| blob | 2ce0836fed89132fb735e4a31b40e273338871df |
1 /*
2 * ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
56 /*
57 * Copyright 2002, 2003 Sun Microsystems, Inc. All rights reserved.
58 * Use is subject to license terms.
59 */
63 #include <stdio.h>
64 #include <strings.h>
65 #include <stdlib.h>
67 #include <openssl/crypto.h>
68 #include <openssl/err.h>
69 #include <openssl/x509.h>
71 #include <openssl/pkcs12.h>
72 #include <p12aux.h>
73 #include <auxutil.h>
74 #include <p12err.h>
76 /*
77 * Briefly, a note on the APIs provided by this module.
78 *
79 * The sunw_PKCS_parse, parse_pkcs12 and sunw_PKCS12_contents APIs
80 * replace OpenSSL funcionality provided by PKCS12_parse and its
81 * supporting routines.
82 *
83 * The APIs provided here provide more functionality:
84 *
85 * - sunw_PKCS12_parse provides:
86 *
87 * earlier MAC processing than PKCS12_parse
88 *
89 * treats the handling of the difference between CA certs and certs
90 * with matching private keys differently that PKCS12_parse does. In
91 * PKCS12_parse, any cert which is not the one selected is assumed to be
92 * a CA cert. In parse_pkcs12, certs which have matching private keys are
93 * not returned as part of the CA certs.
94 *
95 * the matching of private keys and certs is done at this level, rather than
96 * at the lower levels which were used in the openssl implementation. This
97 * is part of the changes introduced so that the parsing functions can
98 * return just a cert, just a private key, the stack of CA certs or any
99 * combination.
100 *
101 * added DO_FIRST_PAIR, DO_LAST_PAIR and DO_UNMATCHING matchty support.
102 *
103 * do a much better job of cleaning up. Specifically, free the added
104 * attributes on the private key which was done by calling
105 * sunw_evp_pkey_free().
106 *
107 * in sunw_PKCS12_contents, handle allocation of the stacks of certificates
108 * and private keys so that a) the original stacks are not changed unless
109 * the parsing was successful; b) it will either extend stacks passed in,
110 * or allocate new ones if none were supplied.
111 *
112 * - for parse_outer vs. parse_pk12() (from the openssl source base):
113 *
114 * this calls lower levels with stacks of private keys and certs, rather
115 * that a cert, a private key and a stack for CA certs.
116 *
117 * - In the case of parse_all_bags vs. parse_bags, there is no real difference,
118 * other than use of stacks of private keys and certificates (as opposed
119 * to one cert, one private key and a stack of CA certificates).
120 *
121 * - Finally, for parse_one_bag vs. parse_bag:
122 *
123 * got rid of the bugs the openssl matching of keys and certificates.
124 *
125 * got rid of the requirement that there is one private key and a matching
126 * cert somewhere in the input. This was done by moving the matching
127 * code to a higher level.
128 *
129 * put any localKeyID and/or friendlyName attributes found in the structures
130 * returned, so that they can be used at higher levels for searching, etc.
131 *
132 * added some error returns (like an error when there is an unsupported
133 * bag type, an unsupported certificate type or an unsupported key type)
134 *
135 * Added cleanup before returning.
136 */
153 /*
154 * sunw_PKCS12_parse - Parse a PKCS12 structure and break it into its parts.
155 *
156 * Parse and decrypt a PKCS#12 structure returning user key, user cert and/or
157 * other (CA) certs. Note either ca should be NULL, *ca should be NULL,
158 * or it should point to a valid STACK_OF(X509) structure. pkey and cert can
159 * be passed uninitialized.
160 *
161 * Arguments:
162 * p12 - Structure with pkcs12 info to be parsed
163 * pass - Pass phrase for the private key (possibly empty) or NULL if
164 * there is none.
165 * matchty - Info about which certs/keys to return if many are in the file.
166 * keyid - If private key localkeyids friendlynames are to match a
167 * predetermined value, the value to match. This value should
168 * be an octet string.
169 * keyid_len- Length of the keyid byte string.
170 * name_str - If friendlynames are to match a predetermined value, the value
171 * to match. This value should be a NULL terminated string.
172 * pkey - Points to location pointing to the private key returned.
173 * cert - Points to locaiton which points to the client cert returned
174 * ca - Points to location that points to a stack of 'certificate
175 * authority' certs/trust anchors.
176 *
177 * Match based on the value of 'matchty' and the contents of 'keyid'
178 * and/or 'name_str', as appropriate. Go through the lists of certs and
179 * private keys which were taken from the pkcs12 structure, looking for
180 * matches of the requested type. This function only searches the lists of
181 * matching private keys and client certificates. Kinds of matches allowed,
182 * and the order in which they will be checked, are:
183 *
184 * 1) Find the key and/or cert whose localkeyid attributes matches
185 * 'keyid'.
186 * 2) Find the key and/or cert whose friendlyname attributes matches
187 * 'name_str'
188 * 3) Return the first matching key/cert pair found.
189 * 4) Return the last matching key/cert pair found.
190 * 5) Return whatever cert and/or key are available, even unmatching.
191 *
192 * Append to the CA list, the certs which do not have matching private
193 * keys and which were not selected.
194 *
195 * If none of the bits are set, no client certs or private keys will be
196 * returned. CA (aka trust anchor) certs can be.
197 *
198 * Notes: If #3 is selected, then #4 will never occur. CA certs will be
199 * selected after a cert/key pairs are isolated.
200 *
201 * Returns:
202 * < 0 - An error returned. Call ERR_get_error() to get errors information.
203 * Where possible, memory has been freed.
204 * >= 0 - Objects were found and returned. Which objects are indicated by
205 * which bits are set (FOUND_PKEY, FOUND_CERT, FOUND_CA_CERTS).
206 */
207 int
211 {
212 boolean_t ca_supplied;
215 /* If NULL PKCS12 structure, this is an error */
219 }
221 /* Set up arguments.... These will be allocated if needed */
227 /*
228 * If there is already a ca list, use it. Otherwise, allocate one
229 * and free is later if an error occurs or whatever.)
230 */
236 }
237 }
239 /*
240 * If password is zero length or NULL then try verifying both cases
241 * to determine which password is correct. The reason for this is that
242 * under PKCS#12 password based encryption no password and a zero
243 * length password are two different things. If the password has a
244 * non-zero length and is not NULL then call PKCS12_verify_mac() with
245 * a length of '-1' and let it use strlen() to figure out the length
246 * of the password.
247 */
248 /* Check the mac */
256 SUNW_R_MAC_VERIFY_FAILURE);
258 }
262 }
269 }
272 err:
275 }
283 }
285 /*
286 * parse_pkcs12 - Oversee parsing of the pkcs12 structure. Get it
287 * parsed. After that either return what's found directly, or
288 * do any required matching.
289 *
290 * Arguments:
291 * p12 - Structure with pkcs12 info to be parsed
292 * pass - Pass phrase for the private key (possibly empty) or NULL if
293 * there is none.
294 * matchty - Info about which certs/keys to return if many are in the file.
295 * keyid - If private key localkeyids friendlynames are to match a
296 * predetermined value, the value to match. This value should
297 * be an octet string.
298 * keyid_len- Length of the keyid byte string.
299 * name_str - If friendlynames are to match a predetermined value, the value
300 * to match. This value should be a NULL terminated string.
301 * pkey - Points to location pointing to the private key returned.
302 * cert - Points to locaiton which points to the client cert returned
303 * ca - Points to location that points to a stack of 'certificate
304 * authority' certs/trust anchors.
305 *
306 * Note about error codes: This function is an internal function, and the
307 * place where it is called sets error codes. Therefore only set an error
308 * code if it is something that is unique or if the function which detected
309 * the error doesn't set one.
310 *
311 * Returns:
312 * == -1 - An error occurred. Call ERR_get_error() to get error information.
313 * Where possible, memory has been freed.
314 * == 0 - No matching returns were found.
315 * > 0 - This is the aithmetic 'or' of the FOUND_* bits that indicate which
316 * of the requested entries were found.
317 */
318 static int
322 {
334 /*
335 * Not really an error here - its just that nothing was found.
336 */
338 }
345 }
346 }
348 /*
349 * Go through the lists of certs and private keys which were
350 * returned, looking for matches of the appropriate type. Do these
351 * in the order described above.
352 */
359 }
361 /* See if string matches localkeyid's */
367 else
369 }
370 }
377 }
379 /* See if string matches friendly names */
385 else
387 }
388 }
392 /* Find the first cert and private key and return them */
397 else
399 }
400 }
404 /*
405 * Find the last matching cert and private key and return
406 * them. Since keys which don't have matching client certs
407 * are at the end of the list of keys, use the number of
408 * client certs to compute the position of the last private
409 * key which matches a client cert.
410 */
416 else
418 }
419 }
425 /* Find the first cert and private key and return them */
436 else
438 }
439 }
441 last_part:
442 /* If no errors, terminate normally */
448 }
450 /* Fallthrough is intentional in error cases. */
451 cleanup:
455 }
459 }
461 clean_part:
465 }
472 }
474 /*
475 * sunw_PKCS12_contents() parses a pkcs#12 structure and returns component
476 * parts found, without evaluation.
477 *
478 * Parse and decrypt a PKCS#12 structure returning any user keys and/or
479 * various certs. Note these should either be NULL, *whatever should
480 * be NULL, or it should point to a valid STACK_OF(X509) structure.
481 *
482 * Arguments:
483 * p12 - Structure with pkcs12 info to be parsed
484 * pass - Pass phrase for the private key and entire pkcs12 wad (possibly
485 * empty) or NULL if there is none.
486 * pkeys - Points to address of a stack of private keys to return.
487 * certs - Points to address of a stack of client certs return.
488 *
489 * Note: The certs and keys being returned are in random order.
490 *
491 * Returns:
492 * < 0 - An error returned. Call ERR_get_error() to get errors information.
493 * Where possible, memory has been freed.
494 * >= 0 - Objects were found and returned. Which objects are indicated by
495 * which bits are set (FOUND_PKEY or FOUND_CERT)
496 */
497 static int
500 {
505 /*
506 * Allocate the working stacks for private key and for the
507 * ca certs.
508 */
512 }
517 }
520 /*
521 * Error already on stack
522 */
524 }
526 /* on error, set_results() returns an error on the stack */
530 cleanup:
533 }
536 }
538 /*
539 * parse_outer - Unpack the outer PKCS#12 structure and go through the
540 * individual bags. Return stacks of certs, private keys found and
541 * CA certs found.
542 *
543 * Note about error codes: This function is an internal function, and the
544 * place where it is called sets error codes.
545 *
546 * Returns:
547 * 0 - An error returned. Call ERR_get_error() to get errors information.
548 * Where possible, memory has been freed.
549 * 1 - PKCS12 data object was parsed and lists of certs and private keys
550 * were returned.
551 */
552 static int
555 {
570 /*
571 * A length of '-1' means strlen() can be used
572 * to determine the password length.
573 */
578 }
584 }
589 }
590 }
593 }
595 /*
596 * parse_all_bags - go through the stack of bags, parsing each.
597 *
598 * Note about error codes: This function is an internal function, and the
599 * place where it is called sets error codes.
600 *
601 * Returns:
602 * 0 - An error returned. Call ERR_get_error() to get errors information.
603 * Where possible, memory has been freed.
604 * 1 - Stack of safebags was parsed and lists of certs and private keys
605 * were returned.
606 */
607 static int
610 {
616 }
618 }
620 /*
621 * parse_one_bag - Parse an individual bag
622 *
623 * i = parse_one_bag(bag, pass, kl, cl);
624 *
625 * Arguments:
626 * bag - pkcs12 safebag to parse.
627 * pass - password for use in decryption of shrouded keybag
628 * kl - Stack of private keys found so far. New private keys will
629 * be added here if found.
630 * cl - Stack of certs found so far. New certificates will be
631 * added here if found.
632 *
633 * Returns:
634 * 0 - An error returned. Call ERR_get_error() to get errors information.
635 * Where possible, memory has been freed.
636 * 1 - one safebag was parsed. If it contained a cert or private key, it
637 * was added to the stack of certs or private keys found, respectively.
638 * localKeyId or friendlyName attributes are returned with the
639 * private key or certificate.
640 */
641 static int
644 {
664 }
668 /*
669 * A length of '-1' means strlen() can be used
670 * to determine the password length.
671 */
676 }
682 }
689 }
692 SUNW_R_PARSE_CERT_ERR);
695 }
700 SUNW_R_BAD_LKID);
703 }
708 SUNW_R_SET_LKID_ERR);
711 }
712 }
720 SUNW_R_BAD_FNAME);
723 }
729 SUNW_R_SET_FNAME_ERR);
732 }
736 SUNW_R_SET_FNAME_ERR);
739 }
740 }
746 }
756 /*
757 * Error already on stack
758 */
760 }
770 }
779 SUNW_R_MEMORY_FAILURE);
781 }
782 }
787 /*
788 * Error already on stack
789 */
796 SUNW_R_MEMORY_FAILURE);
800 }
801 }
802 }
807 /*
808 * Error already on stack
809 */
816 SUNW_R_MEMORY_FAILURE);
820 }
821 }
822 }
824 /* Save the private key */
828 SUNW_R_MEMORY_FAILURE);
832 }
833 }
834 }
838 }
859 }