xref: /openbsd/lib/libcrypto/pkcs12/p12_asn.c (revision e5dd7070) 
1 /* $OpenBSD: p12_asn.c,v 1.9 2015/07/25 17:08:40 jsing Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project 1999.
4  */
5 /* ====================================================================
6  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58 
59 #include <stdio.h>
60 
61 #include <openssl/asn1t.h>
62 #include <openssl/pkcs12.h>
63 
64 /* PKCS#12 ASN1 module */
65 
66 static const ASN1_TEMPLATE PKCS12_seq_tt[] = {
67 	{
68 		.flags = 0,
69 		.tag = 0,
70 		.offset = offsetof(PKCS12, version),
71 		.field_name = "version",
72 		.item = &ASN1_INTEGER_it,
73 	},
74 	{
75 		.flags = 0,
76 		.tag = 0,
77 		.offset = offsetof(PKCS12, authsafes),
78 		.field_name = "authsafes",
79 		.item = &PKCS7_it,
80 	},
81 	{
82 		.flags = ASN1_TFLG_OPTIONAL,
83 		.tag = 0,
84 		.offset = offsetof(PKCS12, mac),
85 		.field_name = "mac",
86 		.item = &PKCS12_MAC_DATA_it,
87 	},
88 };
89 
90 const ASN1_ITEM PKCS12_it = {
91 	.itype = ASN1_ITYPE_SEQUENCE,
92 	.utype = V_ASN1_SEQUENCE,
93 	.templates = PKCS12_seq_tt,
94 	.tcount = sizeof(PKCS12_seq_tt) / sizeof(ASN1_TEMPLATE),
95 	.funcs = NULL,
96 	.size = sizeof(PKCS12),
97 	.sname = "PKCS12",
98 };
99 
100 
101 PKCS12 *
102 d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len)
103 {
104 	return (PKCS12 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
105 	    &PKCS12_it);
106 }
107 
108 int
109 i2d_PKCS12(PKCS12 *a, unsigned char **out)
110 {
111 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_it);
112 }
113 
114 PKCS12 *
115 PKCS12_new(void)
116 {
117 	return (PKCS12 *)ASN1_item_new(&PKCS12_it);
118 }
119 
120 void
121 PKCS12_free(PKCS12 *a)
122 {
123 	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_it);
124 }
125 
126 static const ASN1_TEMPLATE PKCS12_MAC_DATA_seq_tt[] = {
127 	{
128 		.flags = 0,
129 		.tag = 0,
130 		.offset = offsetof(PKCS12_MAC_DATA, dinfo),
131 		.field_name = "dinfo",
132 		.item = &X509_SIG_it,
133 	},
134 	{
135 		.flags = 0,
136 		.tag = 0,
137 		.offset = offsetof(PKCS12_MAC_DATA, salt),
138 		.field_name = "salt",
139 		.item = &ASN1_OCTET_STRING_it,
140 	},
141 	{
142 		.flags = ASN1_TFLG_OPTIONAL,
143 		.tag = 0,
144 		.offset = offsetof(PKCS12_MAC_DATA, iter),
145 		.field_name = "iter",
146 		.item = &ASN1_INTEGER_it,
147 	},
148 };
149 
150 const ASN1_ITEM PKCS12_MAC_DATA_it = {
151 	.itype = ASN1_ITYPE_SEQUENCE,
152 	.utype = V_ASN1_SEQUENCE,
153 	.templates = PKCS12_MAC_DATA_seq_tt,
154 	.tcount = sizeof(PKCS12_MAC_DATA_seq_tt) / sizeof(ASN1_TEMPLATE),
155 	.funcs = NULL,
156 	.size = sizeof(PKCS12_MAC_DATA),
157 	.sname = "PKCS12_MAC_DATA",
158 };
159 
160 
161 PKCS12_MAC_DATA *
162 d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len)
163 {
164 	return (PKCS12_MAC_DATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
165 	    &PKCS12_MAC_DATA_it);
166 }
167 
168 int
169 i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out)
170 {
171 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_MAC_DATA_it);
172 }
173 
174 PKCS12_MAC_DATA *
175 PKCS12_MAC_DATA_new(void)
176 {
177 	return (PKCS12_MAC_DATA *)ASN1_item_new(&PKCS12_MAC_DATA_it);
178 }
179 
180 void
181 PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a)
182 {
183 	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it);
184 }
185 
186 static const ASN1_TEMPLATE bag_default_tt = {
187 	.flags = ASN1_TFLG_EXPLICIT,
188 	.tag = 0,
189 	.offset = offsetof(PKCS12_BAGS, value.other),
190 	.field_name = "value.other",
191 	.item = &ASN1_ANY_it,
192 };
193 
194 static const ASN1_ADB_TABLE PKCS12_BAGS_adbtbl[] = {
195 	{
196 		.value = NID_x509Certificate,
197 		.tt = {
198 			.flags = ASN1_TFLG_EXPLICIT,
199 			.tag = 0,
200 			.offset = offsetof(PKCS12_BAGS, value.x509cert),
201 			.field_name = "value.x509cert",
202 			.item = &ASN1_OCTET_STRING_it,
203 		},
204 
205 	},
206 	{
207 		.value = NID_x509Crl,
208 		.tt = {
209 			.flags = ASN1_TFLG_EXPLICIT,
210 			.tag = 0,
211 			.offset = offsetof(PKCS12_BAGS, value.x509crl),
212 			.field_name = "value.x509crl",
213 			.item = &ASN1_OCTET_STRING_it,
214 		},
215 
216 	},
217 	{
218 		.value = NID_sdsiCertificate,
219 		.tt = {
220 			.flags = ASN1_TFLG_EXPLICIT,
221 			.tag = 0,
222 			.offset = offsetof(PKCS12_BAGS, value.sdsicert),
223 			.field_name = "value.sdsicert",
224 			.item = &ASN1_IA5STRING_it,
225 		},
226 
227 	},
228 };
229 
230 static const ASN1_ADB PKCS12_BAGS_adb = {
231 	.flags = 0,
232 	.offset = offsetof(PKCS12_BAGS, type),
233 	.app_items = 0,
234 	.tbl = PKCS12_BAGS_adbtbl,
235 	.tblcount = sizeof(PKCS12_BAGS_adbtbl) / sizeof(ASN1_ADB_TABLE),
236 	.default_tt = &bag_default_tt,
237 	.null_tt = NULL,
238 };
239 
240 static const ASN1_TEMPLATE PKCS12_BAGS_seq_tt[] = {
241 	{
242 		.flags = 0,
243 		.tag = 0,
244 		.offset = offsetof(PKCS12_BAGS, type),
245 		.field_name = "type",
246 		.item = &ASN1_OBJECT_it,
247 	},
248 	{
249 		.flags = ASN1_TFLG_ADB_OID,
250 		.tag = -1,
251 		.offset = 0,
252 		.field_name = "PKCS12_BAGS",
253 		.item = (const ASN1_ITEM *)&PKCS12_BAGS_adb,
254 	},
255 };
256 
257 const ASN1_ITEM PKCS12_BAGS_it = {
258 	.itype = ASN1_ITYPE_SEQUENCE,
259 	.utype = V_ASN1_SEQUENCE,
260 	.templates = PKCS12_BAGS_seq_tt,
261 	.tcount = sizeof(PKCS12_BAGS_seq_tt) / sizeof(ASN1_TEMPLATE),
262 	.funcs = NULL,
263 	.size = sizeof(PKCS12_BAGS),
264 	.sname = "PKCS12_BAGS",
265 };
266 
267 
268 PKCS12_BAGS *
269 d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len)
270 {
271 	return (PKCS12_BAGS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
272 	    &PKCS12_BAGS_it);
273 }
274 
275 int
276 i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out)
277 {
278 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_BAGS_it);
279 }
280 
281 PKCS12_BAGS *
282 PKCS12_BAGS_new(void)
283 {
284 	return (PKCS12_BAGS *)ASN1_item_new(&PKCS12_BAGS_it);
285 }
286 
287 void
288 PKCS12_BAGS_free(PKCS12_BAGS *a)
289 {
290 	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it);
291 }
292 
293 static const ASN1_TEMPLATE safebag_default_tt = {
294 	.flags = ASN1_TFLG_EXPLICIT,
295 	.tag = 0,
296 	.offset = offsetof(PKCS12_SAFEBAG, value.other),
297 	.field_name = "value.other",
298 	.item = &ASN1_ANY_it,
299 };
300 
301 static const ASN1_ADB_TABLE PKCS12_SAFEBAG_adbtbl[] = {
302 	{
303 		.value = NID_keyBag,
304 		.tt = {
305 			.flags = ASN1_TFLG_EXPLICIT,
306 			.tag = 0,
307 			.offset = offsetof(PKCS12_SAFEBAG, value.keybag),
308 			.field_name = "value.keybag",
309 			.item = &PKCS8_PRIV_KEY_INFO_it,
310 		},
311 
312 	},
313 	{
314 		.value = NID_pkcs8ShroudedKeyBag,
315 		.tt = {
316 			.flags = ASN1_TFLG_EXPLICIT,
317 			.tag = 0,
318 			.offset = offsetof(PKCS12_SAFEBAG, value.shkeybag),
319 			.field_name = "value.shkeybag",
320 			.item = &X509_SIG_it,
321 		},
322 
323 	},
324 	{
325 		.value = NID_safeContentsBag,
326 		.tt = {
327 			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SET_OF,
328 			.tag = 0,
329 			.offset = offsetof(PKCS12_SAFEBAG, value.safes),
330 			.field_name = "value.safes",
331 			.item = &PKCS12_SAFEBAG_it,
332 		},
333 	},
334 	{
335 		.value = NID_certBag,
336 		.tt = {
337 			.flags = ASN1_TFLG_EXPLICIT,
338 			.tag = 0,
339 			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
340 			.field_name = "value.bag",
341 			.item = &PKCS12_BAGS_it,
342 		},
343 
344 	},
345 	{
346 		.value = NID_crlBag,
347 		.tt = {
348 			.flags = ASN1_TFLG_EXPLICIT,
349 			.tag = 0,
350 			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
351 			.field_name = "value.bag",
352 			.item = &PKCS12_BAGS_it,
353 		},
354 
355 	},
356 	{
357 		.value = NID_secretBag,
358 		.tt = {
359 			.flags = ASN1_TFLG_EXPLICIT,
360 			.tag = 0,
361 			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
362 			.field_name = "value.bag",
363 			.item = &PKCS12_BAGS_it,
364 		},
365 
366 	},
367 };
368 
369 static const ASN1_ADB PKCS12_SAFEBAG_adb = {
370 	.flags = 0,
371 	.offset = offsetof(PKCS12_SAFEBAG, type),
372 	.app_items = 0,
373 	.tbl = PKCS12_SAFEBAG_adbtbl,
374 	.tblcount = sizeof(PKCS12_SAFEBAG_adbtbl) / sizeof(ASN1_ADB_TABLE),
375 	.default_tt = &safebag_default_tt,
376 	.null_tt = NULL,
377 };
378 
379 static const ASN1_TEMPLATE PKCS12_SAFEBAG_seq_tt[] = {
380 	{
381 		.flags = 0,
382 		.tag = 0,
383 		.offset = offsetof(PKCS12_SAFEBAG, type),
384 		.field_name = "type",
385 		.item = &ASN1_OBJECT_it,
386 	},
387 	{
388 		.flags = ASN1_TFLG_ADB_OID,
389 		.tag = -1,
390 		.offset = 0,
391 		.field_name = "PKCS12_SAFEBAG",
392 		.item = (const ASN1_ITEM *)&PKCS12_SAFEBAG_adb,
393 	},
394 	{
395 		.flags = ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
396 		.tag = 0,
397 		.offset = offsetof(PKCS12_SAFEBAG, attrib),
398 		.field_name = "attrib",
399 		.item = &X509_ATTRIBUTE_it,
400 	},
401 };
402 
403 const ASN1_ITEM PKCS12_SAFEBAG_it = {
404 	.itype = ASN1_ITYPE_SEQUENCE,
405 	.utype = V_ASN1_SEQUENCE,
406 	.templates = PKCS12_SAFEBAG_seq_tt,
407 	.tcount = sizeof(PKCS12_SAFEBAG_seq_tt) / sizeof(ASN1_TEMPLATE),
408 	.funcs = NULL,
409 	.size = sizeof(PKCS12_SAFEBAG),
410 	.sname = "PKCS12_SAFEBAG",
411 };
412 
413 
414 PKCS12_SAFEBAG *
415 d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len)
416 {
417 	return (PKCS12_SAFEBAG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
418 	    &PKCS12_SAFEBAG_it);
419 }
420 
421 int
422 i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out)
423 {
424 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_SAFEBAG_it);
425 }
426 
427 PKCS12_SAFEBAG *
428 PKCS12_SAFEBAG_new(void)
429 {
430 	return (PKCS12_SAFEBAG *)ASN1_item_new(&PKCS12_SAFEBAG_it);
431 }
432 
433 void
434 PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a)
435 {
436 	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_SAFEBAG_it);
437 }
438 
439 /* SEQUENCE OF SafeBag */
440 static const ASN1_TEMPLATE PKCS12_SAFEBAGS_item_tt = {
441 	.flags = ASN1_TFLG_SEQUENCE_OF,
442 	.tag = 0,
443 	.offset = 0,
444 	.field_name = "PKCS12_SAFEBAGS",
445 	.item = &PKCS12_SAFEBAG_it,
446 };
447 
448 const ASN1_ITEM PKCS12_SAFEBAGS_it = {
449 	.itype = ASN1_ITYPE_PRIMITIVE,
450 	.utype = -1,
451 	.templates = &PKCS12_SAFEBAGS_item_tt,
452 	.tcount = 0,
453 	.funcs = NULL,
454 	.size = 0,
455 	.sname = "PKCS12_SAFEBAGS",
456 };
457 
458 /* Authsafes: SEQUENCE OF PKCS7 */
459 static const ASN1_TEMPLATE PKCS12_AUTHSAFES_item_tt = {
460 	.flags = ASN1_TFLG_SEQUENCE_OF,
461 	.tag = 0,
462 	.offset = 0,
463 	.field_name = "PKCS12_AUTHSAFES",
464 	.item = &PKCS7_it,
465 };
466 
467 const ASN1_ITEM PKCS12_AUTHSAFES_it = {
468 	.itype = ASN1_ITYPE_PRIMITIVE,
469 	.utype = -1,
470 	.templates = &PKCS12_AUTHSAFES_item_tt,
471 	.tcount = 0,
472 	.funcs = NULL,
473 	.size = 0,
474 	.sname = "PKCS12_AUTHSAFES",
475 };
476 
477