xref: /titanic_50/usr/src/common/net/wanboot/p12auxpars.c (revision 275c9da86e89f8abf71135cf63d9fc23671b2e60)
1 /*
2  * ====================================================================
3  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  *
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in
14  *    the documentation and/or other materials provided with the
15  *    distribution.
16  *
17  * 3. All advertising materials mentioning features or use of this
18  *    software must display the following acknowledgment:
19  *    "This product includes software developed by the OpenSSL Project
20  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21  *
22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23  *    endorse or promote products derived from this software without
24  *    prior written permission. For written permission, please contact
25  *    licensing@OpenSSL.org.
26  *
27  * 5. Products derived from this software may not be called "OpenSSL"
28  *    nor may "OpenSSL" appear in their names without prior written
29  *    permission of the OpenSSL Project.
30  *
31  * 6. Redistributions of any form whatsoever must retain the following
32  *    acknowledgment:
33  *    "This product includes software developed by the OpenSSL Project
34  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35  *
36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47  * OF THE POSSIBILITY OF SUCH DAMAGE.
48  * ====================================================================
49  *
50  * This product includes cryptographic software written by Eric Young
51  * (eay@cryptsoft.com).  This product includes software written by Tim
52  * Hudson (tjh@cryptsoft.com).
53  *
54  */
55 
56 /*
57  * Copyright 2002, 2003 Sun Microsystems, Inc.  All rights reserved.
58  * Use is subject to license terms.
59  */
60 
61 #pragma ident	"%Z%%M%	%I%	%E% SMI"
62 
63 #include <stdio.h>
64 #include <strings.h>
65 #include <stdlib.h>
66 
67 #include <openssl/crypto.h>
68 #include <openssl/err.h>
69 #include <openssl/x509.h>
70 
71 #include <openssl/pkcs12.h>
72 #include <p12aux.h>
73 #include <auxutil.h>
74 #include <p12err.h>
75 
76 /*
77  * Briefly, a note on the APIs provided by this module.
78  *
79  * The sunw_PKCS_parse, parse_pkcs12 and sunw_PKCS12_contents APIs
80  * replace OpenSSL funcionality provided by PKCS12_parse and its
81  * supporting routines.
82  *
83  * The APIs provided here provide more functionality:
84  *
85  * - sunw_PKCS12_parse provides:
86  *
87  *   earlier MAC processing than PKCS12_parse
88  *
89  *   treats the handling of the difference between CA certs and certs
90  *   with matching private keys differently that PKCS12_parse does.  In
91  *   PKCS12_parse, any cert which is not the one selected is assumed to be
92  *   a CA cert.  In parse_pkcs12, certs which have matching private keys are
93  *   not returned as part of the CA certs.
94  *
95  *   the matching of private keys and certs is done at this level, rather than
96  *   at the lower levels which were used in the openssl implementation.  This
97  *   is part of the changes introduced so that the parsing functions can
98  *   return just a cert, just a private key, the stack of CA certs or any
99  *   combination.
100  *
101  *   added DO_FIRST_PAIR, DO_LAST_PAIR and DO_UNMATCHING matchty support.
102  *
103  *   do a much better job of cleaning up.  Specifically, free the added
104  *   attributes on the private key which was done by calling
105  *   sunw_evp_pkey_free().
106  *
107  *   in sunw_PKCS12_contents, handle allocation of the stacks of certificates
108  *   and private keys so that a) the original stacks are not changed unless
109  *   the parsing was successful; b) it will either extend stacks passed in,
110  *   or allocate new ones if none were supplied.
111  *
112  * - for parse_outer vs. parse_pk12() (from the openssl source base):
113  *
114  *   this calls lower levels with stacks of private keys and certs, rather
115  *   that a cert, a private key and a stack for CA certs.
116  *
117  * - In the case of parse_all_bags vs. parse_bags, there is no real difference,
118  *   other than use of stacks of private keys and certificates (as opposed
119  *   to one cert, one private key and a stack of CA certificates).
120  *
121  * - Finally, for parse_one_bag vs. parse_bag:
122  *
123  *   got rid of the bugs the openssl matching of keys and certificates.
124  *
125  *   got rid of the requirement that there is one private key and a matching
126  *   cert somewhere in the input.  This was done by moving the matching
127  *   code to a higher level.
128  *
129  *   put any localKeyID and/or friendlyName attributes found in the structures
130  *   returned, so that they can be used at higher levels for searching, etc.
131  *
132  *   added some error returns (like an error when there is an unsupported
133  *   bag type, an unsupported certificate type or an unsupported key type)
134  *
135  *   Added cleanup before returning.
136  */
137 
138 static int parse_pkcs12(PKCS12 *, const char *, int, char *, int, char *,
139     EVP_PKEY **, X509 **, STACK_OF(X509) **);
140 
141 static int parse_outer(PKCS12 *, const char *, STACK_OF(EVP_PKEY) *,
142     STACK_OF(X509) *);
143 
144 static int parse_all_bags(STACK_OF(PKCS12_SAFEBAG) *, const char *,
145     STACK_OF(EVP_PKEY) *, STACK_OF(X509) *);
146 
147 static int parse_one_bag(PKCS12_SAFEBAG *, const char *, STACK_OF(EVP_PKEY) *,
148     STACK_OF(X509) *);
149 
150 static int sunw_PKCS12_contents(PKCS12 *p12, const char *pass,
151     STACK_OF(EVP_PKEY) **pkey, STACK_OF(X509) **certs);
152 
153 /*
154  * sunw_PKCS12_parse - Parse a PKCS12 structure and break it into its parts.
155  *
156  * Parse and decrypt a PKCS#12 structure returning user key, user cert and/or
157  * other (CA) certs. Note either ca should be NULL, *ca should be NULL,
158  * or it should point to a valid STACK_OF(X509) structure. pkey and cert can
159  * be passed uninitialized.
160  *
161  * Arguments:
162  *   p12      - Structure with pkcs12 info to be parsed
163  *   pass     - Pass phrase for the private key (possibly empty) or NULL if
164  *              there is none.
165  *   matchty  - Info about which certs/keys to return if many are in the file.
166  *   keyid    - If private key localkeyids friendlynames are to match a
167  *              predetermined value, the value to match. This value should
168  *		be an octet string.
169  *   keyid_len- Length of the keyid byte string.
170  *   name_str - If friendlynames are to match a predetermined value, the value
171  *		 to match. This value should be a NULL terminated string.
172  *   pkey     - Points to location pointing to the private key returned.
173  *   cert     - Points to locaiton which points to the client cert returned
174  *   ca       - Points to location that points to a stack of 'certificate
175  *               authority' certs/trust anchors.
176  *
177  * Match based on the value of 'matchty' and the contents of 'keyid'
178  * and/or 'name_str', as appropriate.  Go through the lists of certs and
179  * private keys which were taken from the pkcs12 structure, looking for
180  * matches of the requested type.  This function only searches the lists of
181  * matching private keys and client certificates.  Kinds of matches allowed,
182  * and the order in which they will be checked, are:
183  *
184  *   1) Find the key and/or cert whose localkeyid attributes matches
185  *      'keyid'.
186  *   2) Find the key and/or cert whose friendlyname attributes matches
187  *	'name_str'
188  *   3) Return the first matching key/cert pair found.
189  *   4) Return the last matching key/cert pair found.
190  *   5) Return whatever cert and/or key are available, even unmatching.
191  *
192  *   Append to the CA list, the certs which do not have matching private
193  *   keys and which were not selected.
194  *
195  * If none of the bits are set, no client certs or private keys will be
196  * returned.  CA (aka trust anchor) certs can be.
197  *
198  * Notes: If #3 is selected, then #4 will never occur.  CA certs will be
199  * selected after a cert/key pairs are isolated.
200  *
201  * Returns:
202  *  <  0 - An error returned.  Call ERR_get_error() to get errors information.
203  *         Where possible, memory has been freed.
204  *  >= 0 - Objects were found and returned.  Which objects are indicated by
205  *         which bits are set (FOUND_PKEY, FOUND_CERT, FOUND_CA_CERTS).
206  */
207 int
208 sunw_PKCS12_parse(PKCS12 *p12, const char *pass, int matchty, char *keyid,
209     int keyid_len, char *name_str, EVP_PKEY **pkey, X509 **cert,
210     STACK_OF(X509) **ca)
211 {
212 	boolean_t ca_supplied;
213 	int retval = -1;
214 
215 	/* If NULL PKCS12 structure, this is an error */
216 	if (p12 == NULL) {
217 		SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_INVALID_ARG);
218 		return (-1);
219 	}
220 
221 	/* Set up arguments....  These will be allocated if needed */
222 	if (pkey)
223 		*pkey = NULL;
224 	if (cert)
225 		*cert = NULL;
226 
227 	/*
228 	 * If there is already a ca list, use it.  Otherwise, allocate one
229 	 * and free is later if an error occurs or whatever.)
230 	 */
231 	ca_supplied = (ca != NULL && *ca != NULL);
232 	if (ca != NULL && *ca == NULL) {
233 		if ((*ca = sk_X509_new_null()) == NULL) {
234 			SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_MEMORY_FAILURE);
235 			return (-1);
236 		}
237 	}
238 
239 	/*
240 	 * If password is zero length or NULL then try verifying both cases
241 	 * to determine which password is correct. The reason for this is that
242 	 * under PKCS#12 password based encryption no password and a zero
243 	 * length password are two different things. If the password has a
244 	 * non-zero length and is not NULL then call PKCS12_verify_mac() with
245 	 * a length of '-1' and let it use strlen() to figure out the length
246 	 * of the password.
247 	 */
248 	/* Check the mac */
249 	if (pass == NULL || *pass == '\0') {
250 		if (PKCS12_verify_mac(p12, NULL, 0))
251 			pass = NULL;
252 		else if (PKCS12_verify_mac(p12, "", 0))
253 			pass = "";
254 		else {
255 			SUNWerr(SUNW_F_PKCS12_PARSE,
256 			    SUNW_R_MAC_VERIFY_FAILURE);
257 			goto err;
258 		}
259 	} else if (PKCS12_verify_mac(p12, pass, -1) == 0) {
260 		SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_MAC_VERIFY_FAILURE);
261 		goto err;
262 	}
263 
264 	retval = parse_pkcs12(p12, pass, matchty, keyid, keyid_len,
265 	    name_str, pkey, cert, ca);
266 	if (retval < 0) {
267 		SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_PKCS12_PARSE_ERR);
268 		goto err;
269 	}
270 	return (retval);
271 
272 err:
273 	if (pkey && *pkey) {
274 		sunw_evp_pkey_free(*pkey);
275 	}
276 	if (cert && *cert)
277 		X509_free(*cert);
278 	if (ca_supplied == B_FALSE && ca != NULL)
279 		sk_X509_pop_free(*ca, X509_free);
280 
281 	return (-1);
282 
283 }
284 
285 /*
286  * parse_pkcs12 - Oversee parsing of the pkcs12 structure.  Get it
287  *         parsed.  After that either return what's found directly, or
288  *         do any required matching.
289  *
290  * Arguments:
291  *   p12      - Structure with pkcs12 info to be parsed
292  *   pass     - Pass phrase for the private key (possibly empty) or NULL if
293  *              there is none.
294  *   matchty  - Info about which certs/keys to return if many are in the file.
295  *   keyid    - If private key localkeyids friendlynames are to match a
296  *              predetermined value, the value to match. This value should
297  *		be an octet string.
298  *   keyid_len- Length of the keyid byte string.
299  *   name_str - If friendlynames are to match a predetermined value, the value
300  *		 to match. This value should be a NULL terminated string.
301  *   pkey     - Points to location pointing to the private key returned.
302  *   cert     - Points to locaiton which points to the client cert returned
303  *   ca       - Points to location that points to a stack of 'certificate
304  *              authority' certs/trust anchors.
305  *
306  *   Note about error codes:  This function is an internal function, and the
307  *   place where it is called sets error codes.  Therefore only set an error
308  *   code if it is something that is unique or if the function which detected
309  *   the error doesn't set one.
310  *
311  * Returns:
312  *   == -1 - An error occurred.  Call ERR_get_error() to get error information.
313  *           Where possible, memory has been freed.
314  *   == 0  - No matching returns were found.
315  *    > 0  - This is the aithmetic 'or' of the FOUND_* bits that indicate which
316  *           of the requested entries were found.
317  */
318 static int
319 parse_pkcs12(PKCS12 *p12, const char *pass, int matchty, char *keyid,
320     int kstr_len, char *name_str, EVP_PKEY **pkey, X509 **cert,
321     STACK_OF(X509) **ca)
322 {
323 	STACK_OF(EVP_PKEY) *work_kl = NULL;	/* Head for private key list */
324 	STACK_OF(EVP_PKEY) *nocerts = NULL;	/* Head for alt. key list */
325 	STACK_OF(X509) *work_ca = NULL;		/* Head for cert list */
326 	STACK_OF(X509) *work_cl = NULL;
327 	int retval = 0;
328 	int n;
329 
330 	retval = sunw_PKCS12_contents(p12, pass, &work_kl, &work_ca);
331 	if (retval < 0) {
332 		goto cleanup;
333 	} else if (retval == 0) {
334 		/*
335 		 * Not really an error here - its just that nothing was found.
336 		 */
337 		goto cleanup;
338 	}
339 
340 	if (sk_EVP_PKEY_num(work_kl) > 0) {
341 
342 		if (sunw_split_certs(work_kl, work_ca, &work_cl, &nocerts)
343 		    < 0) {
344 			goto cleanup;
345 		}
346 	}
347 
348 	/*
349 	 * Go through the lists of certs and private keys which were
350 	 * returned, looking for matches of the appropriate type.  Do these
351 	 * in the order described above.
352 	 */
353 	if ((matchty & DO_FIND_KEYID) != 0) {
354 
355 		if (keyid == NULL) {
356 			SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_INVALID_ARG);
357 			retval = -1;
358 			goto cleanup;
359 		}
360 
361 		/* See if string matches localkeyid's */
362 		retval = sunw_find_localkeyid(keyid, kstr_len,
363 		    work_kl, work_cl, pkey, cert);
364 		if (retval != 0) {
365 			if (retval == -1)
366 				goto cleanup;
367 			else
368 				goto last_part;
369 		}
370 	}
371 	if ((matchty & DO_FIND_FN) != 0) {
372 
373 		if (name_str == NULL) {
374 			SUNWerr(SUNW_F_PKCS12_PARSE, SUNW_R_INVALID_ARG);
375 			retval = -1;
376 			goto cleanup;
377 		}
378 
379 		/* See if string matches friendly names */
380 		retval = sunw_find_fname(name_str, work_kl, work_cl,
381 		    pkey, cert);
382 		if (retval != 0) {
383 			if (retval == -1)
384 				goto cleanup;
385 			else
386 				goto last_part;
387 		}
388 	}
389 
390 	if (matchty & DO_FIRST_PAIR) {
391 
392 		/* Find the first cert and private key and return them */
393 		retval = get_key_cert(0, work_kl, pkey, work_cl, cert);
394 		if (retval != 0) {
395 			if (retval == -1)
396 				goto cleanup;
397 			else
398 				goto last_part;
399 		}
400 	}
401 
402 	if (matchty & DO_LAST_PAIR) {
403 
404 		/*
405 		 * Find the last matching cert and private key and return
406 		 * them.  Since keys which don't have matching client certs
407 		 * are at the end of the list of keys, use the number of
408 		 * client certs to compute the position of the last private
409 		 * key which matches a client cert.
410 		 */
411 		n = sk_X509_num(work_cl) - 1;
412 		retval = get_key_cert(n, work_kl, pkey, work_cl, cert);
413 		if (retval != 0) {
414 			if (retval == -1)
415 				goto cleanup;
416 			else
417 				goto last_part;
418 		}
419 	}
420 
421 	if (matchty & DO_UNMATCHING) {
422 		STACK_OF(EVP_PKEY) *tmpk;
423 		STACK_OF(X509) *tmpc;
424 
425 		/* Find the first cert and private key and return them */
426 		tmpc = work_cl;
427 		if (work_cl == NULL || sk_X509_num(work_cl) == 0)
428 			tmpc = work_ca;
429 		tmpk = work_kl;
430 		if (work_kl == NULL || sk_EVP_PKEY_num(work_kl) == 0)
431 			tmpk = nocerts;
432 		retval = get_key_cert(0, tmpk, pkey, tmpc, cert);
433 		if (retval != 0) {
434 			if (retval == -1)
435 				goto cleanup;
436 			else
437 				goto last_part;
438 		}
439 	}
440 
441 last_part:
442 	/* If no errors, terminate normally */
443 	if (retval != -1)
444 		retval |= set_results(NULL, NULL, NULL, NULL, ca, &work_ca,
445 		    NULL, NULL);
446 	if (retval >= 0) {
447 		goto clean_part;
448 	}
449 
450 	/* Fallthrough is intentional in error cases. */
451 cleanup:
452 	if (pkey != NULL && *pkey != NULL) {
453 		sunw_evp_pkey_free(*pkey);
454 		*pkey = NULL;
455 	}
456 	if (cert != NULL && *cert != NULL) {
457 		X509_free(*cert);
458 		*cert = NULL;
459 	}
460 
461 clean_part:
462 
463 	if (work_kl != NULL) {
464 		sk_EVP_PKEY_pop_free(work_kl, sunw_evp_pkey_free);
465 	}
466 	if (work_ca != NULL)
467 		sk_X509_pop_free(work_ca, X509_free);
468 	if (work_cl != NULL)
469 		sk_X509_pop_free(work_cl, X509_free);
470 
471 	return (retval);
472 }
473 
474 /*
475  * sunw_PKCS12_contents() parses a pkcs#12 structure and returns component
476  *     parts found, without evaluation.
477  *
478  * Parse and decrypt a PKCS#12 structure returning any user keys and/or
479  * various certs. Note these should either be NULL, *whatever should
480  * be NULL, or it should point to a valid STACK_OF(X509) structure.
481  *
482  * Arguments:
483  *   p12      - Structure with pkcs12 info to be parsed
484  *   pass     - Pass phrase for the private key and entire pkcs12 wad (possibly
485  *              empty) or NULL if there is none.
486  *   pkeys    - Points to address of a stack of private keys to return.
487  *   certs    - Points to address of a stack of client certs return.
488  *
489  *   Note:  The certs and keys being returned are in random order.
490  *
491  * Returns:
492  *  <  0 - An error returned.  Call ERR_get_error() to get errors information.
493  *         Where possible, memory has been freed.
494  *  >= 0 - Objects were found and returned.  Which objects are indicated by
495  *         which bits are set (FOUND_PKEY or FOUND_CERT)
496  */
497 static int
498 sunw_PKCS12_contents(PKCS12 *p12, const char *pass, STACK_OF(EVP_PKEY) **pkey,
499     STACK_OF(X509) **certs)
500 {
501 	STACK_OF(EVP_PKEY) *work_kl = NULL;
502 	STACK_OF(X509) *work_ca = NULL;
503 	int retval = -1;
504 
505 	/*
506 	 * Allocate the working stacks for private key and for the
507 	 * ca certs.
508 	 */
509 	if ((work_kl = sk_EVP_PKEY_new_null()) == NULL) {
510 		SUNWerr(SUNW_F_PKCS12_CONTENTS, SUNW_R_MEMORY_FAILURE);
511 		goto cleanup;
512 	}
513 
514 	if ((work_ca = sk_X509_new_null()) == NULL) {
515 		SUNWerr(SUNW_F_PKCS12_CONTENTS, SUNW_R_MEMORY_FAILURE);
516 		goto cleanup;
517 	}
518 
519 	if (parse_outer(p12, pass, work_kl, work_ca) == 0) {
520 		/*
521 		 * Error already on stack
522 		 */
523 		goto cleanup;
524 	}
525 
526 	/* on error, set_results() returns an error on the stack */
527 	retval = set_results(pkey, &work_kl, certs, &work_ca, NULL,
528 	    NULL, NULL, NULL);
529 
530 cleanup:
531 	if (work_kl != NULL) {
532 		sk_EVP_PKEY_pop_free(work_kl, sunw_evp_pkey_free);
533 	}
534 
535 	return (retval);
536 }
537 
538 /*
539  * parse_outer - Unpack the outer PKCS#12 structure and go through the
540  *         individual bags.  Return stacks of certs, private keys found and
541  *         CA certs found.
542  *
543  *   Note about error codes:  This function is an internal function, and the
544  *   place where it is called sets error codes.
545  *
546  * Returns:
547  *    0 - An error returned.  Call ERR_get_error() to get errors information.
548  *        Where possible, memory has been freed.
549  *    1 - PKCS12 data object was parsed and lists of certs and private keys
550  *        were returned.
551  */
552 static int
553 parse_outer(PKCS12 *p12, const char *pass, STACK_OF(EVP_PKEY) *kl,
554     STACK_OF(X509) *cl)
555 {
556 	STACK_OF(PKCS12_SAFEBAG) *bags;
557 	STACK_OF(PKCS7) *asafes;
558 	int i, bagnid;
559 	PKCS7 *p7;
560 
561 	if ((asafes = M_PKCS12_unpack_authsafes(p12)) == NULL)
562 		return (0);
563 
564 	for (i = 0; i < sk_PKCS7_num(asafes); i++) {
565 		p7 = sk_PKCS7_value(asafes, i);
566 		bagnid = OBJ_obj2nid(p7->type);
567 		if (bagnid == NID_pkcs7_data) {
568 			bags = M_PKCS12_unpack_p7data(p7);
569 		} else if (bagnid == NID_pkcs7_encrypted) {
570 			/*
571 			 * A length of '-1' means strlen() can be used
572 			 * to determine the password length.
573 			 */
574 			bags = M_PKCS12_unpack_p7encdata(p7, pass, -1);
575 		} else {
576 			SUNWerr(SUNW_F_PARSE_OUTER, SUNW_R_BAD_BAGTYPE);
577 			return (0);
578 		}
579 
580 		if (bags == NULL) {
581 			SUNWerr(SUNW_F_PARSE_OUTER, SUNW_R_PARSE_BAG_ERR);
582 			sk_PKCS7_pop_free(asafes, PKCS7_free);
583 			return (0);
584 		}
585 		if (parse_all_bags(bags, pass, kl, cl) == 0) {
586 			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
587 			sk_PKCS7_pop_free(asafes, PKCS7_free);
588 			return (0);
589 		}
590 	}
591 
592 	return (1);
593 }
594 
595 /*
596  * parse_all_bags - go through the stack of bags, parsing each.
597  *
598  *   Note about error codes:  This function is an internal function, and the
599  *   place where it is called sets error codes.
600  *
601  * Returns:
602  *    0 - An error returned.  Call ERR_get_error() to get errors information.
603  *        Where possible, memory has been freed.
604  *    1 - Stack of safebags was parsed and lists of certs and private keys
605  *        were returned.
606  */
607 static int
608 parse_all_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
609     STACK_OF(EVP_PKEY) *kl, STACK_OF(X509) *cl)
610 {
611 	int i;
612 	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
613 		if (parse_one_bag(sk_PKCS12_SAFEBAG_value(bags, i),
614 		    pass, kl, cl) == 0)
615 			return (0);
616 	}
617 	return (1);
618 }
619 
620 /*
621  * parse_one_bag - Parse an individual bag
622  *
623  *   i = parse_one_bag(bag, pass, kl, cl);
624  *
625  * Arguments:
626  *   bag	- pkcs12 safebag to parse.
627  *   pass 	- password for use in decryption of shrouded keybag
628  *   kl         - Stack of private keys found so far.  New private keys will
629  *                be added here if found.
630  *   cl         - Stack of certs found so far.  New certificates will be
631  *                added here if found.
632  *
633  * Returns:
634  *    0 - An error returned.  Call ERR_get_error() to get errors information.
635  *        Where possible, memory has been freed.
636  *    1 - one safebag was parsed. If it contained a cert or private key, it
637  *        was added to the stack of certs or private keys found, respectively.
638  *        localKeyId or friendlyName attributes are returned with the
639  *        private key or certificate.
640  */
641 static int
642 parse_one_bag(PKCS12_SAFEBAG *bag, const char *pass, STACK_OF(EVP_PKEY) *kl,
643     STACK_OF(X509) *cl)
644 {
645 	X509_ATTRIBUTE *attr = NULL;
646 	ASN1_TYPE *keyid = NULL;
647 	ASN1_TYPE *fname = NULL;
648 	PKCS8_PRIV_KEY_INFO *p8;
649 	EVP_PKEY *pkey = NULL;
650 	X509 *x509 = NULL;
651 	uchar_t *data = NULL;
652 	char *str = NULL;
653 	int retval = 1;
654 
655 	keyid = PKCS12_get_attr(bag, NID_localKeyID);
656 	fname = PKCS12_get_attr(bag, NID_friendlyName);
657 
658 	switch (M_PKCS12_bag_type(bag)) {
659 	case NID_keyBag:
660 		if ((pkey = EVP_PKCS82PKEY(bag->value.keybag)) == NULL) {
661 			SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_PARSE_BAG_ERR);
662 			retval = 0;
663 			break;
664 		}
665 		break;
666 
667 	case NID_pkcs8ShroudedKeyBag:
668 		/*
669 		 * A length of '-1' means strlen() can be used
670 		 * to determine the password length.
671 		 */
672 		if ((p8 = M_PKCS12_decrypt_skey(bag, pass, -1)) == NULL) {
673 			SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_PARSE_BAG_ERR);
674 			retval = 0;
675 			break;
676 		}
677 		pkey = EVP_PKCS82PKEY(p8);
678 		PKCS8_PRIV_KEY_INFO_free(p8);
679 		if (pkey == NULL) {
680 			SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_PARSE_BAG_ERR);
681 			retval = 0;
682 		}
683 		break;
684 
685 	case NID_certBag:
686 		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate) {
687 			SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_BAD_CERTTYPE);
688 			break;
689 		}
690 		if ((x509 = M_PKCS12_certbag2x509(bag)) == NULL) {
691 			SUNWerr(SUNW_F_PARSE_ONE_BAG,
692 			    SUNW_R_PARSE_CERT_ERR);
693 			retval = 0;
694 			break;
695 		}
696 
697 		if (keyid != NULL) {
698 			if (keyid->type != V_ASN1_OCTET_STRING) {
699 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
700 				    SUNW_R_BAD_LKID);
701 				retval = 0;
702 				break;
703 			}
704 			if (X509_keyid_set1(x509,
705 			    keyid->value.octet_string->data,
706 			    keyid->value.octet_string->length) == 0) {
707 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
708 				    SUNW_R_SET_LKID_ERR);
709 				retval = 0;
710 				break;
711 			}
712 		}
713 
714 		if (fname != NULL) {
715 			ASN1_STRING *tmpstr = NULL;
716 			int len;
717 
718 			if (fname->type != V_ASN1_BMPSTRING) {
719 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
720 				    SUNW_R_BAD_FNAME);
721 				retval = 0;
722 				break;
723 			}
724 
725 			tmpstr = fname->value.asn1_string;
726 			len = ASN1_STRING_to_UTF8(&data, tmpstr);
727 			if (len < 0) {
728 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
729 				    SUNW_R_SET_FNAME_ERR);
730 				retval = 0;
731 				break;
732 			}
733 
734 			if (X509_alias_set1(x509, data, len) == 0) {
735 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
736 				    SUNW_R_SET_FNAME_ERR);
737 				retval = 0;
738 				break;
739 			}
740 		}
741 
742 		if (sk_X509_push(cl, x509) == 0) {
743 			SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_MEMORY_FAILURE);
744 			retval = 0;
745 			break;
746 		}
747 		x509 = NULL;
748 		break;
749 
750 	case NID_safeContentsBag:
751 		if (keyid != NULL)
752 			ASN1_TYPE_free(keyid);
753 		if (fname != NULL)
754 			ASN1_TYPE_free(fname);
755 		if (parse_all_bags(bag->value.safes, pass, kl, cl) == 0) {
756 			/*
757 			 * Error already on stack
758 			 */
759 			return (0);
760 		}
761 		return (1);
762 
763 	default:
764 		if (keyid != NULL)
765 			ASN1_TYPE_free(keyid);
766 		if (fname != NULL)
767 			ASN1_TYPE_free(fname);
768 		SUNWerr(SUNW_F_PARSE_ONE_BAG, SUNW_R_BAD_BAGTYPE);
769 		return (0);
770 	}
771 
772 
773 	if (pkey != NULL) {
774 		if (retval != 0 && (keyid != NULL || fname != NULL) &&
775 		    pkey->attributes == NULL) {
776 			pkey->attributes = sk_X509_ATTRIBUTE_new_null();
777 			if (pkey->attributes == NULL) {
778 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
779 				    SUNW_R_MEMORY_FAILURE);
780 				retval = 0;
781 			}
782 		}
783 
784 		if (retval != 0 && keyid != NULL) {
785 			attr = type2attrib(keyid, NID_localKeyID);
786 			if (attr == NULL)
787 				/*
788 				 * Error already on stack
789 				 */
790 				retval = 0;
791 			else {
792 				keyid = NULL;
793 				if (sk_X509_ATTRIBUTE_push(pkey->attributes,
794 				    attr) == 0) {
795 					SUNWerr(SUNW_F_PARSE_ONE_BAG,
796 					    SUNW_R_MEMORY_FAILURE);
797 					retval = 0;
798 				} else {
799 					attr = NULL;
800 				}
801 			}
802 		}
803 
804 		if (retval != 0 && fname != NULL) {
805 			attr = type2attrib(fname, NID_friendlyName);
806 			if (attr == NULL) {
807 				/*
808 				 * Error already on stack
809 				 */
810 				retval = 0;
811 			} else {
812 				fname = NULL;
813 				if (sk_X509_ATTRIBUTE_push(pkey->attributes,
814 				    attr) == 0) {
815 					SUNWerr(SUNW_F_PARSE_ONE_BAG,
816 					    SUNW_R_MEMORY_FAILURE);
817 					retval = 0;
818 				} else {
819 					attr = NULL;
820 				}
821 			}
822 		}
823 
824 		/* Save the private key */
825 		if (retval != 0) {
826 			if (sk_EVP_PKEY_push(kl, pkey) == 0) {
827 				SUNWerr(SUNW_F_PARSE_ONE_BAG,
828 				    SUNW_R_MEMORY_FAILURE);
829 				retval = 0;
830 			} else {
831 				pkey = NULL;
832 			}
833 		}
834 	}
835 
836 	if (pkey != NULL) {
837 		sunw_evp_pkey_free(pkey);
838 	}
839 
840 	if (x509 != NULL)
841 		X509_free(x509);
842 
843 	if (keyid != NULL)
844 		ASN1_TYPE_free(keyid);
845 
846 	if (fname != NULL)
847 		ASN1_TYPE_free(fname);
848 
849 	if (attr != NULL)
850 		X509_ATTRIBUTE_free(attr);
851 
852 	if (data != NULL)
853 		OPENSSL_free(data);
854 
855 	if (str != NULL)
856 		OPENSSL_free(str);
857 
858 	return (retval);
859 }
860