1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/base.h>
16
17 #include <memory>
18 #include <string>
19 #include <vector>
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <stdint.h>
24 #include <string.h>
25 #include <sys/stat.h>
26 #include <sys/types.h>
27 #if defined(OPENSSL_WINDOWS)
28 #include <io.h>
29 #else
30 #include <unistd.h>
31 #endif
32
33 #include <openssl/bytestring.h>
34 #include <openssl/err.h>
35 #include <openssl/pem.h>
36 #include <openssl/pkcs8.h>
37 #include <openssl/stack.h>
38
39 #include "../crypto/internal.h"
40 #include "internal.h"
41
42
43 static const struct argument kArguments[] = {
44 {
45 "-dump", kOptionalArgument,
46 "Dump the key and contents of the given file to stdout",
47 },
48 {
49 "", kOptionalArgument, "",
50 },
51 };
52
DoPKCS12(const std::vector<std::string> & args)53 bool DoPKCS12(const std::vector<std::string> &args) {
54 std::map<std::string, std::string> args_map;
55
56 if (!ParseKeyValueArguments(&args_map, args, kArguments) ||
57 args_map["-dump"].empty()) {
58 PrintUsage(kArguments);
59 return false;
60 }
61
62 ScopedFD fd = OpenFD(args_map["-dump"].c_str(), O_RDONLY);
63 if (!fd) {
64 perror("open");
65 return false;
66 }
67
68 struct stat st;
69 if (fstat(fd.get(), &st)) {
70 perror("fstat");
71 return false;
72 }
73 const size_t size = st.st_size;
74
75 std::unique_ptr<uint8_t[]> contents(new uint8_t[size]);
76 size_t off = 0;
77 while (off < size) {
78 size_t bytes_read;
79 if (!ReadFromFD(fd.get(), &bytes_read, contents.get() + off, size - off)) {
80 perror("read");
81 return false;
82 }
83 if (bytes_read == 0) {
84 fprintf(stderr, "Unexpected EOF\n");
85 return false;
86 }
87 off += bytes_read;
88 }
89
90 printf("Enter password: ");
91 fflush(stdout);
92
93 char password[256];
94 off = 0;
95 while (off < sizeof(password) - 1) {
96 size_t bytes_read;
97 if (!ReadFromFD(0, &bytes_read, password + off,
98 sizeof(password) - 1 - off)) {
99 perror("read");
100 return false;
101 }
102
103 off += bytes_read;
104 if (bytes_read == 0 || OPENSSL_memchr(password, '\n', off) != nullptr) {
105 break;
106 }
107 }
108
109 char *newline = reinterpret_cast<char *>(OPENSSL_memchr(password, '\n', off));
110 if (newline == NULL) {
111 return false;
112 }
113 *newline = 0;
114
115 CBS pkcs12;
116 CBS_init(&pkcs12, contents.get(), size);
117
118 EVP_PKEY *key;
119 bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
120
121 if (!PKCS12_get_key_and_certs(&key, certs.get(), &pkcs12, password)) {
122 fprintf(stderr, "Failed to parse PKCS#12 data:\n");
123 ERR_print_errors_fp(stderr);
124 return false;
125 }
126 bssl::UniquePtr<EVP_PKEY> key_owned(key);
127
128 if (key != NULL) {
129 PEM_write_PrivateKey(stdout, key, NULL, NULL, 0, NULL, NULL);
130 }
131
132 for (size_t i = 0; i < sk_X509_num(certs.get()); i++) {
133 PEM_write_X509(stdout, sk_X509_value(certs.get(), i));
134 }
135
136 return true;
137 }
138