]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_asn1/lib/pkcs12Templates.c
Security-57337.20.44.tar.gz
[apple/security.git] / OSX / libsecurity_asn1 / lib / pkcs12Templates.c
1 /*
2 * Copyright (c) 2003-2004,2008,2010,2012 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23 /*
24 * pkcs12Templates.cpp
25 */
26
27 #include <stddef.h>
28 #include "pkcs12Templates.h"
29 #include "nssUtils.h"
30 #include "SecAsn1Templates.h"
31 #include "oidsattr.h"
32
33 const SecAsn1Template NSS_P12_MacDataTemplate[] = {
34 { SEC_ASN1_SEQUENCE,
35 0, NULL, sizeof(NSS_P12_MacData) },
36 { SEC_ASN1_INLINE,
37 offsetof(NSS_P12_MacData,mac),
38 NSS_P7_DigestInfoTemplate },
39 { SEC_ASN1_OCTET_STRING,
40 offsetof(NSS_P12_MacData,macSalt) },
41 /* iterations is unsigned - right? */
42 { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL,
43 offsetof(NSS_P12_MacData,iterations) },
44 { 0, }
45 };
46
47 const SecAsn1Template pointerToMacDataTemplate[] = {
48 { SEC_ASN1_POINTER, 0, NSS_P12_MacDataTemplate }
49 };
50
51 /* raw PFX with unprocessed authSafe */
52 const SecAsn1Template NSS_P12_RawPFXTemplate[] = {
53 { SEC_ASN1_SEQUENCE,
54 0, NULL, sizeof(NSS_P12_RawPFX) },
55 { SEC_ASN1_INTEGER,
56 offsetof(NSS_P12_RawPFX,version) },
57 { SEC_ASN1_INLINE,
58 offsetof(NSS_P12_RawPFX, authSafe),
59 NSS_P7_RawContentInfoTemplate },
60 { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL,
61 offsetof(NSS_P12_RawPFX, macData),
62 NSS_P12_MacDataTemplate },
63 { 0, }
64 };
65
66 /* PFX with decoded authSafe */
67 const SecAsn1Template NSS_P12_DecodedPFXTemplate[] = {
68 { SEC_ASN1_SEQUENCE,
69 0, NULL, sizeof(NSS_P12_DecodedPFX) },
70 { SEC_ASN1_INTEGER,
71 offsetof(NSS_P12_DecodedPFX,version) },
72 { SEC_ASN1_INLINE,
73 offsetof(NSS_P12_DecodedPFX, authSafe),
74 NSS_P7_DecodedContentInfoTemplate },
75 { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL,
76 offsetof(NSS_P12_DecodedPFX, macData),
77 NSS_P12_MacDataTemplate },
78 { 0, }
79 };
80
81 /* AuthenticatedSafe */
82 const SecAsn1Template NSS_P12_AuthenticatedSafeTemplate[] = {
83 { SEC_ASN1_SEQUENCE_OF,
84 offsetof(NSS_P12_AuthenticatedSafe, info),
85 NSS_P7_DecodedContentInfoTemplate,
86 sizeof(NSS_P12_AuthenticatedSafe) }
87 };
88
89 /*
90 * Individual SafeBag type-specific templates here when we write 'em
91 */
92 const SecAsn1Template NSS_P12_PtrToShroudedKeyBagTemplate[] = {
93 { SEC_ASN1_POINTER, 0, kSecAsn1EncryptedPrivateKeyInfoTemplate }
94 };
95
96 /*
97 * CertBag via SEC_ASN1_DYNAMIC
98 */
99 static const SecAsn1Template * NSS_P12_CertBagChooser(
100 void *arg, // --> NSS_P12_CertBag
101 Boolean enc,
102 const char *buf, // on decode, tag byte and length
103 size_t len,
104 void *dest) // --> NSS_P12_CertBag.bagValue
105 {
106 NSS_P12_CertBag *bag = (NSS_P12_CertBag *)arg;
107 const SecAsn1Template *templ = NULL;
108 NSS_P12_CertBagType type = CT_Unknown;
109 SecAsn1Oid *oid = &bag->bagType;
110
111 if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS9_X509Certificate)) {
112 templ = kSecAsn1OctetStringTemplate;
113 type = CT_X509;
114 }
115 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS9_SdsiCertificate)) {
116 templ = kSecAsn1IA5StringTemplate;
117 type = CT_SDSI;
118 }
119 else {
120 /* punt */
121 templ = kSecAsn1AnyTemplate;
122 }
123 if(!enc) {
124 bag->type = type;
125 }
126 return templ;
127 }
128
129 static const SecAsn1TemplateChooserPtr NSS_P12_CertBagChooserPtr =
130 NSS_P12_CertBagChooser;
131
132 const SecAsn1Template NSS_P12_CertBagTemplate[] = {
133 { SEC_ASN1_SEQUENCE,
134 0, NULL, sizeof(NSS_P12_CertBag) },
135 { SEC_ASN1_OBJECT_ID,
136 offsetof(NSS_P12_CertBag,bagType) },
137 /* these come in with a tag of 0xA0, context/constructed,
138 * though I don't know why they are flagged as constructed */
139 { SEC_ASN1_DYNAMIC | SEC_ASN1_CONTEXT_SPECIFIC |
140 SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 0,
141 offsetof(NSS_P12_CertBag, certValue),
142 &NSS_P12_CertBagChooserPtr },
143 { 0, }
144 };
145
146 const SecAsn1Template NSS_P12_PtrToCertBagTemplate[] = {
147 { SEC_ASN1_POINTER, 0, NSS_P12_CertBagTemplate }
148 };
149
150 /*
151 * CrlBag via SEC_ASN1_DYNAMIC
152 */
153 static const SecAsn1Template * NSS_P12_CrlBagChooser(
154 void *arg, // --> NSS_P12_CrlBag
155 Boolean enc,
156 const char *buf, // on decode, tag byte and length
157 size_t len,
158 void *dest) // --> NSS_P12_CertBag.bagValue
159 {
160 NSS_P12_CrlBag *bag = (NSS_P12_CrlBag *)arg;
161 const SecAsn1Template *templ = NULL;
162 NSS_P12_CrlBagType type = CRT_Unknown;
163 SecAsn1Oid *oid = &bag->bagType;
164
165 if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS9_X509Crl)) {
166 templ = kSecAsn1OctetStringTemplate;
167 type = CRT_X509;
168 }
169 else {
170 /* punt */
171 templ = kSecAsn1AnyTemplate;
172 }
173 if(!enc) {
174 bag->type = type;
175 }
176 return templ;
177 }
178
179 static const SecAsn1TemplateChooserPtr NSS_P12_CrlBagChooserPtr =
180 NSS_P12_CrlBagChooser;
181
182 const SecAsn1Template NSS_P12_CrlBagTemplate[] = {
183 { SEC_ASN1_SEQUENCE,
184 0, NULL, sizeof(NSS_P12_CrlBag) },
185 { SEC_ASN1_OBJECT_ID,
186 offsetof(NSS_P12_CrlBag,bagType) },
187 /* these come in with a tag of 0xA0, context/constructed,
188 * though I don't know why they are flagged as constructed */
189 { SEC_ASN1_DYNAMIC | SEC_ASN1_CONTEXT_SPECIFIC |
190 SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 0,
191 offsetof(NSS_P12_CrlBag, crlValue),
192 &NSS_P12_CrlBagChooserPtr },
193 { 0, }
194 };
195
196 const SecAsn1Template NSS_P12_PtrToCrlBagTemplate[] = {
197 { SEC_ASN1_POINTER, 0, NSS_P12_CrlBagTemplate }
198 };
199
200
201 /* the stub templates for unimplemented BagTypes */
202 #define NSS_P12_PtrToKeyBagTemplate kSecAsn1PointerToAnyTemplate
203 #define NSS_P12_PtrToSecretBagTemplate kSecAsn1PointerToAnyTemplate
204 #define NSS_P12_PtrToSafeContentsBagTemplate kSecAsn1PointerToAnyTemplate
205
206
207 /*
208 * SafeBag via SEC_ASN1_DYNAMIC
209 */
210 static const SecAsn1Template * NSS_P12_SafeBagChooser(
211 void *arg, // --> NSS_P12_SafeBag
212 Boolean enc,
213 const char *buf, // on decode, tag byte and len
214 size_t len,
215 void *dest) // --> NSS_P12_SafeBag.bagValue
216 {
217 NSS_P12_SafeBag *bag = (NSS_P12_SafeBag *)arg;
218 const SecAsn1Template *templ = NULL;
219 NSS_P12_SB_Type type = BT_None;
220 SecAsn1Oid *oid = &bag->bagId;
221
222 if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_keyBag)) {
223 templ = NSS_P12_PtrToKeyBagTemplate;
224 type = BT_KeyBag;
225 }
226 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_shroudedKeyBag)) {
227 templ = NSS_P12_PtrToShroudedKeyBagTemplate;
228 type = BT_ShroudedKeyBag;
229 }
230 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_certBag)) {
231 templ = NSS_P12_PtrToCertBagTemplate;
232 type = BT_CertBag;
233 }
234 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_crlBag)) {
235 templ = NSS_P12_PtrToCrlBagTemplate;
236 type = BT_CrlBag;
237 }
238 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_secretBag)) {
239 templ = NSS_P12_PtrToSecretBagTemplate;
240 type = BT_SecretBag;
241 }
242 else if(nssCompareSecAsn1Items(oid, &CSSMOID_PKCS12_safeContentsBag)) {
243 templ = NSS_P12_PtrToSafeContentsBagTemplate;
244 type = BT_SafeContentsBag;
245 }
246 /* add more here when we implement them */
247 else {
248 templ = kSecAsn1PointerToAnyTemplate;
249 }
250 if(!enc) {
251 bag->type = type;
252 }
253 return templ;
254 }
255
256 static const SecAsn1TemplateChooserPtr NSS_P12_SafeBagChooserPtr =
257 NSS_P12_SafeBagChooser;
258
259 const SecAsn1Template NSS_P12_SafeBagTemplate[] = {
260 { SEC_ASN1_SEQUENCE,
261 0, NULL, sizeof(NSS_P12_SafeBag) },
262 { SEC_ASN1_OBJECT_ID,
263 offsetof(NSS_P12_SafeBag,bagId) },
264 { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
265 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0,
266 offsetof(NSS_P12_SafeBag,bagValue),
267 &NSS_P12_SafeBagChooserPtr },
268 { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF,
269 offsetof(NSS_P12_SafeBag,bagAttrs),
270 kSecAsn1AttributeTemplate },
271 { 0 }
272 };
273
274 const SecAsn1Template NSS_P12_SafeContentsTemplate[] = {
275 { SEC_ASN1_SEQUENCE_OF,
276 offsetof(NSS_P12_SafeContents, bags),
277 NSS_P12_SafeBagTemplate,
278 sizeof(NSS_P12_SafeContents) }
279 };
280
281 const SecAsn1Template NSS_P12_PBE_ParamsTemplate[] = {
282 { SEC_ASN1_SEQUENCE,
283 0, NULL, sizeof(NSS_P12_PBE_Params) },
284 { SEC_ASN1_OCTET_STRING,
285 offsetof(NSS_P12_PBE_Params,salt) },
286 /* iterations is unsigned - right? */
287 { SEC_ASN1_INTEGER,
288 offsetof(NSS_P12_PBE_Params,iterations) },
289 { 0 }
290 };
291
292