OpenCoverage

p12_add.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/pkcs12/p12_add.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: p12_add.c,v 1.17 2018/05/13 14:24:07 tb Exp $ */-
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL-
3 * project 1999.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58-
59#include <stdio.h>-
60-
61#include <openssl/err.h>-
62#include <openssl/pkcs12.h>-
63-
64/* Pack an object into an OCTET STRING and turn into a safebag */-
65-
66PKCS12_SAFEBAG *-
67PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2)-
68{-
69 PKCS12_BAGS *bag;-
70 PKCS12_SAFEBAG *safebag;-
71-
72 if (!(bag = PKCS12_BAGS_new())) {
!(bag = PKCS12_BAGS_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
73 PKCS12error(ERR_R_MALLOC_FAILURE);-
74 return NULL;
never executed: return ((void *)0) ;
0
75 }-
76 bag->type = OBJ_nid2obj(nid1);-
77 if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
!ASN1_item_pac...->value.octet)Description
TRUEnever evaluated
FALSEnever evaluated
0
78 PKCS12error(ERR_R_MALLOC_FAILURE);-
79 PKCS12_BAGS_free(bag);-
80 return NULL;
never executed: return ((void *)0) ;
0
81 }-
82 if (!(safebag = PKCS12_SAFEBAG_new())) {
!(safebag = PK...SAFEBAG_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
83 PKCS12error(ERR_R_MALLOC_FAILURE);-
84 PKCS12_BAGS_free(bag);-
85 return NULL;
never executed: return ((void *)0) ;
0
86 }-
87 safebag->value.bag = bag;-
88 safebag->type = OBJ_nid2obj(nid2);-
89 return safebag;
never executed: return safebag;
0
90}-
91-
92/* Turn PKCS8 object into a keybag */-
93-
94PKCS12_SAFEBAG *-
95PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)-
96{-
97 PKCS12_SAFEBAG *bag;-
98-
99 if (!(bag = PKCS12_SAFEBAG_new())) {
!(bag = PKCS12_SAFEBAG_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
100 PKCS12error(ERR_R_MALLOC_FAILURE);-
101 return NULL;
never executed: return ((void *)0) ;
0
102 }-
103 bag->type = OBJ_nid2obj(NID_keyBag);-
104 bag->value.keybag = p8;-
105 return bag;
never executed: return bag;
0
106}-
107-
108/* Turn PKCS8 object into a shrouded keybag */-
109-
110PKCS12_SAFEBAG *-
111PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, int passlen,-
112 unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)-
113{-
114 PKCS12_SAFEBAG *bag;-
115 const EVP_CIPHER *pbe_ciph;-
116-
117 /* Set up the safe bag */-
118 if (!(bag = PKCS12_SAFEBAG_new())) {
!(bag = PKCS12_SAFEBAG_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
119 PKCS12error(ERR_R_MALLOC_FAILURE);-
120 return NULL;
never executed: return ((void *)0) ;
0
121 }-
122-
123 bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);-
124-
125 pbe_ciph = EVP_get_cipherbynid(pbe_nid);-
126-
127 if (pbe_ciph)
pbe_ciphDescription
TRUEnever evaluated
FALSEnever evaluated
0
128 pbe_nid = -1;
never executed: pbe_nid = -1;
0
129-
130 if (!(bag->value.shkeybag = PKCS8_encrypt(pbe_nid, pbe_ciph, pass,
!(bag->value.s...en, iter, p8))Description
TRUEnever evaluated
FALSEnever evaluated
0
131 passlen, salt, saltlen, iter, p8))) {
!(bag->value.s...en, iter, p8))Description
TRUEnever evaluated
FALSEnever evaluated
0
132 PKCS12error(ERR_R_MALLOC_FAILURE);-
133 PKCS12_SAFEBAG_free(bag);-
134 return NULL;
never executed: return ((void *)0) ;
0
135 }-
136-
137 return bag;
never executed: return bag;
0
138}-
139-
140/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */-
141PKCS7 *-
142PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)-
143{-
144 PKCS7 *p7;-
145-
146 if (!(p7 = PKCS7_new())) {
!(p7 = PKCS7_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
147 PKCS12error(ERR_R_MALLOC_FAILURE);-
148 return NULL;
never executed: return ((void *)0) ;
0
149 }-
150 p7->type = OBJ_nid2obj(NID_pkcs7_data);-
151 if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
!(p7->d.data =..._STRING_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
152 PKCS12error(ERR_R_MALLOC_FAILURE);-
153 goto err;
never executed: goto err;
0
154 }-
155-
156 if (!ASN1_item_pack(sk, &PKCS12_SAFEBAGS_it, &p7->d.data)) {
!ASN1_item_pac..., &p7->d.data)Description
TRUEnever evaluated
FALSEnever evaluated
0
157 PKCS12error(PKCS12_R_CANT_PACK_STRUCTURE);-
158 goto err;
never executed: goto err;
0
159 }-
160 return p7;
never executed: return p7;
0
161-
162err:-
163 PKCS7_free(p7);-
164 return NULL;
never executed: return ((void *)0) ;
0
165}-
166-
167/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */-
168STACK_OF(PKCS12_SAFEBAG) *-
169PKCS12_unpack_p7data(PKCS7 *p7)-
170{-
171 if (!PKCS7_type_is_data(p7)) {
!(OBJ_obj2nid(...->type) == 21)Description
TRUEnever evaluated
FALSEnever evaluated
0
172 PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);-
173 return NULL;
never executed: return ((void *)0) ;
0
174 }-
175 return ASN1_item_unpack(p7->d.data, &PKCS12_SAFEBAGS_it);
never executed: return ASN1_item_unpack(p7->d.data, &PKCS12_SAFEBAGS_it);
0
176}-
177-
178/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */-
179-
180PKCS7 *-
181PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,-
182 unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags)-
183{-
184 PKCS7 *p7;-
185 X509_ALGOR *pbe;-
186 const EVP_CIPHER *pbe_ciph;-
187-
188 if (!(p7 = PKCS7_new())) {
!(p7 = PKCS7_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
189 PKCS12error(ERR_R_MALLOC_FAILURE);-
190 return NULL;
never executed: return ((void *)0) ;
0
191 }-
192 if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
!PKCS7_set_type(p7, 26)Description
TRUEnever evaluated
FALSEnever evaluated
0
193 PKCS12error(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);-
194 goto err;
never executed: goto err;
0
195 }-
196-
197 pbe_ciph = EVP_get_cipherbynid(pbe_nid);-
198-
199 if (pbe_ciph)
pbe_ciphDescription
TRUEnever evaluated
FALSEnever evaluated
0
200 pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
never executed: pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
0
201 else-
202 pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
never executed: pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
0
203-
204 if (!pbe) {
!pbeDescription
TRUEnever evaluated
FALSEnever evaluated
0
205 PKCS12error(ERR_R_MALLOC_FAILURE);-
206 goto err;
never executed: goto err;
0
207 }-
208 X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);-
209 p7->d.encrypted->enc_data->algorithm = pbe;-
210 ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);-
211 if (!(p7->d.encrypted->enc_data->enc_data = PKCS12_item_i2d_encrypt(
!(p7->d.encryp...len, bags, 1))Description
TRUEnever evaluated
FALSEnever evaluated
0
212 pbe, &PKCS12_SAFEBAGS_it, pass, passlen, bags, 1))) {
!(p7->d.encryp...len, bags, 1))Description
TRUEnever evaluated
FALSEnever evaluated
0
213 PKCS12error(PKCS12_R_ENCRYPT_ERROR);-
214 goto err;
never executed: goto err;
0
215 }-
216-
217 return p7;
never executed: return p7;
0
218-
219err:-
220 PKCS7_free(p7);-
221 return NULL;
never executed: return ((void *)0) ;
0
222}-
223-
224STACK_OF(PKCS12_SAFEBAG) *-
225PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)-
226{-
227 if (!PKCS7_type_is_encrypted(p7))
!(OBJ_obj2nid(...->type) == 26)Description
TRUEnever evaluated
FALSEnever evaluated
0
228 return NULL;
never executed: return ((void *)0) ;
0
229 return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
never executed: return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm, &PKCS12_SAFEBAGS_it, pass, passlen, p7->d.encrypted->enc_data->enc_data, 1);
0
230 &PKCS12_SAFEBAGS_it, pass, passlen,
never executed: return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm, &PKCS12_SAFEBAGS_it, pass, passlen, p7->d.encrypted->enc_data->enc_data, 1);
0
231 p7->d.encrypted->enc_data->enc_data, 1);
never executed: return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm, &PKCS12_SAFEBAGS_it, pass, passlen, p7->d.encrypted->enc_data->enc_data, 1);
0
232}-
233-
234PKCS8_PRIV_KEY_INFO *-
235PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, const char *pass, int passlen)-
236{-
237 return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
never executed: return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
0
238}-
239-
240int-
241PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)-
242{-
243 if (ASN1_item_pack(safes, &PKCS12_AUTHSAFES_it,
ASN1_item_pack...safes->d.data)Description
TRUEnever evaluated
FALSEnever evaluated
0
244 &p12->authsafes->d.data))
ASN1_item_pack...safes->d.data)Description
TRUEnever evaluated
FALSEnever evaluated
0
245 return 1;
never executed: return 1;
0
246 return 0;
never executed: return 0;
0
247}-
248-
249STACK_OF(PKCS7) *-
250PKCS12_unpack_authsafes(const PKCS12 *p12)-
251{-
252 if (!PKCS7_type_is_data(p12->authsafes)) {
!(OBJ_obj2nid(...->type) == 21)Description
TRUEnever evaluated
FALSEnever evaluated
0
253 PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA);-
254 return NULL;
never executed: return ((void *)0) ;
0
255 }-
256 return ASN1_item_unpack(p12->authsafes->d.data,
never executed: return ASN1_item_unpack(p12->authsafes->d.data, &PKCS12_AUTHSAFES_it);
0
257 &PKCS12_AUTHSAFES_it);
never executed: return ASN1_item_unpack(p12->authsafes->d.data, &PKCS12_AUTHSAFES_it);
0
258}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2