1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/lib/pkcs12/p12e.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,2079 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#include "p12t.h"
1.9 +#include "p12.h"
1.10 +#include "plarena.h"
1.11 +#include "secitem.h"
1.12 +#include "secoid.h"
1.13 +#include "seccomon.h"
1.14 +#include "secport.h"
1.15 +#include "cert.h"
1.16 +#include "secpkcs7.h"
1.17 +#include "secasn1.h"
1.18 +#include "secerr.h"
1.19 +#include "pk11func.h"
1.20 +#include "p12plcy.h"
1.21 +#include "p12local.h"
1.22 +#include "prcpucfg.h"
1.23 +
1.24 +extern const int NSS_PBE_DEFAULT_ITERATION_COUNT; /* defined in p7create.c */
1.25 +
1.26 +/*
1.27 +** This PKCS12 file encoder uses numerous nested ASN.1 and PKCS7 encoder
1.28 +** contexts. It can be difficult to keep straight. Here's a picture:
1.29 +**
1.30 +** "outer" ASN.1 encoder. The output goes to the library caller's CB.
1.31 +** "middle" PKCS7 encoder. Feeds the "outer" ASN.1 encoder.
1.32 +** "middle" ASN1 encoder. Encodes the encrypted aSafes.
1.33 +** Feeds the "middle" P7 encoder above.
1.34 +** "inner" PKCS7 encoder. Encrypts the "authenticated Safes" (aSafes)
1.35 +** Feeds the "middle" ASN.1 encoder above.
1.36 +** "inner" ASN.1 encoder. Encodes the unencrypted aSafes.
1.37 +** Feeds the "inner" P7 enocder above.
1.38 +**
1.39 +** Buffering has been added at each point where the output of an ASN.1
1.40 +** encoder feeds the input of a PKCS7 encoder.
1.41 +*/
1.42 +
1.43 +/*********************************
1.44 + * Output buffer object, used to buffer output from ASN.1 encoder
1.45 + * before passing data on down to the next PKCS7 encoder.
1.46 + *********************************/
1.47 +
1.48 +#define PK12_OUTPUT_BUFFER_SIZE 8192
1.49 +
1.50 +struct sec_pkcs12OutputBufferStr {
1.51 + SEC_PKCS7EncoderContext * p7eCx;
1.52 + PK11Context * hmacCx;
1.53 + unsigned int numBytes;
1.54 + unsigned int bufBytes;
1.55 + char buf[PK12_OUTPUT_BUFFER_SIZE];
1.56 +};
1.57 +typedef struct sec_pkcs12OutputBufferStr sec_pkcs12OutputBuffer;
1.58 +
1.59 +/*********************************
1.60 + * Structures used in exporting the PKCS 12 blob
1.61 + *********************************/
1.62 +
1.63 +/* A SafeInfo is used for each ContentInfo which makes up the
1.64 + * sequence of safes in the AuthenticatedSafe portion of the
1.65 + * PFX structure.
1.66 + */
1.67 +struct SEC_PKCS12SafeInfoStr {
1.68 + PLArenaPool *arena;
1.69 +
1.70 + /* information for setting up password encryption */
1.71 + SECItem pwitem;
1.72 + SECOidTag algorithm;
1.73 + PK11SymKey *encryptionKey;
1.74 +
1.75 + /* how many items have been stored in this safe,
1.76 + * we will skip any safe which does not contain any
1.77 + * items
1.78 + */
1.79 + unsigned int itemCount;
1.80 +
1.81 + /* the content info for the safe */
1.82 + SEC_PKCS7ContentInfo *cinfo;
1.83 +
1.84 + sec_PKCS12SafeContents *safe;
1.85 +};
1.86 +
1.87 +/* An opaque structure which contains information needed for exporting
1.88 + * certificates and keys through PKCS 12.
1.89 + */
1.90 +struct SEC_PKCS12ExportContextStr {
1.91 + PLArenaPool *arena;
1.92 + PK11SlotInfo *slot;
1.93 + void *wincx;
1.94 +
1.95 + /* integrity information */
1.96 + PRBool integrityEnabled;
1.97 + PRBool pwdIntegrity;
1.98 + union {
1.99 + struct sec_PKCS12PasswordModeInfo pwdInfo;
1.100 + struct sec_PKCS12PublicKeyModeInfo pubkeyInfo;
1.101 + } integrityInfo;
1.102 +
1.103 + /* helper functions */
1.104 + /* retrieve the password call back */
1.105 + SECKEYGetPasswordKey pwfn;
1.106 + void *pwfnarg;
1.107 +
1.108 + /* safe contents bags */
1.109 + SEC_PKCS12SafeInfo **safeInfos;
1.110 + unsigned int safeInfoCount;
1.111 +
1.112 + /* the sequence of safes */
1.113 + sec_PKCS12AuthenticatedSafe authSafe;
1.114 +
1.115 + /* information needing deletion */
1.116 + CERTCertificate **certList;
1.117 +};
1.118 +
1.119 +/* structures for passing information to encoder callbacks when processing
1.120 + * data through the ASN1 engine.
1.121 + */
1.122 +struct sec_pkcs12_encoder_output {
1.123 + SEC_PKCS12EncoderOutputCallback outputfn;
1.124 + void *outputarg;
1.125 +};
1.126 +
1.127 +struct sec_pkcs12_hmac_and_output_info {
1.128 + void *arg;
1.129 + struct sec_pkcs12_encoder_output output;
1.130 +};
1.131 +
1.132 +/* An encoder context which is used for the actual encoding
1.133 + * portion of PKCS 12.
1.134 + */
1.135 +typedef struct sec_PKCS12EncoderContextStr {
1.136 + PLArenaPool *arena;
1.137 + SEC_PKCS12ExportContext *p12exp;
1.138 +
1.139 + /* encoder information - this is set up based on whether
1.140 + * password based or public key pased privacy is being used
1.141 + */
1.142 + SEC_ASN1EncoderContext *outerA1ecx;
1.143 + union {
1.144 + struct sec_pkcs12_hmac_and_output_info hmacAndOutputInfo;
1.145 + struct sec_pkcs12_encoder_output encOutput;
1.146 + } output;
1.147 +
1.148 + /* structures for encoding of PFX and MAC */
1.149 + sec_PKCS12PFXItem pfx;
1.150 + sec_PKCS12MacData mac;
1.151 +
1.152 + /* authenticated safe encoding tracking information */
1.153 + SEC_PKCS7ContentInfo *aSafeCinfo;
1.154 + SEC_PKCS7EncoderContext *middleP7ecx;
1.155 + SEC_ASN1EncoderContext *middleA1ecx;
1.156 + unsigned int currentSafe;
1.157 +
1.158 + /* hmac context */
1.159 + PK11Context *hmacCx;
1.160 +
1.161 + /* output buffers */
1.162 + sec_pkcs12OutputBuffer middleBuf;
1.163 + sec_pkcs12OutputBuffer innerBuf;
1.164 +
1.165 +} sec_PKCS12EncoderContext;
1.166 +
1.167 +
1.168 +/*********************************
1.169 + * Export setup routines
1.170 + *********************************/
1.171 +
1.172 +/* SEC_PKCS12CreateExportContext
1.173 + * Creates an export context and sets the unicode and password retrieval
1.174 + * callbacks. This is the first call which must be made when exporting
1.175 + * a PKCS 12 blob.
1.176 + *
1.177 + * pwfn, pwfnarg - password retrieval callback and argument. these are
1.178 + * required for password-authentication mode.
1.179 + */
1.180 +SEC_PKCS12ExportContext *
1.181 +SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
1.182 + PK11SlotInfo *slot, void *wincx)
1.183 +{
1.184 + PLArenaPool *arena = NULL;
1.185 + SEC_PKCS12ExportContext *p12ctxt = NULL;
1.186 +
1.187 + /* allocate the arena and create the context */
1.188 + arena = PORT_NewArena(4096);
1.189 + if(!arena) {
1.190 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.191 + return NULL;
1.192 + }
1.193 +
1.194 + p12ctxt = (SEC_PKCS12ExportContext *)PORT_ArenaZAlloc(arena,
1.195 + sizeof(SEC_PKCS12ExportContext));
1.196 + if(!p12ctxt) {
1.197 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.198 + goto loser;
1.199 + }
1.200 +
1.201 + /* password callback for key retrieval */
1.202 + p12ctxt->pwfn = pwfn;
1.203 + p12ctxt->pwfnarg = pwfnarg;
1.204 +
1.205 + p12ctxt->integrityEnabled = PR_FALSE;
1.206 + p12ctxt->arena = arena;
1.207 + p12ctxt->wincx = wincx;
1.208 + p12ctxt->slot = (slot) ? PK11_ReferenceSlot(slot) : PK11_GetInternalSlot();
1.209 +
1.210 + return p12ctxt;
1.211 +
1.212 +loser:
1.213 + if(arena) {
1.214 + PORT_FreeArena(arena, PR_TRUE);
1.215 + }
1.216 +
1.217 + return NULL;
1.218 +}
1.219 +
1.220 +/*
1.221 + * Adding integrity mode
1.222 + */
1.223 +
1.224 +/* SEC_PKCS12AddPasswordIntegrity
1.225 + * Add password integrity to the exported data. If an integrity method
1.226 + * has already been set, then return an error.
1.227 + *
1.228 + * p12ctxt - the export context
1.229 + * pwitem - the password for integrity mode
1.230 + * integAlg - the integrity algorithm to use for authentication.
1.231 + */
1.232 +SECStatus
1.233 +SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
1.234 + SECItem *pwitem, SECOidTag integAlg)
1.235 +{
1.236 + if(!p12ctxt || p12ctxt->integrityEnabled) {
1.237 + return SECFailure;
1.238 + }
1.239 +
1.240 + /* set up integrity information */
1.241 + p12ctxt->pwdIntegrity = PR_TRUE;
1.242 + p12ctxt->integrityInfo.pwdInfo.password =
1.243 + (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
1.244 + if(!p12ctxt->integrityInfo.pwdInfo.password) {
1.245 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.246 + return SECFailure;
1.247 + }
1.248 + if(SECITEM_CopyItem(p12ctxt->arena,
1.249 + p12ctxt->integrityInfo.pwdInfo.password, pwitem)
1.250 + != SECSuccess) {
1.251 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.252 + return SECFailure;
1.253 + }
1.254 + p12ctxt->integrityInfo.pwdInfo.algorithm = integAlg;
1.255 + p12ctxt->integrityEnabled = PR_TRUE;
1.256 +
1.257 + return SECSuccess;
1.258 +}
1.259 +
1.260 +/* SEC_PKCS12AddPublicKeyIntegrity
1.261 + * Add public key integrity to the exported data. If an integrity method
1.262 + * has already been set, then return an error. The certificate must be
1.263 + * allowed to be used as a signing cert.
1.264 + *
1.265 + * p12ctxt - the export context
1.266 + * cert - signer certificate
1.267 + * certDb - the certificate database
1.268 + * algorithm - signing algorithm
1.269 + * keySize - size of the signing key (?)
1.270 + */
1.271 +SECStatus
1.272 +SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
1.273 + CERTCertificate *cert, CERTCertDBHandle *certDb,
1.274 + SECOidTag algorithm, int keySize)
1.275 +{
1.276 + if(!p12ctxt) {
1.277 + return SECFailure;
1.278 + }
1.279 +
1.280 + p12ctxt->integrityInfo.pubkeyInfo.cert = cert;
1.281 + p12ctxt->integrityInfo.pubkeyInfo.certDb = certDb;
1.282 + p12ctxt->integrityInfo.pubkeyInfo.algorithm = algorithm;
1.283 + p12ctxt->integrityInfo.pubkeyInfo.keySize = keySize;
1.284 + p12ctxt->integrityEnabled = PR_TRUE;
1.285 +
1.286 + return SECSuccess;
1.287 +}
1.288 +
1.289 +
1.290 +/*
1.291 + * Adding safes - encrypted (password/public key) or unencrypted
1.292 + * Each of the safe creation routines return an opaque pointer which
1.293 + * are later passed into the routines for exporting certificates and
1.294 + * keys.
1.295 + */
1.296 +
1.297 +/* append the newly created safeInfo to list of safeInfos in the export
1.298 + * context.
1.299 + */
1.300 +static SECStatus
1.301 +sec_pkcs12_append_safe_info(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *info)
1.302 +{
1.303 + void *mark = NULL, *dummy1 = NULL, *dummy2 = NULL;
1.304 +
1.305 + if(!p12ctxt || !info) {
1.306 + return SECFailure;
1.307 + }
1.308 +
1.309 + mark = PORT_ArenaMark(p12ctxt->arena);
1.310 +
1.311 + /* if no safeInfos have been set, create the list, otherwise expand it. */
1.312 + if(!p12ctxt->safeInfoCount) {
1.313 + p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)PORT_ArenaZAlloc(p12ctxt->arena,
1.314 + 2 * sizeof(SEC_PKCS12SafeInfo *));
1.315 + dummy1 = p12ctxt->safeInfos;
1.316 + p12ctxt->authSafe.encodedSafes = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
1.317 + 2 * sizeof(SECItem *));
1.318 + dummy2 = p12ctxt->authSafe.encodedSafes;
1.319 + } else {
1.320 + dummy1 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->safeInfos,
1.321 + (p12ctxt->safeInfoCount + 1) * sizeof(SEC_PKCS12SafeInfo *),
1.322 + (p12ctxt->safeInfoCount + 2) * sizeof(SEC_PKCS12SafeInfo *));
1.323 + p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)dummy1;
1.324 + dummy2 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->authSafe.encodedSafes,
1.325 + (p12ctxt->authSafe.safeCount + 1) * sizeof(SECItem *),
1.326 + (p12ctxt->authSafe.safeCount + 2) * sizeof(SECItem *));
1.327 + p12ctxt->authSafe.encodedSafes = (SECItem**)dummy2;
1.328 + }
1.329 + if(!dummy1 || !dummy2) {
1.330 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.331 + goto loser;
1.332 + }
1.333 +
1.334 + /* append the new safeInfo and null terminate the list */
1.335 + p12ctxt->safeInfos[p12ctxt->safeInfoCount] = info;
1.336 + p12ctxt->safeInfos[++p12ctxt->safeInfoCount] = NULL;
1.337 + p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount] =
1.338 + (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
1.339 + if(!p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount]) {
1.340 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.341 + goto loser;
1.342 + }
1.343 + p12ctxt->authSafe.encodedSafes[++p12ctxt->authSafe.safeCount] = NULL;
1.344 +
1.345 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.346 + return SECSuccess;
1.347 +
1.348 +loser:
1.349 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.350 + return SECFailure;
1.351 +}
1.352 +
1.353 +/* SEC_PKCS12CreatePasswordPrivSafe
1.354 + * Create a password privacy safe to store exported information in.
1.355 + *
1.356 + * p12ctxt - export context
1.357 + * pwitem - password for encryption
1.358 + * privAlg - pbe algorithm through which encryption is done.
1.359 + */
1.360 +SEC_PKCS12SafeInfo *
1.361 +SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
1.362 + SECItem *pwitem, SECOidTag privAlg)
1.363 +{
1.364 + SEC_PKCS12SafeInfo *safeInfo = NULL;
1.365 + void *mark = NULL;
1.366 + PK11SlotInfo *slot = NULL;
1.367 + SECAlgorithmID *algId;
1.368 + SECItem uniPwitem = {siBuffer, NULL, 0};
1.369 +
1.370 + if(!p12ctxt) {
1.371 + return NULL;
1.372 + }
1.373 +
1.374 + /* allocate the safe info */
1.375 + mark = PORT_ArenaMark(p12ctxt->arena);
1.376 + safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
1.377 + sizeof(SEC_PKCS12SafeInfo));
1.378 + if(!safeInfo) {
1.379 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.380 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.381 + return NULL;
1.382 + }
1.383 +
1.384 + safeInfo->itemCount = 0;
1.385 +
1.386 + /* create the encrypted safe */
1.387 + safeInfo->cinfo = SEC_PKCS7CreateEncryptedData(privAlg, 0, p12ctxt->pwfn,
1.388 + p12ctxt->pwfnarg);
1.389 + if(!safeInfo->cinfo) {
1.390 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.391 + goto loser;
1.392 + }
1.393 + safeInfo->arena = p12ctxt->arena;
1.394 +
1.395 + /* convert the password to unicode */
1.396 + if(!sec_pkcs12_convert_item_to_unicode(NULL, &uniPwitem, pwitem,
1.397 + PR_TRUE, PR_TRUE, PR_TRUE)) {
1.398 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.399 + goto loser;
1.400 + }
1.401 + if(SECITEM_CopyItem(p12ctxt->arena, &safeInfo->pwitem, &uniPwitem) != SECSuccess) {
1.402 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.403 + goto loser;
1.404 + }
1.405 +
1.406 + /* generate the encryption key */
1.407 + slot = PK11_ReferenceSlot(p12ctxt->slot);
1.408 + if(!slot) {
1.409 + slot = PK11_GetInternalKeySlot();
1.410 + if(!slot) {
1.411 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.412 + goto loser;
1.413 + }
1.414 + }
1.415 +
1.416 + algId = SEC_PKCS7GetEncryptionAlgorithm(safeInfo->cinfo);
1.417 + safeInfo->encryptionKey = PK11_PBEKeyGen(slot, algId, &uniPwitem,
1.418 + PR_FALSE, p12ctxt->wincx);
1.419 + if(!safeInfo->encryptionKey) {
1.420 + goto loser;
1.421 + }
1.422 +
1.423 + safeInfo->arena = p12ctxt->arena;
1.424 + safeInfo->safe = NULL;
1.425 + if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
1.426 + goto loser;
1.427 + }
1.428 +
1.429 + if(uniPwitem.data) {
1.430 + SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
1.431 + }
1.432 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.433 +
1.434 + if (slot) {
1.435 + PK11_FreeSlot(slot);
1.436 + }
1.437 + return safeInfo;
1.438 +
1.439 +loser:
1.440 + if (slot) {
1.441 + PK11_FreeSlot(slot);
1.442 + }
1.443 + if(safeInfo->cinfo) {
1.444 + SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
1.445 + }
1.446 +
1.447 + if(uniPwitem.data) {
1.448 + SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
1.449 + }
1.450 +
1.451 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.452 + return NULL;
1.453 +}
1.454 +
1.455 +/* SEC_PKCS12CreateUnencryptedSafe
1.456 + * Creates an unencrypted safe within the export context.
1.457 + *
1.458 + * p12ctxt - the export context
1.459 + */
1.460 +SEC_PKCS12SafeInfo *
1.461 +SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt)
1.462 +{
1.463 + SEC_PKCS12SafeInfo *safeInfo = NULL;
1.464 + void *mark = NULL;
1.465 +
1.466 + if(!p12ctxt) {
1.467 + return NULL;
1.468 + }
1.469 +
1.470 + /* create the safe info */
1.471 + mark = PORT_ArenaMark(p12ctxt->arena);
1.472 + safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
1.473 + sizeof(SEC_PKCS12SafeInfo));
1.474 + if(!safeInfo) {
1.475 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.476 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.477 + return NULL;
1.478 + }
1.479 +
1.480 + safeInfo->itemCount = 0;
1.481 +
1.482 + /* create the safe content */
1.483 + safeInfo->cinfo = SEC_PKCS7CreateData();
1.484 + if(!safeInfo->cinfo) {
1.485 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.486 + goto loser;
1.487 + }
1.488 +
1.489 + if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
1.490 + goto loser;
1.491 + }
1.492 +
1.493 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.494 + return safeInfo;
1.495 +
1.496 +loser:
1.497 + if(safeInfo->cinfo) {
1.498 + SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
1.499 + }
1.500 +
1.501 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.502 + return NULL;
1.503 +}
1.504 +
1.505 +/* SEC_PKCS12CreatePubKeyEncryptedSafe
1.506 + * Creates a safe which is protected by public key encryption.
1.507 + *
1.508 + * p12ctxt - the export context
1.509 + * certDb - the certificate database
1.510 + * signer - the signer's certificate
1.511 + * recipients - the list of recipient certificates.
1.512 + * algorithm - the encryption algorithm to use
1.513 + * keysize - the algorithms key size (?)
1.514 + */
1.515 +SEC_PKCS12SafeInfo *
1.516 +SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
1.517 + CERTCertDBHandle *certDb,
1.518 + CERTCertificate *signer,
1.519 + CERTCertificate **recipients,
1.520 + SECOidTag algorithm, int keysize)
1.521 +{
1.522 + SEC_PKCS12SafeInfo *safeInfo = NULL;
1.523 + void *mark = NULL;
1.524 +
1.525 + if(!p12ctxt || !signer || !recipients || !(*recipients)) {
1.526 + return NULL;
1.527 + }
1.528 +
1.529 + /* allocate the safeInfo */
1.530 + mark = PORT_ArenaMark(p12ctxt->arena);
1.531 + safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
1.532 + sizeof(SEC_PKCS12SafeInfo));
1.533 + if(!safeInfo) {
1.534 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.535 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.536 + return NULL;
1.537 + }
1.538 +
1.539 + safeInfo->itemCount = 0;
1.540 + safeInfo->arena = p12ctxt->arena;
1.541 +
1.542 + /* create the enveloped content info using certUsageEmailSigner currently.
1.543 + * XXX We need to eventually use something other than certUsageEmailSigner
1.544 + */
1.545 + safeInfo->cinfo = SEC_PKCS7CreateEnvelopedData(signer, certUsageEmailSigner,
1.546 + certDb, algorithm, keysize,
1.547 + p12ctxt->pwfn, p12ctxt->pwfnarg);
1.548 + if(!safeInfo->cinfo) {
1.549 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.550 + goto loser;
1.551 + }
1.552 +
1.553 + /* add recipients */
1.554 + if(recipients) {
1.555 + unsigned int i = 0;
1.556 + while(recipients[i] != NULL) {
1.557 + SECStatus rv = SEC_PKCS7AddRecipient(safeInfo->cinfo, recipients[i],
1.558 + certUsageEmailRecipient, certDb);
1.559 + if(rv != SECSuccess) {
1.560 + goto loser;
1.561 + }
1.562 + i++;
1.563 + }
1.564 + }
1.565 +
1.566 + if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
1.567 + goto loser;
1.568 + }
1.569 +
1.570 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.571 + return safeInfo;
1.572 +
1.573 +loser:
1.574 + if(safeInfo->cinfo) {
1.575 + SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
1.576 + safeInfo->cinfo = NULL;
1.577 + }
1.578 +
1.579 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.580 + return NULL;
1.581 +}
1.582 +
1.583 +/*********************************
1.584 + * Routines to handle the exporting of the keys and certificates
1.585 + *********************************/
1.586 +
1.587 +/* creates a safe contents which safeBags will be appended to */
1.588 +sec_PKCS12SafeContents *
1.589 +sec_PKCS12CreateSafeContents(PLArenaPool *arena)
1.590 +{
1.591 + sec_PKCS12SafeContents *safeContents;
1.592 +
1.593 + if(arena == NULL) {
1.594 + return NULL;
1.595 + }
1.596 +
1.597 + /* create the safe contents */
1.598 + safeContents = (sec_PKCS12SafeContents *)PORT_ArenaZAlloc(arena,
1.599 + sizeof(sec_PKCS12SafeContents));
1.600 + if(!safeContents) {
1.601 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.602 + goto loser;
1.603 + }
1.604 +
1.605 + /* set up the internal contents info */
1.606 + safeContents->safeBags = NULL;
1.607 + safeContents->arena = arena;
1.608 + safeContents->bagCount = 0;
1.609 +
1.610 + return safeContents;
1.611 +
1.612 +loser:
1.613 + return NULL;
1.614 +}
1.615 +
1.616 +/* appends a safe bag to a safeContents using the specified arena.
1.617 + */
1.618 +SECStatus
1.619 +sec_pkcs12_append_bag_to_safe_contents(PLArenaPool *arena,
1.620 + sec_PKCS12SafeContents *safeContents,
1.621 + sec_PKCS12SafeBag *safeBag)
1.622 +{
1.623 + void *mark = NULL, *dummy = NULL;
1.624 +
1.625 + if(!arena || !safeBag || !safeContents) {
1.626 + return SECFailure;
1.627 + }
1.628 +
1.629 + mark = PORT_ArenaMark(arena);
1.630 + if(!mark) {
1.631 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.632 + return SECFailure;
1.633 + }
1.634 +
1.635 + /* allocate space for the list, or reallocate to increase space */
1.636 + if(!safeContents->safeBags) {
1.637 + safeContents->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(arena,
1.638 + (2 * sizeof(sec_PKCS12SafeBag *)));
1.639 + dummy = safeContents->safeBags;
1.640 + safeContents->bagCount = 0;
1.641 + } else {
1.642 + dummy = PORT_ArenaGrow(arena, safeContents->safeBags,
1.643 + (safeContents->bagCount + 1) * sizeof(sec_PKCS12SafeBag *),
1.644 + (safeContents->bagCount + 2) * sizeof(sec_PKCS12SafeBag *));
1.645 + safeContents->safeBags = (sec_PKCS12SafeBag **)dummy;
1.646 + }
1.647 +
1.648 + if(!dummy) {
1.649 + PORT_ArenaRelease(arena, mark);
1.650 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.651 + return SECFailure;
1.652 + }
1.653 +
1.654 + /* append the bag at the end and null terminate the list */
1.655 + safeContents->safeBags[safeContents->bagCount++] = safeBag;
1.656 + safeContents->safeBags[safeContents->bagCount] = NULL;
1.657 +
1.658 + PORT_ArenaUnmark(arena, mark);
1.659 +
1.660 + return SECSuccess;
1.661 +}
1.662 +
1.663 +/* appends a safeBag to a specific safeInfo.
1.664 + */
1.665 +SECStatus
1.666 +sec_pkcs12_append_bag(SEC_PKCS12ExportContext *p12ctxt,
1.667 + SEC_PKCS12SafeInfo *safeInfo, sec_PKCS12SafeBag *safeBag)
1.668 +{
1.669 + sec_PKCS12SafeContents *dest;
1.670 + SECStatus rv = SECFailure;
1.671 +
1.672 + if(!p12ctxt || !safeBag || !safeInfo) {
1.673 + return SECFailure;
1.674 + }
1.675 +
1.676 + if(!safeInfo->safe) {
1.677 + safeInfo->safe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
1.678 + if(!safeInfo->safe) {
1.679 + return SECFailure;
1.680 + }
1.681 + }
1.682 +
1.683 + dest = safeInfo->safe;
1.684 + rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, dest, safeBag);
1.685 + if(rv == SECSuccess) {
1.686 + safeInfo->itemCount++;
1.687 + }
1.688 +
1.689 + return rv;
1.690 +}
1.691 +
1.692 +/* Creates a safeBag of the specified type, and if bagData is specified,
1.693 + * the contents are set. The contents could be set later by the calling
1.694 + * routine.
1.695 + */
1.696 +sec_PKCS12SafeBag *
1.697 +sec_PKCS12CreateSafeBag(SEC_PKCS12ExportContext *p12ctxt, SECOidTag bagType,
1.698 + void *bagData)
1.699 +{
1.700 + sec_PKCS12SafeBag *safeBag;
1.701 + PRBool setName = PR_TRUE;
1.702 + void *mark = NULL;
1.703 + SECStatus rv = SECSuccess;
1.704 + SECOidData *oidData = NULL;
1.705 +
1.706 + if(!p12ctxt) {
1.707 + return NULL;
1.708 + }
1.709 +
1.710 + mark = PORT_ArenaMark(p12ctxt->arena);
1.711 + if(!mark) {
1.712 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.713 + return NULL;
1.714 + }
1.715 +
1.716 + safeBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12ctxt->arena,
1.717 + sizeof(sec_PKCS12SafeBag));
1.718 + if(!safeBag) {
1.719 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.720 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.721 + return NULL;
1.722 + }
1.723 +
1.724 + /* set the bags content based upon bag type */
1.725 + switch(bagType) {
1.726 + case SEC_OID_PKCS12_V1_KEY_BAG_ID:
1.727 + safeBag->safeBagContent.pkcs8KeyBag =
1.728 + (SECKEYPrivateKeyInfo *)bagData;
1.729 + break;
1.730 + case SEC_OID_PKCS12_V1_CERT_BAG_ID:
1.731 + safeBag->safeBagContent.certBag = (sec_PKCS12CertBag *)bagData;
1.732 + break;
1.733 + case SEC_OID_PKCS12_V1_CRL_BAG_ID:
1.734 + safeBag->safeBagContent.crlBag = (sec_PKCS12CRLBag *)bagData;
1.735 + break;
1.736 + case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
1.737 + safeBag->safeBagContent.secretBag = (sec_PKCS12SecretBag *)bagData;
1.738 + break;
1.739 + case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
1.740 + safeBag->safeBagContent.pkcs8ShroudedKeyBag =
1.741 + (SECKEYEncryptedPrivateKeyInfo *)bagData;
1.742 + break;
1.743 + case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
1.744 + safeBag->safeBagContent.safeContents =
1.745 + (sec_PKCS12SafeContents *)bagData;
1.746 + setName = PR_FALSE;
1.747 + break;
1.748 + default:
1.749 + goto loser;
1.750 + }
1.751 +
1.752 + oidData = SECOID_FindOIDByTag(bagType);
1.753 + if(oidData) {
1.754 + rv = SECITEM_CopyItem(p12ctxt->arena, &safeBag->safeBagType, &oidData->oid);
1.755 + if(rv != SECSuccess) {
1.756 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.757 + goto loser;
1.758 + }
1.759 + } else {
1.760 + goto loser;
1.761 + }
1.762 +
1.763 + safeBag->arena = p12ctxt->arena;
1.764 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.765 +
1.766 + return safeBag;
1.767 +
1.768 +loser:
1.769 + if(mark) {
1.770 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.771 + }
1.772 +
1.773 + return NULL;
1.774 +}
1.775 +
1.776 +/* Creates a new certificate bag and returns a pointer to it. If an error
1.777 + * occurs NULL is returned.
1.778 + */
1.779 +sec_PKCS12CertBag *
1.780 +sec_PKCS12NewCertBag(PLArenaPool *arena, SECOidTag certType)
1.781 +{
1.782 + sec_PKCS12CertBag *certBag = NULL;
1.783 + SECOidData *bagType = NULL;
1.784 + SECStatus rv;
1.785 + void *mark = NULL;
1.786 +
1.787 + if(!arena) {
1.788 + return NULL;
1.789 + }
1.790 +
1.791 + mark = PORT_ArenaMark(arena);
1.792 + certBag = (sec_PKCS12CertBag *)PORT_ArenaZAlloc(arena,
1.793 + sizeof(sec_PKCS12CertBag));
1.794 + if(!certBag) {
1.795 + PORT_ArenaRelease(arena, mark);
1.796 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.797 + return NULL;
1.798 + }
1.799 +
1.800 + bagType = SECOID_FindOIDByTag(certType);
1.801 + if(!bagType) {
1.802 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.803 + goto loser;
1.804 + }
1.805 +
1.806 + rv = SECITEM_CopyItem(arena, &certBag->bagID, &bagType->oid);
1.807 + if(rv != SECSuccess) {
1.808 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.809 + goto loser;
1.810 + }
1.811 +
1.812 + PORT_ArenaUnmark(arena, mark);
1.813 + return certBag;
1.814 +
1.815 +loser:
1.816 + PORT_ArenaRelease(arena, mark);
1.817 + return NULL;
1.818 +}
1.819 +
1.820 +/* Creates a new CRL bag and returns a pointer to it. If an error
1.821 + * occurs NULL is returned.
1.822 + */
1.823 +sec_PKCS12CRLBag *
1.824 +sec_PKCS12NewCRLBag(PLArenaPool *arena, SECOidTag crlType)
1.825 +{
1.826 + sec_PKCS12CRLBag *crlBag = NULL;
1.827 + SECOidData *bagType = NULL;
1.828 + SECStatus rv;
1.829 + void *mark = NULL;
1.830 +
1.831 + if(!arena) {
1.832 + return NULL;
1.833 + }
1.834 +
1.835 + mark = PORT_ArenaMark(arena);
1.836 + crlBag = (sec_PKCS12CRLBag *)PORT_ArenaZAlloc(arena,
1.837 + sizeof(sec_PKCS12CRLBag));
1.838 + if(!crlBag) {
1.839 + PORT_ArenaRelease(arena, mark);
1.840 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.841 + return NULL;
1.842 + }
1.843 +
1.844 + bagType = SECOID_FindOIDByTag(crlType);
1.845 + if(!bagType) {
1.846 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.847 + goto loser;
1.848 + }
1.849 +
1.850 + rv = SECITEM_CopyItem(arena, &crlBag->bagID, &bagType->oid);
1.851 + if(rv != SECSuccess) {
1.852 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.853 + goto loser;
1.854 + }
1.855 +
1.856 + PORT_ArenaUnmark(arena, mark);
1.857 + return crlBag;
1.858 +
1.859 +loser:
1.860 + PORT_ArenaRelease(arena, mark);
1.861 + return NULL;
1.862 +}
1.863 +
1.864 +/* sec_PKCS12AddAttributeToBag
1.865 + * adds an attribute to a safeBag. currently, the only attributes supported
1.866 + * are those which are specified within PKCS 12.
1.867 + *
1.868 + * p12ctxt - the export context
1.869 + * safeBag - the safeBag to which attributes are appended
1.870 + * attrType - the attribute type
1.871 + * attrData - the attribute data
1.872 + */
1.873 +SECStatus
1.874 +sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt,
1.875 + sec_PKCS12SafeBag *safeBag, SECOidTag attrType,
1.876 + SECItem *attrData)
1.877 +{
1.878 + sec_PKCS12Attribute *attribute;
1.879 + void *mark = NULL, *dummy = NULL;
1.880 + SECOidData *oiddata = NULL;
1.881 + SECItem unicodeName = { siBuffer, NULL, 0};
1.882 + void *src = NULL;
1.883 + unsigned int nItems = 0;
1.884 + SECStatus rv;
1.885 +
1.886 + if(!safeBag || !p12ctxt) {
1.887 + return SECFailure;
1.888 + }
1.889 +
1.890 + mark = PORT_ArenaMark(safeBag->arena);
1.891 +
1.892 + /* allocate the attribute */
1.893 + attribute = (sec_PKCS12Attribute *)PORT_ArenaZAlloc(safeBag->arena,
1.894 + sizeof(sec_PKCS12Attribute));
1.895 + if(!attribute) {
1.896 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.897 + goto loser;
1.898 + }
1.899 +
1.900 + /* set up the attribute */
1.901 + oiddata = SECOID_FindOIDByTag(attrType);
1.902 + if(!oiddata) {
1.903 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.904 + goto loser;
1.905 + }
1.906 + if(SECITEM_CopyItem(p12ctxt->arena, &attribute->attrType, &oiddata->oid) !=
1.907 + SECSuccess) {
1.908 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.909 + goto loser;
1.910 + }
1.911 +
1.912 + nItems = 1;
1.913 + switch(attrType) {
1.914 + case SEC_OID_PKCS9_LOCAL_KEY_ID:
1.915 + {
1.916 + src = attrData;
1.917 + break;
1.918 + }
1.919 + case SEC_OID_PKCS9_FRIENDLY_NAME:
1.920 + {
1.921 + if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena,
1.922 + &unicodeName, attrData, PR_FALSE,
1.923 + PR_FALSE, PR_TRUE)) {
1.924 + goto loser;
1.925 + }
1.926 + src = &unicodeName;
1.927 + break;
1.928 + }
1.929 + default:
1.930 + goto loser;
1.931 + }
1.932 +
1.933 + /* append the attribute to the attribute value list */
1.934 + attribute->attrValue = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
1.935 + ((nItems + 1) * sizeof(SECItem *)));
1.936 + if(!attribute->attrValue) {
1.937 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.938 + goto loser;
1.939 + }
1.940 +
1.941 + /* XXX this will need to be changed if attributes requiring more than
1.942 + * one element are ever used.
1.943 + */
1.944 + attribute->attrValue[0] = (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena,
1.945 + sizeof(SECItem));
1.946 + if(!attribute->attrValue[0]) {
1.947 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.948 + goto loser;
1.949 + }
1.950 + attribute->attrValue[1] = NULL;
1.951 +
1.952 + rv = SECITEM_CopyItem(p12ctxt->arena, attribute->attrValue[0],
1.953 + (SECItem*)src);
1.954 + if(rv != SECSuccess) {
1.955 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.956 + goto loser;
1.957 + }
1.958 +
1.959 + /* append the attribute to the safeBag attributes */
1.960 + if(safeBag->nAttribs) {
1.961 + dummy = PORT_ArenaGrow(p12ctxt->arena, safeBag->attribs,
1.962 + ((safeBag->nAttribs + 1) * sizeof(sec_PKCS12Attribute *)),
1.963 + ((safeBag->nAttribs + 2) * sizeof(sec_PKCS12Attribute *)));
1.964 + safeBag->attribs = (sec_PKCS12Attribute **)dummy;
1.965 + } else {
1.966 + safeBag->attribs = (sec_PKCS12Attribute **)PORT_ArenaZAlloc(p12ctxt->arena,
1.967 + 2 * sizeof(sec_PKCS12Attribute *));
1.968 + dummy = safeBag->attribs;
1.969 + }
1.970 + if(!dummy) {
1.971 + goto loser;
1.972 + }
1.973 +
1.974 + safeBag->attribs[safeBag->nAttribs] = attribute;
1.975 + safeBag->attribs[++safeBag->nAttribs] = NULL;
1.976 +
1.977 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.978 + return SECSuccess;
1.979 +
1.980 +loser:
1.981 + if(mark) {
1.982 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.983 + }
1.984 +
1.985 + return SECFailure;
1.986 +}
1.987 +
1.988 +/* SEC_PKCS12AddCert
1.989 + * Adds a certificate to the data being exported.
1.990 + *
1.991 + * p12ctxt - the export context
1.992 + * safe - the safeInfo to which the certificate is placed
1.993 + * nestedDest - if the cert is to be placed within a nested safeContents then,
1.994 + * this value is to be specified with the destination
1.995 + * cert - the cert to export
1.996 + * certDb - the certificate database handle
1.997 + * keyId - a unique identifier to associate a certificate/key pair
1.998 + * includeCertChain - PR_TRUE if the certificate chain is to be included.
1.999 + */
1.1000 +SECStatus
1.1001 +SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
1.1002 + void *nestedDest, CERTCertificate *cert,
1.1003 + CERTCertDBHandle *certDb, SECItem *keyId,
1.1004 + PRBool includeCertChain)
1.1005 +{
1.1006 + sec_PKCS12CertBag *certBag;
1.1007 + sec_PKCS12SafeBag *safeBag;
1.1008 + void *mark;
1.1009 + SECStatus rv;
1.1010 + SECItem nick = {siBuffer, NULL,0};
1.1011 +
1.1012 + if(!p12ctxt || !cert) {
1.1013 + return SECFailure;
1.1014 + }
1.1015 + mark = PORT_ArenaMark(p12ctxt->arena);
1.1016 +
1.1017 + /* allocate the cert bag */
1.1018 + certBag = sec_PKCS12NewCertBag(p12ctxt->arena,
1.1019 + SEC_OID_PKCS9_X509_CERT);
1.1020 + if(!certBag) {
1.1021 + goto loser;
1.1022 + }
1.1023 +
1.1024 + if(SECITEM_CopyItem(p12ctxt->arena, &certBag->value.x509Cert,
1.1025 + &cert->derCert) != SECSuccess) {
1.1026 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1027 + goto loser;
1.1028 + }
1.1029 +
1.1030 + /* if the cert chain is to be included, we should only be exporting
1.1031 + * the cert from our internal database.
1.1032 + */
1.1033 + if(includeCertChain) {
1.1034 + CERTCertificateList *certList = CERT_CertChainFromCert(cert,
1.1035 + certUsageSSLClient,
1.1036 + PR_TRUE);
1.1037 + unsigned int count = 0;
1.1038 + if(!certList) {
1.1039 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1040 + goto loser;
1.1041 + }
1.1042 +
1.1043 + /* add cert chain */
1.1044 + for(count = 0; count < (unsigned int)certList->len; count++) {
1.1045 + if(SECITEM_CompareItem(&certList->certs[count], &cert->derCert)
1.1046 + != SECEqual) {
1.1047 + CERTCertificate *tempCert;
1.1048 +
1.1049 + /* decode the certificate */
1.1050 + /* XXX
1.1051 + * This was rather silly. The chain is constructed above
1.1052 + * by finding all of the CERTCertificate's in the database.
1.1053 + * Then the chain is put into a CERTCertificateList, which only
1.1054 + * contains the DER. Finally, the DER was decoded, and the
1.1055 + * decoded cert was sent recursively back to this function.
1.1056 + * Beyond being inefficent, this causes data loss (specifically,
1.1057 + * the nickname). Instead, for 3.4, we'll do a lookup by the
1.1058 + * DER, which should return the cached entry.
1.1059 + */
1.1060 + tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
1.1061 + &certList->certs[count]);
1.1062 + if(!tempCert) {
1.1063 + CERT_DestroyCertificateList(certList);
1.1064 + goto loser;
1.1065 + }
1.1066 +
1.1067 + /* add the certificate */
1.1068 + if(SEC_PKCS12AddCert(p12ctxt, safe, nestedDest, tempCert,
1.1069 + certDb, NULL, PR_FALSE) != SECSuccess) {
1.1070 + CERT_DestroyCertificate(tempCert);
1.1071 + CERT_DestroyCertificateList(certList);
1.1072 + goto loser;
1.1073 + }
1.1074 + CERT_DestroyCertificate(tempCert);
1.1075 + }
1.1076 + }
1.1077 + CERT_DestroyCertificateList(certList);
1.1078 + }
1.1079 +
1.1080 + /* if the certificate has a nickname, we will set the friendly name
1.1081 + * to that.
1.1082 + */
1.1083 + if(cert->nickname) {
1.1084 + if (cert->slot && !PK11_IsInternal(cert->slot)) {
1.1085 + /*
1.1086 + * The cert is coming off of an external token,
1.1087 + * let's strip the token name from the nickname
1.1088 + * and only add what comes after the colon as the
1.1089 + * nickname. -javi
1.1090 + */
1.1091 + char *delimit;
1.1092 +
1.1093 + delimit = PORT_Strchr(cert->nickname,':');
1.1094 + if (delimit == NULL) {
1.1095 + nick.data = (unsigned char *)cert->nickname;
1.1096 + nick.len = PORT_Strlen(cert->nickname);
1.1097 + } else {
1.1098 + delimit++;
1.1099 + nick.data = (unsigned char *)PORT_ArenaStrdup(p12ctxt->arena,
1.1100 + delimit);
1.1101 + nick.len = PORT_Strlen(delimit);
1.1102 + }
1.1103 + } else {
1.1104 + nick.data = (unsigned char *)cert->nickname;
1.1105 + nick.len = PORT_Strlen(cert->nickname);
1.1106 + }
1.1107 + }
1.1108 +
1.1109 + safeBag = sec_PKCS12CreateSafeBag(p12ctxt, SEC_OID_PKCS12_V1_CERT_BAG_ID,
1.1110 + certBag);
1.1111 + if(!safeBag) {
1.1112 + goto loser;
1.1113 + }
1.1114 +
1.1115 + /* add the friendly name and keyId attributes, if necessary */
1.1116 + if(nick.data) {
1.1117 + if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag,
1.1118 + SEC_OID_PKCS9_FRIENDLY_NAME, &nick)
1.1119 + != SECSuccess) {
1.1120 + goto loser;
1.1121 + }
1.1122 + }
1.1123 +
1.1124 + if(keyId) {
1.1125 + if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
1.1126 + keyId) != SECSuccess) {
1.1127 + goto loser;
1.1128 + }
1.1129 + }
1.1130 +
1.1131 + /* append the cert safeBag */
1.1132 + if(nestedDest) {
1.1133 + rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
1.1134 + (sec_PKCS12SafeContents*)nestedDest,
1.1135 + safeBag);
1.1136 + } else {
1.1137 + rv = sec_pkcs12_append_bag(p12ctxt, safe, safeBag);
1.1138 + }
1.1139 +
1.1140 + if(rv != SECSuccess) {
1.1141 + goto loser;
1.1142 + }
1.1143 +
1.1144 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.1145 + return SECSuccess;
1.1146 +
1.1147 +loser:
1.1148 + if(mark) {
1.1149 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1150 + }
1.1151 +
1.1152 + return SECFailure;
1.1153 +}
1.1154 +
1.1155 +/* SEC_PKCS12AddKeyForCert
1.1156 + * Extracts the key associated with a particular certificate and exports
1.1157 + * it.
1.1158 + *
1.1159 + * p12ctxt - the export context
1.1160 + * safe - the safeInfo to place the key in
1.1161 + * nestedDest - the nested safeContents to place a key
1.1162 + * cert - the certificate which the key belongs to
1.1163 + * shroudKey - encrypt the private key for export. This value should
1.1164 + * always be true. lower level code will not allow the export
1.1165 + * of unencrypted private keys.
1.1166 + * algorithm - the algorithm with which to encrypt the private key
1.1167 + * pwitem - the password to encrypt the private key with
1.1168 + * keyId - the keyID attribute
1.1169 + * nickName - the nickname attribute
1.1170 + */
1.1171 +SECStatus
1.1172 +SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
1.1173 + void *nestedDest, CERTCertificate *cert,
1.1174 + PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
1.1175 + SECItem *keyId, SECItem *nickName)
1.1176 +{
1.1177 + void *mark;
1.1178 + void *keyItem;
1.1179 + SECOidTag keyType;
1.1180 + SECStatus rv = SECFailure;
1.1181 + SECItem nickname = {siBuffer,NULL,0}, uniPwitem = {siBuffer, NULL, 0};
1.1182 + sec_PKCS12SafeBag *returnBag;
1.1183 +
1.1184 + if(!p12ctxt || !cert || !safe) {
1.1185 + return SECFailure;
1.1186 + }
1.1187 +
1.1188 + mark = PORT_ArenaMark(p12ctxt->arena);
1.1189 +
1.1190 + /* retrieve the key based upon the type that it is and
1.1191 + * specify the type of safeBag to store the key in
1.1192 + */
1.1193 + if(!shroudKey) {
1.1194 +
1.1195 + /* extract the key unencrypted. this will most likely go away */
1.1196 + SECKEYPrivateKeyInfo *pki = PK11_ExportPrivateKeyInfo(cert,
1.1197 + p12ctxt->wincx);
1.1198 + if(!pki) {
1.1199 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1200 + PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
1.1201 + return SECFailure;
1.1202 + }
1.1203 + keyItem = PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECKEYPrivateKeyInfo));
1.1204 + if(!keyItem) {
1.1205 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1206 + goto loser;
1.1207 + }
1.1208 + rv = SECKEY_CopyPrivateKeyInfo(p12ctxt->arena,
1.1209 + (SECKEYPrivateKeyInfo *)keyItem, pki);
1.1210 + keyType = SEC_OID_PKCS12_V1_KEY_BAG_ID;
1.1211 + SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
1.1212 + } else {
1.1213 +
1.1214 + /* extract the key encrypted */
1.1215 + SECKEYEncryptedPrivateKeyInfo *epki = NULL;
1.1216 + PK11SlotInfo *slot = NULL;
1.1217 +
1.1218 + if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, &uniPwitem,
1.1219 + pwitem, PR_TRUE, PR_TRUE, PR_TRUE)) {
1.1220 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1221 + goto loser;
1.1222 + }
1.1223 +
1.1224 + /* we want to make sure to take the key out of the key slot */
1.1225 + if(PK11_IsInternal(p12ctxt->slot)) {
1.1226 + slot = PK11_GetInternalKeySlot();
1.1227 + } else {
1.1228 + slot = PK11_ReferenceSlot(p12ctxt->slot);
1.1229 + }
1.1230 +
1.1231 + epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm,
1.1232 + &uniPwitem, cert,
1.1233 + NSS_PBE_DEFAULT_ITERATION_COUNT,
1.1234 + p12ctxt->wincx);
1.1235 + PK11_FreeSlot(slot);
1.1236 + if(!epki) {
1.1237 + PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
1.1238 + goto loser;
1.1239 + }
1.1240 +
1.1241 + keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
1.1242 + sizeof(SECKEYEncryptedPrivateKeyInfo));
1.1243 + if(!keyItem) {
1.1244 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1245 + goto loser;
1.1246 + }
1.1247 + rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
1.1248 + (SECKEYEncryptedPrivateKeyInfo *)keyItem,
1.1249 + epki);
1.1250 + keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
1.1251 + SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
1.1252 + }
1.1253 +
1.1254 + if(rv != SECSuccess) {
1.1255 + goto loser;
1.1256 + }
1.1257 +
1.1258 + /* if no nickname specified, let's see if the certificate has a
1.1259 + * nickname.
1.1260 + */
1.1261 + if(!nickName) {
1.1262 + if(cert->nickname) {
1.1263 + nickname.data = (unsigned char *)cert->nickname;
1.1264 + nickname.len = PORT_Strlen(cert->nickname);
1.1265 + nickName = &nickname;
1.1266 + }
1.1267 + }
1.1268 +
1.1269 + /* create the safe bag and set any attributes */
1.1270 + returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
1.1271 + if(!returnBag) {
1.1272 + rv = SECFailure;
1.1273 + goto loser;
1.1274 + }
1.1275 +
1.1276 + if(nickName) {
1.1277 + if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
1.1278 + SEC_OID_PKCS9_FRIENDLY_NAME, nickName)
1.1279 + != SECSuccess) {
1.1280 + goto loser;
1.1281 + }
1.1282 + }
1.1283 +
1.1284 + if(keyId) {
1.1285 + if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
1.1286 + keyId) != SECSuccess) {
1.1287 + goto loser;
1.1288 + }
1.1289 + }
1.1290 +
1.1291 + if(nestedDest) {
1.1292 + rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
1.1293 + (sec_PKCS12SafeContents*)nestedDest,
1.1294 + returnBag);
1.1295 + } else {
1.1296 + rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
1.1297 + }
1.1298 +
1.1299 +loser:
1.1300 +
1.1301 + if (rv != SECSuccess) {
1.1302 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1303 + } else {
1.1304 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.1305 + }
1.1306 +
1.1307 + return rv;
1.1308 +}
1.1309 +
1.1310 +/* SEC_PKCS12AddCertOrChainAndKey
1.1311 + * Add a certificate and key pair to be exported.
1.1312 + *
1.1313 + * p12ctxt - the export context
1.1314 + * certSafe - the safeInfo where the cert is stored
1.1315 + * certNestedDest - the nested safeContents to store the cert
1.1316 + * keySafe - the safeInfo where the key is stored
1.1317 + * keyNestedDest - the nested safeContents to store the key
1.1318 + * shroudKey - extract the private key encrypted?
1.1319 + * pwitem - the password with which the key is encrypted
1.1320 + * algorithm - the algorithm with which the key is encrypted
1.1321 + * includeCertChain - also add certs from chain to bag.
1.1322 + */
1.1323 +SECStatus
1.1324 +SEC_PKCS12AddCertOrChainAndKey(SEC_PKCS12ExportContext *p12ctxt,
1.1325 + void *certSafe, void *certNestedDest,
1.1326 + CERTCertificate *cert, CERTCertDBHandle *certDb,
1.1327 + void *keySafe, void *keyNestedDest,
1.1328 + PRBool shroudKey, SECItem *pwitem,
1.1329 + SECOidTag algorithm, PRBool includeCertChain)
1.1330 +{
1.1331 + SECStatus rv = SECFailure;
1.1332 + SGNDigestInfo *digest = NULL;
1.1333 + void *mark = NULL;
1.1334 +
1.1335 + if(!p12ctxt || !certSafe || !keySafe || !cert) {
1.1336 + return SECFailure;
1.1337 + }
1.1338 +
1.1339 + mark = PORT_ArenaMark(p12ctxt->arena);
1.1340 +
1.1341 + /* generate the thumbprint of the cert to use as a keyId */
1.1342 + digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
1.1343 + if(!digest) {
1.1344 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1345 + return SECFailure;
1.1346 + }
1.1347 +
1.1348 + /* add the certificate */
1.1349 + rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe,
1.1350 + (SEC_PKCS12SafeInfo*)certNestedDest, cert, certDb,
1.1351 + &digest->digest, includeCertChain);
1.1352 + if(rv != SECSuccess) {
1.1353 + goto loser;
1.1354 + }
1.1355 +
1.1356 + /* add the key */
1.1357 + rv = SEC_PKCS12AddKeyForCert(p12ctxt, (SEC_PKCS12SafeInfo*)keySafe,
1.1358 + keyNestedDest, cert,
1.1359 + shroudKey, algorithm, pwitem,
1.1360 + &digest->digest, NULL );
1.1361 + if(rv != SECSuccess) {
1.1362 + goto loser;
1.1363 + }
1.1364 +
1.1365 + SGN_DestroyDigestInfo(digest);
1.1366 +
1.1367 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.1368 + return SECSuccess;
1.1369 +
1.1370 +loser:
1.1371 + SGN_DestroyDigestInfo(digest);
1.1372 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1373 +
1.1374 + return SECFailure;
1.1375 +}
1.1376 +
1.1377 +/* like SEC_PKCS12AddCertOrChainAndKey, but always adds cert chain */
1.1378 +SECStatus
1.1379 +SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
1.1380 + void *certSafe, void *certNestedDest,
1.1381 + CERTCertificate *cert, CERTCertDBHandle *certDb,
1.1382 + void *keySafe, void *keyNestedDest,
1.1383 + PRBool shroudKey, SECItem *pwItem, SECOidTag algorithm)
1.1384 +{
1.1385 + return SEC_PKCS12AddCertOrChainAndKey(p12ctxt, certSafe, certNestedDest,
1.1386 + cert, certDb, keySafe, keyNestedDest, shroudKey, pwItem,
1.1387 + algorithm, PR_TRUE);
1.1388 +}
1.1389 +
1.1390 +
1.1391 +/* SEC_PKCS12CreateNestedSafeContents
1.1392 + * Allows nesting of safe contents to be implemented. No limit imposed on
1.1393 + * depth.
1.1394 + *
1.1395 + * p12ctxt - the export context
1.1396 + * baseSafe - the base safeInfo
1.1397 + * nestedDest - a parent safeContents (?)
1.1398 + */
1.1399 +void *
1.1400 +SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
1.1401 + void *baseSafe, void *nestedDest)
1.1402 +{
1.1403 + sec_PKCS12SafeContents *newSafe;
1.1404 + sec_PKCS12SafeBag *safeContentsBag;
1.1405 + void *mark;
1.1406 + SECStatus rv;
1.1407 +
1.1408 + if(!p12ctxt || !baseSafe) {
1.1409 + return NULL;
1.1410 + }
1.1411 +
1.1412 + mark = PORT_ArenaMark(p12ctxt->arena);
1.1413 +
1.1414 + newSafe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
1.1415 + if(!newSafe) {
1.1416 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1417 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1418 + return NULL;
1.1419 + }
1.1420 +
1.1421 + /* create the safeContents safeBag */
1.1422 + safeContentsBag = sec_PKCS12CreateSafeBag(p12ctxt,
1.1423 + SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
1.1424 + newSafe);
1.1425 + if(!safeContentsBag) {
1.1426 + goto loser;
1.1427 + }
1.1428 +
1.1429 + /* append the safeContents to the appropriate area */
1.1430 + if(nestedDest) {
1.1431 + rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
1.1432 + (sec_PKCS12SafeContents*)nestedDest,
1.1433 + safeContentsBag);
1.1434 + } else {
1.1435 + rv = sec_pkcs12_append_bag(p12ctxt, (SEC_PKCS12SafeInfo*)baseSafe,
1.1436 + safeContentsBag);
1.1437 + }
1.1438 + if(rv != SECSuccess) {
1.1439 + goto loser;
1.1440 + }
1.1441 +
1.1442 + PORT_ArenaUnmark(p12ctxt->arena, mark);
1.1443 + return newSafe;
1.1444 +
1.1445 +loser:
1.1446 + PORT_ArenaRelease(p12ctxt->arena, mark);
1.1447 + return NULL;
1.1448 +}
1.1449 +
1.1450 +/*********************************
1.1451 + * Encoding routines
1.1452 + *********************************/
1.1453 +
1.1454 +/* Clean up the resources allocated by a sec_PKCS12EncoderContext. */
1.1455 +static void
1.1456 +sec_pkcs12_encoder_destroy_context(sec_PKCS12EncoderContext *p12enc)
1.1457 +{
1.1458 + if(p12enc) {
1.1459 + if(p12enc->outerA1ecx) {
1.1460 + SEC_ASN1EncoderFinish(p12enc->outerA1ecx);
1.1461 + p12enc->outerA1ecx = NULL;
1.1462 + }
1.1463 + if(p12enc->aSafeCinfo) {
1.1464 + SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);
1.1465 + p12enc->aSafeCinfo = NULL;
1.1466 + }
1.1467 + if(p12enc->middleP7ecx) {
1.1468 + SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12enc->p12exp->pwfn,
1.1469 + p12enc->p12exp->pwfnarg);
1.1470 + p12enc->middleP7ecx = NULL;
1.1471 + }
1.1472 + if(p12enc->middleA1ecx) {
1.1473 + SEC_ASN1EncoderFinish(p12enc->middleA1ecx);
1.1474 + p12enc->middleA1ecx = NULL;
1.1475 + }
1.1476 + if(p12enc->hmacCx) {
1.1477 + PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);
1.1478 + p12enc->hmacCx = NULL;
1.1479 + }
1.1480 + }
1.1481 +}
1.1482 +
1.1483 +/* set up the encoder context based on information in the export context
1.1484 + * and return the newly allocated enocoder context. A return of NULL
1.1485 + * indicates an error occurred.
1.1486 + */
1.1487 +static sec_PKCS12EncoderContext *
1.1488 +sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)
1.1489 +{
1.1490 + sec_PKCS12EncoderContext *p12enc = NULL;
1.1491 + unsigned int i, nonEmptyCnt;
1.1492 + SECStatus rv;
1.1493 + SECItem ignore = {0};
1.1494 + void *mark;
1.1495 +
1.1496 + if(!p12exp || !p12exp->safeInfos) {
1.1497 + return NULL;
1.1498 + }
1.1499 +
1.1500 + /* check for any empty safes and skip them */
1.1501 + i = nonEmptyCnt = 0;
1.1502 + while(p12exp->safeInfos[i]) {
1.1503 + if(p12exp->safeInfos[i]->itemCount) {
1.1504 + nonEmptyCnt++;
1.1505 + }
1.1506 + i++;
1.1507 + }
1.1508 + if(nonEmptyCnt == 0) {
1.1509 + return NULL;
1.1510 + }
1.1511 + p12exp->authSafe.encodedSafes[nonEmptyCnt] = NULL;
1.1512 +
1.1513 + /* allocate the encoder context */
1.1514 + mark = PORT_ArenaMark(p12exp->arena);
1.1515 + p12enc = PORT_ArenaZNew(p12exp->arena, sec_PKCS12EncoderContext);
1.1516 + if(!p12enc) {
1.1517 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1518 + return NULL;
1.1519 + }
1.1520 +
1.1521 + p12enc->arena = p12exp->arena;
1.1522 + p12enc->p12exp = p12exp;
1.1523 +
1.1524 + /* set up the PFX version and information */
1.1525 + PORT_Memset(&p12enc->pfx, 0, sizeof(sec_PKCS12PFXItem));
1.1526 + if(!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->pfx.version),
1.1527 + SEC_PKCS12_VERSION) ) {
1.1528 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1529 + goto loser;
1.1530 + }
1.1531 +
1.1532 + /* set up the authenticated safe content info based on the
1.1533 + * type of integrity being used. this should be changed to
1.1534 + * enforce integrity mode, but will not be implemented until
1.1535 + * it is confirmed that integrity must be in place
1.1536 + */
1.1537 + if(p12exp->integrityEnabled && !p12exp->pwdIntegrity) {
1.1538 + SECStatus rv;
1.1539 +
1.1540 + /* create public key integrity mode */
1.1541 + p12enc->aSafeCinfo = SEC_PKCS7CreateSignedData(
1.1542 + p12exp->integrityInfo.pubkeyInfo.cert,
1.1543 + certUsageEmailSigner,
1.1544 + p12exp->integrityInfo.pubkeyInfo.certDb,
1.1545 + p12exp->integrityInfo.pubkeyInfo.algorithm,
1.1546 + NULL,
1.1547 + p12exp->pwfn,
1.1548 + p12exp->pwfnarg);
1.1549 + if(!p12enc->aSafeCinfo) {
1.1550 + goto loser;
1.1551 + }
1.1552 + if(SEC_PKCS7IncludeCertChain(p12enc->aSafeCinfo,NULL) != SECSuccess) {
1.1553 + goto loser;
1.1554 + }
1.1555 + rv = SEC_PKCS7AddSigningTime(p12enc->aSafeCinfo);
1.1556 + PORT_Assert(rv == SECSuccess);
1.1557 + } else {
1.1558 + p12enc->aSafeCinfo = SEC_PKCS7CreateData();
1.1559 +
1.1560 + /* init password pased integrity mode */
1.1561 + if(p12exp->integrityEnabled) {
1.1562 + SECItem pwd = {siBuffer,NULL, 0};
1.1563 + SECItem *salt = sec_pkcs12_generate_salt();
1.1564 + PK11SymKey *symKey;
1.1565 + SECItem *params;
1.1566 + CK_MECHANISM_TYPE integrityMechType;
1.1567 + CK_MECHANISM_TYPE hmacMechType;
1.1568 +
1.1569 + /* zero out macData and set values */
1.1570 + PORT_Memset(&p12enc->mac, 0, sizeof(sec_PKCS12MacData));
1.1571 +
1.1572 + if(!salt) {
1.1573 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1574 + goto loser;
1.1575 + }
1.1576 + if(SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt)
1.1577 + != SECSuccess) {
1.1578 + /* XXX salt is leaked */
1.1579 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1580 + goto loser;
1.1581 + }
1.1582 + if (!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->mac.iter),
1.1583 + NSS_PBE_DEFAULT_ITERATION_COUNT)) {
1.1584 + /* XXX salt is leaked */
1.1585 + goto loser;
1.1586 + }
1.1587 +
1.1588 + /* generate HMAC key */
1.1589 + if(!sec_pkcs12_convert_item_to_unicode(NULL, &pwd,
1.1590 + p12exp->integrityInfo.pwdInfo.password, PR_TRUE,
1.1591 + PR_TRUE, PR_TRUE)) {
1.1592 + /* XXX salt is leaked */
1.1593 + goto loser;
1.1594 + }
1.1595 + /*
1.1596 + * This code only works with PKCS #12 Mac using PKCS #5 v1
1.1597 + * PBA keygens. PKCS #5 v2 support will require a change to
1.1598 + * the PKCS #12 spec.
1.1599 + */
1.1600 + params = PK11_CreatePBEParams(salt, &pwd,
1.1601 + NSS_PBE_DEFAULT_ITERATION_COUNT);
1.1602 + SECITEM_ZfreeItem(salt, PR_TRUE);
1.1603 + SECITEM_ZfreeItem(&pwd, PR_FALSE);
1.1604 +
1.1605 + /* get the PBA Mechanism to generate the key */
1.1606 + switch (p12exp->integrityInfo.pwdInfo.algorithm) {
1.1607 + case SEC_OID_SHA1:
1.1608 + integrityMechType = CKM_PBA_SHA1_WITH_SHA1_HMAC; break;
1.1609 + case SEC_OID_MD5:
1.1610 + integrityMechType = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN; break;
1.1611 + case SEC_OID_MD2:
1.1612 + integrityMechType = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;
1.1613 + default:
1.1614 + /* XXX params is leaked */
1.1615 + goto loser;
1.1616 + }
1.1617 +
1.1618 + /* generate the key */
1.1619 + symKey = PK11_KeyGen(NULL, integrityMechType, params, 20, NULL);
1.1620 + PK11_DestroyPBEParams(params);
1.1621 + if(!symKey) {
1.1622 + goto loser;
1.1623 + }
1.1624 +
1.1625 + /* initialize HMAC */
1.1626 + /* Get the HMAC mechanism from the hash OID */
1.1627 + hmacMechType= sec_pkcs12_algtag_to_mech(
1.1628 + p12exp->integrityInfo.pwdInfo.algorithm);
1.1629 +
1.1630 + p12enc->hmacCx = PK11_CreateContextBySymKey( hmacMechType,
1.1631 + CKA_SIGN, symKey, &ignore);
1.1632 +
1.1633 + PK11_FreeSymKey(symKey);
1.1634 + if(!p12enc->hmacCx) {
1.1635 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1636 + goto loser;
1.1637 + }
1.1638 + rv = PK11_DigestBegin(p12enc->hmacCx);
1.1639 + if (rv != SECSuccess)
1.1640 + goto loser;
1.1641 + }
1.1642 + }
1.1643 +
1.1644 + if(!p12enc->aSafeCinfo) {
1.1645 + goto loser;
1.1646 + }
1.1647 +
1.1648 + PORT_ArenaUnmark(p12exp->arena, mark);
1.1649 +
1.1650 + return p12enc;
1.1651 +
1.1652 +loser:
1.1653 + sec_pkcs12_encoder_destroy_context(p12enc);
1.1654 + if (p12exp->arena != NULL)
1.1655 + PORT_ArenaRelease(p12exp->arena, mark);
1.1656 +
1.1657 + return NULL;
1.1658 +}
1.1659 +
1.1660 +/* The outermost ASN.1 encoder calls this function for output.
1.1661 +** This function calls back to the library caller's output routine,
1.1662 +** which typically writes to a PKCS12 file.
1.1663 + */
1.1664 +static void
1.1665 +sec_P12A1OutputCB_Outer(void *arg, const char *buf, unsigned long len,
1.1666 + int depth, SEC_ASN1EncodingPart data_kind)
1.1667 +{
1.1668 + struct sec_pkcs12_encoder_output *output;
1.1669 +
1.1670 + output = (struct sec_pkcs12_encoder_output*)arg;
1.1671 + (* output->outputfn)(output->outputarg, buf, len);
1.1672 +}
1.1673 +
1.1674 +/* The "middle" and "inner" ASN.1 encoders call this function to output.
1.1675 +** This function does HMACing, if appropriate, and then buffers the data.
1.1676 +** The buffered data is eventually passed down to the underlying PKCS7 encoder.
1.1677 + */
1.1678 +static void
1.1679 +sec_P12A1OutputCB_HmacP7Update(void *arg, const char *buf,
1.1680 + unsigned long len,
1.1681 + int depth,
1.1682 + SEC_ASN1EncodingPart data_kind)
1.1683 +{
1.1684 + sec_pkcs12OutputBuffer * bufcx = (sec_pkcs12OutputBuffer *)arg;
1.1685 +
1.1686 + if(!buf || !len)
1.1687 + return;
1.1688 +
1.1689 + if (bufcx->hmacCx) {
1.1690 + PK11_DigestOp(bufcx->hmacCx, (unsigned char *)buf, len);
1.1691 + }
1.1692 +
1.1693 + /* buffer */
1.1694 + if (bufcx->numBytes > 0) {
1.1695 + int toCopy;
1.1696 + if (len + bufcx->numBytes <= bufcx->bufBytes) {
1.1697 + memcpy(bufcx->buf + bufcx->numBytes, buf, len);
1.1698 + bufcx->numBytes += len;
1.1699 + if (bufcx->numBytes < bufcx->bufBytes)
1.1700 + return;
1.1701 + SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->bufBytes);
1.1702 + bufcx->numBytes = 0;
1.1703 + return;
1.1704 + }
1.1705 + toCopy = bufcx->bufBytes - bufcx->numBytes;
1.1706 + memcpy(bufcx->buf + bufcx->numBytes, buf, toCopy);
1.1707 + SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->bufBytes);
1.1708 + bufcx->numBytes = 0;
1.1709 + len -= toCopy;
1.1710 + buf += toCopy;
1.1711 + }
1.1712 + /* buffer is presently empty */
1.1713 + if (len >= bufcx->bufBytes) {
1.1714 + /* Just pass it through */
1.1715 + SEC_PKCS7EncoderUpdate(bufcx->p7eCx, buf, len);
1.1716 + } else {
1.1717 + /* copy it all into the buffer, and return */
1.1718 + memcpy(bufcx->buf, buf, len);
1.1719 + bufcx->numBytes = len;
1.1720 + }
1.1721 +}
1.1722 +
1.1723 +void
1.1724 +sec_FlushPkcs12OutputBuffer( sec_pkcs12OutputBuffer * bufcx)
1.1725 +{
1.1726 + if (bufcx->numBytes > 0) {
1.1727 + SEC_PKCS7EncoderUpdate(bufcx->p7eCx, bufcx->buf, bufcx->numBytes);
1.1728 + bufcx->numBytes = 0;
1.1729 + }
1.1730 +}
1.1731 +
1.1732 +/* Feeds the output of a PKCS7 encoder into the next outward ASN.1 encoder.
1.1733 +** This function is used by both the inner and middle PCS7 encoders.
1.1734 +*/
1.1735 +static void
1.1736 +sec_P12P7OutputCB_CallA1Update(void *arg, const char *buf, unsigned long len)
1.1737 +{
1.1738 + SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext*)arg;
1.1739 +
1.1740 + if (!buf || !len)
1.1741 + return;
1.1742 +
1.1743 + SEC_ASN1EncoderUpdate(cx, buf, len);
1.1744 +}
1.1745 +
1.1746 +
1.1747 +/* this function encodes content infos which are part of the
1.1748 + * sequence of content infos labeled AuthenticatedSafes
1.1749 + */
1.1750 +static SECStatus
1.1751 +sec_pkcs12_encoder_asafe_process(sec_PKCS12EncoderContext *p12ecx)
1.1752 +{
1.1753 + SEC_PKCS7EncoderContext *innerP7ecx;
1.1754 + SEC_PKCS7ContentInfo *cinfo;
1.1755 + PK11SymKey *bulkKey = NULL;
1.1756 + SEC_ASN1EncoderContext *innerA1ecx = NULL;
1.1757 + SECStatus rv = SECSuccess;
1.1758 +
1.1759 + if(p12ecx->currentSafe < p12ecx->p12exp->authSafe.safeCount) {
1.1760 + SEC_PKCS12SafeInfo *safeInfo;
1.1761 + SECOidTag cinfoType;
1.1762 +
1.1763 + safeInfo = p12ecx->p12exp->safeInfos[p12ecx->currentSafe];
1.1764 +
1.1765 + /* skip empty safes */
1.1766 + if(safeInfo->itemCount == 0) {
1.1767 + return SECSuccess;
1.1768 + }
1.1769 +
1.1770 + cinfo = safeInfo->cinfo;
1.1771 + cinfoType = SEC_PKCS7ContentType(cinfo);
1.1772 +
1.1773 + /* determine the safe type and set the appropriate argument */
1.1774 + switch(cinfoType) {
1.1775 + case SEC_OID_PKCS7_DATA:
1.1776 + case SEC_OID_PKCS7_ENVELOPED_DATA:
1.1777 + break;
1.1778 + case SEC_OID_PKCS7_ENCRYPTED_DATA:
1.1779 + bulkKey = safeInfo->encryptionKey;
1.1780 + PK11_SetSymKeyUserData(bulkKey, &safeInfo->pwitem, NULL);
1.1781 + break;
1.1782 + default:
1.1783 + return SECFailure;
1.1784 +
1.1785 + }
1.1786 +
1.1787 + /* start the PKCS7 encoder */
1.1788 + innerP7ecx = SEC_PKCS7EncoderStart(cinfo,
1.1789 + sec_P12P7OutputCB_CallA1Update,
1.1790 + p12ecx->middleA1ecx, bulkKey);
1.1791 + if(!innerP7ecx) {
1.1792 + goto loser;
1.1793 + }
1.1794 +
1.1795 + /* encode safe contents */
1.1796 + p12ecx->innerBuf.p7eCx = innerP7ecx;
1.1797 + p12ecx->innerBuf.hmacCx = NULL;
1.1798 + p12ecx->innerBuf.numBytes = 0;
1.1799 + p12ecx->innerBuf.bufBytes = sizeof p12ecx->innerBuf.buf;
1.1800 +
1.1801 + innerA1ecx = SEC_ASN1EncoderStart(safeInfo->safe,
1.1802 + sec_PKCS12SafeContentsTemplate,
1.1803 + sec_P12A1OutputCB_HmacP7Update,
1.1804 + &p12ecx->innerBuf);
1.1805 + if(!innerA1ecx) {
1.1806 + goto loser;
1.1807 + }
1.1808 + rv = SEC_ASN1EncoderUpdate(innerA1ecx, NULL, 0);
1.1809 + SEC_ASN1EncoderFinish(innerA1ecx);
1.1810 + sec_FlushPkcs12OutputBuffer( &p12ecx->innerBuf);
1.1811 + innerA1ecx = NULL;
1.1812 + if(rv != SECSuccess) {
1.1813 + goto loser;
1.1814 + }
1.1815 +
1.1816 +
1.1817 + /* finish up safe content info */
1.1818 + rv = SEC_PKCS7EncoderFinish(innerP7ecx, p12ecx->p12exp->pwfn,
1.1819 + p12ecx->p12exp->pwfnarg);
1.1820 + }
1.1821 + memset(&p12ecx->innerBuf, 0, sizeof p12ecx->innerBuf);
1.1822 + return SECSuccess;
1.1823 +
1.1824 +loser:
1.1825 + if(innerP7ecx) {
1.1826 + SEC_PKCS7EncoderFinish(innerP7ecx, p12ecx->p12exp->pwfn,
1.1827 + p12ecx->p12exp->pwfnarg);
1.1828 + }
1.1829 +
1.1830 + if(innerA1ecx) {
1.1831 + SEC_ASN1EncoderFinish(innerA1ecx);
1.1832 + }
1.1833 + memset(&p12ecx->innerBuf, 0, sizeof p12ecx->innerBuf);
1.1834 + return SECFailure;
1.1835 +}
1.1836 +
1.1837 +/* finish the HMAC and encode the macData so that it can be
1.1838 + * encoded.
1.1839 + */
1.1840 +static SECStatus
1.1841 +sec_Pkcs12FinishMac(sec_PKCS12EncoderContext *p12ecx)
1.1842 +{
1.1843 + SECItem hmac = { siBuffer, NULL, 0 };
1.1844 + SECStatus rv;
1.1845 + SGNDigestInfo *di = NULL;
1.1846 + void *dummy;
1.1847 +
1.1848 + if(!p12ecx) {
1.1849 + return SECFailure;
1.1850 + }
1.1851 +
1.1852 + /* make sure we are using password integrity mode */
1.1853 + if(!p12ecx->p12exp->integrityEnabled) {
1.1854 + return SECSuccess;
1.1855 + }
1.1856 +
1.1857 + if(!p12ecx->p12exp->pwdIntegrity) {
1.1858 + return SECSuccess;
1.1859 + }
1.1860 +
1.1861 + /* finish the hmac */
1.1862 + hmac.data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
1.1863 + if(!hmac.data) {
1.1864 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1865 + return SECFailure;
1.1866 + }
1.1867 +
1.1868 + rv = PK11_DigestFinal(p12ecx->hmacCx, hmac.data, &hmac.len, SHA1_LENGTH);
1.1869 +
1.1870 + if(rv != SECSuccess) {
1.1871 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1872 + goto loser;
1.1873 + }
1.1874 +
1.1875 + /* create the digest info */
1.1876 + di = SGN_CreateDigestInfo(p12ecx->p12exp->integrityInfo.pwdInfo.algorithm,
1.1877 + hmac.data, hmac.len);
1.1878 + if(!di) {
1.1879 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1880 + rv = SECFailure;
1.1881 + goto loser;
1.1882 + }
1.1883 +
1.1884 + rv = SGN_CopyDigestInfo(p12ecx->arena, &p12ecx->mac.safeMac, di);
1.1885 + if(rv != SECSuccess) {
1.1886 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1887 + goto loser;
1.1888 + }
1.1889 +
1.1890 + /* encode the mac data */
1.1891 + dummy = SEC_ASN1EncodeItem(p12ecx->arena, &p12ecx->pfx.encodedMacData,
1.1892 + &p12ecx->mac, sec_PKCS12MacDataTemplate);
1.1893 + if(!dummy) {
1.1894 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1895 + rv = SECFailure;
1.1896 + }
1.1897 +
1.1898 +loser:
1.1899 + if(di) {
1.1900 + SGN_DestroyDigestInfo(di);
1.1901 + }
1.1902 + if(hmac.data) {
1.1903 + SECITEM_ZfreeItem(&hmac, PR_FALSE);
1.1904 + }
1.1905 + PK11_DestroyContext(p12ecx->hmacCx, PR_TRUE);
1.1906 + p12ecx->hmacCx = NULL;
1.1907 +
1.1908 + return rv;
1.1909 +}
1.1910 +
1.1911 +/* pfx notify function for ASN1 encoder.
1.1912 + * We want to stop encoding once we reach the authenticated safe.
1.1913 + * At that point, the encoder will be updated via streaming
1.1914 + * as the authenticated safe is encoded.
1.1915 + */
1.1916 +static void
1.1917 +sec_pkcs12_encoder_pfx_notify(void *arg, PRBool before, void *dest, int real_depth)
1.1918 +{
1.1919 + sec_PKCS12EncoderContext *p12ecx;
1.1920 +
1.1921 + if(!before) {
1.1922 + return;
1.1923 + }
1.1924 +
1.1925 + /* look for authenticated safe */
1.1926 + p12ecx = (sec_PKCS12EncoderContext*)arg;
1.1927 + if(dest != &p12ecx->pfx.encodedAuthSafe) {
1.1928 + return;
1.1929 + }
1.1930 +
1.1931 + SEC_ASN1EncoderSetTakeFromBuf(p12ecx->outerA1ecx);
1.1932 + SEC_ASN1EncoderSetStreaming(p12ecx->outerA1ecx);
1.1933 + SEC_ASN1EncoderClearNotifyProc(p12ecx->outerA1ecx);
1.1934 +}
1.1935 +
1.1936 +/* SEC_PKCS12Encode
1.1937 + * Encodes the PFX item and returns it to the output function, via
1.1938 + * callback. the output function must be capable of multiple updates.
1.1939 + *
1.1940 + * p12exp - the export context
1.1941 + * output - the output function callback, will be called more than once,
1.1942 + * must be able to accept streaming data.
1.1943 + * outputarg - argument for the output callback.
1.1944 + */
1.1945 +SECStatus
1.1946 +SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
1.1947 + SEC_PKCS12EncoderOutputCallback output, void *outputarg)
1.1948 +{
1.1949 + sec_PKCS12EncoderContext *p12enc;
1.1950 + struct sec_pkcs12_encoder_output outInfo;
1.1951 + SECStatus rv;
1.1952 +
1.1953 + if(!p12exp || !output) {
1.1954 + return SECFailure;
1.1955 + }
1.1956 +
1.1957 + /* get the encoder context */
1.1958 + p12enc = sec_pkcs12_encoder_start_context(p12exp);
1.1959 + if(!p12enc) {
1.1960 + return SECFailure;
1.1961 + }
1.1962 +
1.1963 + outInfo.outputfn = output;
1.1964 + outInfo.outputarg = outputarg;
1.1965 +
1.1966 + /* set up PFX encoder, the "outer" encoder. Set it for streaming */
1.1967 + p12enc->outerA1ecx = SEC_ASN1EncoderStart(&p12enc->pfx,
1.1968 + sec_PKCS12PFXItemTemplate,
1.1969 + sec_P12A1OutputCB_Outer,
1.1970 + &outInfo);
1.1971 + if(!p12enc->outerA1ecx) {
1.1972 + PORT_SetError(SEC_ERROR_NO_MEMORY);
1.1973 + rv = SECFailure;
1.1974 + goto loser;
1.1975 + }
1.1976 + SEC_ASN1EncoderSetStreaming(p12enc->outerA1ecx);
1.1977 + SEC_ASN1EncoderSetNotifyProc(p12enc->outerA1ecx,
1.1978 + sec_pkcs12_encoder_pfx_notify, p12enc);
1.1979 + rv = SEC_ASN1EncoderUpdate(p12enc->outerA1ecx, NULL, 0);
1.1980 + if(rv != SECSuccess) {
1.1981 + rv = SECFailure;
1.1982 + goto loser;
1.1983 + }
1.1984 +
1.1985 + /* set up asafe cinfo - the output of the encoder feeds the PFX encoder */
1.1986 + p12enc->middleP7ecx = SEC_PKCS7EncoderStart(p12enc->aSafeCinfo,
1.1987 + sec_P12P7OutputCB_CallA1Update,
1.1988 + p12enc->outerA1ecx, NULL);
1.1989 + if(!p12enc->middleP7ecx) {
1.1990 + rv = SECFailure;
1.1991 + goto loser;
1.1992 + }
1.1993 +
1.1994 + /* encode asafe */
1.1995 + p12enc->middleBuf.p7eCx = p12enc->middleP7ecx;
1.1996 + p12enc->middleBuf.hmacCx = NULL;
1.1997 + p12enc->middleBuf.numBytes = 0;
1.1998 + p12enc->middleBuf.bufBytes = sizeof p12enc->middleBuf.buf;
1.1999 +
1.2000 + /* Setup the "inner ASN.1 encoder for Authenticated Safes. */
1.2001 + if(p12enc->p12exp->integrityEnabled &&
1.2002 + p12enc->p12exp->pwdIntegrity) {
1.2003 + p12enc->middleBuf.hmacCx = p12enc->hmacCx;
1.2004 + }
1.2005 + p12enc->middleA1ecx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
1.2006 + sec_PKCS12AuthenticatedSafeTemplate,
1.2007 + sec_P12A1OutputCB_HmacP7Update,
1.2008 + &p12enc->middleBuf);
1.2009 + if(!p12enc->middleA1ecx) {
1.2010 + rv = SECFailure;
1.2011 + goto loser;
1.2012 + }
1.2013 + SEC_ASN1EncoderSetStreaming(p12enc->middleA1ecx);
1.2014 + SEC_ASN1EncoderSetTakeFromBuf(p12enc->middleA1ecx);
1.2015 +
1.2016 + /* encode each of the safes */
1.2017 + while(p12enc->currentSafe != p12enc->p12exp->safeInfoCount) {
1.2018 + sec_pkcs12_encoder_asafe_process(p12enc);
1.2019 + p12enc->currentSafe++;
1.2020 + }
1.2021 + SEC_ASN1EncoderClearTakeFromBuf(p12enc->middleA1ecx);
1.2022 + SEC_ASN1EncoderClearStreaming(p12enc->middleA1ecx);
1.2023 + SEC_ASN1EncoderUpdate(p12enc->middleA1ecx, NULL, 0);
1.2024 + SEC_ASN1EncoderFinish(p12enc->middleA1ecx);
1.2025 + p12enc->middleA1ecx = NULL;
1.2026 +
1.2027 + sec_FlushPkcs12OutputBuffer( &p12enc->middleBuf);
1.2028 +
1.2029 + /* finish the encoding of the authenticated safes */
1.2030 + rv = SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12exp->pwfn,
1.2031 + p12exp->pwfnarg);
1.2032 + p12enc->middleP7ecx = NULL;
1.2033 + if(rv != SECSuccess) {
1.2034 + goto loser;
1.2035 + }
1.2036 +
1.2037 + SEC_ASN1EncoderClearTakeFromBuf(p12enc->outerA1ecx);
1.2038 + SEC_ASN1EncoderClearStreaming(p12enc->outerA1ecx);
1.2039 +
1.2040 + /* update the mac, if necessary */
1.2041 + rv = sec_Pkcs12FinishMac(p12enc);
1.2042 + if(rv != SECSuccess) {
1.2043 + goto loser;
1.2044 + }
1.2045 +
1.2046 + /* finish encoding the pfx */
1.2047 + rv = SEC_ASN1EncoderUpdate(p12enc->outerA1ecx, NULL, 0);
1.2048 +
1.2049 + SEC_ASN1EncoderFinish(p12enc->outerA1ecx);
1.2050 + p12enc->outerA1ecx = NULL;
1.2051 +
1.2052 +loser:
1.2053 + sec_pkcs12_encoder_destroy_context(p12enc);
1.2054 + return rv;
1.2055 +}
1.2056 +
1.2057 +void
1.2058 +SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12ecx)
1.2059 +{
1.2060 + int i = 0;
1.2061 +
1.2062 + if(!p12ecx) {
1.2063 + return;
1.2064 + }
1.2065 +
1.2066 + if(p12ecx->safeInfos) {
1.2067 + i = 0;
1.2068 + while(p12ecx->safeInfos[i] != NULL) {
1.2069 + if(p12ecx->safeInfos[i]->encryptionKey) {
1.2070 + PK11_FreeSymKey(p12ecx->safeInfos[i]->encryptionKey);
1.2071 + }
1.2072 + if(p12ecx->safeInfos[i]->cinfo) {
1.2073 + SEC_PKCS7DestroyContentInfo(p12ecx->safeInfos[i]->cinfo);
1.2074 + }
1.2075 + i++;
1.2076 + }
1.2077 + }
1.2078 +
1.2079 + PK11_FreeSlot(p12ecx->slot);
1.2080 +
1.2081 + PORT_FreeArena(p12ecx->arena, PR_TRUE);
1.2082 +}
