tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

p12tmpl.c (9426B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 #include "plarena.h"
      6 #include "secitem.h"
      7 #include "secoid.h"
      8 #include "seccomon.h"
      9 #include "secport.h"
     10 #include "cert.h"
     11 #include "secpkcs7.h"
     12 #include "secasn1.h"
     13 #include "p12t.h"
     14 
     15 SEC_ASN1_MKSUB(SEC_AnyTemplate)
     16 SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
     17 
     18 static const SEC_ASN1Template *
     19 sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding)
     20 {
     21    const SEC_ASN1Template *theTemplate;
     22    sec_PKCS12SafeBag *safeBag;
     23    SECOidData *oiddata;
     24 
     25    if (src_or_dest == NULL) {
     26        return NULL;
     27    }
     28 
     29    safeBag = (sec_PKCS12SafeBag *)src_or_dest;
     30 
     31    oiddata = SECOID_FindOID(&safeBag->safeBagType);
     32    if (oiddata == NULL) {
     33        return SEC_ASN1_GET(SEC_PointerToAnyTemplate);
     34    }
     35 
     36    switch (oiddata->offset) {
     37        default:
     38            theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
     39            break;
     40        case SEC_OID_PKCS12_V1_KEY_BAG_ID:
     41            theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate);
     42            break;
     43        case SEC_OID_PKCS12_V1_CERT_BAG_ID:
     44            theTemplate = sec_PKCS12PointerToCertBagTemplate;
     45            break;
     46        case SEC_OID_PKCS12_V1_CRL_BAG_ID:
     47            theTemplate = sec_PKCS12PointerToCRLBagTemplate;
     48            break;
     49        case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
     50            theTemplate = sec_PKCS12PointerToSecretBagTemplate;
     51            break;
     52        case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
     53            theTemplate =
     54                SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
     55            break;
     56        case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
     57            if (encoding) {
     58                theTemplate = sec_PKCS12PointerToSafeContentsTemplate;
     59            } else {
     60                theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
     61            }
     62            break;
     63    }
     64    return theTemplate;
     65 }
     66 
     67 static const SEC_ASN1Template *
     68 sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding)
     69 {
     70    const SEC_ASN1Template *theTemplate;
     71    sec_PKCS12CRLBag *crlbag;
     72    SECOidData *oiddata;
     73 
     74    if (src_or_dest == NULL) {
     75        return NULL;
     76    }
     77 
     78    crlbag = (sec_PKCS12CRLBag *)src_or_dest;
     79 
     80    oiddata = SECOID_FindOID(&crlbag->bagID);
     81    if (oiddata == NULL) {
     82        return SEC_ASN1_GET(SEC_AnyTemplate);
     83    }
     84 
     85    switch (oiddata->offset) {
     86        default:
     87            theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
     88            break;
     89        case SEC_OID_PKCS9_X509_CRL:
     90            theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
     91            break;
     92    }
     93    return theTemplate;
     94 }
     95 
     96 static const SEC_ASN1Template *
     97 sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding)
     98 {
     99    const SEC_ASN1Template *theTemplate;
    100    sec_PKCS12CertBag *certbag;
    101    SECOidData *oiddata;
    102 
    103    if (src_or_dest == NULL) {
    104        return NULL;
    105    }
    106 
    107    certbag = (sec_PKCS12CertBag *)src_or_dest;
    108 
    109    oiddata = SECOID_FindOID(&certbag->bagID);
    110    if (oiddata == NULL) {
    111        return SEC_ASN1_GET(SEC_AnyTemplate);
    112    }
    113 
    114    switch (oiddata->offset) {
    115        default:
    116            theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
    117            break;
    118        case SEC_OID_PKCS9_X509_CERT:
    119            theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
    120            break;
    121        case SEC_OID_PKCS9_SDSI_CERT:
    122            theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
    123            break;
    124    }
    125    return theTemplate;
    126 }
    127 
    128 static const SEC_ASN1Template *
    129 sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding)
    130 {
    131    const SEC_ASN1Template *theTemplate;
    132    sec_PKCS12Attribute *attr;
    133    SECOidData *oiddata;
    134 
    135    if (src_or_dest == NULL) {
    136        return NULL;
    137    }
    138 
    139    attr = (sec_PKCS12Attribute *)src_or_dest;
    140 
    141    oiddata = SECOID_FindOID(&attr->attrType);
    142    if (oiddata == NULL) {
    143        return SEC_ASN1_GET(SEC_AnyTemplate);
    144    }
    145 
    146    switch (oiddata->offset) {
    147        default:
    148            theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
    149            break;
    150        case SEC_OID_PKCS9_FRIENDLY_NAME:
    151            theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
    152            break;
    153        case SEC_OID_PKCS9_LOCAL_KEY_ID:
    154            theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
    155            break;
    156        case SEC_OID_PKCS12_KEY_USAGE:
    157            theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate);
    158            break;
    159    }
    160 
    161    return theTemplate;
    162 }
    163 
    164 const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = {
    165    { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate }
    166 };
    167 
    168 static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser =
    169    sec_pkcs12_choose_crl_bag_type;
    170 
    171 static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser =
    172    sec_pkcs12_choose_cert_bag_type;
    173 
    174 static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser =
    175    sec_pkcs12_choose_safe_bag_type;
    176 
    177 static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser =
    178    sec_pkcs12_choose_attr_type;
    179 
    180 const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = {
    181    { SEC_ASN1_POINTER, 0, sec_PKCS12CertBagTemplate }
    182 };
    183 
    184 const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[] = {
    185    { SEC_ASN1_POINTER, 0, sec_PKCS12CRLBagTemplate }
    186 };
    187 
    188 const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[] = {
    189    { SEC_ASN1_POINTER, 0, sec_PKCS12SecretBagTemplate }
    190 };
    191 
    192 const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[] = {
    193    { SEC_ASN1_POINTER, 0, sec_PKCS12SafeContentsTemplate }
    194 };
    195 
    196 const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = {
    197    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
    198      sizeof(sec_PKCS12PFXItem) },
    199    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
    200      offsetof(sec_PKCS12PFXItem, version) },
    201    { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
    202      offsetof(sec_PKCS12PFXItem, encodedAuthSafe) },
    203    { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
    204      offsetof(sec_PKCS12PFXItem, encodedMacData) },
    205    { 0 }
    206 };
    207 
    208 const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = {
    209    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) },
    210    { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(sec_PKCS12MacData, safeMac),
    211      SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
    212    { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) },
    213    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) },
    214    { 0 }
    215 };
    216 
    217 const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = {
    218    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN,
    219      offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes),
    220      SEC_ASN1_SUB(SEC_AnyTemplate) }
    221 };
    222 
    223 const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = {
    224    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
    225      sizeof(sec_PKCS12SafeBag) },
    226    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SafeBag, safeBagType) },
    227    { SEC_ASN1_EXPLICIT | SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
    228          SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0,
    229      offsetof(sec_PKCS12SafeBag, safeBagContent),
    230      &sec_pkcs12_safe_bag_chooser },
    231    { SEC_ASN1_SET_OF | SEC_ASN1_OPTIONAL, offsetof(sec_PKCS12SafeBag, attribs),
    232      sec_PKCS12AttributeTemplate },
    233    { 0 }
    234 };
    235 
    236 const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = {
    237    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM,
    238      offsetof(sec_PKCS12SafeContents, safeBags),
    239      sec_PKCS12SafeBagTemplate }
    240 };
    241 
    242 const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = {
    243    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN, 0,
    244      SEC_ASN1_SUB(SEC_AnyTemplate) }
    245 };
    246 
    247 const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = {
    248    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
    249      offsetof(sec_PKCS12SafeContents, encodedSafeBags),
    250      sec_PKCS12SequenceOfAnyTemplate }
    251 };
    252 
    253 const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = {
    254    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN,
    255      offsetof(sec_PKCS12SafeContents, encodedSafeBags),
    256      SEC_ASN1_SUB(SEC_AnyTemplate) }
    257 };
    258 
    259 const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = {
    260    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CRLBag) },
    261    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CRLBag, bagID) },
    262    { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
    263      offsetof(sec_PKCS12CRLBag, value), &sec_pkcs12_crl_bag_chooser },
    264    { 0 }
    265 };
    266 
    267 const SEC_ASN1Template sec_PKCS12CertBagTemplate[] = {
    268    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CertBag) },
    269    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CertBag, bagID) },
    270    { SEC_ASN1_DYNAMIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
    271          SEC_ASN1_CONTEXT_SPECIFIC | 0,
    272      offsetof(sec_PKCS12CertBag, value), &sec_pkcs12_cert_bag_chooser },
    273    { 0 }
    274 };
    275 
    276 const SEC_ASN1Template sec_PKCS12SecretBagTemplate[] = {
    277    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12SecretBag) },
    278    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SecretBag, secretType) },
    279    { SEC_ASN1_ANY, offsetof(sec_PKCS12SecretBag, secretContent) },
    280    { 0 }
    281 };
    282 
    283 const SEC_ASN1Template sec_PKCS12AttributeTemplate[] = {
    284    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12Attribute) },
    285    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12Attribute, attrType) },
    286    { SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC,
    287      offsetof(sec_PKCS12Attribute, attrValue),
    288      &sec_pkcs12_attr_chooser },
    289    { 0 }
    290 };