca	1033	break;
wolfSSL	13:f67a6c6013ca	1034
wolfSSL	13:f67a6c6013ca	1035	case WC_PKCS12_SecretBag: /* 671 */
wolfSSL	13:f67a6c6013ca	1036	WOLFSSL_MSG("PKCS12 Secret BAG not yet supported");
wolfSSL	13:f67a6c6013ca	1037	break;
wolfSSL	13:f67a6c6013ca	1038
wolfSSL	13:f67a6c6013ca	1039	case WC_PKCS12_SafeContentsBag: /* 672 */
wolfSSL	13:f67a6c6013ca	1040	WOLFSSL_MSG("PKCS12 Safe Contents BAG not yet supported");
wolfSSL	13:f67a6c6013ca	1041	break;
wolfSSL	13:f67a6c6013ca	1042
wolfSSL	13:f67a6c6013ca	1043	default:
wolfSSL	13:f67a6c6013ca	1044	WOLFSSL_MSG("Unknown PKCS12 BAG type found");
wolfSSL	13:f67a6c6013ca	1045	}
wolfSSL	13:f67a6c6013ca	1046
wolfSSL	13:f67a6c6013ca	1047	/* Attribute, unknown bag or unsupported */
wolfSSL	13:f67a6c6013ca	1048	if ((int)idx < bagSz) {
wolfSSL	13:f67a6c6013ca	1049	idx = bagSz; /* skip for now */
wolfSSL	13:f67a6c6013ca	1050	}
wolfSSL	13:f67a6c6013ca	1051	}
wolfSSL	13:f67a6c6013ca	1052
wolfSSL	13:f67a6c6013ca	1053	/* free temporary buffer */
wolfSSL	13:f67a6c6013ca	1054	if (buf != NULL) {
wolfSSL	13:f67a6c6013ca	1055	XFREE(buf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	1056	buf = NULL;
wolfSSL	13:f67a6c6013ca	1057	}
wolfSSL	13:f67a6c6013ca	1058
wolfSSL	13:f67a6c6013ca	1059	ci = ci->next;
wolfSSL	13:f67a6c6013ca	1060	WOLFSSL_MSG("Done Parsing PKCS12 Content Info Container");
wolfSSL	13:f67a6c6013ca	1061	}
wolfSSL	13:f67a6c6013ca	1062
wolfSSL	13:f67a6c6013ca	1063	/* check if key pair, remove from list */
wolfSSL	13:f67a6c6013ca	1064	if (*pkey != NULL) {
wolfSSL	13:f67a6c6013ca	1065	freeDecCertList(&certList, pkey, pkeySz, cert, certSz, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	1066	}
wolfSSL	13:f67a6c6013ca	1067
wolfSSL	13:f67a6c6013ca	1068	/* if ca arg provided return certList, otherwise free it */
wolfSSL	13:f67a6c6013ca	1069	if (ca != NULL) {
wolfSSL	13:f67a6c6013ca	1070	*ca = certList;
wolfSSL	13:f67a6c6013ca	1071	}
wolfSSL	13:f67a6c6013ca	1072	else {
wolfSSL	13:f67a6c6013ca	1073	/* free list, not wanted */
wolfSSL	13:f67a6c6013ca	1074	freeCertList(certList, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	1075	}
wolfSSL	13:f67a6c6013ca	1076
wolfSSL	13:f67a6c6013ca	1077	ret = 0; /* success */
wolfSSL	13:f67a6c6013ca	1078
wolfSSL	13:f67a6c6013ca	1079	exit_pk12par:
wolfSSL	13:f67a6c6013ca	1080
wolfSSL	13:f67a6c6013ca	1081	if (ret != 0) {
wolfSSL	13:f67a6c6013ca	1082	/* failure cleanup */
wolfSSL	13:f67a6c6013ca	1083	if (*pkey) {
wolfSSL	13:f67a6c6013ca	1084	XFREE(*pkey, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	13:f67a6c6013ca	1085	*pkey = NULL;
wolfSSL	13:f67a6c6013ca	1086	}
wolfSSL	13:f67a6c6013ca	1087	if (buf) {
wolfSSL	13:f67a6c6013ca	1088	XFREE(buf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
wolfSSL	13:f67a6c6013ca	1089	buf = NULL;
wolfSSL	13:f67a6c6013ca	1090	}
wolfSSL	13:f67a6c6013ca	1091
wolfSSL	13:f67a6c6013ca	1092	freeCertList(certList, pkcs12->heap);
wolfSSL	13:f67a6c6013ca	1093	}
wolfSSL	13:f67a6c6013ca	1094
wolfSSL	13:f67a6c6013ca	1095	return ret;
wolfSSL	13:f67a6c6013ca	1096	}
wolfSSL	13:f67a6c6013ca	1097
wolfSSL	13:f67a6c6013ca	1098
wolfSSL	13:f67a6c6013ca	1099	/* if using a specific memory heap */
wolfSSL	13:f67a6c6013ca	1100	int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap)
wolfSSL	13:f67a6c6013ca	1101	{
wolfSSL	13:f67a6c6013ca	1102	if (pkcs12 == NULL) {
wolfSSL	13:f67a6c6013ca	1103	return BAD_FUNC_ARG;
wolfSSL	13:f67a6c6013ca	1104	}
wolfSSL	13:f67a6c6013ca	1105	pkcs12->heap = heap;
wolfSSL	13:f67a6c6013ca	1106
wolfSSL	13:f67a6c6013ca	1107	return 0;
wolfSSL	13:f67a6c6013ca	1108	}
wolfSSL	13:f67a6c6013ca	1109
wolfSSL	13:f67a6c6013ca	1110
wolfSSL	13:f67a6c6013ca	1111	/* getter for heap */
wolfSSL	13:f67a6c6013ca	1112	void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12)
wolfSSL	13:f67a6c6013ca	1113	{
wolfSSL	13:f67a6c6013ca	1114	if (pkcs12 == NULL) {
wolfSSL	13:f67a6c6013ca	1115	return NULL;
wolfSSL	13:f67a6c6013ca	1116	}
wolfSSL	13:f67a6c6013ca	1117
wolfSSL	13:f67a6c6013ca	1118	return pkcs12->heap;
wolfSSL	13:f67a6c6013ca	1119	}
wolfSSL	13:f67a6c6013ca	1120
wolfSSL	13:f67a6c6013ca	1121	#undef ERROR_OUT
wolfSSL	13:f67a6c6013ca	1122
wolfSSL	13:f67a6c6013ca	1123	#endif /* !NO_ASN && !NO_PWDBASED */
wolfSSL	13:f67a6c6013ca	1124

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	26 Jun 2015
Imports:	673
Forks:	0
Commits:	18
Dependents:	29
Dependencies:	0
Followers:	21

wolfcrypt/src/pkcs12.c@13:f67a6c6013ca, 2017-08-22 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning